辅导案例-7CCSMSEN
7CCSMSEN: Security Engineering Coursework1: Break ’em All Lorenzo Cavallaro http://s2lab.kcl.ac.uk Systems Security Research Lab – Cybersecurity Research Group Department of Informatics, King’s College London DEADLINE: Dec 23 @ 11:59pm GMT Lorenzo Cavallaro (S2Lab) 7CCSMSEN DEADLINE: Dec 23 @ 11:59pm GMT 1/ 5 Break ’em All I Goal Break into all the levels/challenges and prove that you are more than just a script kiddie A number of challenges of increasing difficulties (lev1 to lev10) Challenges in /var/challenge/levelX You start from lev0 (group) You can read the source code of the challenge corresponding to the level you’re in Breaking the current level will give you access to the next one Ultimately execute the command /usr/local/bin/l33t Logout and log back in Now you have access to the next level ;-) Lorenzo Cavallaro (S2Lab) 7CCSMSEN DEADLINE: Dec 23 @ 11:59pm GMT 2/ 5 Break ’em All II Check where you are by using the command score At lev0 you show up no where. . . Check your email for login information :-) Do discuss on KEATS’ forum—but don’t give answers away Let everyone have fun! Lorenzo Cavallaro (S2Lab) 7CCSMSEN DEADLINE: Dec 23 @ 11:59pm GMT 3/ 5 Break ’em All III Solutions must be submitted to KEATS. To this end, create a .tar.gz that include the following information: For each challenge that you have successfully solved, a program named exploit that successfully performs the exploit A file named README.txt containing a short discussion of additional information, such as interesting findings, alternative exploit techniques The .tar.gz file must be structured as follows: Lorenzo Cavallaro (S2Lab) 7CCSMSEN DEADLINE: Dec 23 @ 11:59pm GMT 4/ 5 Break ’em All IV -solutions/ README level1/ Makefile exploit level2/ Makefile exploit.c ... ... If you need to compile some source file to obtain the exploit executable, provide a Makefile that does that. The exploit program can be written in either C, C++ or python Lorenzo Cavallaro (S2Lab) 7CCSMSEN DEADLINE: Dec 23 @ 11:59pm GMT 5/ 5