Takehome exam

Upload via Moodle as: takehome.tar

This is a take-home exam. Do your own work, and do not discuss the contents of the exam with any person other than Jeff or your prefect. Do not use LLMs for this exam.

The files you need for questions 2 and 3 are contained in takehome-package.tar.

1. Moving bits around with base64 (6 points)

The base64 encoding scheme converts any arbitrary sequence of bytes into a corresponding sequence of printable ASCII characters (letters, digits, and a few punctuation marks).

Read up on base64 encoding and answer the following questions.

  1. Why would we bother encoding data in this way instead of just leaving the data as it was to begin with? (One well-explained application would be a sufficient answer for this question.)
  2. Suppose you have a base64-encoded string in a file named message.base64. Show me the command you would use on mantis or similar systems to covert the contents of the file back to its original form.
  3. What original sequence of bytes would have the base64 encoding of R29vZCEK? Show how the bits of the original bytes are reassembled when you decode R29vZCEK (for example, via some sort of diagram showing which bits come from R and 2 etc., and where those bits go to reconstruct the original bytes).

2. Implementing a tiny HTTP-like protocol (8 points)

For this exercise, you're going to modify the sample server server.py in takehome-package.tar. Your modified code will implement the server side of the protocol described below.

Hand in:

  1. Your modified version of server.py
  2. A brief explanation of how to use nc as a rudimentary client to test your server, including the specific command(s) plus anything else you would type while testing.
Super-Tiny HTTP Normal flow of events 1. Client requests TCP connection, and connection setup occurs. 2. Once TCP connection is established, client sends GET FILENAME where FILENAME is the name of a requested file. 3. If the specified file is present and readable in the directory from which the server was launched, server sends 200 OK Content-length: NUMBER_OF_BYTES_IN_FILE CONTENTS_OF_FILE If the file does not exist or is not openable for reading, the server sends, instead: 404 Not Found 4. Server closes connection Exception: If in step 2 the client sends something other than "GET " followed by a non-zero length string, the server sends "400 Bad Request" and then closes the connection.

3. Reverse engineering a string obfuscator (8 points)

The executable program obfuscator was compiled from two C source files: main.c and obfuscator.c. I have provided you with the executable and main.c, but not obfuscator.c.

Use gdb or whatever other tools might help to figure out how the obfuscate function works. With this knowledge:

  1. Explain, with references to the assembly code, how the obfuscate function transforms its input string into its output string.
  2. Figure out the original form of this obfuscated string: Esw's xzqkp gvv hyr.

One suggestion: you can run obfuscate on your own choices of inputs and try to figure out what's going on without even looking at it in gdb. If you figure that out, then doing both parts of this problem will be a lot easier.

4. Educating and/or entertaining Jeff (2 points)

I just finished a book. What should I read next? Or watch? Or whatever?

Thanks for a great term

Enjoy your break!