The goals of this assignment are to:

  1. Refresh your TCP and UDP programming skills
  2. Practice building and running containers

“Packet Clapping”

Canvas contains a container image1 named netsec_warmup.${arch}.img.zst that implements a “packet clapping” game. Analogous to hand clapping games, your goal is to write a program that follows the lead of the clap server by receiving instructions over a command channel and interpreting them to play the game.

The command channel implements the following protocol:2

\[ \begin{align*} C \rightarrow S &: \mathsf{u16}(|\mathsf{identifier}|) \cdot \mathsf{identifier} \\ S \rightarrow C &: \langle \mathsf{command} \rangle \\ S \rightarrow C &: \langle \mathsf{command} \rangle \\ S \rightarrow C &: \ldots \\ S \rightarrow C &: \langle \mathsf{secret} \rangle \\ \end{align*} \]


  • \(\mathsf{identifier}\) is a UTF-8 string,
  • \(|x|\) is the length of a byte array \(x\),
  • \(\mathsf{u16}(x)\) encodes an integer \(x\) as two big-endian bytes, and
  • \(\cdot\) is concatenation.

Feel free to use an arbitrary identifier. This will be used as your “hacker alias” for the rest of the semester.3

After the client sends its remote ID, the server repeatedly sends one or more command messages. Each command message takes the form

\[ \begin{align*} \langle \mathsf{command} \rangle &= \mathsf{u8}(\mathsf{type}) \cdot \mathsf{u16}(\mathsf{port}) \cdot \mathsf{u64}(\mathsf{challenge}) \\ \end{align*} \]

where \(\mathsf{u8}\) and \(\mathsf{u64}\) are 1 and 8-byte analogues of \(\mathsf{u16}\).


If the client receives a type 1 command, it should listen for a TCP connection on the indicated port, send \(\mathsf{u64}(\mathsf{challenge})\) on the first connected socket, and immediately close both the client and server socket.

If the client receives a type 2 command, it should connect a TCP socket to the server IP address using the indicated command port, send \(\mathsf{u64}(\mathsf{challenge})\) on the socket, and immediately close the socket.

Finally, if the client receives a type 3 command, it should create a UDP socket, and send a datagram containing \(\mathsf{u64}(\mathsf{challenge})\) to the server on the indicated port.

The secret command takes the form:

\[ \begin{align*} \langle \mathsf{secret} \rangle &= \mathsf{u8}(0) \cdot \mathsf{u16}(|\mathsf{value}|) \cdot \mathsf{value} \\ \end{align*} \]

The only content your program should write to stdout is the following JSON object:

    "id": "{{identifier}}",
    "value": "{{value}}"

Whitespace formatting doesn’t matter. Feel free to write whatever you like to stderr.

Canvas contains a validation script called validate_output.py you can use to check that the output of your solution is well-formed. It expects to read your solution’s output on its stdin.

Submission Instructions

Package your solution as a gzipped TAR archive. Your solution should expand to the following directory structure.

$ tree -F clap
├── Dockerfile
└── src/

The source code to your solution should be contained in src/. Your Dockerfile should, when processed using docker, create a container image that runs your solution against a clap server given a server command channel socket address as an argument. For instance, if the clap server is running on, then your container must successfully print the secret when executed like so:

$ docker run -it --rm --network=host ${solution_image}

Canvas contains a validation script called validate_build.py you can use to check that your submission archive is well-formed. This script is provided as a convenience and may need to be adapted depending on your particular development environment.

Extra Credit

Recover the clap server HMAC key. Include a README that includes the key value and describes how you recovered it.

© 2023 wkr