Please complete Tasks 1-5 here. Please set the value of BUF_SIZE to 136 for the Level 1, Level 2, and Level 3 tasks. Please complete Tasks 1-4 here (Task 5 is optional and bonus points will be assigned). Please set the value of BUF_SIZE to 32 for the Return-to-LibC lab.
The Lab Setup files (stack.c, call_shellcode.c) can be downloaded here and here.
Submit the source code as a .zip file containing your code, as well as a writeup explaining what you did as a pdf document on Canvas. Include your full name in the writeup. Name the .zip file as x-project1.zip and the writeup as x-project1.pdf, where x is your first and last name. For example, if your name is "Jane Doe," you should be handing in two files named "JaneDoe-project1.zip" and "JaneDoe-project1.pdf."
Please complete Tasks 1-4 here. Please complete Tasks 1-6 here.
The Lab Setup files can be downloaded from here and here.
Please see here for a short video on Lab Setup.
IMPORTANT: There is an issue with the built-in container setup for the CSRF lab. For your attack to work please go to the attacker container and run the following command: sudo chmod +x /var/www/attacker
Submit the source code as a .zip file containing your code, as well as a writeup explaining what you did as a pdf document on Canvas. Include your full name in the writeup. Name the .zip file as x-project2.zip and the writeup as x-project2.pdf, where x is your first and last name. For example, if your name is "Jane Doe," you should be handing in two files named "JaneDoe-project2.zip" and "JaneDoe-project2.pdf."
Homework 1. Assigned on 10/3/22. Due on 10/19/22 at 11:59pm.
Please complete Tasks 2-7 here.
The Lab Setup files can be downloaded from here.
IMPORTANT: Here is a hint for Task 6.3: Your solution should not only make use of the fact that the next IV is known, but that the IV used by Bob and next IV have all hex digits in common starting after the 8th hex digit. In fact, you will need to wait until the next IV and the IV used by Bob are the same *starting after the 6th hex digit.* The reason is that your attack needs to take into account the fact that CBC mode encryption uses padding. You do not need to know exactly what the padding procedure is, but just that the padding that is added will be the same when the input plaintexts have the same length.
IMPORTANT: For Task 7 please use the following ciphertext:
442187958311d908b7a8d3824af8cd651bc47a03bdca345b96fbe7f67e9b84ee
The IV used in generating the above ciphertext was: 010203040506070809000a0b0c0d0e0f
Please note that there seems to be some inconsistency in the lab writeup, and a different IV is also listed in the description of Task 7 (aabbccddeeff00998877665544332211).
Submit the source code as a .zip file containing your code, as well as a writeup explaining what you did as a pdf document on Canvas. Include your full name in the writeup. Name the .zip file as x-project3.zip and the writeup as x-project3.pdf, where x is your first and last name. For example, if your name is "Jane Doe," you should be handing in two files named "JaneDoe-project3.zip" and "JaneDoe-project3.pdf."
Homework 2. Assigned on 11/2/22. Due on 11/9/22 at 11:59pm.