I'm a totally noob on this thing. I need to edit a file with an hex editor.
-At offset 0x2E27EE
put this code:
80 21 09 02 09 22 12 06 9F 44 11 80 03 49 C3 02 C9 18 11 80 70 47 FE FF FF 01 00 00 00 00 30 B5 91 B0 68 46 00 F0 F3 F8 6D 46 01 35 06 4A AA 20 00 00 05 49 55 20 00 00 90 20 00 00
-At offset 0x5E4BD2:
put this code:
C1 DD E3 D7 D5 00 D9 00 BE DD EA D9 E6 E8 DD E8 DD 00 5C D6 ED 00 BB E2 E9 D6 DD E7 5D FB CC E3 E1 00 CC DD E4 E4 D5 E8 D5 00 D8 D5 00 CE DC D9 BF E2 E8 00 D9 00 BB E2 E9 D6 DD E7 FE E4 D9 E6 00 E4 E3 DF D9 E1 E3 E2 E1 DD E0 E0 D9 E2 E2 DD E9 E1 AD D7 E3 E1 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
Opening the file i can't search for that.
img
I know that I'm doing something wrong.. can you tell me what? Thanks.
Related
Has anyone seen (fixed?) a problem with strings of zeroes in audio data captured with the AL5645 codec microphone input on the Coral dev board? It's happening for me with default settings using arecord, as well as my python code using PyAudio. 16 bit (mono) samples, sample rates 16000Hz and 44100Hz. e.g. 83 ce 34 0b 09 3f 00 00 00 00 00 00 2b 0e 2b 0e b0 d0 5a b9 ee d9 00 00 00 00 75 44 75 44 75 44 ba 38 8a ff e6 c6 00 00 00 00 00 e7 00 e7 00 e7 85 26 f4 46 bc 2e
?
Cheers,
Mark
Can anyone tell me the algorithm to calculate checksum (B0 B1) of the KIA AUTO CAN Mesage, how it is calculated from other byte?
algorithm to calculate 2 bytes of checksum from CAN mesage
ID DLC CRC Data Bytes
B0 B1 B2 B3 B4 B5 B6 B7 B8 B9 B10 B11 B12 B13 B14 B15
03A0 16 F4 7B 2D 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 B9 93 2E 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 9D 3B 2F 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 8D 61 30 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 A9 C9 31 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 E4 21 32 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 C0 89 33 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 5F E1 34 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 7B 49 35 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 36 A1 36 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 12 9 37 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 08 70 38 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 2C D8 39 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 61 30 3A 00 FF FF FF FF 00 00 00 00 00 00 00 00
03A0 16 45 98 3B 00 FF FF FF FF 00 00 00 00 00 00 00 00
I am trying to take part in a CTF challenge. I have a pcap file of a jpg file transfer. I know that the jpg starts with FF D8 FF and ends with FF D9.
The problem is that I have no idea how to extract the file itself.
The file is in here:
00000226 67 0d 0a 0d 0a ff d8 ff e0 00 10 4a 46 49 46 00 g....... ...JFIF.
00000236 01 01 00 00 01 00 01 00 00 ff db 00 43 00 03 02 ........ ....C...
..
00015617 d2 51 95 15 f7 e1 c0 d8 e9 6d 58 c8 07 71 c7 40 .Q...... .mX..q.#
00015627 3a 79 53 19 33 54 00 05 b4 92 07 33 5e af 54 2d :yS.3T.. ...3^.T-
00015637 1f ff d9 ...
As you can see it's mixed with 67 0d 0a 0d and the other information. I tried to copy the relevant parts and cut out the offset and ascii (?) section left and right with python and then imported the hexdump to this site to create a jpg of the hex dump.
Unfortunately that didn't work. The resulting image is extremely distorted and I can't read anything on it.
Does anyone have an advice? Not a full solution, just a tip so I can wrap my head around it myself.
Thanks.
I am implementing a server and have an issue with the handshaking. When I get the arp request the response is given ok, then I get the SYN. I respond to the SYN with a SYN ACK but I don't get an ACK back.
The sequence numbers and ack's seem to be in order as well as the id's, the checksums add up aswell to. Any ideas why the SYN ACK is not getting recieved?
Arp Request:
0000 ff ff ff ff ff ff e0 3f 49 b7 8e 39 08 06 00 01
0010 08 00 06 04 00 01 e0 3f 49 b7 8e 39 c0 a8 00 01
0020 00 00 00 00 00 00 c0 a8 00 0c
Arp reply:
0000 ff ff ff ff ff ff 00 14 a5 76 19 3f 08 06 00 01
0010 08 00 06 04 00 02 00 14 a5 76 19 3f c0 a8 00 0c
0020 e0 3f 49 b7 8e 39 e0 3f 49 b7 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00
SYN:
0000 00 14 a5 76 19 3f e0 3f 49 b7 8e 39 08 00 45 00
0010 00 34 1e d2 40 00 80 06 5a 94 c0 a8 00 01 c0 a8
0020 00 0c 13 79 00 50 95 01 61 8e 00 00 00 00 80 02
0030 20 00 c3 59 00 00 02 04 05 b4 01 03 03 08 01 01
0040 04 02
SYN ACK:
0000 e0 3f 49 b7 8e 39 00 14 a5 76 19 3f 08 00 45 00
0010 00 2c 1e d2 40 00 80 06 5a 9c c0 a8 00 0c c0 a8
0020 00 01 00 50 13 79 d6 a2 5f 1b 95 01 61 8f 60 12
0030 05 ee d0 e6 00 00 02 04 05 78 00 00
I'm trying to read public transport cards and I've figured out the data format mostly but the record dates and times are a mystery. Some data:
e1 a2 00 00 ce 04 05 b1 7e 00 68 22 0a 10 00 ce - 01.03.2014 23:36
e4 a2 00 00 ce 04 e5 7b 7e 00 e4 2e 0a 10 00 e9 - 04.03.2014 16:31
e4 a2 00 00 4c 04 43 8c d0 07 30 00 01 00 00 72 - 04.03.2014 18:42
e4 a2 00 00 ce 04 65 8d 7e 00 7c 17 0a 10 00 a2 - 04.03.2014 18:51
ea a2 00 00 ce 04 25 63 7e 00 70 09 0a 10 00 f1 - 10.03.2014 13:13
ec a2 00 00 ce 04 25 63 7e 00 70 09 0a 10 00 da - 12.03.2014 13:13
f3 a2 00 00 ce 04 85 69 7e 00 64 3b 0a 10 00 9d - 19.03.2014 14:04
f5 a2 00 00 ce 04 e5 89 7e 00 70 22 0a 10 00 ba - 21.03.2014 18:23
f6 a2 00 00 ce 04 6a 00 82 01 68 22 2a 10 00 df - 22.03.2014 00:03
fb a2 00 00 ce 04 85 75 7e 00 84 17 0a 10 00 2a - 27.03.2014 15:40
fb a2 00 00 ce 04 a5 91 7e 00 78 17 0a 10 00 a6 - 27.03.2014 19:25
c1 a2 28 00 ce 04 0b 6b 00 00 74 17 08 10 04 94 - 28.01.2014 14:16
c7 a2 00 00 ce 04 a5 5d 7e 00 6c 09 0a 10 00 1b - 03.02.2014 12:29
c7 a2 00 00 ce 04 25 6c 7e 00 68 2d 0a 10 00 68 - 03.02.2014 14:25
c7 a2 0e 00 ce 04 eb 6d 00 00 88 17 08 10 04 45 - 03.02.2014 14:39
ce a2 00 00 ce 04 85 52 7e 00 68 09 0a 10 00 77 - 10.02.2014 11:00
ce a2 00 00 ce 04 e5 5c 7e 00 64 09 0a 10 00 58 - 10.02.2014 12:23
eb a2 00 00 ce 04 85 41 7e 00 80 22 0a 10 00 dd - 11.03.2014 08:44
eb a2 00 00 ce 04 85 6a 7e 00 a4 28 0a 10 00 66 - 11.03.2014 14:12
eb a2 20 00 ce 04 8b 6e 00 00 7c 17 08 10 04 e0 - 11.03.2014 14:44
|| || || || ** ** ** ** **
Date? Time?
Stars represent known data (as in I know what those mean and they aren't relevant to date and time)
Provided dates are correct, because they're from usage history printout.
I've tried converting values to unix timestamps, seconds, milliseconds and much more, but I can't determine the format. Also the data might be in little endian.
I'm not sure about possible timezone, data might be in UTC, UTC+2 or UTC+3.
I appreciate any help.
I figured out the format, it goes like this:
All data is in little endian.
To get the time in minutes, the value must be bitsifted to right five times.
For example:
6e8b >> 5 = 884
884 minutes = 14 hours, 44 minutes (14:44)
Date is days from 1.1.1900. For example:
a2eb = 41707 (11.03.2014)