CSCI 7000 - Ethical Hacking - Fall 2012

Homework #1

Due: Sep 26th, 2012 at 11am

For all homework submissions, you must show your method as well as your solution. A one-sentence answer, even if correct, is unlikely to earn many points.

1. What are the kernel versions and distros (plus versions) of BT5R3, elra*, and moxie? (Tell me how you found out!)

2. Suppose I decided to name my machine "localhost". What problems might this cause?

3. From moxie, use ssh to get a shell on bt. Explain what you had to do to accomplish this.

4. Try the same steps from problem 3, but from one of the elras. Figure out why it doesn't work and tell me.

5. Using nc in combination with ssh to get a shell on bt from an elra. My intent is that you use ssh between bt and moxie, then nc between moxie and elra.

6. Debug this problem:

moxie$ /bin/nc.openbsd -l localhost 8888
elra-02$ nc moxie 8888
Why does the OpenBSD netcat not work with the version on the elras?

7. Write a program that reads 4 unsigned ints sent in host byte order from port 80, adds them up, and sends them back to that port. (annai is a little-endian machine. Recall that "network order" is big-endian.)
When you successfully accomplish this task, you will get a username and password as output. Write these down and save them somewhere safe. You will possibly need them later.
Also, you turn these in as the answer to this problem.
If the service goes down (ie, you cannot connect to port 80) let me know so I can restart it. Note: port 80 is NOT serving http!