Starting from:

$30

Project 2: What's the Password?

Project 2 
Project 2: What's the Password?

Description
Throughout most of your CS or CoE studies, you work creating or modifying programs or computers – in a
word: building. However, sometimes the best way to learn about something is to break it. In this project
you will be deconstructing existing programs that each have a secret password or passphrase that needs
to be input in order to unlock the program.
I am providing you with 3 compiled executables. Each one requires you to enter a sequence of ASCII
characters to "unlock." Unlocking the programs will draw upon the things we are studying this term.
You will also write a tool to help you with solving the first program. In UNIX/Linux, there is a program
called strings that dumps out the sequences of ASCII characters that are 4 or more characters long.
Part 1: mystrings (40 points)
The mystrings program should take a filename from the command line and read the bytes of the file, looking
for strings of printable characters (ASCII values between 32 and 126 decimal). A string is a run of at least
4 consecutive printable characters and ends whenever a non-printable character is encountered.
Whenever you find such a string, print it out, one per line.
You can check the operation of your program via the real strings program, and do a man strings to learn
about how it works. You do not need to support all of the features of the real strings program. It has
knowledge of executables that makes it print out less strings than your program will. You do should not
do anything special based upon the file type for your program.
Make sure your program can handle strings that are arbitrarily long.
Part 2: Passwords (60 points)
For each of the three programs, you will be required to provide two things: the solution passphrase and a
written description of your attempts to discover it, stating what you learned to help you along the way. You
should relate your experiences back to the course material, using the terms and concepts we've
discussed. Write it up in a formal, organized fashion. You do not need to describe every command you
have tried or every wrong idea. Describe briefly your failed attempts and motivation, but describe in detail
your successful approach.
Tools
The most obvious tool you will need is a good debugger like gdb. You may also find a hex viewer like od -x
useful. objdump can do a lot of individual tasks that can be helpful. Additionally, you might find the mystrings
command you wrote somewhat useful.
Environment
For this project we will be working on thoth.cs.pitt.edu
Project 2 5/16/19, 00)59
https://people.cs.pitt.edu/~jmisurda/teaching/cs449/2187/cs0449-2187-project2.htm Page 2 of 2
When you login via ssh with your Pitt account, you will find a local directory under /u/SysLab/ named with
your username. In this directory, you will find the three executables and space to work on them. If you
store any files of your own in this directory, note that it is not part of AFS, and only exists on this machine.
We will delete your directory when the term is over. Anything you want to save or backup should be
copied into your AFS private directory.
Hints/Notes
Each program is written in C
Each program will have a different passphrase per student, although how to find it will be consistent
for everyone
All passphrases will be printable ASCII characters and be less than 100 characters in length
A passphrase may be different each run of a program, make sure to test it several times
There may be several passphrases that work, try to describe them or explain why
This is not an attempt to prove how clever I am, each program will be solvable from course material
and the standard tools on the system.
What to turn in
Your mystrings program and source code
A written description for each program documenting your attempts to arrive at the solution and the
passphrase itself, submitted as a Word or PDF document.
When you’re done, create a gzipped tarball (as we did in the first lab) of your commented source files and
compiled executables.
Copy your archive to the directory:
~jrmst106/submit/449/
Make sure you name the file with your username, and that you have your name in the comments of your
source file.
Note that this directory is insert-only, you may not delete or modify your submissions once in the directory.
If you’ve made a mistake before the deadline, resubmit with a number suffix like abc123-project2_1.tar.gz
The highest numbered file before the deadline will be the one that is graded, however for simplicity,
please make sure you’ve done all the work and included all necessary files before you submit

More products