Project 1.0 Intro and Linux


Intro to Programming Languages.

[ ← Module List ]

Alright, class, buckle up because it’s time for your first foray into pwn.college. This isn't just any project, it’s your inaugural mission into the digital unknown. You’ll need to channel your inner tech wizard. Your task?

Dive headfirst into the basics of pwn.college and Linux - think of it like a digital playground where you get to be both the hero and the detective. But remember, with great power comes great responsibility... and possibly carpal tunnel.

Let’s crack those codes, find those vulnerabilities, and remember – if you get stuck, just ask yourself: What would zErOcOOl do? Spoiler: He’d probably make a sassy comment and look for the nearest taco truck.

Good luck!


Challenges

For this level you will get the flag using the VSCode Workspace interface and submit it using the flag field below.

  • Start the challenge by clicking on Start below.
  • Ctrl-Click on workspace (top of web page), switch tabs, and wait for VSCode to load.
  • Click on the 3-bars on the left hand side for the VSCode menu.
  • Click on file and then click open file and enter /flag.
  • The contents of the file are a flag which you turn in using the web interface below.
  • The flag will follow this format pwn.college{0c00l.code.c0ffee.facade}
  • After opening the file, copy it to the clipboard from the VSCode interface and be sure to include the pwn.college and both {}.
  • Switch back to the Challenges list in the browser, paste the value into the flag field, make sure now extra spaces at the end, and click submit.
  • The flag will be different for every student, do not copy another student's flag!

This level requires you to get the flag from inside the terminal using the ls command.

Start the challenge by clicking on start below, then switch to the VSCode workspace.
Open a terminal in VSCode by ctrl-` or by pressing F1 in VSCode and typing "Create new terminal".
Alternatively, open a new terminal in VSCode by clicking on the 3 bars on left -> Terminal -> New Terminal.

Inside the terminal, use the ls command to list the /challenge/cse240 directory.
The command will display the file names that exist in the directory, one of the file names is the flag and will start with pwn.college{.
The name of the file is the flag that you turn in.

Steps to complete

  • Change directory using cd to the directory /challenge/cse240 .
  • Use ls to view the files and there will be one in that starts with pwn.college{.

Steps to complete

  • Use mv to move the file /challenge/cse240/mysecret to your current directory . or your home directory ~/
  • Open it in VSCode or use cat.

Use the cat command to read the file /flag

Steps to complete

  • Use grep to read the contents of /flag
  • Try using the wildcard regular expression .*, which is a regular expression.
  • The . is a wildcard and the * means match the wild card to 0 or more characters.

On this level, you will execute a script in your curent directory.

Steps to complete

  • Use cd /challenge/ to change the working directory to /challenge
  • Execute the program getflag (remember: when the executable program is in the current directory you must use a relative or absolute path)
  • A relative path would use ./ where an absolute path always starts with / (e.g., /challenge)

The getflag program in the /challenge directory will give you the flag when you send in the file /challenge/text

The getflag program is reading from standard input so you can use < followed by the name of the file to do this.

Remeber to execute the file you must use the relative or absolute path because getflag's directory is not in the PATH environmental variable.

The getflag program in the /challenge directory will give you the flag when you send in the file /challenge/text except this time you must sort the data first

To do this, you will pipe in the result of using the sort command, you should use sort /challenge/text | along with the command you need to execute getflag program.

The getflag program in the /challenge directory will give you the flag when you pass in the command arguments "42", "fun", and "num" as 3 different parameters.

In this challenge you must complete the following:

  • Execute a gcc command that compiles the provided C program /challenge/main.c and creates the executable binary main.bin
  • The format for the command is gcc -o
  • To get the flag
    • cd to /challenge
    • To run the executable you will need a path to the file, for example, if you used
      gcc /challenge/main.c -o /tmp/main.bin
      Then to execute the binary, you will need to use either an absolute /tmp/main.bin< or relative ../tmp/main.bin path
    • To get the flag, you will need to send "Too many secrets" into the running program. We can do this with a pipe.
    • print "Too many secrets." and pipe it into a command executing the binary. The command will look like printf "Too many secrets." | /tmp/main.bin
  • Notice the printf statement DOES NOT PRINT A NEW LINE

    • This challenge requires you to create a test that triggers all the if statements in less than 2 seconds.

    You can take it as a challenge to type in everything that fast, /challenge/main.bin.

    Instead, I would suggest you use input redirection (or a pipe works too)

  • If not already there, then change directory cd into cse240/01-linux/12 directory (or use open terminal here in VSCode)
  • Create the file myinput.dat
  • Add the necessary input (add an enter to the end of each line)
  • Use redirection by doing /challenge/main.bin < myinput.dat from that directory

    To know what input to send into the program, you will need to look at the if statements and provide the values.

    A copy of the source code is available at ~/cse240/01-linux/12/main.c.

    The flag will come from the program /challenge/main.bin

    • This challenge and many future challenges will require you to create a user test case that verifies whether a program is performaing a particular function correctly.

    Creating User Tests

    • User tests are created by modifying a JSON file in your work area for the level, for this level, the tests are located in ~/cse240/01-linux/13/user_tests
    • In each JSON file under user_tests, you will be required to give
      • arguments
      • inputs
      • outputs

    Running the User Tests

    • Typically, you will find the instructions for the tests in the Level Description (like below) and inside the name and description fields of the JSON file
    • After creating the user tests, execute /challenge/tester from the command line
      • a bad model version, named modelBad.P.L.T.bin (P=Project number, L=Level, T=Test number) version, that does not implement the functionality correctly, your test must report the bad program failed.
      • a good model version, named modelGood.bin, that implements the required functionality correctly
      • if the level required you to write a program then tester will use the test to test your program as well and your program must pass too.

    Test Requirements

    • The input and output that you create in the utest json file will be passed into a running version of either model good or modle bad programs
    • When it passes the input into the model bad the test needs to be specific enough to detect that the model bad did not provide the expected output and it should fail, try executing the related model bad (e.g., ./modelbad1.13.1.bin)
    • Similarly, when it passes the input into the model good it needs to detect that it did provide the expected output. You can test the model good by running ./modelGood.bin
    • Fill in the "input" and expected "output" in both tests.
      • utest1.13.1 will input "hello" and verify the proper result is returned by the program being tested (if not sure try running modelGood.bin and modelBad.1.13.1.bin).
      • utest1.13.2 will input anything except "hello" and verify that the program returns with expected result.
    • Tester will use the inputs and outputs in the user_tests/utest1.13.1.json and user_tests/utest1.13.2.json
    • If the user test cases detect the missing functionality in the modelBad.P.L.T version while also detecting that modelGood.bin implements the required functionality then Tester will print out the flag.

    HINT
    You can run the modelGood and modelBad by typing in /challenge/modelGood.bin, /challenge/modelBad1.13.1.bin (for user test 1.13.1), and /challenge/modelBad1.13.2.bin (for user test 1.13.2)

    In this level, you will write 5 user test cases for the provided C program. The C program, located at ~/cse240/01-linux/14/main.c

    • For each of the user tests, the test must pass the program when modelGood is used and fail the program when modelBad is used
    • The user tests are located in ~/cse240/01-linux/14/user_tests/
      • test1.14.1 will test the first if statement that requires the exact value
      • test1.14.2 will test the second if statement that is looking for a large value
      • test1.14.3 will test the third if statement that is looking for a value slightly less than 65536
      • test1.14.4 will test the fourth if statement that requires the number 42
      • test1.14.5 will test the fifth if statement that checks whether the number is small
    • When all the test cases pass the modelGood and fail the modelBad the tester will reveal the flag.

    30-Day Scoreboard:

    This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

    7-Day | 30-Day | All-Time

    Rank Hacker Badges Score