___          _                                  _     _____ 
 / _ \        (_)                                | |   |____ |
/ /_\ \___ ___ _  __ _ _ __  _ __ ___   ___ _ __ | |_      / /
|  _  / __/ __| |/ _` | '_ \| '_ ` _ \ / _ \ '_ \| __|     \ \
| | | \__ \__ \ | (_| | | | | | | | | |  __/ | | | |_  .___/ /
\_| |_/___/___/_|\__, |_| |_|_| |_| |_|\___|_| |_|\__| \____/ 
                  __/ |                                       
                 |___/                                        
 _____ _____  _____   _____  ____ _____  _____                
|  ___/  __ \|  ___| |  _  |/ ___|  _  ||  _  |               
| |__ | /  \/| |__   | |_| / /___| |/' || |_| |               
|  __|| |    |  __|  \____ | ___ \  /| |\____ |               
| |___| \__/\| |___  .___/ / \_/ \ |_/ /.___/ /               
\____/ \____/\____/  \____/\_____/\___/ \____/           

Assignment 3

Overview

In this assignment you will complete a Capture-the-flag (CTF) style challenge. You will be presented with a linux virtual machine and will be required to solve a set of challenges to obtain the root password.

Instructions

Log in to the virtual machine with Username: user and Password: user. Proceed to recover the root password via a stack buffer overflow.

Requirements

  • A modern computer with about 500Mb of free disk space. The VM is based on tinycore Linux, and the compressed image is only about 80Mb to download.
  • The VirtualBox virtual machine player. (Note: You can use any VM player that supports .ova VMs, however the instructions below are specific to VirtualBox and may differ slightly if you decide to use a different player such as VMWare).
  • You may need to install the Virtual Box extension pack.
  • The assignment3-VM.ova virtual machine image available for download in OWL -> ECE 9609 -> Resources

Directions

  • Import the virtual machine image into your virtual machine player.
    • File -> Import appliance -> assignment3-VM.ova -> Continue -> Import
  • Start the VM: Assignment 3 -> Start
  • Login to an account and recover the root password

The VM is currently configured to use a host-only network adapter, which provides network access between your host OS and the VM only. Your VM does not need actual/full-on internet access for you to complete the challenges. You can discover the machine’s IP address by typing:

ifconfig | grep inet

You can use the IP address to download/upload files using utilities like scp.

IMPORTANT: the exploit has been configured to be run over ssh. If you log into the VM terminal directly, the environment variables will be different, and the buffer overflow won’t work.

Tips

  • Stack buffer overflows can be tricky to exploit for a beginner. See this excellent tutorial video for more information.
  • The administrator chose a weak password. Try this password list of the 1,000 most common passwords.

What to submit

Take the Assignment 3 test in OWL under the Tests and Quizzes tab.