标注的博客| 安全研究| 渗透测试| APT

首页

wangyihang/usbkeyboarddatahacker: usb键盘流量包取证工具 , 用于恢复用户的击键信息

作者 cayo 时间 2020-04-14
all

说明:

Usage : python UsbKeyboardHacker.py data.pcap Tips : To use this python script , you must install the tshark first. You can use `sudo apt-get install tshark` to install it Author : WangYihang <[email protected]> If you have any questions , please contact me by email. Thank you for using.

演示:

1. Step1 , Get data [email protected]:~/UsbKeyboardDataHacker$ tshark -r ./example.pcap -T fields -e usb.capdata 00:00:09:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00:0f:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00:04:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00:0a:00:00:00:00:00 00:00:00:00:00:00:00:00 20:00:00:00:00:00:00:00 20:00:2f:00:00:00:00:00 ... 2. Step2 , decode [email protected]:~/UsbKeyboardDataHacker$ python UsbKeyboardDataHacker.py ./example.pcap [-] Unknow Key : 01 [-] Unknow Key : 01 [+] Found : flag{pr355_0nwards_a2fee6e0}

视频示例:

https://www.youtube.com/watch?v=unBwmcpXbhE