User Account

All Pages

How software vulnerabilities can be exploited

Assignment Help Computer Network Security
Reference no: EM131267222

Objectives:

The main objective of this assignment is for the students to understand the security mechanisms in Unix-like operating systems and their interplay with software security, in particular:

- to learn practical access control mechanisms in Unix operating system, such as files and folder permissions and SUID programs, and how application security is affected by them;

- to learn how software vulnerabilities can be exploited to circumvent security mechanisms in both applications and operating systems.

Problem Description:

There are three problems in this assignment. To do this assignment, you will make use of an installation of Ubuntu Linux 12.04 (32 bit) in the Oracle VirtualBox virtual machine. The VirtualBox image of the Ubuntu installation is provided with this document and can be downloaded from the NTULearn site for this assignment, under the Group assignment menu. The assessment of the solutions to the problems listed below will be entirely done inside this particular installation of Ubuntu.

The Ubuntu installation for this assignment is a clone of the Ubuntu image provided for the tutorial sessions. In particular, it has the following users: admin, alice, bob, charlie, dennis, eve and fong.

User admin has the administrative privilege over the system, i.e., it can escalate its privilege to the root user.

The user bob maintains several applications that allows a user to access a certain ‘secret', when the right password is provided. These passwords are different from the user account passwords. To distinguish the two, we shall call these passwords as application passwords. Every user is assigned a unique secret and a unique application password. The secrets take the form of a string of alpha numeric characters. The application passwords and the secrets are stored in individual files. The locations for these files are summarized in Table 1. The application passwords are strings of lower- case letters, of length at most 14 characters.

IMPORTANT NOTE: Appendix A provides the account passwords, the application passwords and the secrets for all users. All these passwords and secrets, except those for user ‘charlie', will be changed during the assessment of your solutions. So your solutions must not hardcode any of these passwords and secrets other than charlie's.

User name

Application password file location

Secret file location

admin

/home/admin/Private/password

/home/admin/Private/secret

alice

/home/bob/Private/alice/password

home/bob/Private/alice/secret

bob

/home/bob/Private/bob/password

home/bob/Private/bob/secret

charlie

/home/bob/Private/charlie/password

home/bob/Private/charlie/secret

dennis

/home/bob/Private/dennis/password

home/bob/Private/dennis/secret

eve

/home/bob/Private/eve/password

home/bob/Private/eve/secret

fong

/home/bob/Private/fong/password

home/bob/Private/fong/secret

Table 1. Locations of application passwords and secrets. Each password is stored in a file called ‘password', and each secret is stored in a file called ‘secret'.

There are three main programs that a user can use to display his or her secret:

- user-secret: This program is used to access the secrets for the following users only: alice, charlie, dennis, eve and fong. It takes two arguments: a user name and an (application) password. If the application password supplied is correct for that user, the secret for the user will be displayed. The following screenshot shows an example of the output of a normal run of the program.

- bob-secret: This program is used by user bob to access his secret. It takes one argument, which is bob's application password. If the password is correct, bob's secret will be displayed. The following screenshot shows an example of the output of a normal run of the program.

- admin-secret: This program is used by user admin to access its secret. It takes one argument, which is admin's application password. If the password is correct, admin's secret will be displayed. The following screenshot shows the output of a normal run of the program.

In addition to the above three programs, there are additionally two helper programs:

- show-secret: This program is invoked by bob-secret to display bob's secret, in case of a successful authentication check. It is not supposed to be invoked by the users directly.
- register: This program is invoked by bob-secret to display an error message in case of an unsuccessful authentication check. It is not supposed to be invoked by the users directly.

All of the above programs, except for register, are SUID programs. Table 2 lists the locations of the binaries of the programs. The source code of these programs are written in C and are located in the same directory as their binaries. For your convenience, the source code of these programs are included in Appendix B.

There are further details about the permissions of each program above that you need to discover on your own. Pay particular attention to the SUID programs and their owners.

Table 2. Program locations

There are 3 (three) problems you need to solve for this assignment. For each problem, you are asked to write an attack program or script. These attack programs/scripts must be executed using user charlie's account. So in the following, we assume all attack programs/scripts are located in
/home/charlie/.

Problem 1

Your first task is to write an attack script or a program to display the secret of any of the following users: alice, charlie, dennis, eve, or fong. The attack program takes one argument, which is the user you want to attack. The attack must work when executed by user charlie. If your program/script works correctly, it should show something that looks like the following:

1012_figure.jpg

That is, each successful attack should display the word ‘Secret: ‘, followed by a string that is the secret.

Problem 2

For this problem, you are asked to write an attack script/program to display bob's secret. The attack program takes no argument. As in Problem 1, this attack must work when launched by user charlie. The following screenshot shows what a successful attack should look like:

1821_figure1.jpg

Problem 3

For Problem 3, you are asked to write a script/program to display the application password and the secret of the admin user. The attack program takes no argument. A successful attack should output something like the following:

1754_figure2.jpg

Again, as in previous problems, this attack must be successfully executed when logged in as charlie.

The attack should output two lines: the first one contains the application password (the line prefixed by ‘Password:') and the second one contains the secret of the admin user (the line prefixed with ‘Secret:').

Assessment

The assessment is based on two components:

1. Attack code execution: This is broken down to 15% for Problem 1, 15% for Problem 2 and 20% for Problem 3. The assessment of the correctness of your attack will be partially automated, so please make sure you follow the suggested output format as mentioned in the problem description above. Your solutions will be tested in the same virtual machine that is provided with this assignment, but with all password and secret values modified (except for charlie's passwords and secret). So you should make sure that you do not hardcode any of the sample passwords/secrets, other than charlie's, mentioned above in your solutions, as they will not work in the assessment process. Each attack must be successfully executed within 2 (two) minute. This is really a gross approximation; if you implement the attacks correctly, each attack should take only a few seconds to solve the given problem.

2. Report- There is no definitive structure of the report, but here are some guidelines of what we would expect from the report:

- As a general guideline we expect a division into three parts, corresponding to the division of the problems. But if you are able to find a single attack that solves all problems, in which case, the division per problem does not work so well and the report will be judged more holistically.

- We expect a detailed analysis of what are the vulnerabilities and how you exploit them. It is not enough, for example, to say that you do a ‘stack overflow' attack. You'd need to explain about the memory layout, what is the effect of the overflow, how do you subvert the control flow of the program, etc. Similarly, where the problem/solution concerns Unix security mechanism, I expect you to articulate clearly the aspects of the control mechanism that cause the vulnerability, and how you exploit them.

Reference no: EM131267222

Questions Cloud

What functionality did the site provide : 1. What functionality did the site provide? 2. How was information on the site organized? 3. Was the site easy to use? Explain
Find a binary matrix : How to apply network flow to find a binary matrix with given row and column sums?
What seems to be the message of each ad : What seems to be the message of each ad? How does the item help create or reinforce an image for the product being sold in the ad?
What are programming and algorithms : What are programming and algorithms? How are programming and algorithms related to our everyday lives?
How software vulnerabilities can be exploited : CE-CZ4062 Group assignment - CE4062-CZ4062: COMPUTER SECURITY (SYSTEM SECURITY) - Assignment is for the students to understand the security mechanisms in Unix-like operating systems and their interplay with software security
Listing of cricket matches score : Write a program in C++ to have a good game in the listing of Cricket Matches score update with ranking.
Bookkeeping aspects of a library : A university library system needs to be built in order to handle the bookkeeping aspects of a library and provide user-browsing facilities. The system allows borrower to search for a book on a particular topic or by a particular author. The borrow..
Explain how decisions are improved : Describe one or two examples of decisions that could be made using the information provided by managerial accounting. Provide specific examples and explain how decisions are improved when the information is used accurately
Evaluate how human resources development programs : Evaluate how human resources development programs that address the unique needs of some employees can be implemented to increase goodwill, attract, and retain quality employees.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Can this many users be supported under circuit-switching

A circuit-switching scenario in which Ncs users, each requiring a bandwidth of 20 Mbps, must share a link of capacity 100 Mbps.

  Describe how use of equipment software and multiplexing

write a 4-7 page paper including the followingmiddot analyze the current options available for use of tcpip and

  What would be a successful cybersecurity policy

Write an essay on the topic, "Building and implementing a successful cybersecurity policy". The following questions should be covered in the essay: What would be a successful cybersecurity policy

  Secure communication if organization uses symmetric cipher

An organization has 300 members. It is desired that each member of the organization be able to communicate securely with any other member. The organization uses a symmetric cipher.

  Potential logical threats that require attention

Information Systems Security, Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. Determine the impact of at least five (5) potential logical threats that require attention

  Create a meaningful and interesting lesson on cyberwarfare

Your goal is to use concrete examples and information and create a meaningful and interesting lesson on cyberwarfare. You have to persuade me that you have indeed watched the video and understood the gravity of the situation.

  You are the information security officer at a medium-sized

you are the information security officer at a medium-sized company 1500 employees. the cio asks you to explain why you

  Evaluate the benefits of upgrading software

Evaluate two possible replacement packages, one of which should be an upgrade to the current version of Microsoft Office. Evaluate the benefits of upgrading software as opposed to starting with a new produce line.

  Modern networks have to support a number of digital data

modern networks have to support a number of digital data protocols as well as digital audio protocols. the ability to

  Decrypt message using caesar rot-three substitution cipher

Decrypt the message "F R Q J U D W X O D W L R Q V B R X J R W L W" using the Caesar ROT3 substitution cipher.

  Explaining level of cyberphobia in workplace

After completing the Unit reading on the subject, give your sense of the level of cyberphobia in the workplace and your suggestions on dealing with it as an IT manager.

  What other ways can you track and measure the performance

what other ways can you track amp measure performance of a project other than earned value measurement evm? are some

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd