Software Security - S18

CSE 545

Assignment 1

Assignment 1 is due 1/23/18 on or before 11:59:59pm MST.

Part 1 (5 points)

Sign up for the course mailing list. Please provide your ASURITE ID number when you register so that we can give you credit for signing up.

Part 2 — Bandit (40 points)

For the homework assignments in this course, you will be hacking on a Linux server. The goal of this assignment is to familiarize yourself with accessing a Linux environment via SSH, along with developing skills on command line interaction and wargames.

First, register for a wechall account. You will need to submit your wechall username so that we can track your progress on the levels. After registering, you will need to link OverTheWire.org to your wechall account by doing the following:

  1. Click “Account” on the top of wechall.net
  2. Clink on the “Linked Sites” button
  3. On the “Select a site” dropdown, select “OverTheWire.org”
  4. Then click the “Link Site” button

Now, OverTheWire.org should show up in your list of linked sites, and we will be able to track your progress on Bandit from your user profile.

Then, the goal is to reach level 20 on the overthewire.org Bandit challenges.

Before you start, be sure to read how to register your bandit progress with wechall and do so. This way, your bandit progress will be captured on wechall, which we will use to grade your progress.

Also, keep track in your README how you solved each level.

Note that Bandit is an open system, and the goal of this assignment is to practice and develop your own skills, so be honorable and do not read walkthroughs.

Submission Instructions

You will need to submit a README. Your README file must contain your name, ASU ID, wechall username, and a description of how your broke each level.

Part 3 — C Backdoor “Web Server” (55 points)

A critical part of establishing persistence on a system is to leave a “backdoor” that allows the hacker access to the system at a later date, without exploiting the same vulnerabilities (they may be fixed in the meantime). In this assignment, you’ll explore writing a backdoor that pretends to be a web server. A web server makes a great pretense for a backdoor, because web traffic is so prevalent it does not raise red flags and ports 80 and 443 are frequently permitted through firewalls.

Your goal is to create, in C, a minimal HTTP 1.1 server, based on RFC 2616 from scratch, without using any libraries except for the C standard library.

The name of your backdoor executable will be normal_web_server

Interface

You must implement the following command-line interface for your server:

./normal_web_server <port>

Your server should listen for incoming connections to the given port, and respond to most requests with a valid HTTP 1.1 response with the 404 HTTP response code.

It is important that your server support valid HTTP 1.1 requests from HTTP clients (otherwise your backdoor will be detected), and your server should not cause the client to hang or otherwise malfunction.

The backdoor functionality is that when your server receives a GET request for a URL in the form of /exec/<command>, then your server should take <command> and execute it using the system libc function and the HTTP response will be the stdout of the executed command. The HTTP status code of the response should be 200. Note that there are no limitations to the characters in <command>, in other words, your program should capture the rest of the requested URL from the / after /exec to the end of the URL.

For instance, an HTTP GET of /exec/ls will return an HTTP response with the body of the output of the execution of the ls command on the server. An HTTP GET of /exec/ls%20-la will return an HTTP response with the body of the output of ls -la.

When the server is killed (Control-C via command prompt or the SIGINT signal is sent to the program), the server should release the port and safely terminate.

Implementation

Your program must work on Ubuntu 16.04 64-bit with the default packages installed. You’ll probably need to set up a virtual machine to do your development.

Network Server Programming Resources

These are some resources that prior years have found to help in writing networked server application:

Submission Instructions

You will need to submit your source code, along with a Makefile and README. The Makefile must create your executable, called normal_web_server, when the command make is ran. Your README file should contain your name, ASU ID, and a description of how your program works.

Extra Credit

Implement gzip encoding in Part 3 so that if the client supports gzip encoding, then the server sends the result of the command with gzip encoding.

Submission Site

Create an account to submit your homework on the course submisison site.

Please don’t forget your password.