python辅导 | Intro to assignment2
pythond辅导_网络安全方面
Intro to assignment2
part 1
Write your reference monitor
How many people successfully compromise your reference monitor or correctly report
accuracy issue of your reference monitor
part 2
get all people’s reference monitors, and write your exploit.
not only check the security issue, but also check if it functions as expected(accuracy)
How many reference monitor you compromised, multiple successful scripts for one
reference monitor count as 1 Lose points for wrong attack
part 3
get all exploit scripts, report wrong attack
improve your reference monitor, we will run against all exploits again.
How many wrong attack on your reference monitor you report. How many exploits could
still compromise your reference monitor
Part 1
Rule: All file contents should start with “S” and end with “E”
Valid “S90aj923rfE” “S\nE”
Invalid “s0j4f90jwe92E” “90afwje23rf”
for details see github page in assignment instruction
NO output when running : we will let attacker use output to report successful attack.
Repy
Tutorial Security Layer Repy APIs
tl;dr
1. build
➜ RUNNABLE git:(master) ✗ python2 repy.py restrictions.test
encasementlib.r2py reference_monitor.r2py attack.r2py
fish: “python2 repy.py restrictions.te…” terminated by signal SIGTERM (Polite
quit request)
2. write your code
python2 syntax limited functions to use(with slightly different function names) openfile ->
open writeat -> write readat -> read log -> print …
[Repy APIs] (https://github.com/SeattleTestbed/docs/blob/master/Programming/RepyV2API.
md)
3. test your code python2 repy.py restrictions.default encasementlib.r2py
reference_monitor.r2py attack.r2py
repy.py: use repy sandbox
restrictions.default: specify what resources could the sandbox have
encasementlib.r2py: a module that allows you to have security layers
reference_monitor.r2py: your reference monitor( the “security layer”)
attack.r2py: scripts to run under the reference monitor
git clone https://github.com/SeattleTestbed/repy_v2
cd repy_v2/scripts && python2 initialize.py && python2 build.py
cd ../RUNNABLE
本网站支持 Alipay WeChatPay PayPal等支付方式
E-mail:vipdue@outlook.com 微信:vipnxx
如果您使用手机请先保存二维码,微信识别。如果用电脑,直接掏出手机果断扫描。
