Assignment 2 is due 2/10/20 on or before 11:59:59pm MST.
For a future homework assignment you will be hacking on a Linux server. The goal of this assignment is to familiarize yourself with accessing a Linux environment via SSH, along with developing skills on command line interaction and wargames.
First, register for a wechall account. You will need to submit your wechall username so that we can track your progress on the levels. After registering, you will need to link OverTheWire.org to your wechall account by doing the following:
- Click “Account” on the top of wechall.net
- Clink on the “Linked Sites” button
- On the “Select a site” dropdown, select “OverTheWire.org”
- Then click the “Link Site” button
Now, OverTheWire.org should show up in your list of linked sites, and we will be able to track your progress on Bandit from your user profile.
Then, the goal is to solve levels 5–10 (in other words reach level 11) on the overthewire.org Bandit challenges.
Before you start, be sure to read how to register your bandit progress with wechall and do so. This way, your bandit progress will be captured on wechall, which we will use to grade your progress.
Also, keep track in your README how you solved each level.
Note that Bandit is an open system, and the goal of this assignment is to practice and develop your own skills, so be honorable and do not read walkthroughs.
Submit on GradeScope the file README to gradescope. Note: you must include the
following line in your README (replace the
will your wechall username), or else the autograder won’t be able to
give you a grade:
wechall name: INSERT_WECHALL_NAME_HERE
Your goal is to write, in any language, a program which implements the given security policy. The security policy will be based on our in-class discussion of the security policy for a house.
The name of your house simulator will be called
Only users with an
authorized key can enter the house. To enter the
house, the user must first put their key in the lock, then turn the
lock, then enter the house, only if the key is valid. A house can be
rekeyed with new keys only by the owner, and only if the owner is
inside the house.
Firefighters can enter with the secret key (literal string)
The lock will always be accessed in the following way: insert key, turn the lock, then enter the house (it is not guaranteed that it is the same user, however). Other commands can be issued in between insert, turn, and enter, however they do not affect the lock state.
Testing if a key is valid is done when the lock is turned.
You must implement the following command-line interface for your server:
./secure_house <owner_name> <key_1> <key_2> ... <key_n>
<owner_name> is the name of the owner, and
<key_n> are all authorized keys for the house.
All inputs to the program (keys and names) will be
(alphanumeric, underscore, and dash). All matching is case-sensitive.
The input to your program (on standard input) will be a series of events separated by a newline. Your program must track these events and respond appropriately, while enforcing the security policy.
Every input will end in a newline, and every response must end in a newline.
INSERT KEY <user_name> <key>
<user_name> inserts key
key into the door. Response should be:
KEY <key> INSERTED BY <user_name>
TURN KEY <user_name>
<user_name> turns the key in the door. Possible responses are:
<user_name> TURNS KEY <key> or
FAILURE <user_name> UNABLE TO TURN
ENTER HOUSE <user_name>
<user_name> enters the
house. Possible responses are:
Who is currently inside the house? Response must be a
comma-separated list of user names, ordered by access time (earlier
<user_name_1>, <user_name_2>, <user_name_3>... or
NOBODY HOME if
there are no users in the house.
CHANGE LOCKS <user_name> <key_1> <key_2> ... <key_n>
<user_name> wishes to rekey the house with new given keys
<key_1>, <key_2>, ..., <key_n>.
Possible responses are:
ACCESS DENIED or
LEAVE HOUSE <user_name>
<user_name> leaves the
house. Possible responses are:
<user_name> NOT HERE
If any events are received that are not according to this
specification, the response must be:
Running the program as follows:
./secure_house selina foobar
Given the input:
INSERT KEY adam key TURN KEY adam ENTER HOUSE adam INSERT KEY pat foobar TURN KEY pat ENTER HOUSE pat WHO'S INSIDE?
The program will produce the following output:
KEY key INSERTED BY adam FAILURE adam UNABLE TO TURN KEY key ACCESS DENIED KEY foobar INSERTED BY pat SUCCESS pat TURNS KEY foobar ACCESS ALLOWED pat
Your program must work on Ubuntu 18.04 64-bit with the default packages installed. You’ll probably need to set up a virtual machine to do your development. VirtualBox is a free and open-source VM system.
We’ve created a test script called
test.sh to help you test your program before submitting.
- Download test.sh to the directory where your code lives (including
- Ensure that
chmod +x test.sh
There is also a test_debug.sh that
gives you the output of your program. This can help you with debugging
when the program appears to work from the command line, but not in the
test.sh script (it’s happened before).
Your program must be able to accept arbitrarily large input (and this will be tested by the autograder).
Submit on GradeScope your source code, along with a Makefile and
README. The Makefile must create your executable, called
secure_house, when the command
make is ran. Your README file must
be plain text and should contain your name, ASU ID, and a description of
how your program works.