Assignment 3—Binary Pwnage
Assignment 3 is due in two parts.
Part 1 is due 3/13/18 on or before 11:59:59pm MST.
Part 2 is due 3/25/18 on or before 11:59:59pm MST.
Your goal is to break a series of x86 binaries using the full range of your hacking skills.
Your username and password, along with the server IP address and port, are displayed on the assignment page on the submission server.
You have a local account on this server that starts at group
Every challenge is at
replaced by the level numbers. So, at the start, you have access to
From there, once you break the binary (usually called the level
1 in the case of the first level), you want to execute the
l33t (located at
/usr/local/bin/l33t). This will
upgrade you to the next level. Note that you will need to log out,
then back into the server to see the upgraded level. Otherwise, you
one of these tricks.
score program will output the current scores of all users on the
Note that you cannot attempt level3 until you break level2, and similarly for all levels. This means that you should start early so that you have time to work on difficult/challenging levels.
You will need to sharpen your Linux hacking toolbelt. You will probably need to become familiar with the following tools to understand the binaries that you want to break:
- pwntools …
You will be awarded points based on how many levels are broken.
Each level is worth 10 points each based on the due date (100 points total), and levels 11–? are worth a token .5 points each. Who needs points when you see your hacker alias in all its glory on top of the scoreboard?
Levels 1–5 are considered Part 1 of the assignment, and solving them before the Part 1 deadline will result in 100% of the points, solving them after the Part 1 deadline will result in 25% of the points.
How do you know if you have solved Levels 1–5? Because you will be on
level6 when you run
score before the Part 1 deadline.
You will need to submit all source code that you wrote for this
assignment, and a README by the Part 2 deadline. You do not need to
submit anything before the Part 1 deadline (if you are
score before the Part 1 deadline you are good).
Your README file must contain your name, ASU ID, and a description of how you broke each level. The description is important and will affect how we grade your assignment (and will prevent any possible academic integrity violations by demonstrating that you know how to solve the level).