简介 :
Connect The Wigle
Identify the data contained within wigle and determine how to visualize it.
Update 16:26 EST 1 Apr If you feel that you are close,
make a private piazza post with what you have, and an admin will help out.
Downlaod :
[wigle](https://webshell2017.picoctf.com/static/9a447c975a6c373583ba6d3dd4527412/wigle)
HINTS
1. Perhaps they've been storing data in a database. How do we access the information?
2. How can we visualize this data? Maybe we just need to take a step back to get the big picture?
3. Try zero in the first word of the flag, if you think it's an O.
4. If you think you're super close, make a private piazza post with what you think it is.
分析 :
-
首先 file 查看文件类型 :
Sqlite 数据库文件
- 既然是数据库文件当然就要看看里面有什么东西了
1. Kali下面可以使用 sqlitebrowser 进行可视化查看数据库文件
2. sqlite3 ./wigle
3. 任何你熟悉的 sqlite 客户端
查看数据可以发现 , 该表存在 lat 和 lon 字段
既然是经纬度就画出来看看是什么咯
之前看到经纬度然后去谷歌地图查找 , 发现所有的点都在太平洋 ... 诡异 ,
最后看到 hint 中的可视化数据才想到将坐标点画出来
下面给出一个绘制点的脚本 , 其实绘制散点的函数很简单 , 以后要是有什么考脑洞的或者什么取证分析的题应该就可以直接拿来用 , 而且 python 的 matplotlib 画出来的并不是一个照片 , 而是可以拖动缩放的窗口 , 这个特别有用
利用脚本 :
#!/usr/bin/env python
import sqlite3
import numpy as np
import matplotlib.pyplot as plt
def draw(X, Y):
fig = plt.figure()
ax1 = fig.add_subplot(111)
ax1.scatter(X, Y, c='r', marker='o')
plt.show()
def execSQL(sql):
cx = sqlite3.connect("./wigle")
cu=cx.cursor()
cu.execute(sql)
data = cu.fetchall()
return data
def main():
data = execSQL("select lat, lon from location")
X = []
Y = []
for i in data:
X.append(i[1])
Y.append(i[0])
draw(X, Y)
if __name__ == "__main__":
main()
效果 :
进行一些调整 :