User Account

All Pages

Most common methods of protecting code

Assignment Help Basic Computer Science
Reference no: EM13936262

This exercise looks at reverse engineering and \cracking" applications. For this exercise you should log into the VM as user: dan, password: dan!dan. In Dan's home directory you will nd two jarles, two ELF executables, the tool JD-GUI and the evaluation version of IDA pro.
For this exercise you need to use JD-GUI and IDA to analyse the applications and gain a complete understanding of what they do.

Part 1: Java Byte Code

The jar les employ two of the most common methods of protecting code: encryption and obfus- cation. As you will see neither of these methods will stop a determined analyst.

The rst jar le encrypts some of its code, however, the decryption key must be embedded in the application, and so an analyst can read the code. This is an example of \packing" which is a protection method often use by malware. This is done mainly to avoid signature based detection from malware scanners; the malware will re-encrypt itself with a di erent key each time it infects a computer, so making it look di erent each time it spreads.

The second jar le has been obfuscated, i.e., made deliberately hard to understand. This method of protection is often used by drive-by-download attack code which has been injected into a website. The point of this is to make it di cult for a casual observer to tell what the code is doing and so delaying the time it takes for anyone to realise that the code is malicious.

Question 1: exercise1.jar

The rst Java application is a simple password check (you can run the password check jar le by typing java -jar exercise1.jar at the command line). Use JD-GUI to nd the password for this program, describe in detail how the jar le tries to protect the password and how you found the password, explain each of the steps you took. Another version of this application (with the same password) is also running on one of the ports of the VM. Use nmap to nd out which ports are open and netcat (nc) to connect to them and nd the application. The version of the application listening on the port will give you a token in response to the correct password.

Question 2: exercise2.jar

The second Java application opens a dialog box that asks for a registration key. Find a registration key that this application will accept. Describe in detail how the jar le tries to protect the password and how you found the password (there is no token for this application).

Part 2: ELF Binaries

Executable and Linkable Format (ELF) is the standard format for linux executables. The two ELF executables in Dan's home directory can be run from the command line by typing ./exercise-03 and ./exercise-04. The rst is a simple password check program and the second is a more complex application for viewing GPG keys.

Question 3: exercise-03

The application exercise-03 asks you to enter a password in order to be given a message. Open this application in IDA by typing ./idaq exercise-03, examine the assembly code and run it in the IDA debugger. Work out how the password is being checked and what the message is. Describe in detail how the application checks the password and how you discovered this. In particular, describe the steps you went through and why. Another version of this application (with the same password) is also running on one of the ports of the VM. Use nmap to nd out which ports are open and netcat (nc) to connect to them and nd the application. The version of the application listening on the port will give you a token in response to the correct password. Submit this token on the website.

Question 4: exercise-04

The application exercise-04 is a larger program to display information about public keys. This application contains a back door that can be used to get a shell. Open this application in IDA, examine it, and nd the back door. This application is also running and listening on one of the ports of the VM as root. Use nmap to nd out which port it is running on, connect to it using netcat and exploit the backdoor to get root access to the VM. Describe in detail how the backdoor works and how you discovered it. In particular, describe the steps you went through and why. Once you have root access to the VM you will nd a nal token in the Ex5rootToken le, submit this to the token submission website

Reference no: EM13936262

Questions Cloud

Review the firms internal environment : Briefly review the firm's internal environment (what type of firm is it, what do they do, what products/services do they provide and where are they located), external environment (what are the key external factors that impact on the firm and its b..
Software designed to damage or perform undesirable actions : Background Malware (short for malicious software) refers to software designed to damage or perform undesirable actions on a computer system. Malware has become an increasingly profitable industry for business savvy hackers. Malware has also become..
Is this a real economic consequence : Comment on the claim that small companies wouldn't be able to invest as much cash in their own growth if they couldn't capitalize many costs. Is this a real economic consequence?
Explain how the euro may affect uk international trade : Explain how the euro may affect UK international trade. When South Korea's export growth stalled, some South Korean firms suggested that South Korea's primary export problem was the weakness in the Japanese yen.
Most common methods of protecting code : This exercise looks at reverse engineering and \cracking" applications. For this exercise you should log into the VM as user: dan, password: dan!dan. In Dan's home directory you will nd two jarles, two ELF executables, the tool JD-GUI and the eval..
What is underlying reason for strong demand for uk exports : Demand for exports. A relatively small UK balance of trade deficit is commonly attributed to a strong demand for UK exports. What do you think is the underlying reason for the strong demand for UK exports?
Is demand elastic, inelastic, or unitary elastic : Your boss tells you that the price elasticity of demand for hospital services is inelastic and therefore if you change the price there will be no change in the demand for hospital services. Explain whether she is correct or incorrect.
Explain what is useful or problematic in his approach : To prepare for this Discussion, review the resources. Post your perspective on Holland's properties and mechanisms of complex adaptive systems. Next, explain what is useful and/or problematic in his approach
Calculate the price elasticity of demand for medium pizzas : Calculate the price elasticity of demand for medium pizzas for SUNY Canton students. You must show your work to receive credit for your calculation. If the price of pizza increases by 1%, by what will the percentage change in quantity demanded of ..

Reviews

Write a Review

Basic Computer Science Questions & Answers

  What does function declaration and function call do

What does Function Declaration and Function Call do

  Available for mobile and portable internet access

List two of the options that are available for mobile and portable Internet access, and explain their strengths and weaknesses.

  What needs to be done to avoid such problem

Based on our class discussion regarding E-R Diagrams, if an attribute is appearing in a number of entity sets does this situation lead to the issue of data redundancy? If yes, what needs to be done to avoid such problem?

  Write a program that takes in input a set of search terms

write a program that takes in input a set of search terms, connects to Google's search engine, queries for the search terms, retrieves the HTML page containing the search results

  Describe how your architecture could be implemented

Read the case study titled "A Patient Infonnation System for Mental Health Care", Describe any shortcomings associated with your chosen architecture pattern for the case study. Describe how your architecture could be implemented in hardware and softw..

  Label the least and most significant bit

produce a truth table showing what the next state of the machine should be as a function of the current state. then produce a combinational circuit using gates and D-flipflops that implements this state machine. label the least and most significan..

  Traditionally non user input environment

To what extent should end users be involved in the design of a database? How have our ideas of agile development environments affected this traditionally non user input environment?

  Identify potential weaknesses of quality web design company

Identify potential weaknesses from either the Aircraft Solutions or Quality Web Design Company. In this phase, you will choose either Aircraft Solutions or Quality Web Design as the company you will work with.

  What is the message

The following padded ASCII-coded message is stored in successive memory locations in a computer.

  What staffing we would need for two possible scenarios

What could those be? If we outsource would we need to have someone from the company that monitors them? What skills or knowledge would they need.

  Case study program involved generating tests

You are required to design and implement a "Maths Test" program that generates simple maths questions, presents them one at a time to the user, and prompts them to enter the answer. The program determines whether the answer is correct and keeps tr..

  Describe how and why information systems are used today

Explain the main factors that you should consider before deciding whether to buy a laptop or a tablet. Identify the key features of a laptop and a tablet. Next, discuss three (3) important characteristics of each that might influence your decision.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd