Assignment 3—Binary Pwnage
Assignment 3 is due 4/3/16 on or before 11:59:59pm MST.
Description
Your goal is to break a series of x86 binaries using the full range of your hacking skills.
Everyone in the class was sent a user account name and password, along with IP address and port. You have a local account on this server that starts at group 1.
Every challenge is at /var/challenge/level<X>
where <X>
is
replaced by the level numbers. So, at the start, you have access to
/var/challenge/level1
.
From there, once you break the binary (usually called the level
number, 1
in the case of the first level), you want to execute the
provided program l33t
. This will upgrade you to the next level. Note
that you will need to log out, then back into the server to see the
upgraded level. Otherwise, you could use
one of these tricks.
The score
program will output the current scores of all users on the
system.
Note that you cannot attempt level3 until you break level2, and similarly for all levels. This means that you should start early so that you have time to work on difficult/challenging levels.
Tools
You will need to sharpen your Linux hacking toolbelt. You will probably need to become familiar with the following tools to understand the binaries that you want to break:
- objdump
- gdb
- ltrace
- strace …
Evaluation
You will be awarded points based on how many levels are broken. Levels 1–10 are worth 10 points each, and levels 11–15 are worth a token 1 point each. However, who needs points when you see your hacker alias in all its glory on the scoreboard?
Submission Instructions
You will need to submit all source code written for this assignment, and a README. Your README file must contain your name, ASU ID, and a description of how you broke each level. The description is important and will affect how we grade your assignment.