Warm-Up

Network Security Fall 2024
Fri Sep 13 2024 19:00 -0400

The goals of this assignment are to:

Refresh your TCP and UDP programming skills

“Follow the Leader”

The class server at netsec.cyberops.institute hosts a service located in /home/warmup that implements a network “follow-the-leader” game on port tcp/1101. Your goal is to write a program that plays the game by receiving and interpreting instructions over a command channel.

The command channel implements the following protocol:¹

\[ \begin{align*} C \rightarrow S &: \mathsf{u16}(|\mathsf{identifier}|) \cdot \mathsf{identifier} \\ S \rightarrow C &: \langle \mathsf{command} \rangle \\ S \rightarrow C &: \langle \mathsf{command} \rangle \\ S \rightarrow C &: \ldots \\ S \rightarrow C &: \langle \mathsf{secret} \rangle \\ \end{align*} \]

where

\(\mathsf{identifier}\) is a UTF-8 string,
\(|x|\) is the length of a byte array \(x\),
\(\mathsf{u16}(x)\) encodes an integer \(x\) as two big-endian bytes, and
\(\cdot\) is concatenation.

Your identifier should be your username on the class server.

After the client sends its remote ID, the server repeatedly sends one or more command messages. Each command message takes the form

\[ \begin{align*} \langle \mathsf{command} \rangle &= \mathsf{u8}(\mathsf{type}) \cdot \mathsf{u16}(\mathsf{port}) \cdot \mathsf{u64}(\mathsf{challenge}) \\ \end{align*} \]

where \(\mathsf{u8}\) and \(\mathsf{u64}\) are 1 and 8-byte analogues of \(\mathsf{u16}\).

Commands

If the client receives a type 1 command, it should listen for a TCP connection on the indicated port, send \(\mathsf{u64}(\mathsf{challenge})\) on the first connected socket, and immediately close both the client and server socket.

If the client receives a type 2 command, it should connect a TCP socket to the server IP address using the indicated command port, send \(\mathsf{u64}(\mathsf{challenge})\) on the socket, and immediately close the socket.

Finally, if the client receives a type 3 command, it should create a UDP socket, and send a datagram containing \(\mathsf{u64}(\mathsf{challenge})\) to the server on the indicated port.

The secret command takes the form:

\[ \begin{align*} \langle \mathsf{secret} \rangle &= \mathsf{u8}(0) \cdot \mathsf{u16}(|\mathsf{value}|) \cdot \mathsf{value} \\ \end{align*} \]

The only content your program should write to stdout is the following JSON object:

{
    "id": "{{identifier}}",
    "value": "{{value}}"
}

Whitespace formatting doesn’t matter. Feel free to write whatever you like to stderr.

A script called validate_output.py can be used on the class server to check that the output of your solution is well-formed. It expects to read your solution’s output on its stdin.

Submission Instructions

Package your solution as a gzipped TAR archive that contains your source code, whatever assets are needed to build and execute your solution on the server, and a README.md that describes how to build and run your solution.

Extra Credit

Recover the server’s HMAC key. Include the key value in your writeup and describe how you recovered it.

This protocol description is an example of security protocol notation.↩︎