Thursday, September 21, 2017

Using OpenCV for Redteams ("Rotate! Enhance!")

Often times when you are moving from office to office in the middle of the night trying to find credentials or sensitive data, your best option is to take a photo with your phone. It's handy, it's nearby, and it's often good enough.

Unfortunately, sometimes your nervousness and anxiety in the moment causes your hands to shake. Resulting in a blurry photo of potentially very important information.

For example, this photo:

You can make out some of the content here but the important part, the passwords and usernames isn't exactly legible.

Is this unusable? did you just mess up big time? did you just cost the success of your red team because of a shaky hand? maybe not.

OpenCV has an example python script called "deconvolution.py". All you need to do is supply the name of your file to the script and it will open two windows, one of the original, and one of the deconvoluted version:

$ python2.7 deconvolution.py --angle 180 --d 20 ~/IMG_4696.JPG.jpeg

On the deconvolution window, there are draggable scales at the bottom. Adjusting the angle, distance, and SNR allow you to clean up the photo somewhat. After about 5 minutes of playing with the controls, this was the best result I could get. It's good enough to get the username and most of the password:


You can tell that the first username is "Sally" and the password is "ZOMGSuperl33tPassw0rd!". The second username is "lolwut" and the second password doesnt come out that well in this static image.

HOWEVER, I found that quickly dragging the scales back and forth seem to trick your mind into blending edges together in a way in which you can figure out what the letters actually are. Do this enough and you can discover the password is "WhyDoesSallyHaveAccess?".


No comments:

Post a Comment