CSCI 7000 - Ethical Hacking - Spring 2011

Homework #5

Due: Apr 1st, 2011 at 4pm

For all homework submissions, you must show your method as well as your solution. I love reading narratives, "I first tried this, but couldn't get it working because of that..." Explain your thinking and you'll get more points!

1. Apache runs as root, but its children run as www-data. Its log files are owned by root, and are writable only by owner. So how do the children log errors? Please go figure this out and report back. You can google to your heart's content or look at source code, whatever you like.

2. Apache 2.2 is already installed on your BT image. You might need to tweak a few things to get it running smoothly. This problem has multiple steps:

3. As we discussed in class, when a client requests a given URI, the apache2 server appends this to the DocumentRoot and serves the file. Suppose we send the URI as ../../etc/passwd. It does not work. Please track down the reason it fails (ie, Is the browser doing it or the web server? Can we change the behavior via configuration files?).

4. We mentioned in class that mod_php is faster than PHP run as CGI because mod_php runs PHP code within the web server itself. Let's verify this.

5. Set your apache2 server to accept https connections on port 443. Explain the steps you had to use to get this done. Note: you are not expected to pay for a real certificate, so just use a self-signed cert. Once you have SSL working, re-run your fastest benchmark from problem #4 and compare the speed with SSL turned on versus when it was off.

6. Apache2 is running on moxie, but it's not configured very well. In particular there is a directory "/etc/hw5" with a file called "secret". Please gain access to this file. Make sure you include in your answer an explanation of how you did this, along with a description of the file's contents.

7. Create a web page in your moxie home dir under "public_html" as usual. (The UserDir module is installed on moxie.) On your homepage, give a link that exposes the wtmp on moxie. In other words, I should be able to click a link on your homepage and obtain /var/log/wtmp. Note that you cannot simply copy the wtmp since it's constantly changing. Also, you are not allowed to use ANY form of dynamic page (ie, no scripting allowed). As usual, describe how you achieved this.

8. Extra Credit This homework is due on Apr 1st. Think of something clever to hack the class. Don't be destructive...