BSidesSF-2017-pinlock-150

这是个Android逆向题,没有涉及到.so应该算简单的吧,但是我对那些加密的API还不熟。
参考:
https://github.com/Sinkmanu/CTF/blob/master/BSidesSF-2017-pinlock-150.java
https://advancedpersistentjest.com/2017/02/14/writeup-pinlock-bsides-san-francisco/
原来对于这种.db的数据库文件可以用sqlite3 xxx.db来查看。当然文本应该也可以查看但是不方便。

root@kali:~/repos/CTF/BSides-CTF-2017# wget https://github.com/youben11/BSides-San-Francisco-CTF-2017/raw/master/pinstore.apk
root@kali:~/repos/CTF/BSides-CTF-2017# ls
pinstore.apk
root@kali:~/repos/CTF/BSides-CTF-2017# file pinstore.apk
pinstore.apk: Java archive data (JAR)
root@kali:~/repos/CTF/BSides-CTF-2017# unzip pinstore.apk
root@kali:~/repos/CTF/BSides-CTF-2017# ls
AndroidManifest.xml  assets  classes.dex  META-INF  pinstore.apk  res  resources.arsc
root@kali:~/repos/CTF/BSides-CTF-2017# mkdir pinstore
root@kali:~/repos/CTF/BSides-CTF-2017# mv AndroidManifest.xml assets classes.dex META-INF res resources.arsc pinstore/
root@kali:~/repos/CTF/BSides-CTF-2017# ls
pinstore  pinstore.apk
root@kali:~/repos/CTF/BSides-CTF-2017# cd pinstore/
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore# ls
AndroidManifest.xml  assets  classes.dex  META-INF  res  resources.arsc
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore# cd assets/
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore/assets# ls
pinlock.db  README
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore/assets# cat README
v1.0:
- Pin database with hashed pins

v1.1:
- Added AES support for secret

v1.2:
- Derive key from pin
[To-do: switch to the new database]root@kali:~/repos/CTF/BSides-CTF-2017/pinstore/assets#
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore/assets# which sqlite3
/usr/bin/sqlite3
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore/assets# file pinlock.db
pinlock.db: SQLite 3.x database, last written using SQLite version 3011000
root@kali:~/repos/CTF/BSides-CTF-2017/pinstore/assets# sqlite3 pinlock.db
SQLite version 3.16.2 2017-01-06 16:32:41
Enter ".help" for usage hints.
sqlite> SELECT pin FROM pinDB;
d8531a519b3d4dfebece0259f90b466a23efc57b
sqlite> SELECT entry FROM secretsDBv1;
hcsvUnln5jMdw3GeI4o/txB5vaEf1PFAnKQ3kPsRW2o5rR0a1JE54d0BLkzXPtqB
sqlite> SELECT entry FROM secretsDBv2;
Bi528nDlNBcX9BcCC+ZqGQo1Oz01+GOWSmvxRj7jg1g=
sqlite> SELECT * FROM secretsDBv2;
1|Bi528nDlNBcX9BcCC+ZqGQo1Oz01+GOWSmvxRj7jg1g=
sqlite> SELECT * FROM secretsDBv1;
1|hcsvUnln5jMdw3GeI4o/txB5vaEf1PFAnKQ3kPsRW2o5rR0a1JE54d0BLkzXPtqB

然后是writeup

root@kali:~/repos/CTF/BSides-CTF-2017# wget https://raw.githubusercontent.com/Sinkmanu/CTF/master/BSidesSF-2017-pinlock-150.java
root@kali:~/repos/CTF/BSides-CTF-2017# mv BSidesSF-2017-pinlock-150.java Bsides.java
root@kali:~/repos/CTF/BSides-CTF-2017# javac Bsides.java
root@kali:~/repos/CTF/BSides-CTF-2017# ls
Bsides.class  Bsides.java  pinstore  pinstore.apk
root@kali:~/repos/CTF/BSides-CTF-2017# java Bsides.class
Error: Could not find or load main class Bsides.class
root@kali:~/repos/CTF/BSides-CTF-2017# java Bsides
[*] SecretsDBv1 (encrypted): hcsvUnln5jMdw3GeI4o/txB5vaEf1PFAnKQ3kPsRW2o5rR0a1JE54d0BLkzXPtqB
[*] SecretsDBv1 (decrypted): Here is what the data will look like
[*] SecretsDB2 (encrypted): Bi528nDlNBcX9BcCC+ZqGQo1Oz01+GOWSmvxRj7jg1g=
[+] Flag: Flag:OnlyAsStrongAsWeakestLink

用到的在线工具:
https://www.onlinehashcrack.com/hash-identification.php
http://hashtoolkit.com/reverse-hash/?hash=d8531a519b3d4dfebece0259f90b466a23efc57b

评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值