1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
\documentclass[11pt]{article}
\usepackage{fullpage}
\usepackage{times}
\begin{document}
\begin{center}
CSci 5271 Fall 2021 Exercise Set 4 answers template
\end{center}
Please use this document as a template for submitting your answers to
exercise Set 4. (This template is available from the course web site
in either LaTeX or Google Doc formats). Type your answers on each page
after the question prompt (you can use additional pages, though that
we expect that would rarely be required). If you can write all your
answers electronically, please do so and export to a PDF to submit.
If you would prefer to hand-draw figures, you can also submit a scan.
Please ensure that the names and UMN email addresses of all of your
group members are recorded on Gradescope, and also confirm them below:
\vspace{10pt}
\begin{tabular}{|p{2.6in}|p{2.6in}|}\hline
Name & UMN email address\\\hline
\vspace{20pt} & \\\hline
\vspace{20pt} & \\\hline
\vspace{20pt} & \\\hline
\end{tabular}
\vspace{10pt}
Random numbers with limited entropy. (36 pts):
Part 1(a), Time Seed
Having a predictable time seed will help an attacker brute force the seed by reducing the number of possible guesses needed.
\vspace{2in}
Part 1(b), PID Seed
Having such a small number of seeds allows a malicious user to brute force guessing the seed.
Related CVE: https://nvd.nist.gov/vuln/detail/CVE-2008-0166
\newpage
Part 1(c), Time XOR PID
\vspace{1.5in}
Part 1(d), Consultant
\vspace{1.5in}
One possible implementation of the seed is to start out with concatenating the PID onto the time (time + PID, where the time is the one appended to), XOR the new number with the time, and encoding the result with base64.
Question 2 (Cross-site scripting variations, 18 pts):
Replace text/html with text/plain in the content type. This will cause the browser to display the page as plain text, not as HTML, mitigating the risk of cross-site scripting for this one use case.
\newpage
Question 3 (Denial of Service Denial, 22 pts):
No, it will not. A simple exploit of this module would be to simply have multiple devices behind different IPs all send singular requests to the server at various times, making sure to slowly delay the rate of requests. This would allow the server to be overwhelmed from a Distributed DoS (DDoS) attack.
\newpage
Question 4 (Virus Virii, 24 pts):
\vspace{1.5in}
Part 4(a), Halting Problem
\vspace{1.5in}
Part 4(b), Reverse Engineering
\end{document}
|
