CSC-574 Computer and Network Security

Description

Your goal is to create hidden backdoor service.

With all this exploitation knowledge that you have gained from this class it is now time to create a backdoor to our homework server so that you never have to hack it again! The admin of the server is super carefull and will monitor for any applications that listen for incoming connections, but, powered with the knowledge from this class, your backdoor will circumvent that! It is going to be based on a technique called port knocking.

The workflow of the attack is the following. You have already hacked into the homework's server, so you are going to drop a backdoor. The backdoor will run forever, listening passively for incoming packets. When the right sequence of packets arrive, it will reach out to a web server to fetch a linux command and execute it locally.

Implementation

You are going to have to use raw sockets for this assignment. You can use any programming language that you like. Your submission should include a Makefile that will compile your code (if the code needs compilation), otherwise it should be executable like this ./backdoor configuration-file URL. The configuration file will contain the port sequence (one number per line). After the program has received the correct packets in the correct order that match the port-knocking sequence it should make a request to the URL parameter, fetch a linux command and execute it in the local system. The admin will never know what hit him!

You will also need to provide a port-knocker client that can issue the sequence of the packets that will enable the backdoor. The client should be take the following arguments: ./knocker configuration-file IPaddress. The configuration file will contain the port sequence (one per line) and the IP address should be the target IPv4 address that runs the backdoor service.

Note that you must run your program as root to be able to get access to the raw sockets. This means that the submission system will be running your code as root, so please do not attempt anything malicious.

Your program must work on Ubuntu 14.04 64-bit with the default packages installed. You’ll probably need to set up a virtual machine to do the development, you can use VCL for this.

If you wish to use packages that are not installed on Ubuntu 14.04 64-bit by default, please submit a file entitled packages, with a list of the Ubuntu 14.04 64-bit packages that you would like installed before calling make. Each line of packages must be a valid package name, one package per line. The submission system will automatically install all the dependencies that the package lists.

For example, if you were going to write your assignment in Haskell, you could install the GHC compiler with the following packages file:

ghc
ghc-dynamic

Usefull information

You can easily setup an HTTP server with a python one-liner like this:
python -m SimpleHTTPServer

Here are some resources on how to write a Makefile: Using make and writing Makefiles

Submission Instructions

You will need to submit an archive with all the source code along with a Makefile and README. The Makefile must create to executables backdoor and knocker by running the command make. Your README file should contain your name, Unity ID, email and a description of how your program works. The submission page will be posted on piazza.