Assignment 2

Due date: Part 1 -- November 8, 11.59pm; Part 2 -- November 15, 11.59pm. You are encouraged to work with a partner.

Submission Format: UTM Submit system. Use this submission checklist for part 1.

Part 2 will be available on November 9. Absolutely no late submits on Part 1!

Software Security

[20 Marks] (Ubuntu804Server_2013) There is now an Ubuntu804Server VM in /virtual_machines on your lab computer. It is running a very small web application which, when run on a lab machine, is available at http://192.168.0.100/fourFours/. You should run there unless you know how to configure networking for vmware at home. It is important that you choose "I moved it" when starting up this VM. If you already chose "I copied it", remove the folder and untar the VM again.
1. [10 Marks] Part 1: The fourFours web application may be vulnerable. Using only a web browser or other remote tools (on the host machine), find out as much about the application as you can. Don't assume that you can attempt to login to the guest VM, that you have 'physical' access to the guest vm etc. Imagine that the guest VM is being hosted by a company on the web, you do not have control over this machine, you can only see it via port 80 (http). Write a report on what you have discovered. The more you know about the application, its internals, its users etc. the better. You can build your own tools or use others to investigate the application. Provide step by step instructions detailing how you discovered information and how to carry out exploits. Marks for this problem are based on the amount of detail discovered and the collection of exploits listed (both number and type). All attacks are to be remote, you should assume that you do not have direct access to the machine running the web application. The above is called penetration testing.
2. [10 Marks] Part 2: You can log into this VM using username: root, password: 743vulnerable@u1m. Look at fourFours application vulnerabilities and then fix them, hardening the application. That is, fix any of the issues you found with the application and the server that made it easy for you to get your job done as a hacker. Submit a writeup of the steps your took to harden the application. Submit any modified code etc. You can find the web application at /var/www. You can (and should) do whatever you think is necessary to lock down this application.

Cryptography

[5 Marks] Key-Exchange
1. [5 Marks] Part 1: Finish the dhke_bob.py so that it carries out Bobs half of the exchange. When sample_run.bash is executed, it should print out.txt. You will have to modify the code a bit for the smaller runs, and more significantly for the final, large integer runs. See the reference dhke_bob.py regarding computing powers recursively,
[8 Marks] Hash Functions
1. [2 Marks] Part 1: Use openssl (see dgst) (installed in the lab) to determine which of threeLaws1.txt or threeLaws2.txt or threeLaws3.txt the sha1 hash came from.
2. [6 Marks] Part 1: Consider the hash function byte_sum which breaks its input into bytes and sums them up mod 256. For example, byte_sum(12 200 55 33 121 99)=(12+200+55+33+121+99)mod 256=8 Show that this hash function is not good, by considering each of the following properties in turn. Is byte_sum preimage resistant, 2nd-preimage resistant, collision resistant? Prove your answers.
  - preimage resistance: given y, it is computationally difficult to find x such that h(x)=y.
  - 2nd-preimage resistance: given x, it is computationally difficult to find x1 such that h(x)=h(x1).
  - collision resistence: it is computationally difficult to find x0 and x1 such that h(x0)=h(x1).
[15 Marks] Block Ciphers and Message Authentication Codes
1. [5 marks] Part 1: Suppose (c) is 1 block long, and (a,b) are two strings multiple of block length. Assume CBC-MAC(a||c) = CBC-MAC(b||c) and that the ideal block cipher is used in CBC-MAC. Explain for which most general class of messages (d), CBC-MAC(a||d) = CBC-MAC(b||d)
2. [5 marks] Part 1: Let (a, b) be two strings of one block long. Suppose the sender sends (a, CBC-MAC(a)), (b, CBC-MAC(b)), (a||b, CBC-MAC(a||b)) Find a new messages/MAC pair which the attacker can now forge from the messages/MACs given above.
3. [5 marks] Part 2: This image file was encrypted using DES algorithm. Find the secret message encoded in the file and document how you discovered it and the vulnerability in the encryption.
[15 Marks] Public Key Cryptography
1. [5 marks] Part 1: Let p=71, q=89, n=pq and e=3. Find an RSA decryption key d. Then compute the signatures of m1 = 5416 and m2=2397. Find a third message/signature pair which the attacker can forge from the messages/signatures computed above.
2. [10 marks] Part 2: Please find the following:
  My Certificate: sergey_cert.pem
  A Certificate Signing Request: req.pem
  openssl.zip (to be unzippe in your directory on a cslinux lab machine).
  
  Your job is to understand and document the following scripts (in this order): openssl/caSetup, openssl/caAnswerCSR, makeCSR/doIt, crypto/doIt (you need to complete these two).
  
  The result of running these scripts leaves files in the openssl directory. Zip all of this and submit it back, again, with your documented scripts.
Q and A Section:
1. Q: "Can I get a hint for part2 Q3 question?" A: It's a bitmap image, so try to understand its format. If you can't solve the question, document your attempts. Partial marks might be granted.
2. Q: "Am I allowed to use external tools for Q1?" You are allowed to use anything. But remember that the marks are awarded for showing that you understand how the exploits work. So if you just copy/paste the output of the tools, you will be given very few marks. You need to document/describe how/why the exploits work.
3. Q: "Can you tell us what you expect to see for question 1?" A: This is a penetration testing exercise. You should try to find as much as possible. Some questions to consider: find information about the remote database (type, version, etc.), find what's stored in the database (how many databases there are, tables, fields, can you extract this information in other than brute-force way? can you modify the database?), cross-site scripting attacks, can you make the cross-site scripting silent? (i.e. the user doesn't know he is exploited).
4. Q: "In A2, you have "CBC-MAC(a||c)" notation, could you please clarify what this means?" || simply refers to concatenation of two strings. If strings a and c are one block each, then CBC-MAC(a||c) is an invocation of CBC-MAC on two blocks. Now you have to figure out what it actually equals to."
5. Q: "Do I need to do any XSS attacks on question 1?" A: You are performing penetration testing of the application. If there are XSS attacks, you will need to find them. In the explanation, state something like: if user does this and that, ... then something bad happens.
6. Q: "About the Hash question b, when you say "Is byte_sum preimage resistant, 2nd-preimage resistant, collision resistant? Prove your answers.", what do you exactly mean with "prove" ? Explain each of the properties or do we have to show formally?" A: If the property is satisfied, then given a formal or semi-formal (anything convincing) argument. If the property is not satisfied, then give a counter-example.
7. Q: "I can't log into the Ubuntu VM. What is the username/password?" A: From the assignment description: "Using only a web browser or other remote tools (on the host machine), find out as much about the application as you can. Don't assume that you can attempt to login to the guest VM". So you are supposed to penetrate the application from outside.