Untitled

Distance Vector Table of Contents PROJECT GOAL………………………………………………………………………………………………………………… 2 Part 0: Getting Started………………………………………………………………………………………………….. 2 Part 1: Files Layout……………………………………………………………………………………………………….. 2 Part 2: TODOs………………………………………………………………………………………………………………. 3 Part 3: Testing and Debugging……………………………………………………………………………………….. 4 Part 4: Assumptions and…

Spanning Tree CS 6250 Table of Contents PROJECT GOAL………………………………………………………………………………………………………………… 2 Part 1: Setup………………………………………………………………………………………………………………… 2 Part 2: Files Layout……………………………………………………………………………………………………….. 2 Part 3: TODOs………………………………………………………………………………………………………………. 3 Part 4: Testing and Debugging……………………………………………………………………………………….. 5 Part 5: Assumptions and…

Auto-created product for remote checkout bridge payments.

In this mini-project, you’ll implement an agent that can solve Block World problems for an arbitrary initial arrangement of blocks. You will be given an initial arrangement of blocks and a goal arrangement of blocks, and return a list of moves that will transform the initial state into the goal state. You will submit the code for solving the problem to the Mini-Project 2 assignment in Gradescope.…

Background A fellow classmate, George P. Burdell, is looking for a new job in the US after graduation. As it can be complicated to compare job offers with benefits, in different locations, and other aspects beyond salary, he would like an app to help with this process and has asked for your assistance in creating a simple, single-user job offer comparison app.  As a first step, he would like you…

Resources https://hashcat.net/wiki/ Challenge Instructions To complete this exercise, you will need to leverage GDB in order to extract information embedded within the binary and weaponize it to attain the flag. Here are some guiding comments to bear in mind: Frustratingly, the source code (flag.c) is pretty sparse. However, we compiled the binary such that it preserved all of its symbols…

ec_shakespeare Resources The ROP tutorial video This ROP Emporium writeup Guidance In this challenge, we’re going to introduce and work with a particular kind of ROP gadget schema: the write-what-where (WWW) gadget! In our associated tutorial video, we show how we might pop a value into a given register so that it might be passed as an argument to an associated function call. For a single…

Step C.4: Exercise 3 02_report [10 pts] Resources See our buffer overflow tutorial video Challenge Instructions In this challenge, we are going to layer our comprehension of buffer overflows with some light digital forensics. To begin with, you will need to figure out a way to authenticate to the binary. Looking over the flag.c source code, you’ll note that the credentials are not immediately…

Step C.3: Exercise 2 01_mismatch [5 pts] Resources See our buffer overflow tutorial video Challenge Instructions Now it’s time for an unguided exercise for the section. This time you need to account for adjusting more than just 1 variable in memory. Here are some suggestions for getting you started: Your first actions should be the same as any other binary in the project: read the source code…

Step E.2: Exercise 1 02_guess_who [10 pts] Resources None Challenge Instructions This challenge is a little different. In this one, we’re cross examining what it means exactly to be “random”. Randomness – or entropy – is a classic staple in secrecy and security. We find it in things like cryptographic keys, secure communication protocols, and password salting – to name a few. Randomness – or at…

Step E.3: Exercise 2 02_trust_buster [10 pts] Resources See our buffer overflow tutorial video Challenge Instructions In this task, you’re initialized as a low-privileged app user. Your goal is to escalate your privileges in the binary towards becoming an admin and getting your flag. This exercise is less of a puzzle and more about recognizing how a variety of different software vulnerabilities…

Step D.3: Exercise 2 03_ROPscotch [15 pts] Resources See our ROP tutorial video Did you know pwndbg has a “search” function? Challenge Instructions In this task, we’re going to layer our working understanding of stack-based overflows in performing some ROP. Additionally, we’ll grapple with yet another vulnerability: Integer overflows! Look over the guidance below and then extend it to the…

Step D.2: Exercise 1 03_inspector_gadget [15 pts] Resources See our ROP tutorial video https://www.uclibc.org/docs/psABl-x86_64.pdf (see figure 3.4: register usage) https://cwe.mitre.org/data/definitions/367 https://cs.brown.edu/courses/cs033/docs/guides/x64_cheatsheet.pdf https://www.geeksforgeeks.org/python/python-write-bytes-to-file/ Challenge Instructions In this task, we’re going to build…

Step C.2: Exercise 1 O1_basic_overflow_2 [5 pts] Resources See our buffer overflow tutorial video py (see the Instructor’s Note in the code comments) Challenge Instructions In this task you will learn details about binaries compiled from C code (with gcc) in a Linux environment, and how some basic things can be exploited such as process redirection or control flow hijacking. We strongly…