¢ WARNING: Do not let the Windows WinZip program open up your .tar file(many Web browsers are set to do this automatically). Instead, save the file to your Linux directory and use the Linux tar program to extract the compressed file. You should NEVER use any platform other than Linux to do this. ¢ After downloading it, please try: § $ tar –xvzf gdb4.tar.gz § ls ¢ Then, you can see the files below § gdb4 § gdb4.c § gdb4.h § getCorrectAnswerIter_key.o ¢ Please don’t try re-compilation. the executable, gdb4 was built with multiple source files besides gdb4.c 1 Homework #11 - cont’d ¢ Please try: § $ sudo chown root.root gdb4 § $ sudo chmod u+x gdb4 § $ sudo chmod u+s gdb4 ¢ Please execute gdb4 and input your studentID as follows:
< Figure 1> 2
Homework #11 - cont’d ¢ In HW#10, you have to find a proper input to get root’s shell prompt (a.k.a, root escalation) ¢ See example below
< Figure 2>
¢ In the example above, I intentionally removed the answer J
¢ Find your answer and get the root shell ¢ Tips : the answer consists of any keys that you can find on your keyboard including number, special character(!@#$....), and alphabets (i.e., ASCII code) 3 Homework #11 - cont’d ¢ Submit § Your answer (.txt file) § Screenshot (.jpg or .png) as shown in Figure 2, which must include the results of the following commands: § whoami § ./gdb4 § your answer § whoami
§ I’ll score your hand-in based on the text file
§ If it doesn’t works, you get zero score. § So please write the textfile with the correct answer and test it before you submit it.