Assignment 6 (100 points) — Pwnage
Assignment 6 is due 12/12/19 on or before 11:59:59pm MST. No late submissions will be accepted for this assignment.
Description
Your goal is to break a series of challenges using the full range of your hacking skills, including everything we have covered in class.
You will use your username and password given on the submission site to SSH into the server located
at hackme.cse365f19.adamdoupe.com
(using
ssh <username>@hackme.cse365f19.adamdoupe.com
).
Every challenge is at /var/challenge/<X>
where <X>
is
the name of the challenge.
Once you break a challenge, you will want to execute the program
l33t
, which will mark that you broke the level. If you do not
execute l33t
, then you won’t have broken the level.
You can see how you (and the rest of the students) are doing on
assignment 6 by executing the command score
.
Tools
You will need to sharpen your Linux hacking toolbelt. You might need to become familiar with the following tools to understand the programs that you want to break:
- objdump
- gdb
- ltrace
- strace
- wireshark …
Evaluation
You will be awarded points based on how many levels you broke. Each level is worth 13 points, maximum of 105 points from levels.
Extra Credit
If you finish 5 levels by 12/2/19 before 11:59:59pm MST, you’ll get an additional 10 points on assignment 6. So, the maximum total points you can recieve on assignment 6 is 115/100.
Submission Instructions
You will need to submit all source code written for this assignment, and a README. Your README file must contain your name, ASU ID, and a description of how you broke each level. The description is important and will affect how we grade your assignment.
Submit your homework on the course submisison site.
Bug Bounty
If you manage to get root on the server, you will get 50 additional points.