Arvutiteaduse instituut
  1. Kursused
  2. 2023/24 kevad
  3. Turvalise programmeerimise meetodid (MTAT.07.015)
EN
Logi sisse

Turvalise programmeerimise meetodid 2023/24 kevad

  • Home Page
  • Lectures
  • Homeworks
  • Links

Homework 4 (5 + 5 points)

Please submit your report to secprog at cyber dot ee by May 31st 2024, 23:59 (EEST) .

Use the report template as a basis (download from here), you can write the report with whatever you prefer, but you will need to submit a PDF!

A recruiter has approached you with an amazing career opportunity. Dream role, dream pay, dream location and even 10 extra vacation days! However, in order to qualify you have to complete 2 test assignments before they hire you:

Task 1 - Token Generator (5 points)

Description

You are given two files: an executable called tokenGenerator and a database file called tokens.db. The executable is designed for generating Authentication tokens. The executable has three functionalities. First, you can add new entries to the database. Second, you can view the tokens of users. Third, you can check the owner of a provided token.

Analyze all the functionalities and identify any vulnerabilities in the program. Your ultimate goal is to obtain code execution through the application.

Task 2 - Login CLI (5 points)

Description

You are given two files: an executable called login and a log file called log.txt. Analyze the login functionality and the log file to identify any vulnerabilities in the program. Your goal is to log in and obtain the flag. NB! The flag is a unique word/name in English, not hash.

Expected output

A formal report, that

  • shortly summarizes, which approaches you tried (what worked and what did not);
  • describes the methodology and tools that you used;
  • provides Proof-of-Concept (PoC) for both tasks, this can be a set of steps, screenshots or a PoC script with explanations. We need to be sure that you understand the vulnerabilities that you exploit. In this part, it is mandatory to feature screenshots from your actual penetration testing process;
  • describes any other vulnerabilities or bad coding practices that you discovered during the process and that are relevant to the application.

Usage

  • Unzip the application files;
  • Run docker with docker compose up --build
  • Run the applications with docker exec -it python_app /bin/bash
  • Run the executable with ./executable_name
  • Arvutiteaduse instituut
  • Loodus- ja täppisteaduste valdkond
  • Tartu Ülikool
Tehniliste probleemide või küsimuste korral kirjuta:

Kursuse sisu ja korralduslike küsimustega pöörduge kursuse korraldajate poole.
Õppematerjalide varalised autoriõigused kuuluvad Tartu Ülikoolile. Õppematerjalide kasutamine on lubatud autoriõiguse seaduses ettenähtud teose vaba kasutamise eesmärkidel ja tingimustel. Õppematerjalide kasutamisel on kasutaja kohustatud viitama õppematerjalide autorile.
Õppematerjalide kasutamine muudel eesmärkidel on lubatud ainult Tartu Ülikooli eelneval kirjalikul nõusolekul.
Courses’i keskkonna kasutustingimused