CSC-405 Computer Security

Assignment 3 - Binary Pwnage

Assignment 3 is due 3/15/19 on or before 11:59:59pm EDT.


For this homework assignment you will be granted access to a Virtual Machine (VM). The VM will have its own set of login credentials. The server will have several binary challenges to solve. To solve each challenge you must recover a “flag”. All flags will have the following format: flag{abc}. Submit this flag to the web submission server discussed on piazza for points towards your homework grade.

Binary Exploitation

In this Binary Exploitation assignment, your goal is to steal the contents of flag.txt located next to each respective challenge, by obtaining a privileged shell. Obtaining this privileged shell is done first by identifying the vulnerability, then developing a working exploit. Once you have a working exploit that has provided a privileged shell, simply execute cat flag.txt to obtain the flag. Submit this flag for points.

Level Points
Level1 20
Level2 20
Level3 20
Level4 20
Level5 20
Level6 5
Level7 5
Level8 5
Level9 5
Level10 5


You will need to sharpen your Linux hacking toolbelt. You will probably need to become familiar with the following tools to understand the binaries that you want to break:


You will be awarded points based on how many levels are solved. The total number of points that can be obtained from this assignment is 125 points with 25 points being extra credit.

Submission Instructions

You will need to submit all source code written for this assignment, and a README. Your README file must contain your name, Unity ID, and a description of how you broke each level. The description is important and will affect how we grade your assignment.

For this submission we are going to use GitHub Classroom. Your submission will be a git repository. If you are not familiar with git here is a quick guide.