CTF misc usb数位板流量分析

1.数位板流量形式
10402a46001e3c0000000000000000003f00000000000000000000
10402046000b3c0000000000000000003f00000000000000000000
1040254600193c0000000000000000003f00000000000000000000
1040344600053a0000000000000000003f00000000000000000000
10401c46000e3a0000000000000000003f00000000000000000000
1040214600a93b0000000000000000003f00000000000000000000
1040244600c8390000000000000000003f00000000000000000000
1040144600ab390000000000000000003f00000000000000000000
1040ff450090390000000000000000003f00000000000000000000
1040ff4500aa3a0000000000000000003f00000000000000000000
1040fa450082390000000000000000003f00000000000000000000
1040f4450094390000000000000000003f00000000000000000000
2.分析
这里有关于usb协议的详细信息。
这种流量对应于figure19
以第一行为例,1040无用,2a46为小端存储的x坐标,00分隔,1e3c为小端存储的y坐标,00分隔,00表示pressure为01,即无按压，所以这行数据无用。
3.代码

点击查看代码

with open(path,"r") as f:
    for line in f.readlines():
        if line[16:18] !="00":
            data.append(line)
X = []
Y = []
for line in data:
        x0=int(line[4:6],16)
        x1=int(line[6:8],16)
        x=x0+x1*256
        y0=int(line[10:12],16)
        y1=int(line[12:14],16)
        y=y0+y1*256
        X.append(x)
        Y.append(-y)
fig = plt.figure()
ax1 = fig.add_subplot(111)
ax1.set_title("key")
ax1.scatter(X, Y, c='r', marker='o')
plt.show()