User Account

All Pages

Create a decrypt function in python

Assignment Help Other Engineering
Reference no: EM133032955

Lab 6

Download the binary lab6-1 Download lab6-1and copy it to your virtual machine.

Using IDA, reverse engineer the binary to determine the password.

This binary requires you to enter non-printable characters. To test this in IDA

Download the binary lab6-2 and copy it to your virtual machine
Using IDA, reverse engineer the binary to determine the password
You will need to create a python function to help you create a 'decrypt' of the 'encrypt' function

Questions

What is the expected password for lab6-1? Explain how you were able to determine this.

What is the expected password for lab6-2? Explain how you were able to determine this.

Create a decrypt function in python for lab6-2.

Lab 7

For both of these binaries, you need to pass a crafted string as the command line argument to the binary. In these cases, you need to pass unprintable values (values that don't correspond to characters on the ASCII table). To do this, you need to leverage another binary or scripting language to print these characters. You can use any language of your choice (within reason) but I would recommend Python. Ultimately, you should be able to run your program like ./lab7-1 $(python2 lab7-1.py)

NOTE: You must disable address randomization in order for you to complete this lab. You can do this using the following command: sudo bash -c 'echo 0 > /proc/sys/kernel/randomize_va_space' - you will have to repeat this command every time you restart your virtual machine.

Part 1: lab7-1
Download the binary lab7-1 Download lab7-1and copy it to your virtual machine.
Using IDA and/or gdb-peda, reverse engineer the binary to determine the argument that causes the 'correct' statement to be printed to screen.
[lab7-1.py] Write a script or source file that when run, prints the argument to standard out so that it can be passed as input to lab7-1.

Part 2: lab7-2
Download the binary lab7-2 Download lab7-2and copy it to your virtual machine.
Using IDA and/or gdb-peda, reverse engineer the binary to determine the argument that causes the 'correct' statement to be printed to screen.
[lab7-2.py] Write a script or source file that when run, prints the argument to standard out so that it can be passed as input to lab7-2.

Questions
For lab7-1, describe how your input alters the execution path of the program.

For lab7-2, draw a diagram of the stack frame for the 'unsafe' function after the call to strcpy(). Highlight how your input alters the execution path of the program.

Lab 8

Setup
You will need to install some of the utilities included in radare2 (namely rasm2). Since we don't need the most 'up-to-date' version of Radare2 we can easily install with apt. Run the command: sudo apt-get install radare2

To check that you have the tools required run: rasm2

If everything is setup properly, you should see output like:

Usage: rasm2 [-ACdDehLBvw] [-a arch] [-b bits] [-o addr] [-s syntax]
[-f file] [-F fil:ter] [-i skip] [-l len] 'code'|hex|-
Helper C Code
int main(int argc, char **argv)
{

char shellcode[] = "";
int (*func)();
func = (int (*)()) shellcode;
(int)(*func)();
}

//rasm2 -a x86 -b 32 -f hello.asm -C
//gcc -m32 -z execstack example_runner.c -o shellcode

Part 1: Hello World!
[lab8-1.asm] Write an assembly listing of shellcode that will write the string "System Calls are Cool!" to the file "/tmp/syscall.txt" using whatever means you deem necessary. (Good system call resource: System Calls Table w/ Arguments (Links to an external site.)
Assemble your shellcode and test it in C to validate it works.

Part 2: No Nulls Allowed.
[lab8-2.asm] Write an assembly listing of shellcode that will spawn a shell (/bin/sh).
Modify your assembly listing to ensure that it would be injected properly if injected via the strcpy function.
Recall which bytes are not allowed for strcpy.

Questions
Which bytes are not acceptable.

Deliverables
Code files: lab8-1.asm, lab8-2.asm

Lab 11.

Installation
This lab utilizes the Ghidra Reverse engineering tool. To install the tool we need to install both a Java Runtime and Ghidra.

Please run the following commands

sudo apt install default-jdk
wget
unzip ghidra_10.0.4_PUBLIC_20210928.zip
To run Ghidra you need to enter the unzipped ghidra directory and run the ghidraRun file

cd ghidra_10.0.4_PUBLIC
./ghidraRun

Lab 11-1
Download lab11-1 Download lab11-1and determine the necessary input to get the 'Correct' output. You will likely want to use a python file for your input.

Lab 11-2
Download lab11-2 Download lab11-2and determine the necessary input to get the 'Correct' output. This lab is almost certainly the hardest of the class. I recommend that you examine the different functions and flow of the program. Start at the end. What makes 'Correct' appear? What data is being compared against? How is user input manipulated and checked? Determine the operations that manipulate the input and write a python program to reverse them (similar to the decrypt step in Lab 6).

Questions
1. How does lab11-1 manipulate the data in the program? How did you determine the correct answer?

2. What operations are occurring in lab11-2? Describe the steps you took to arrive at your solution.

Deliverables
[lab11-1.py]: A python file that when run with lab11-1 will result in the correct output

[lab11-2.py]: A python file that when run with lab11-2 will result in the correct output. This file should essentially work backwards from the provided data within the program. It is not acceptable to just print out the answer.

Attachment:- Labs.rar

Reference no: EM133032955

Questions Cloud

Applying the concept of personal jurisdiction : Determining jurisdiction in the courts can be confusing and complicated, but it is an important legal doctrine that businesses cannot ignore. Jurisdiction can a
Threats of the global tourism sector : 1. What are the current and future opportunities and threats of the global tourism sector?
Characteristics of sports marketers and merchandisers : Please explain the main characteristics of sports marketers and merchandisers, and what is required to become a sports marketer, and what to develop?
Sustaining the global competitiveness of a firm : What managerial skills and leadership styles do you believe are most critical for sustaining the global competitiveness of a firm?
Create a decrypt function in python : Create a decrypt function in python - draw a diagram of the stack frame for the 'unsafe' function after the call to strcpy()
What side effects could the vaccine have on children : What are some reasons that the covid-19 vaccine should not be required for children?
Degrees of freedom for between groups : Carol is curious as to whether Australia has the same average petrol prices to New Zealand and Indonesia.
What is globalization in business : 1. What are some practices of Corporate Social Responsibility?
Prenatal effects of many environmental agents : Why is it difficult to determine the prenatal effects of many environmental agents, such as drugs and pollution?

Reviews

Write a Review

Other Engineering Questions & Answers

  Discuss role government plays in a global economy

Discuss role government plays in a global economy. Also, look at what policies are currently in place and then discussion what policies should be put in place.

  Digital signal processing

1. Explain in brief the design stages for digital IIR filters. Design a low pass IIR filter to meet the following specification.

  ENGIN5304 Advanced Robotics Assignment Problem

ENGIN5304 Advanced Robotics Assignment Help and Solution, Federation University, Australia - Calculate degrees of freedom

  Describe the purpose of an acceptable use policy

Describe the purpose of an Acceptable Use Policy you have selected and explain how the AUP helps provide confidentiality, integrity, and availability

  What do think will be greatest challenge in college

What is your career goal when you graduate? 3 years after you graduate? 10 years after? 25 years after? What do think will be greatest challenge in college

  Discuss the article where physical security failed

Propose a possible change in that organization's physical security that could have prevented the breach/failure for that scenario

  How are the developers trying to sell the technology

How has this technology been received, accepted, or rejected? Why? Is it feared or favored? What is the attitude toward change? How are the developers trying to sell the technology to the general public?

  Develop assessment skills using a computer workstation

Develop assessment skills using a Computer Workstation Assessment Checklist designed to assess awkward working postures that may be contributed

  ENGIN5507 Ore Reserve Estimation Assignment

ENGIN5507 Ore Reserve Estimation Assignment Help and Solution, Federation University - Assessment Writing Service

  The u.s.system of volume measurement

In the U.S.system of volume measurement, a pint is 2 cups, a cup is 8 ounces, an ounce is 2 tablespoons, and a tablespoon is 3 teaspoon. Write a program that requests a volume in cups and that displays the equivalent volumes in pints,ounces,tables..

  What air pollutants do think luster and integrity

What air pollutants do you think might be responsible for the deterioration of the vehicle paint color, luster, and integrity? Carefully explain your answer

  Project brief prototype electric freight train

EAT 100: DESIGN, DRAWING AND PRACTICAL SKILLS Design, Build and Test Project Brief "Prototype Electric Freight Train". Your electric rail vehicle must carry as much ballast as possible to a maximum load of 1kg. 1kg of ballast will occupy a volume of..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd