共计 4140 个字符,预计需要花费 11 分钟才能阅读完成。
CS 4640: Assignment 2
Network and system security
February 24, 2019
Guidelines
Please read and follow the guidelines articulated here.
Groups. As stated in class, on the website, and on Piazza, this assignment will be done in groups of 5 or
- Here are the groups for this assignment.
Group Members - Benjamin Alston, Jessi Bierbaum, Evan Raab, Daniel Stutz, Elizabeth Valentine, Yao Wang
- Joyanta Debnath, James Glowacki, Ian Gradert, Ziliang Luo, Xin Man, Sriram Srinivasan
- Mercury Cagley, Derek Choi, Donny Dong, Owen Kueter, Zichen Zheng, Gongyu Zhou
- Yongheng Fan, Joshua Magri, Tucker Snider, Anthony Tran, Jiahua Zhang
- Connor Eschrich, Spencer Gritton, Bryce Kosinski, Greg Mich, Xiao Song, John Thiede
- James Bongiovanni, Logan Brown, Jake Espey, Ziqing He, Chris Schulstad, Bincheng Wang
If you are unable to get in touch with any of your team-mates, send me an email ASAP and I’ll put you in
touch. I will take complaints of discrimination and harassment extremely seriously and these will be reported
to the appropriate authorities. You are expected to treat your classmates with respect and kindness.
Submission. The following rules will apply for all submissions.
The assignment is due on April 9th at 11:59:00 pm on ICON.
Late submissions will result in a 10% penalty per day.
Each team will only submit one set of solutions to be graded.
You are expected to be able to explain all answers in your submission.
Non-PDF or non-typeset submissions will face a 10% penalty.
Group member feedback. Each team member may also complete the following series of questions about
their team mates and group experience: https://goo.gl/forms/udAhn8yl… You will receive a
1% bonus for completing this review. Submissions will not be accepted after May 1st.
1 - Network Security (40 points)
- (40 points) Man-in-the-middle by ARP poisoning. You will implement the ARP poisoning attack in a
virtual environment on your computer. You will receive full points as long as the following are true:
You are not poisoning non-virtual devices.
You can show me the ARP table of the victim device before and after the attack.
You can show me the packet captures on the attacker and victim device before and after the
attack.
You can show me that traffic is now being man-in-the-middled by the attacking device.
I recommend doing this by running multiple VMs of Ubuntu 16.04 Server on your computer and
designating one of them as the attacker and all the others as the potential victims. Set up each of
these devices so that they are all within their on LAN and not connected to the Internet. Now, have two
of the non-attacker devices start communication with each other for the first time. An ARP request
should follow from the device sending the first packet. Your attacker will need to race the response
from the victim. The attacker should then act as a man-in-the-middle for all traffic between these
devices – i.e., make a copy of each incoming packet meant for the victim and then pass it to the victim.
You should submit all source code needed to replicate your work.
You will find the following tools to be quite helpful: tcpdump, ping, arp, and VirtualBox. - (20 points) Bonus! Implement a defense so that the victim is less vulnerable to poisoning.
- (20 points) Bonus! Implement a mechanism to make sure that the attacker wins the race with the
victim practically 100% of the time. - System Security (40 points)
- (40 points) Download the VM disk image provided at https://drive.google.com/open…
Use VirtualBox to make a Linux machine with the downloaded disk image. Log
in to the student-login account using the password cs4640. You will find 2 folders level-1 and
level-2 on the Desktop. Your job is to exploit the binaries of the programs in each of these folders
to read the contents of flag1 and flag2 – files owned and readable only by their owners. The source
code of these binaries have been provided to help you.
You should submit your exploit scripts – each one in its own folder and clearly labeled.
Hint. Are the inputs to the programs sanitized? Can format strings be used to expose memory
contents to get you into a position to read data that you shouldn’t be able to?
Note. These problems were designed by Prof. Antonio Bianchi who was kind enough to also volunteer
office hours at the same time as mine to help you with them. He also does research in systems security
and is looking for students! If you enjoy these problems, go to Antonio’s office hours and let him know! - (20 points) Bonus! Extract the contents of flag3. If you do this, get in touch – we’d like you to be
one of the first members of our UIowa CTF team. - Credit reel (20 points)
You get 20 points just for submitting this assignment with a well written and formatted credit reel! Use the
following section to tell us what references you used to complete this assignment (e.g., stackoverflow posts,
wikipedia, etc.), who helped you IRL or on Piazza, and which team-mates did which parts of the assignment.
WX:codehelp
正文完