CSCI 7000 - Ethical Hacking - Spring 2011

Homework #1

Due: Feb 4th, 2011 at 4pm

For all homework submissions, you must show your method as well as your solution. I love reading narratives, "I first tried this, but couldn't get it working because of that..." Explain your thinking and you'll get more points!

1. What are the kernel versions and distros (plus versions) of BT4R2, elra*, and moxie? (Tell me how you found out!)

2. Suppose I decided to name my machine "localhost". What problems might this cause?

3. From moxie, use ssh to get a shell on bt. Explain what you had to do to accomplish this.

4. Try the same steps from problem 3, but from one of the elras. Figure out why it doesn't work and tell me.

5. Using nc in combination with ssh to get a shell on bt from an elra. My intent is that you use ssh between bt and moxie, then nc between moxie and elra. As part of your solution, compare the security of this approach to using nc without ssh to acquire a bt shell from elra.

6. Debug this problem:

moxie$ /bin/nc.openbsd -l localhost 8888
elra-02$ nc moxie 8888
Why does the OpenBSD netcat not work with the version on the elras?

7. Using python, write a program that reads 4 unsigned ints sent in host byte order from port 31416, adds them up, and sends them back to that port. (messiah is a little-endian machine. Recall that "network order" is big-endian.)
When you successfully accomplish this task, you will get a username and password as output. Write these down and save them somewhere safe. You will possibly need them later.
If the service goes down (ie, you cannot connect to port 31416) let me know so I can restart it. I'm worried that it's a bit fragile, but we'll find out!