[DoubleS1405 CTF] (Forensic) Rou
2018-05-17 本文已影响77人
王一航
很久以前的文章了...没什么营养...
Router-02 题目地址:
I got the account information and finished the setup.
However, when I access naver.com, I am connected with a popup window called Financial Supervisory Service.
Find out the hacker's C&C server by analyzing the cause!
md5(C&C IP)
Router-03 题目地址:
I have confirmed that the data is coming in to the suspicious port.
Please analyze the cause.
md5(servicename_port)
Router-04 题目地址:
When I enter the wireless network setup page, a strange window appears.
Please analyze the cause.
分析
找到版本为:
➜ squashfs-root cat home/httpd/version
9.984
经过一番波折地寻找, 终于找到了 IPTIME 路由器公司的下载镜像
下载到相同版本的固件之后, 直接使用文件比较工具进行比较
image.png
image.png
image.png
image.png
image.png
卧槽, 一次性把四道题都做了... 感觉有点作弊的意思...
不过对比源码确实是一种非常有效的推测开发者思维的方式,对于比较大的项目来说,分析起来效率要提高数倍。
