SYST 44288 – Operating Systems & Systems Programming
Assignment 4 – Security Code Audit
Due Date: See SLATE calendar
As for assignments 2 and 3, for this assignment, work in groups of two.
Select an information security utility from the list of utilities below. Build (ie. compile) and run the program so that you are familiar with the program’s purpose and operation. Then, audit (ie. read) the source code and discuss how the program works, paying special attention to the system calls, concurrency and other OS related features it uses. You should focus only on the core functionality of the utility and not on peripheral matters like database connections, GUI elements, error handling and logging. The purpose of this assignment is to understand how pieces of “professional” software use system calls, concurrency and other sophisticated programming techniques. You will then prepare a short report detailing the more interesting parts of the program you have audited.
Your report should include an overall discussion of the utility including what it does, how it functions, an overview of the code base (ie. what files do what, how are they organized) and a more detailed discussion of the key parts of the code as described above. Make sure to include snippets of code and references to other libraries where appropriate.
- braa – SNMP scanner – http://s-tech.elsat.net.pl/braa/
- masscan – High-speed TCP scanner – https://github.com/robertdavidgraham/masscan
- tcpdump – Network traffic capture utility – http://www.tcpdump.org/
- kismet – Wireless network detector – http://www.kismetwireless.net/index.shtml
- hashcat – CPU/GPU password cracker – https://hashcat.net/hashcat/
- yara – Pattern matcher for profiling malware – https://github.com/virustotal/yara
- dns2tcp – Relay tcp connections traffic over dns – http://www.hsc.fr/ressources/outils/dns2tcp/download/
- hping – TCP/IP packet assembler – https://github.com/antirez/hping
- John The Ripper – Password cracker – http://www.openwall.com/john/
- THC-Hydra – Password cracker – https://github.com/vanhauser-thc/thc-hydra
- Foremost – File carving forensic tool – http://foremost.sourceforge.net/
- Dc3dd – DD for for creating forensic images – https://sourceforge.net/projects/dc3dd/
- Bulk-extractor – Extract artifacts from forensic images – http://digitalcorpora.org/downloads/bulk_extractor/
- Alternatively, you can pick any of the default Linux binary utility programs like cd, ls, etc.d
- 4 Point – General discussion of program and how it functions.
- 4 Point – Overview of code base.
- 10 Points – Detailed discussion of the core code functionality.
- 2 Point – References: including snippets of code, and reference to libraries.
Total: 20 points.
- Include the names of your group at the top of the report.
- Your submission should be in a single word file in the following format, where lastname1 is the lastname of student1 and lastname2 is the lastname of student2:
- Upload your report in Word to the SLATE dropbo