When inserting an UICC in an iPhone SE2 and recording the APDU messages between the modem and the UICC I see a sequence opening a logical channel and trying to select an application. I could not find any reference to this application. What is it?
01 a4 04 0c 10 a0 00 00 00 09 02 03 ff ff ff ff 89 01 00 00 ff
The RID a0 00 00 00 09 is registered for the ETSI.
I have a map of numbers. like:
00 00 00 09 09 09 09 00
00 00 00 09 09 09 09 00
00 00 00 09 09 09 09 00
00 00 00 09 09 09 09 00
01 01 00 00 00 00 00 00
01 01 00 00 00 00 00 00
00 00 00 00 05 05 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
And I want these numbers to be in different colors.
for exepmle: if the number is 05, it is gonna be red and if the number is 00, it is gonna be green.
How can I set notepad++ for that?
I have this code:
from scapy.all import *
packet = rdpcap("hand.pcap")[0]
Now when I use print(packet) I get normal bytes
b"\x00\x00\x18\x00+\x00\x00\x00\x19\x81\xea\x02\x00\x00\x00\x00\x10\x00l\t\x00\x00\xdb\x00\x80\x00\x00\x00\xff\xff\xff\xff\xff\xff\x06\xd6\xaa\xb0x\xe9\x06\xd6\xaa\xb0x\xe9\x80V\x8cAn\xa0\x01\x00\x00\x00d\x00\x11\x15\x00\nHuawei281s\x01\x08\x82\x84\x8b\x96$0Hl\x03\x01\x01\x05\x04\x00\x02\x00\x00\x07\x06HR \x01\r\x14 \x01\x00#\x02\x13\x00*\x01\x022\x04\x0c\x12\x18`0\x14\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x02\x0c\x00-\x1a\xad\x01\x1b\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00=\x16\x01\x00\x17\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x7f\x08\x04\x00\x08\x00\x00\x00\x00#\xdd\x05\x00\x162\x80\x00\xdd\x08\x00P\xf2\x11\x02\x00\x00\x00\xdd\x1e\x00\x90L\x04\x08\xbf\x0c\xb2y\x81\x0f\xfa\xff\x00\x00\xfa\xff\x00\x00\xc0\x05\x00\x01\x00\x00\x00\xc3\x02\x00\x02\xdd\t\x00\x10\x18\x02\x01\x00\x1c\x00\x00\xdd\x18\x00P\xf2\x02\x01\x01\x00\x00\x03\xa4\x00\x00'\xa4\x00\x00BC^\x00b2/\x00\xdd\x1d\x00\x90L\\\x02\x01\n\x00\x08\x07\x01\x0f\x00\x00\x00\x00\x00\x01\n\x01\x01\x01\x01\x0f\x00\x00\x00\x00\x00d\x08\x06~"
When I use hexdump(packet) I get this
0000 00 00 18 00 2B 00 00 00 19 81 EA 02 00 00 00 00 ....+...........
0010 10 00 6C 09 00 00 DB 00 80 00 00 00 FF FF FF FF ..l.............
0020 FF FF 06 D6 AA B0 78 E9 06 D6 AA B0 78 E9 80 56 ......x.....x..V
0030 8C 41 6E A0 01 00 00 00 64 00 11 15 00 0A 48 75 .An.....d.....Hu
0040 61 77 65 69 32 38 31 73 01 08 82 84 8B 96 24 30 awei281s......$0
0050 48 6C 03 01 01 05 04 00 02 00 00 07 06 48 52 20 Hl...........HR
0060 01 0D 14 20 01 00 23 02 13 00 2A 01 02 32 04 0C ... ..#...*..2..
0070 12 18 60 30 14 01 00 00 0F AC 04 01 00 00 0F AC ..`0............
0080 04 01 00 00 0F AC 02 0C 00 2D 1A AD 01 1B FF FF .........-......
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00a0 00 00 00 00 00 3D 16 01 00 17 00 00 00 00 00 00 .....=..........
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 7F 08 04 ................
00c0 00 08 00 00 00 00 40 DD 05 00 16 32 80 00 DD 08 ......#....2....
00d0 00 50 F2 11 02 00 00 00 DD 1E 00 90 4C 04 08 BF .P..........L...
00e0 0C B2 79 81 0F FA FF 00 00 FA FF 00 00 C0 05 00 ..y.............
00f0 01 00 00 00 C3 02 00 02 DD 09 00 10 18 02 01 00 ................
0100 1C 00 00 DD 18 00 50 F2 02 01 01 00 00 03 A4 00 ......P.........
0110 00 27 A4 00 00 42 43 5E 00 62 32 2F 00 DD 1D 00 .'...BC^.b2/....
0120 90 4C 5C 02 01 0A 00 08 07 01 0F 00 00 00 00 00 .L\.............
0130 01 0A 01 01 01 01 0F 00 00 00 00 00 64 08 06 7E ............d..~
And in that is my SSID with name Huawei281s in scambled in
When I use print(packet.show)
I get this
<bound method Packet.show of <RadioTap version=0 pad=0 len=24 present=TSFT+Flags+Channel+dBm_AntSignal mac_timestamp=48922905 Flags=FCS ChannelFrequency=2412 ChannelFlags= dBm_AntSignal=-37dBm notdecoded='\x00' |<Dot11FCS subtype=8 type=Management proto=0 FCfield= ID=0 addr1=ff:ff:ff:ff:ff:ff addr2=06:d6:aa:b0:78:e9 addr3=06:d6:aa:b0:78:e9 SC=22144 fcs=0x7e060864 |<Dot11Beacon timestamp=6986547596 beacon_interval=100 cap=res8+short-slot+res12+ESS+privacy |<Dot11Elt ID=SSID len=10 info='Huawei281s' |<Dot11EltRates ID=1 len=8 rates=[0x82, 0x84, 0x8b, 0x96, 0x24, 0x30, 0x48, 0x6c] |<Dot11Elt ID=DSset len=1 info='\x01' |<Dot11Elt ID=TIM len=4 info='\x00\x02\x00\x00' |<Dot11EltCountry ID=7 len=6 country_string='HR ' descriptors=[<Dot11EltCountryConstraintTriplet first_channel_number=1 num_channels=13 mtp=20 |>] pad=32 |<Dot11EltRates ID=1 len=0 |<Dot11Elt ID=35 len=2 info='\x13\x00' |<Dot11Elt ID=ERPinfo len=1 info='\x02' |<Dot11Elt ID=ESRates len=4 info='\x0c\x12\x18`' |<Dot11EltRSN ID=48 len=20 version=1 group_cipher_suite=<RSNCipherSuite oui=0xfac cipher=CCMP |> nb_pairwise_cipher_suites=1 pairwise_cipher_suites=[<RSNCipherSuite oui=0xfac cipher=CCMP |>] nb_akm_suites=1 akm_suites=[<AKMSuite oui=0xfac suite=PSK |>] mfp_capable=0 mfp_required=0 gtksa_replay_counter=0 ptksa_replay_counter=3 no_pairwise=0 pre_auth=0 reserved=0 |<Dot11Elt ID=HTCapabilities len=26 info='\xad\x01\x1b\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' |<Dot11Elt ID=HTinfo len=22 info='\x01\x00\x17\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' |<Dot11Elt ID=ExtendendCapatibilities len=8 info='\x04\x00\x08\x00\x00\x00\x00#' |<Dot11EltVendorSpecific ID=221 len=5 oui=0x1632 info='\x80\x00' |<Dot11EltVendorSpecific ID=221 len=8 oui=0x50f2 info='\x11\x02\x00\x00\x00' |<Dot11EltVendorSpecific ID=221 len=30 oui=0x904c info='\x04\x08\xbf\x0c\xb2y\x81\x0f\xfa\xff\x00\x00\xfa\xff\x00\x00\xc0\x05\x00\x01\x00\x00\x00\xc3\x02\x00\x02' |<Dot11EltVendorSpecific ID=221 len=9 oui=0x1018 info='\x02\x01\x00\x1c\x00\x00' |<Dot11EltVendorSpecific ID=221 len=24 oui=0x50f2 info="\x02\x01\x01\x00\x00\x03\xa4\x00\x00'\xa4\x00\x00BC^\x00b2/\x00" |<Dot11EltVendorSpecific ID=221 len=29 oui=0x904c info='\\\x02\x01\n\x00\x08\x07\x01\x0f\x00\x00\x00\x00\x00\x01\n\x01\x01\x01\x01\x0f\x00\x00\x00\x00\x00' |>>>>>>>>>>>>>>>>>>>>>>>
And there is my SSID under info
and for print(type(packet.show)) I get
<class 'method'>
And when I use packet.show() I get bunch of data with this
###[ 802.11 Information Element ]###
ID = SSID
len = 10
info = 'Huawei281s'
So im wondering how can I extract my SSID from packet
In this specific case you could use
packet[Dot11Beacon].network_stats()
But have a look at the doc for a more in depth tutorial. it seems you haven't really looked into Scapy's syntax :)
I use node-canvas;
....
var content = canvas.toBuffer();
var length=content.length;
console.log(content);
result:
<SlowBuffer 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 30 00 00 00 30 08 06 00 00 00 57 02 f9 87 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 ...>
And
var buf=new SlowBuffer(length);
buf.write(content.toString());
console.log(buf);
result:
<Buffer ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 28 00 28 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 ...>
They are not equal:( ,so when I store it into redis ,I can't get it back;
Depending on the format you want, you can use the following methods:
buf.toJSON() // Straight to JSON format
buf.toString('utf8') ; // UTF8 format
Read on for more alternatives: https://nodejs.org/api/buffer.html#buffer_buf_tostring_encoding_start_end
You can't just call Buffer.toString and assume that everything will be all right, since the default encoding is utf8. If you want to encode binary data, you need base64 encoding.
i have a file with .raw extension (raw image format), but i cannot open it. i tried to analyze it with the commands file filename.raw, exiv2 print, exiftool, ufraw, dcraw. since it appears to be a binary file, i tried to extract information using strings filename.raw, hexdump and xxd. it is surprising that the file does not appear to have any metadata. i suspect the file extension to be wrong, and the file to be manipulated.
how else can i determine the type? how can i extract any information?
thank you very much for any suggestions.
EDIT: a sample file can be downloaded
here.
Hmm... well,
//Judging from the number of bytes in the file:
// 1447600
//This number is exactly.
// 3 x 499 x 967
//Which is very odd, but it means if this is an image, then it must be 3 bytes per pixel and either 499 x 967 or 967 x 499
EDIT: resolution is wrong. Probably bits per channel as well, this is what I get for using bc in the middle of the night instead of WA.
Actual factors are 2^4*5^2*7*11*47, which means it cannot be 3 Bytes per pixel. There might be some stream compression going on? But probably not, the number is too nice.
Looking at some of the data, most of it is quite noisy, which fits with a camera with a noisy digital sensor:
00000000 0e 08 06 02 04 06 00 02 00 04 01 04 0e 03 05 01 |................|
00000010 03 01 06 04 00 03 01 05 01 00 02 00 06 02 04 01 |................|
00000020 00 07 0c 0d 05 01 0a 0d 03 08 11 08 0c 03 06 06 |................|
00000030 08 02 07 04 01 01 07 02 05 06 10 04 07 01 04 02 |................|
00000040 02 01 0c 09 07 02 05 01 0d 04 00 05 0e 01 00 07 |................|
00000050 00 02 04 0a 11 04 07 04 01 00 0d 07 0f 06 03 02 |................|
00000060 06 04 0a 0b 03 08 02 0c 00 08 00 04 06 09 03 03 |................|
00000070 04 00 0a 04 01 06 00 00 02 08 0a 07 04 09 01 0b |................|
00000080 01 0c 0d 04 03 03 05 00 02 11 09 00 07 08 08 05 |................|
00000090 04 07 02 0c 00 13 01 06 07 02 08 0a 07 05 02 01 |................|
This area, at the beginning of the file, is likely to be close to all black.
So, of the common 3 bytes per pixel formats, you have BGR24, RGB24 or YUV24.
Because it's simpler to deal with RGB or BGR formats, let's whip up some short code to dump this to a png, using libpng.
First try:
#include <png.h>
#include <exception>
#include <memory>
int main() {
FILE * fpout;
FILE * fpin;
png_structp png_ptr = nullptr;
png_infop info_ptr = nullptr;
const unsigned width = 499;
const unsigned height = 967;
const unsigned channels = 3;
fpin = fopen("sample.raw", "rb");
if (!fpin)
throw std::exception();
std::unique_ptr<char[]> data(new char[width*height*channels]);
fread(data.get(), width*height*channels, 1, fpin);
fclose(fpin);
fpout = fopen("output.png", "wb");
if (!fpout)
throw std::exception();
png_ptr = png_create_write_struct(PNG_LIBPNG_VER_STRING, nullptr, nullptr, nullptr);
if (!png_ptr) {
fclose (fpout);
throw std::exception();
}
info_ptr = png_create_info_struct(png_ptr);
if (!info_ptr) {
png_destroy_write_struct(&png_ptr, nullptr);
fclose (fpout);
throw std::exception();
}
if (setjmp(png_jmpbuf (png_ptr))) {
png_destroy_write_struct(&png_ptr, &info_ptr);
fclose (fpout);
throw std::exception();
}
png_set_IHDR(png_ptr,
info_ptr,
width,
height,
8,
PNG_COLOR_TYPE_RGB,
PNG_INTERLACE_NONE,
PNG_COMPRESSION_TYPE_DEFAULT,
PNG_FILTER_TYPE_DEFAULT);
/* Initialize rows of PNG. */
std::unique_ptr<png_bytep[]> row_ptrs(new png_bytep[height]);
size_t stride = width * 8 * channels / 8;
for (size_t i = 0; i < height; ++i) {
size_t q = i * stride;
row_ptrs[i] = (png_bytep)data.get() + q;
}
/* Write the image data to "fp". */
png_init_io(png_ptr, fpout);
png_set_rows(png_ptr, info_ptr, row_ptrs.get());
png_write_png(png_ptr, info_ptr, PNG_TRANSFORM_IDENTITY, nullptr);
png_destroy_write_struct(&png_ptr, &info_ptr);
fclose (fpout);
}
Gives us:
http://i.imgur.com/Iwi3M.jpg
This is heartening, because it seems that we merely have the resolution wrong. So examining the image, it looks like the bar repeats itself every 467 pixels or there abouts. However, it does not look like there is anything interesting in the data. So it's likely not simple RBG or BGR or YUV encoding, otherwise, it would look nicer.
Raw Therapee doesn't recognize it. So, I'm asking you now. What camera did you use to make this?