ASU CSE 466

Homework 6 is live! It is due at 12:00pm MST on Wednesday 10/03/18. At exactly 12:00pm, the homework server will become inaccessible.

Homework 6 is a “shellcoding” assignment. Shellcoding is the art of injecting code into a program, during exploitation, to get it to carry out actions desired by the attacker [1].

In terms of submission and so forth, Homework 5 is based on the same high-level concept as the rest. There is a /flag file, and you get to choose one binary on which the SUID flag will be set. The binaries that you are allowed to choose are all under the /pwn directory.

Each program takes user input on stdin and will filter and execute your shellcode. If your shellcode successfully runs, you can use it to read the /flag file.

Read the syllabus.html the full details of the grading system.

Collaboration Policy

These challenges are not as unique as other homeworks. You may collaborate with students in terms of understanding assembly, but you may not work with them on their actual solutions.

Accessing Homework 6

You can access the HW3 submission and management interface using netcat, or a similar program:

nc cse466.pwn.college 23

When you use this interface to Solve Challenge, it will start an ssh server. It will tell you something like:

[+++] Path to Binary: /pwn/babypwn/babypwn6_testing_14794979742557037701
d2d50525e808
88e473a341b6fa545cf1444f139858bb3e1903db867055e0e777ad48f8c15bc3
CONTAINER ID        IMAGE               COMMAND                   CREATED             STATUS                  PORTS                   NAMES
88e473a341b6        hw6                 "/bin/sh -c \"/start\""   1 second ago        Up Less than a second   0.0.0.0:22214->22/tcp   hw6_zardus

This means that the container is running on port 22214! You can now ssh in like so:

ssh hw6@cse466.pwn.college -p 22214

Your password is your asurite.

For scriptable interaction, look into pwn.remote to connect to the management interface and pwn.ssh to ssh in.

Resources

Useful resources: