bombcSourcelewiththebombsmainroutineandafriendlygreetingfromDrEvilwriteupfpdfpsgThelabwriteupIfforsomereasonyourequestmultiplebombsthisisnotaproblemChooseonebombtoworkonanddeletetherest ID: 336261
Download Pdf The PPT/PDF document "Defusing a binary bomb assigned" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
CSC322Spring20LabAssignment3:DefusingaBinaryBombAssigned:April08,Due:SundayApril261IntroductionThenefariousDr.Evilhasplantedaslewofbinarybombsonpi.Abinarybombisaprogramthatconsistsofasequenceofphases.Eachphaseexpectsyoutotypeaparticularstringonstdin.Ifyoutypethecorrectstring,thenthephaseisdefusedandthebombproceedstothenextphase.Otherwise,thebombexplodesbyprinting"BOOM!!!"andthenterminating.Thebombisdefusedwheneveryphasehasbeendefused.Therearetoomanybombsforustodealwith,sowearegivingeachstudentabombtodefuse.Yourmission,whichyouhavenochoicebuttoaccept,istodefuseyourbombbeforetheduedate.Goodluck,andwelcometothebombsquad!Step1:GetYourBombYoucanobtainyourbombbypointingyourWebbrowserat:http://pi.cs.oswego.edu:15213/Thiswilldisplayabinarybombrequestformforyoutollin.EnteryourusernameandemailaddressandhittheSubmitbutton.Theserverwillbuildyourbombandreturnittoyourbrowserinatarlecalledbombk.tar,wherekistheuniquenumberofyourbomb.Rememberthatyouwillhavetocopyyourbombtopitoworkonit.Youcanusesftpforthat.(Usuallyyou'ddownloadthebombonalabmachine,butsadlythatoptionisunavailabletous.)Savethebombk.tarletoa(protected)directoryinwhichyouplantodoyourwork.Thengivethecommand:tar-xvfbombk.tar.Thiswillcreateadirectorycalled./bombkwiththefollowingles:README:Identiesthebombanditsowners.bomb:Theexecutablebinarybomb.1 bomb.c:Sourcelewiththebomb'smainroutineandafriendlygreetingfromDr.Evil.writeup.fpdf,psg:Thelabwriteup.Ifforsomereasonyourequestmultiplebombs,thisisnotaproblem.Chooseonebombtoworkonanddeletetherest.Step2:DefuseYourBombYourjobforthislabistodefuseyourbomb.Youmustdotheassignmentonpi.Infact,thereisarumorthatDr.Evilreallyisevil,andthebombwillalwaysblowupifrunelsewhere.Thereareseveralothertamper-proongdevicesbuiltintothebombaswell,orsowehear.Youcanusemanytoolstohelpyoudefuseyourbomb.Pleaselookatthehintssectionforsometipsandideas.Thebestwayistouseyourfavoritedebuggertostepthroughthedisassembledbinary.Eachtimeyourbombexplodesitnotiesthebomblabserver,andyoulose1/2point(uptoamaxof20points)inthenalscoreforthelab.Sothereareconsequencestoexplodingthebomb.Youmustbecareful!Therstfourphasesareworth10pointseach.Phases5and6arealittlemoredifcult,sotheyareworth15pointseach.Sothemaximumscoreyoucangetis70points.Althoughphasesgetprogressivelyhardertodefuse,theexpertiseyougainasyoumovefromphasetophaseshouldoffsetthisdifculty.However,thelastphasewillchallengeeventhebeststudents,sopleasedon'twaituntilthelastminutetostart.Thebombignoresblankinputlines.Ifyourunyourbombwithacommandlineargument,forexample,linux./bombpsol.txtthenitwillreadtheinputlinesfrompsol.txtuntilitreachesEOF(endofle),andthenswitchovertostdin.Inamomentofweakness,Dr.Eviladdedthisfeaturesoyoudon'thavetokeepretypingthesolutionstophasesyouhavealreadydefused.Toavoidaccidentallydetonatingthebomb,youwillneedtolearnhowtosingle-stepthroughtheassemblycodeandhowtosetbreakpoints.Youwillalsoneedtolearnhowtoinspectboththeregistersandthememorystates.Oneoftheniceside-effectsofdoingthelabisthatyouwillgetverygoodatusingadebugger.Thisisacrucialskillthatwillpaybigdividendsfortherestofyourcareer.LogisticsThisisanindividualproject.Allhandinsareelectronic.2 HandinThereisnoexplicithandin.Thebombwillnotifymeautomaticallyaboutyourprogressasyouworkonit.Youcankeeptrackofhowyouaredoingbylookingattheclassscoreboardat:http://pi.cs.oswego.edu:15213/scoreboardThiswebpageisupdatedcontinuouslytoshowtheprogressforeachbomb.Hints(Pleasereadthis!)Therearemanywaysofdefusingyourbomb.Youcanexamineitingreatdetailwithouteverrunningtheprogram,andgureoutexactlywhatitdoes.Thisisausefultechnique,butitnotalwayseasytodo.Youcanalsorunitunderadebugger,watchwhatitdoesstepbystep,andusethisinformationtodefuseit.Thisisprobablythefastestwayofdefusingit.Wedomakeonerequest,pleasedonotusebruteforce!Youcouldwriteaprogramthatwilltryeverypossiblekeytondtherightone.Butthisisnogoodforseveralreasons:Youlose1/2point(uptoamaxof20points)everytimeyouguessincorrectlyandthebombexplodes.Everytimeyouguesswrong,amessageissenttothebomblabserver.Youcouldveryquicklysaturatethenetworkwiththesemessages,andcauseustorevokeyourcomputeraccess.Wehaven'ttoldyouhowlongthestringsare,norhavewetoldyouwhatcharactersareinthem.Evenifyoumadethe(incorrect)assumptionsthattheyallarelessthan80characterslongandonlycontainletters,thenyouwillhave2680guessesforeachphase.Thiswilltakeaverylongtimetorun,andyouwillnotgettheanswerbeforetheassignmentisdue.Therearemanytoolswhicharedesignedtohelpyougureoutbothhowprogramswork,andwhatiswrongwhentheydon'twork.Hereisalistofsomeofthetoolsyoumayndusefulinanalyzingyourbomb,andhintsonhowtousethem.gdbTheGNUdebugger,thisisacommandlinedebuggertoolavailableonvirtuallyeveryplatform.Youcantracethroughaprogramlinebyline,examinememoryandregisters,lookatboththesourcecodeandassemblycode(wearenotgivingyouthesourcecodeformostofyourbomb),setbreakpoints,setmemorywatchpoints,andwritescripts.TheCS:APPwebsitehttp://csapp.cs.cmu.edu/public/students.htmlhasaveryhandysingle-pagegdbsummarythatyoucanprintoutanduseasareference.Herearesomeothertipsforusinggdb.3 Tokeepthebombfromblowingupeverytimeyoutypeinawronginput,you'llwanttolearnhowtosetbreakpoints.Foronlinedocumentation,typehelpatthegdbcommandprompt,ortypemangdb,orinfogdbataUnixprompt.Somepeoplealsoliketorungdbundergdb-modeinemacs.objdump-tThiswillprintoutthebomb'ssymboltable.Thesymboltableincludesthenamesofallfunctionsandglobalvariablesinthebomb,thenamesofallthefunctionsthebombcalls,andtheiraddresses.Youmaylearnsomethingbylookingatthefunctionnames!objdump-dUsethistodisassembleallofthecodeinthebomb.Youcanalsojustlookatindividualfunctions.Readingtheassemblercodecantellyouhowthebombworks.Althoughobjdump-dgivesyoualotofinformation,itdoesn'ttellyouthewholestory.Callstosystem-levelfunctionsaredisplayedinacrypticform.Forexample,acalltosscanfmightappearas:8048c36:e899fcffffcall80488d4_init+0x1a0-500;Todeterminethatthecallwastosscanf,youwouldneedtodisassemblewithingdb.stringsThisutilitywilldisplaytheprintablestringsinyourbomb.Lookingforaparticulartool?Howaboutdocumentation?Don'tforget,thecommandsapropos,man,andinfoareyourfriends.Inparticular,manasciimightcomeinuseful.infogaswillgiveyoumorethanyoueverwantedtoknowabouttheGNUAssembler.Also,thewebmayalsobeatreasuretroveofinformation.4