· Web viewEC312: Applications of Cyber Engineering Exam #1 – Written Examination TURN IN YOUR...

EC312: Applications of Cyber EngineeringExam #1 – Written Examination

6 WEEK EXAM

NAME: ___Solution___

ALPHA: _________________

SECTION: _________________1. This is individual work.2. SHOW ALL WORK!3. Write legibly to receive credit.4. Turn in your equation sheet.

SCORE: ________/100 SCALE >89.5%: 3133779.5 – 89.5%: [email protected] – 79.5%: G33K59.5 – 69.5%: $€RiPt K1DD13 <59.5%: WannaB


Lesson 1 – Computer System Review

1. The address 0x08ee107a is ___________ bytes long, written in ______________ notation and represents the following in binary notation _____________________________________________.4, hexadecimal, 00001000111011100001000001111010

2. What important piece of software controls the computer’s hardware and software resources? __________________________Operating System

3. a)What hardware device is used to store running instances of programs? Main Memoryb) Where do the registers ebp, esp, eip reside- in Main Memory, CPU, or Hard Drive?________CPU___________________________________________

Lesson 2: C Programming Review; Digital Logic

4. What is the logic function of a transistor wired as a switch? Not function5. Sketch the logic circuit associated with the following logic expression.

D = (A B) + (B C)∙ ∙6. . Compare the output of the OR gate to the NOR gate. What is the difference

between the way the two gates work? Or gate output is Hi when either or both inputs are HI, whereas the NOR Gate output is only HI when both inputs are LO.

7. What is the logical expression for a NOR gate? ___(A+B) with overbar__________

8. Looking for characters, you type the command x/xb 0x08048a10 and it returns 0x4b. If the memory located at the address 0x08048a10 is in fact a character, what character does it represent?“K”

Lesson 2: C Programming

9. Fill in the table below with the amount of memory each data type requires. Express your answers in terms of both bytes and bits.


Data Type: Number of Bytes: Number of Bits:

An integer variable (int) declared in C 4 32A floating point variable (float) declared in C 4 32A character variable (char) declared in C 1 8A register used by an x86 processor 4 32A memory address used by an x86 processor 4 32

10. Match the term on the left with its appropriate description on the right:

k___printf a. the C programming language

m__#include <…> b. the C assignment operator

f___scanf c. a UNIX text editor, can be used to write C programs

i___gcc d. translates assembly language into machine language

h___machine language e. the format string for an integer value

c___nano f. allows the program to receive keyboard input

d___assembler g. the C escape sequence for a new line

a___high level language h. instructions expressed as bits, also called object code

l___assembly language i. program that converts source code to object code

e___%d j. all of the simple instructions hard-wired on a CPU

b___ = k. function which displays text to the monitor

g___\n l. English-like words that represent machine code

j___instruction set m. allows the use of functions from various header files


11. Study the program below:

#include <stdio.h>int main(){ integer myNumber=2015; printf(“My number is %d\n”, myNumber);

return 0;}

Which type of error does the program represent? (Circle one below)

Syntax Error Run-Time Error Logic Error

Lesson 3 – Registers and Memory

12. Examine the following C program and describe the expected output. (Note: The output for count%2 is the remainder of count divided by 2. i.e. for 4%2, the remainder is 0.)

#include<stdio.h>int main(){

int count;for(count=1; count<=100; count=count+1){

if(count%2==0)printf(“Echo\n”)

elseprintf(“Oscar\n”)

}}

13.

a. What type of language is depicted in the screenshot below?Assembly Language

b. Describe what this line of code accomplishes.

Taking 4 byte info in address ebp-4 and adding it to eax and with the result of the addition in eax

The program that will count from 1 to 100 and will print “Echo” if the number is even and will print “Oscar” if the number is odd.


14. Recall that in RAM you have stored the object code for your program as well as additional memory allocated for your variables within the program.

You type into the debugger the command i r ebp and get the result 0xbffff818. Upon further review of the assembly code you determine that two strings are stored in memory, one at address ebp-40 and the other at ebp-24. What are the hidden words?

Word 1:_________________

Word 2:_________________

Lesson 4 - Arrays 15. Write the declaration for an array named

LuckyNumbers which will hold 6 integers.int LuckyNumbers[6];

a. Complete this statement to display the 4th LuckyNumberprintf (“The fourth lucky number is %d\n”, LuckyNumbers[3] )

b. What happens if I attempt to display LuckyNumbers[9]?i. Will it return a value? yes

ii. Will I receive an error message? no

iii. Will the program crash? no

16. To create a variable that contains a letter of the alphabet:

a. What data type will I need to use?

char

Good

Time

Program Code

~~~~


b. What special data structure will group a collection of these letters into a word or sentence?

string

Lesson 5 – Strings and Pointers

17. Given the following declarations, what would be the C statement to assign ptrVar1 the address of intVar1?

int intVar1;int *ptrVar1;

a) &ptrVar1 = &intVar1;

b) *ptrVar1 = &intVar1;

c) &ptrVar1 = *intVar1;

d) ptrVar1 = &intVar1;

e) ptrVar1 = intVar1;

18. Given the following C statements, what would the result of the printf statement be?

int a = 25;int *ptr_a;ptr_a = &a;

*a_ptr = 55;

printf(“The current value of a is %d .\n”, a);

19. Given the following C statements and memory map, what would be the result of the printf statement?

int a = 11;int b[2] = {10,6};

printf(“The address of b is %x \n”, b);


Address Data Address (continued)

Data

0xBFFFF8F0 3E 0xBFFFF8FA 000xBFFFF8F1 3F 0xBFFFF8FB 0B0xBFFFF8F2 4A 0xBFFFF8FC 000xBFFFF8F3 0A 0xBFFFF8FD 000xBFFFF8F4 00 0xBFFFF8FE 000xBFFFF8F5 00 0xBFFFF8FF 4D0xBFFFF8F6 00 0xBFFFF900 080xBFFFF8F7 06 0xBFFFF901 2C0xBFFFF8F8 00 0xBFFFF902 330xBFFFF8F9 00

Lesson 6 – Functions and the Stack

20. What is the primary purpose of a function in a programming language (i.e., why are they used)?

21. Circle the appropriate word to complete the statement below:

To use a function we must invoke it with a return value / function call /

prototype. The values / parameters / arguments are the inputs to a

function. A value / parameter / argument is a placeholder that “stands

in” for a value / parameter / argument. The output of a function is called

the return value / function call / prototype.

22. Will the following C source code compile without error? If not, explain why. If so, describe what output the program will produce.


#include<stdio.h>

void addthendisplay( int first_num, int second_num ){ int sum_of_num = first_num + second_num;

printf("\nThe sum of the numbers is: %d\n\n", sum_of_num);

}

int main(){ int num1 = 27, num2 = 34, num3 = 13;

addthendisplay( num1 , num2 , num3 );}

23. a) Given the following source code and debugger output, construct the stack frame for the function main in the diagram below. Show where the base pointer (label as EBP-Main) and stack pointer (label as ESP-Main) are pointing to, and show where the arguments to exam_function are stored in memory.

#include<stdio.h>

void exam_function( int x, int y, int z){ int some_class; int best_class; int my_class; best_class = x; my_class = z; some_class = y;}

int main() { exam_function( 2005, 2003, 2015 );}


b) Using your answer from part a), and the additional debugger output below, construct the stack frame for the function exam_function. Show the location of the base pointer (label as EBP-Exam) and stack pointer (label as ESP-Exam) on the figure. Note on your figure:• the location of best_class, your_class, and my_class• the location of the return address• the location of the prior value of the base pointer (EBP-Main)


Address Value DescriptionBFFFF7E8BFFFF7EC 7DF (2015) my_class, ESP-ExamBFFFF7F0 7D5 (2005) best_classBFFFF7F4 7D3 (2003) some_classBFFFF7F8 BFFFF818 EBP-ExamBFFFF7FC 0804838A Return AddressBFFFF800 7D5 (2005) ESP-MainBFFFF804 7D3 (2003)BFFFF808 7DF (2015)BFFFF80CBFFFF810BFFFF814BFFFF818 EBP-MainBFFFF81CBFFFF820

Lesson 7 – Buffer Overflow Introduction

24. Why is a buffer overflow attack possible?

Purpose: Test students’ understanding of a buffer overflow attack.Answer should be something like this:C programs do not automatically check to make sure they are writing memory that belongs to an array variable. They look at the start of the array, multiply the requested index by the array data type of the array, and access that memory

25. When the echo_string function is called in main from the following code sample the stack pictured below is created.

#include<stdio.h>void echo_string(){

int count;char entered_string[10];

printf(“Enter a string: “);scanf(“%s”, entered_string);for(count=0; count < 10; count=count+1){

Stack


printf(“%s\n”;}

}

int main(){echo_string()}

Assuming there is no padding (extra spaces) when the frame is created. How many characters can be entered before the return address is overwritten?Purpose:Test students’ understanding of how a stack is built.

Answer: 10*sizeof(char) = 10 1 *sizeof(int) = 4+ 4 (bytes to store ebp)_________________________18The 19th character starts overwriting the space that the return address is saved in.

26. Pertaining to taking in command line arguments for a program, describe what argc and argv are and for what purposes they are used.

Purpose:Test students’ knowledge of how command line arguments are used.

argc: _____B_____

A) holds the number of command line arguments entered by the user.B) holds the total number of command line arguments available to the program.C) holds the number of integer variables entered at the command line before the program begins.D) None of the above.

Circle the correct responses:

entered_string

count

prev_ebp

ret_addr


argv is a(n) array / index / variable used to store each command line parameter / index / argument in a binary / string / numeric format.

Lesson 8 – File I/O and Permissions

27. In which direction does the heap grow?a) From the bottom (larger memory address) up (to a smaller memory

address).b) X From the top (smaller memory address) down (to a larger memory

address).c) It depends on the corresponding number and types of variables currently

allocated on the stack.d) It depends on the prolonged effects of solar and liquescent additives

combined with the chemical makeup of the heap.

28. You are viewing the access privileges of a file testtimes.exe and they read: rwxr-xr--

Check all privileges granted to the general public:x__ read__ write__ execute

29. You give the command chmod o=rw testtimes.exeWhat access privilege(s) did you assign and to whom do they apply?The public can now read and write to the file testtimes.exe

Lesson 9 – Privilege Management

30. Consider the long listing for three files, shown below. The file note1.c is a C program that writes to the file /tmp/notes. The file note1.exe is the compiled version of note1.c.

The system has four users: midshipman, smith, jones and, of course, root.


(a) The user smith executes the file note1.exe and notices that his attempts to write to the file /tmp/notes are not successful. Explain why.

/tmp/notes is owned by midshipman and he is the only process owner that would be allowed to write to this file.

(b) Suppose it was necessary to grant users the ability to write to the file /tmp/notes, but only when executing the program note1.exe. Your friend proposes two ways of accomplishing this:

(i) Enter the command: chmod u+w /tmp/notes

OR

(ii) Enter the command: chmod u+s note1.exe

Which option do you select?

Option ii

(c) Explain why you made your selection in part (b) as opposed to the choice you rejected.

The user (owner) of /tmp/notes already has permission to write to it. We need note1.exe to run as a process owned by midshipman, since he is the only one who can write to it. Thus, note1.exe must have the setuid permission set during execution.

(d) Consider your answer to question (b). The user jones tells you that he took your advice and entered the command you specified, but still finds he cannot write to the file /tmp/notes. How do you reply?

It is not jones who must enter the command, but the file owner himself (midshipman).

31. (a)Explain why setting the setuid bit by entering the command chmod u+s myfile.exe

can lead to a security problem if special care is not taken to ensure the security of the file myfile.exe.

Now ANYONE, without proper authentication can perform tasks as the original owner of this file if they can find a security hole. This is especially undesirable if the original owner is the root user.


(b) What does the sudo command accomplish? Be specific.

Enables a user to perform a task as though they were the superuser (root).

(c) Who can execute the sudo command? Be specific.

Anyone who has explicitly been granted permission to do so by the root user in the /etc/sudoers file.

(d) Explain why the use of the sudo command can lead to security problems if special care is not taken. How is the "special care" taken in this case different from the "special care" taken for the security problem noted in part (a).

If care is not taken with granting sudo privileges, any user can perform administrator-level tasks or even assume the privileges of the administrator. Special care should be taken by limiting the number of users with sudo privileges and requiring a strong password to invoke them.

· Web viewEC312: Applications of Cyber Engineering Exam #1 – Written Examination TURN IN YOUR...

Documents

Transcript of · Web viewEC312: Applications of Cyber Engineering Exam #1 – Written Examination TURN IN YOUR...