Foro de elhacker.net

Programación => Ingeniería Inversa => Mensaje iniciado por: ScarfyS en 3 Agosto 2010, 17:54 pm


Título: Ayuda en acabar de sacar unas coordenadas gps encriptadas (trabajo medio hecho)
Publicado por: ScarfyS en 3 Agosto 2010, 17:54 pm
tengo un archivo dat donde contiene unas coordenadas en gps con la veolcidad altura etc. con el editor hexadecimal he podido encontrar la linea exacta de cada coordenada y identificar la latitud y longitud pero no se descifrarlo, aqui dejo un ejemplo:
lineas del dat en hexadecimal
Código:
00 00 00 00 01 A8 69 BD 02 A0 6A E1 00 01 C9 13 00 00 03 13 60 C2 05 A0 6A E1 00 01 C9 13 00 00 02 68 11 F3 05 A0 6A E1 00 2E 00 00 00 03 39 00 00 00 FC B7 72 02 03 96 11 00 CC 05 00 00 00 00 00 00 00 00
83 58 00 00 00 00 00 00 00 00 00
83 66 00 00 00 00 00 00 00 00 00
83 61 00 00 00 00 00 00 00 00 00
83 64 00 00 00 00 00 00 00 00 00
83 6A 00 00 00 00 00 00 00 00 00
83 5F 00 00 00 00 00 00 00 00 00
83 62 00 00 00 00 00 00 00 00 00
83 69 00 00 00 00 00 00 00 00 00
83 62 00 00 00 00 00 00 00 00 00
83 60 FF FF 06 00 02 00 00 55 00 
93 CB 02 00 1C 00 FC FF F1 00 89 01
83 60 02 00 15 00 03 00 FB 28 01
83 67 03 00 17 00 02 00 4B 47 01
83 6B 04 00 16 00 FF FF FF 3C 01
83 5C 06 00 0F 00 04 00 3F ED 00
83 63 06 00 11 00 01 00 99 07 01 
93 C9 00 00 00 00 00 00 F2 FE 00 00
83 65 00 00 00 00 00 00 00 00 00
83 66 00 00 00 00 00 00 00 00 00
83 61 00 00 00 00 00 00 00 00 00
83 66 00 00 00 00 00 00 00 00 00
83 C6 FF FF D4 FF B1 FF 00 67 02
83 62 00 00 00 00 00 00 00 00 00
83 67 00 00 00 00 00 00 00 00 00
83 69 00 00 00 00 00 00 00 00 00
83 5E 00 00 00 00 00 00 00 00 00
83 70 00 00 00 00 00 00 00 00 00
83 66 00 00 00 00 00 00 00 00 00 
93 B8 07 00 04 00 FB FF B9 00 8D 00
83 65 02 00 06 00 00 00 A6 5C 00
83 64 00 00 00 00 00 00 A1 00 00
83 67 FD FF 04 00 03 00 00 4F 00
83 78 FA FF 01 00 00 00 68 70 00
83 4E FF FF 02 00 FF FF 98 22 00
83 9E FE FF 09 00 00 00 7D 83 00
83 67 00 00 00 00 00 00 83 00 00
83 25 00 00 00 00 00 00 00 00 00
83 63 00 00 00 00 00 00 00 00 00
83 63 00 00 00 00 00 00 00 00 00
83 68 00 00 00 00 00 00 00 00 00
83 62 00 00 04 00 FF FF 00 38 00
83 65 02 00 08 00 00 00 79 75 00
83 64 07 00 00 00 F8 FF 01 82 00
83 6A 0B 00 05 00 00 00 4C D8 00 
93 C2 00 00 00 00 00 00 3A FF 00 00 

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

aqui las coordenadas reales:
Código:
total time,total time unit,real time,distance,distance unit,total distance,total distance unit,latitude,longitude,altitude,altitude unit,speed,speed unit,pace,pace unit,fix quality
00:00:00.57,"HHMMSSSS",2010-08-03 15:27:13.74,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:01.45,"HHMMSSSS",2010-08-03 15:27:14.62,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:02.47,"HHMMSSSS",2010-08-03 15:27:15.64,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:03.44,"HHMMSSSS",2010-08-03 15:27:16.61,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:04.44,"HHMMSSSS",2010-08-03 15:27:17.61,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:05.50,"HHMMSSSS",2010-08-03 15:27:18.67,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:06.45,"HHMMSSSS",2010-08-03 15:27:19.62,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:07.43,"HHMMSSSS",2010-08-03 15:27:20.60,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:08.48,"HHMMSSSS",2010-08-03 15:27:21.65,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:09.46,"HHMMSSSS",2010-08-03 15:27:22.63,0.00,"km",0.00,"km",41.1210600000,1.2541916667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:10.42,"HHMMSSSS",2010-08-03 15:27:23.59,0.00,"km",0.00,"km",41.1210583333,1.2542016667,148,"m",0.0,"km/h",0:00,"min/km",3
00:00:12.45,"HHMMSSSS",2010-08-03 15:27:25.62,0.00,"km",0.00,"km",41.1210616667,1.2542483333,148,"m",8.7,"km/h",6:54,"min/km",3
00:00:13.41,"HHMMSSSS",2010-08-03 15:27:26.58,0.00,"km",0.01,"km",41.1210650000,1.2542833333,148,"m",8.5,"km/h",7:03,"min/km",3
00:00:14.44,"HHMMSSSS",2010-08-03 15:27:27.61,0.00,"km",0.01,"km",41.1210700000,1.2543216667,148,"m",11.2,"km/h",5:21,"min/km",3
00:00:15.51,"HHMMSSSS",2010-08-03 15:27:28.68,0.00,"km",0.01,"km",41.1210766667,1.2543583333,148,"m",11.2,"km/h",5:22,"min/km",3
00:00:16.43,"HHMMSSSS",2010-08-03 15:27:29.60,0.00,"km",0.02,"km",41.1210866667,1.2543833333,149,"m",13.4,"km/h",4:28,"min/km",3
00:00:17.42,"HHMMSSSS",2010-08-03 15:27:30.59,0.00,"km",0.02,"km",41.1210966667,1.2544116667,149,"m",9.7,"km/h",6:10,"min/km",3
00:00:19.43,"HHMMSSSS",2010-08-03 15:27:32.60,0.00,"km",0.02,"km",41.1210966667,1.2544116667,149,"m",0.0,"km/h",0:00,"min/km",3
00:00:20.44,"HHMMSSSS",2010-08-03 15:27:33.61,0.00,"km",0.02,"km",41.1210966667,1.2544116667,149,"m",0.0,"km/h",0:00,"min/km",3
00:00:21.46,"HHMMSSSS",2010-08-03 15:27:34.63,0.00,"km",0.02,"km",41.1210966667,1.2544116667,149,"m",0.0,"km/h",0:00,"min/km",3
00:00:22.43,"HHMMSSSS",2010-08-03 15:27:35.60,0.00,"km",0.02,"km",41.1210966667,1.2544116667,149,"m",0.0,"km/h",0:00,"min/km",3
00:00:23.45,"HHMMSSSS",2010-08-03 15:27:36.62,0.00,"km",0.02,"km",41.1210966667,1.2544116667,149,"m",0.0,"km/h",0:00,"min/km",3
00:00:25.43,"HHMMSSSS",2010-08-03 15:27:38.60,0.01,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:26.41,"HHMMSSSS",2010-08-03 15:27:39.58,0.00,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:27.44,"HHMMSSSS",2010-08-03 15:27:40.61,0.00,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:28.49,"HHMMSSSS",2010-08-03 15:27:41.66,0.00,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:29.43,"HHMMSSSS",2010-08-03 15:27:42.60,0.00,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:30.55,"HHMMSSSS",2010-08-03 15:27:43.72,0.00,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:31.57,"HHMMSSSS",2010-08-03 15:27:44.74,0.00,"km",0.03,"km",41.1210950000,1.2543383333,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:33.41,"HHMMSSSS",2010-08-03 15:27:46.58,0.00,"km",0.03,"km",41.1211066667,1.2543450000,140,"m",6.7,"km/h",9:00,"min/km",3
00:00:34.42,"HHMMSSSS",2010-08-03 15:27:47.59,0.00,"km",0.03,"km",41.1211100000,1.2543550000,140,"m",3.4,"km/h",17:32,"min/km",3
00:00:35.42,"HHMMSSSS",2010-08-03 15:27:48.59,0.00,"km",0.03,"km",41.1211100000,1.2543550000,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:36.45,"HHMMSSSS",2010-08-03 15:27:49.62,0.00,"km",0.03,"km",41.1211050000,1.2543616667,141,"m",0.0,"km/h",0:00,"min/km",3
00:00:37.65,"HHMMSSSS",2010-08-03 15:27:50.82,0.00,"km",0.03,"km",41.1210950000,1.2543633333,141,"m",3.7,"km/h",16:01,"min/km",3
00:00:38.43,"HHMMSSSS",2010-08-03 15:27:51.60,0.00,"km",0.03,"km",41.1210933333,1.2543666667,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:40.01,"HHMMSSSS",2010-08-03 15:27:53.18,0.00,"km",0.03,"km",41.1210900000,1.2543816667,140,"m",4.5,"km/h",13:19,"min/km",3
00:00:41.04,"HHMMSSSS",2010-08-03 15:27:54.21,0.00,"km",0.03,"km",41.1210900000,1.2543816667,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:41.41,"HHMMSSSS",2010-08-03 15:27:54.58,0.00,"km",0.03,"km",41.1210900000,1.2543816667,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:42.40,"HHMMSSSS",2010-08-03 15:27:55.57,0.00,"km",0.03,"km",41.1210900000,1.2543816667,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:43.39,"HHMMSSSS",2010-08-03 15:27:56.56,0.00,"km",0.03,"km",41.1210900000,1.2543816667,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:44.43,"HHMMSSSS",2010-08-03 15:27:57.60,0.00,"km",0.03,"km",41.1210900000,1.2543816667,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:45.41,"HHMMSSSS",2010-08-03 15:27:58.58,0.00,"km",0.03,"km",41.1210900000,1.2543883333,140,"m",0.0,"km/h",0:00,"min/km",3
00:00:46.42,"HHMMSSSS",2010-08-03 15:27:59.59,0.00,"km",0.03,"km",41.1210933333,1.2544016667,140,"m",4.4,"km/h",13:46,"min/km",3
00:00:47.42,"HHMMSSSS",2010-08-03 15:28:00.59,0.00,"km",0.03,"km",41.1211050000,1.2544016667,140,"m",4.4,"km/h",13:39,"min/km",3
00:00:48.48,"HHMMSSSS",2010-08-03 15:28:01.65,0.00,"km",0.04,"km",41.1211233333,1.2544100000,140,"m",7.1,"km/h",8:25,"min/km",3
00:00:50.42,"HHMMSSSS",2010-08-03 15:28:03.59,0.00,"km",0.04,"km",41.1211233333,1.2544100000,140,"m",0.0,"km/h",0:00,"min/km",3


lo que he podido deducir es lo siguiente:
-Las dos primeras lineas indica la coordenada incial ni idea de como sacarla ni si hay mas informacion.
- si una coordenada tiene la siguiente forma: 83 60 FF FF 06 00 02 00 00 55 00  
las FF FF son la latitud y 06 00 la longitud.
-La parte que hay despues del 83 diria que tiene algo k ver con el tiempo
-las lineas que empiezan por 93 indican que se ha pasado del reposo a una velocidad x y viceversa.
archivo dat en cuestion http://www.megaupload.com/?d=I3RT98CE (http://www.megaupload.com/?d=I3RT98CE)

Título: Re: Ayuda en acabar de sacar unas coordenadas gps encriptadas (trabajo medio hecho)
Publicado por: MCKSys Argentina en 3 Agosto 2010, 19:35 pm
Deberías tener en cuenta cómo se guardan los números en punto flotante.

Fíjate que según el tamaño con el que hallan sido declarados, ocuparán más o menos bytes.

Puedes probar de ingresarlos en Olly usando el formato Hexa y asi ver qué numeros son...

Bueno, es una idea  ;D

Saludos!

Título: Re: Ayuda en acabar de sacar unas coordenadas gps encriptadas (trabajo medio hecho)
Publicado por: ScarfyS en 4 Agosto 2010, 16:45 pm
he descubierto algunas cosillas mas:
83 60 FF FF 06 00 02 00 00 55 00

el 83 indica que empieza la coordenada

el 60 es el tiempo que hay entre la coordenada actual y la siguiente, si paso este valor a decimal y lo sumo me da el siguiente tiempo. Sobre los decimales aqui los omite supongo que despues el programa se encarga de ponerlos.
 
FF FF es la longitud de la coordenada, si la coordenada es la misma que la anterior son todo ceros, por lo tanto este valor en hexadecimal no expresa la longitud tal cual si no una variacion de la longitud anterior o algo parecido. Sobre los decimales aqui diria que tampoco hay porque las variaciones son muy pequeñas y o hacen falta, si lo paso a decimal el numero no es muy descabellado pero de momento no le veo relacion

06 00 indica la latitud y es lo mismo que antes

02 00 indica la altitud, pasandolo a decimal tampoco veo una relacion trivial.

00 55 nidea

00 son los metros recorridos pero no veo la relacion si lo paso a decimal.

¿alguna idea?






Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines