Game Rules¶
Overview¶
In each lab (every week), you are asked to solve a set of problems. Each problem, you have to submit (via scoreboard,) two things, flag and write-up; flag you can get by exploiting the binary and in write-up, you should summarize what you’ve learned (short text).
Flag is a 512-byte hex string and you can find it in /proc/flag once you properly initialize the distributed VM.
$ cat /proc/flag
CB25682B33EF8BF23545A767562A1D5AA33C88EEACC1AE562D950CB9F1E5725D
864725DB51460902ECBD52BA4CBED86A10F3A98A35F6FB71871019702A0E9199
5BC59332C390A3C27D0EC2CE85BC13E956A6027E3171352F90467A8C12346D9A
2A26EE914B3078ED031FDB14BB6224C3D743D79A733FB49EB4E9C1F383CF810E
F6841EE935FE2DA2C57DB4804B6823884B36AE62B08848486918C120E4C2AA94
E1D3F8A6E9E2251AC39E5F37971FB07DFF839E0BC1C4E6C1D4A24E0948F8751B
25BFFE854CD84A8D8E28814398FF192CD9AD37150D83DA872E944DF1552F97DD
1649508E5B9E356925F0762AAF53A4683F48AD4B88C0C863FB03DC5B9C5F77A3
9B3156D4E91ED42B76BDDD3962B39BEAF3520BEC297EC89250F10776A869C2C0
5EAA97231C1F0780B25958FA950816D4DD94C448DF99EC3813183BD20C3006F7
D0825569DAEC45534A355094E4F1A5CC2760F45ED6E8B586DCBA23B27B26E19C
99DDA9B1D17983D1138E3EB7B25BEB927FC34B1FCADEC408CBE7CA04D3E27E39
466D051D4DCA562F292AA623884E9D34BA790E6E46F400F1F6B410F2DDCB8D29
1B0AEBF92CBBA24CB37B8C407F036873C65F568DE58BFD6246ABBABC7D06ADF2
E5A86F2C76E927CF741E8E2B75CAA6530B313EAB80F1C0B7E6B8B22E6D9703C1
A0591DD166168C791A26D32AE6ED3730BA1185B53517436721EE0E3458DB6EF4
Your job is to read the flag by exploiting the distributed binaries.
Taking actions¶
- Download and install Virtualbox/Vagrant
- Download and install the latest version of virtualbox at https://www.virtualbox.org/wiki/Downloads
- Download and install the latest version of vagrant at http://www.vagrantup.com/downloads.html
- (Windows only, as ssh client) Download and install git at http://git-scm.com/download/win
Note: Ubuntu users may also use the following commands to get virtualbox and vagrant
[host] $ apt-get install virtualbox
[host] $ apt-get install vagrant
- Add guest OS and run the VM
# add 32-bit and 64-bit VMs
[host] $ vagrant box add ubuntu/trusty32
[host] $ vagrant box add ubuntu/trusty64
# in each VM (e.g., 32-bit)
[host] $ mkdir seclab32
[host] $ vagrant init ubuntu/trusty32
[host] $ vagrant up
[host] $ vagrant ssh
...
- Once you have the VM up and running, initialize your VM for this course:
# in VM, install git
[vm] $ sudo apt-get install git
# it's time for setting up your environment
#
# NOTE.
# You should use 'cs6265'
#
[vm] $ git clone git://tc.gtisc.gatech.edu/seclab-pub cs6265
...
[vm] $ ls
README ; detail info
bin/ ; scripts
lab/lab01 ; binaries for lab01
lab/lab02 ; ditto
...
# initialize your working environment (only need to be done once)
[vm] $ ./bin/init
- To do labs:
# to do lab1
[vm] $ git pull
[vm] $ cd lab01
[vm] $ cat README
[vm] $ cd bomblab
...
# NOTE. test if you can submit a flag
[vm] $ bin/submit -l lab -p problem -f /proc/flag
Feel free to ask for help on Piazza or during the office hour if you have trouble with the setup.
General rule¶
Except the first lab, if not specified, we follow the below grading rule in general:
- Approximately 10 binaries you will get per lab every week.
- 15 points (flag) + 5 points (write-up) = 20 points (each problem).
- 200 points (20 points x 10 binaries) are the max, in theory.
- 110 points are the expected maximum; score/110 is how we evaluate you.
- Bonus: first and second fastest solvers will gain 10 and 5 bonus points in each problem.
- If you gain more points, it will be reflected in the final/total points, shortly: \(max(1.0, \sum\limits_{i=1}^{\#lab} \frac{score_i}{130})\)
- Late submission (within 1 week past deadline): 50% of scores.
- Late submission (after 2 weeks past deadline): 25% of scores.