SI485H: Stack Based Binary Exploits and Defenses (F15)
Home Policy Calendar Resources

Lab 03: Tracing is fun, but gdb is funner!

Table of Contents

Submission Instructions

Submission instructions for labs can be found on the resource pages. In paticular, you should view this subsection: Creating a new branch and submitting

Part 1: GDB's Secrets (1 point)

Description

  • Given the compiled program main, use gdb to trace and analyze it to find the secret message

preliminaries

  • The assignment can be completed on your VM machine
  • gitlab repository 
http://saddleback.academy.usna.edu/aviv/lab-3.1

Instructions

  • fork and clone the repo
  • You will find a single file: main
  • Use gdb to analyze the file and determine the embeded secret message
  • Once found, fill in the json file: 
    {
  "msg" : "Secret message",
  "description": "Description of where and how the secret message was found"
}

Submission Requirements

  • solution.json

Hint

  • You don't need to run the program to find the secret. The computation is not relevant.
  • Use the gdb print function to look at extraneous bytes interpreted in different ways

Part 2: Crack the Secret II (3 point)

Description

  • Crack the decrypted text

preliminaries

  • The assignment can be completed on any machine but you must have access to the saddleback VM
  • gitlab repository 
http://saddleback.academy.usna.edu/aviv/lab-3.2

Instructions

  • fork and clone the repo
  • You will find one file to complete
    • crack_secret.c : complete the decryption function
  • ssh to the saddleback vm: 
    ssh -p 2222 saddleback.academy.usna.edu
  • Execute the following program to get your secret message 
    ~aviv/lab/03.2/get_secret

    You will get a key and IV, but you need to figure out the encryption routine. Use objdump and gdb to figure that out.

  • Once you've cracked the secret, complete the solution.json file: 
     {
   "msg": "the secret message"
   "description" : "short description of how you cracked the message",
}

Submission Requirements

  • crack_secret.c
  • solution.json solution information

Hints

  • Because gdb doesn't like setuid, you might have a hard time tracing due to permission issues. But, you can copy the file and try and trace the encryption routine yourself.

Part 3: The input is … (2 point)

Description

  • Using gdb and objdump, determine the input that will produce the secret message.

preliminaries

  • The assignment can be completed on your VM machine
  • gitlab repository: 
    http://saddleback.academy.usna.edu/aviv/lab-3.3

Instructions

  • fork and clone the repo
  • You will find one pre-compiled binary file
    • a.out : complete the decryption function
  • Using gdb (or objudmp or whatever) determine how to get the binary to print the secret message.
  • Once you've cracked the secret, complete the solution.json file: 
     {
   "inpput": "input key",
   "msg": "the secret message",
   "description" : "short description of how you cracked the message"
}

Submission Requirements

  • solution.json solution information

Hints

  • Use gdb to do some tracing of the logic
  • To what and from what are the comparisons occurring?