Week 4

• Overview
  • Class Activity 4.1
  • Assignment 4.1

Overview

Did Class Activity 4.1 and Assignment 4.1.

Class Activity 4.1

Everyone in the class had to hack into the target system, which was very insecure and had years-old vulnerabilities.

When I got in, there were several copies of Christian "FireFart" Mehlmauer's dirty.c in the compromised user's directory. I had compiled a statically linked, modified version myself from the target system, and used scp to copy it over to the target user.

I did not want firefart instead of root in the output of the id command for the deliverable, so I was waiting to get the screenshot while using wall to attempt to make contact with whatever classmate was active, when suddenly, the target system was shut off. Luckily, we all had the needed privileges to power it back on in vCenter, but still, not cool.

Assignment 4.1

Had to look into laws about hacking and security research, both at a federal level in the US, and a state level in Vermont. Not much to say. Politicians often write laws regulating technologies they don't understand. Many of those laws are well intentioned, but they often do a lot of harm in practice.