COMPUTER SECURITY (SYSTEM SECURITY) ASSIGNMENT
Objectives:
The main objective of this assignment is for the students to understand the security mechanisms in Unix-like operating systems and their interplay with software security, in particular:
- to learn practical access control mechanisms in Unix operating system, such as files and folder permissions and SUID programs, and how application security is affected by them;
- to learn how software vulnerabilities can be exploited to circumvent security mechanisms in both applications and operating systems.
Problem Description:
There are three problems in this assignment. To do this assignment, you will make use of an installation of Ubuntu Linux 12.04 (32 bit) in the Oracle VirtualBox virtual machine. The VirtualBox image of the Ubuntu installation is provided with this document and can be downloaded from the NTULearn site for this assignment, under the Group assignment menu. The assessment of the solutions to the problems listed below will be entirely done inside this particular installation of Ubuntu.
The Ubuntu installation for this assignment is a clone of the Ubuntu image provided for the tutorial sessions. In particular, it has the following users: admin, alice, bob, charlie, dennis, eve and fong. User admin has the administrative privilege over the system, i.e., it can escalate its privilege to the root user.
The user bob maintains several applications that allows a user to access a certain 'secret', when the right password is provided. These passwords are different from the user account passwords. To distinguish the two, we shall call these passwords as application passwords. Every user is assigned a unique secret and a unique application password. The secrets take the form of a string of alpha numeric characters. The application passwords and the secrets are stored in individual files. The locations for these files are summarized in Table 1. The application passwords are strings of lower-case letters, of length at most 14 characters.
Problem 1 - Your first task is to write an attack script or a program to display the secret of any of the following users: alice, charlie, dennis, eve, or fong. The attack program takes one argument, which is the user you want to attack. The attack must work when executed by user charlie.
Problem 2 - For this problem, you are asked to write an attack script/program to display bob's secret. The attack program takes no argument. As in Problem 1, this attack must work when launched by user charlie.
Problem 3 - For Problem 3, you are asked to write a script/program to display the application password and the secret of the admin user. The attack program takes no argument. A successful attack should output something like the following:
Assessment
The assessment is based on two components:
1. Attack code execution: This is broken down to 15% for Problem 1, 15% for Problem 2 and 20% for Problem 3. The assessment of the correctness of your attack will be partially automated, so please make sure you follow the suggested output format as mentioned in the problem description above. Your solutions will be tested in the same virtual machine that is provided with this assignment, but with all password and secret values modified (except for charlie's passwords and secret). So you should make sure that you do not hardcode any of the sample passwords/secrets, other than charlie's, mentioned above in your solutions, as they will not work in the assessment process. Each attack must be successfully executed within 2 (two) minute. This is really a gross approximation; if you implement the attacks correctly, each attack should take only a few seconds to solve the given problem.
2. Report: There is no definitive structure of the report, but here are some guidelines of what we would expect from the report:
- As a general guideline we expect a division into three parts, corresponding to the division of the problems. But if you are able to find a single attack that solves all problems, in which case, the division per problem does not work so well and the report will be judged more holistically.
- We expect a detailed analysis of what are the vulnerabilities and how you exploit them. It is not enough, for example, to say that you do a 'stack overflow' attack. You'd need to explain about the memory layout, what is the effect of the overflow, how do you subvert the control flow of the program, etc. Similarly, where the problem/solution concerns Unix security mechanism, I expect you to articulate clearly the aspects of the control mechanism that cause the vulnerability, and how you exploit them.
Attachment:- Assignment.rar