首页
网站开发
桌面应用
管理软件
微信开发
App开发
嵌入式软件
工具软件
数据采集与分析
其他
首页
>
> 详细
SEC204编程讲解、辅导programming、c/c++程序设计辅导 解析Haskell程序|讲解R语言程序
项目预算:
开发周期:
发布时间:
要求地区:
Faculty of Science and Engineering
Coursework – 2020/21 Academic Year
Module Code: SEC204
Module Title: Computer Architecture and Low Level Programming
School: Computing, Electronics and Mathematics
SEC204 Coursework Assignment 2020/2021
Overview
This is individual coursework consisting of two tasks:
1. Hack/Unlock the ‘Tower of Hanoi’ game provided. To this end, you must reverse
engineer the binary code provided, analyse what it does and extract the
appropriate information [70%].
2. Write a small report describing methods and techniques to mitigate against
buffer overflow security exploit [30%].
Learning Outcomes
The above parts cover the following module learning outcomes, as described into
the module record on the DLE:
1. Interpret and manipulate assembly code via hardware debugging techniques
2. Apply reverse engineering techniques to identify main software flaws
3. Identify relevant countermeasures for main software flaws.
Part 1: Hack the Tower of Hanoi game
You are provided with a x86-64 binary file. This binary file runs only on Linux and
contains a well-known mathematical game / puzzle called ‘The Tower of Hanoi’. The
game is developed in the C programming language. To play the game you need to
type a valid username and password which are unknown. Your task is to extract the
username and password and thus unlock the game. To this end, you must reverse
engineer the binary file provided, analyse what it does and extract the information
needed. You are expected to use ‘gdb’ debugger, as you did in the ‘bomb’ lab session.
Assignment Brief
Assignment Title: Computer Architecture and Low Level
Programming - Coursework
Submission Deadline: Please check the DLE submission point
Submission: Online (DLE)
Contribution to Module Grade: 50%
Individual/Group Assignment: Individual
Module: SEC204
Module Leader: Dr Vasilios Kelefouras
This is an individual coursework. Collaboration with other students will be
considered as plagiarism and you may be required to attend a verbal examination
on request of the module leader.
The marking criteria are as follows (please see the rubric table below):
1. Extract the username. Justify the procedure followed. Provide the gdb
commands used to extract the username. [20 marks]
2. Extract the password. Justify the procedure followed. Provide the gdb
commands used to extract the username. [25 marks]
3. Unlock the next level of the game. Justify the procedure followed. Provide the
gdb commands used to extract the username. [25 marks]
Hint #1: the input is stored as an array of characters (1 byte each).
Hint #2: In the beginning of encrypt_phase2(), the values $0x236b6f23 and
$0x236b23 refer to ASCII characters [30 marks]
Marking criteria
Question.1
marks
0 marks 0-7 8-14 15-20
Question.1
marking
criteria
Nothing or
just the
username
is provided.
One of the following
occurs:
A. The student has not
solved the problem but has
reached to a point close to
the solution. The
username is not provided,
but the procedure followed
to this point has been
appropriately justified and
explained; all the gdb
commands needed to
reach this point are
provided. The student has
justified why each
step/action has been
followed.
B. Username is provided
but the procedure followed
is poorly justified and
explained
C. Username is provided
but the student has not
provided all the gdb
commands needed.
The username and all
the gdb commands
needed, are provided.
The student has
appropriately justified
the procedure followed.
The student has
appropriately explained
why each step/action
has been followed.
The student has not
accurately explained
the functionality of the
critical functions.
The username and all
the gdb commands
needed, are provided.
The student has
appropriately justified
the procedure
followed. The student
has appropriately
explained why each
step/action has been
followed.
The student has
appropriately reversed
engineer the critical
functions and has
accurately explained
their functionality.
Question.2
marks
0 marks 0-8 9-15 16-25
Question.2
marking
criteria
Same as
above
Same as above Same as above Same as above
Question.3
marks
0 marks 0-8 9-15 16-25
Question.3
marking
criteria
Same as
above
Same as above Same as above Same as above
Part 2: Write a small report describing methods and techniques to mitigate
against buffer overflow security exploit.
Write a small report (less than 700 words) describing methods and techniques to
mitigate against buffer overflow security exploit. [30 marks]
Describe main strategies to defend against the attack. [15 marks]
Discuss the effectiveness of existing detection and prevention
mechanisms, as well as the extent to which relevant secure software
development methodologies could help alleviate the problem [15 marks].
Submission Details and Deadlines
You must submit a ‘.docx’ file for part1 and part2.
Feedback and marks will be returned within 20 working days. Note that you may be
required to attend a verbal examination on request of the module leader. This can be
face to face or using Skype for Business. The purpose of this might be to clarify any
issues to facilitate assessment, as well as to help verify this is your own work. Failure
to participate may have a detrimental impact on your final grade.
软件开发、广告设计客服
QQ:99515681
邮箱:99515681@qq.com
工作时间:8:00-23:00
微信:codinghelp
热点项目
更多
urba6006代写、java/c++编程语...
2024-12-26
代做program、代写python编程语...
2024-12-26
代写dts207tc、sql编程语言代做
2024-12-25
cs209a代做、java程序设计代写
2024-12-25
cs305程序代做、代写python程序...
2024-12-25
代写csc1001、代做python设计程...
2024-12-24
代写practice test preparatio...
2024-12-24
代写bre2031 – environmental...
2024-12-24
代写ece5550: applied kalman ...
2024-12-24
代做conmgnt 7049 – measurem...
2024-12-24
代写ece3700j introduction to...
2024-12-24
代做adad9311 designing the e...
2024-12-24
代做comp5618 - applied cyber...
2024-12-24
热点标签
mktg2509
csci 2600
38170
lng302
csse3010
phas3226
77938
arch1162
engn4536/engn6536
acx5903
comp151101
phl245
cse12
comp9312
stat3016/6016
phas0038
comp2140
6qqmb312
xjco3011
rest0005
ematm0051
5qqmn219
lubs5062m
eee8155
cege0100
eap033
artd1109
mat246
etc3430
ecmm462
mis102
inft6800
ddes9903
comp6521
comp9517
comp3331/9331
comp4337
comp6008
comp9414
bu.231.790.81
man00150m
csb352h
math1041
eengm4100
isys1002
08
6057cem
mktg3504
mthm036
mtrx1701
mth3241
eeee3086
cmp-7038b
cmp-7000a
ints4010
econ2151
infs5710
fins5516
fin3309
fins5510
gsoe9340
math2007
math2036
soee5010
mark3088
infs3605
elec9714
comp2271
ma214
comp2211
infs3604
600426
sit254
acct3091
bbt405
msin0116
com107/com113
mark5826
sit120
comp9021
eco2101
eeen40700
cs253
ece3114
ecmm447
chns3000
math377
itd102
comp9444
comp(2041|9044)
econ0060
econ7230
mgt001371
ecs-323
cs6250
mgdi60012
mdia2012
comm221001
comm5000
ma1008
engl642
econ241
com333
math367
mis201
nbs-7041x
meek16104
econ2003
comm1190
mbas902
comp-1027
dpst1091
comp7315
eppd1033
m06
ee3025
msci231
bb113/bbs1063
fc709
comp3425
comp9417
econ42915
cb9101
math1102e
chme0017
fc307
mkt60104
5522usst
litr1-uc6201.200
ee1102
cosc2803
math39512
omp9727
int2067/int5051
bsb151
mgt253
fc021
babs2202
mis2002s
phya21
18-213
cege0012
mdia1002
math38032
mech5125
07
cisc102
mgx3110
cs240
11175
fin3020s
eco3420
ictten622
comp9727
cpt111
de114102d
mgm320h5s
bafi1019
math21112
efim20036
mn-3503
fins5568
110.807
bcpm000028
info6030
bma0092
bcpm0054
math20212
ce335
cs365
cenv6141
ftec5580
math2010
ec3450
comm1170
ecmt1010
csci-ua.0480-003
econ12-200
ib3960
ectb60h3f
cs247—assignment
tk3163
ics3u
ib3j80
comp20008
comp9334
eppd1063
acct2343
cct109
isys1055/3412
math350-real
math2014
eec180
stat141b
econ2101
msinm014/msing014/msing014b
fit2004
comp643
bu1002
cm2030
联系我们
- QQ: 9951568
© 2021
www.rj363.com
软件定制开发网!