Objectives and Logistics
Lab Presentation
The goal of this lab is to learn about and put in practice concepts about password-based authentication. We will cover good practices for building applications using password-based authentication, and how such authentication systems can be broken when these good practices are not followed. This lab is composed of 3 main exercises:
- Password Extraction: how reverse-engineering techniques can be used to extract hardcoded passwords from an application's binary.
- Hashed Passwords: how to build a proper authenticator storing hashed and salted passwords.
- Weak Password Cracking: how simple passwords (e.g. too short) can easily be cracked using modern computers.
Each exercise is divided into two parts: a guided part with detailed instructions on how to proceed, and an advanced part which is less guided. You can access each exercise from the left menu. In absolute exercises are independent of each other, but we strongly recommend doing them in order. If you are stuck in the advanced part of an exercise, it's OK to start the next one though.
⚠️ Ethical Use Disclaimer
Although part of this lab exercise introduces techniques that are commonly associated with offensive security, their purpose in this context is purely educational. Our goal is to help you understand how attackers operate, so you can build stronger, more secure systems.
You are expected to use the knowledge and skills from this lab responsibly and ethically. Any use of these techniques outside of authorised, educational, or professional penetration testing contexts is strictly prohibited and may be illegal.
Submission Instructions
The deliverables for this exercise are a series of passwords (for the password extraction and password cracking parts of the exercise) and some C source code (for the hashed password part of the exercise).
The submission is made through the CS Department’s Gitlab.
You should have a fork of the repository named 60261-lab1-s-authentication_<your username>.
The passwords should be submitted in a CSV file, that should be pushed alongside the C source code on the main branch.
You can find an empty skeleton for such a file here.
Submission details are given in the relevant parts of this exercise.
To indicate that the submission is ready to be marked create a tag named lab1-submission.
The deadline for this assignment is Friday 17/10 2pm London time.
A few important points regarding the submission:
- ⚠️ Make sure you push to the precise repository mentioned above and not another one (do not fork it or create a new repo), and to tag your submission properly.
- ⚠️ The submission is to be made through GitLab only, there is no need to submit anything to Canvas.
- ⚠️ You need some basic knowledge of git and GitLab to submit that exercise. In the unlikely case you are not familiar with these tools, see some guidance here.
Failure to follow these instructions is likely to result in a mark of 0 for this exercise.
For any issues or questions, feel free to get in touch with the instructor through the discussion board on Canvas or during office hours (see the schedule on Canvas for the their time and location. You can also contact your student representatives.
High-Level Marking Scheme
| Part | Marks |
|---|---|
| 1.1 Password Extraction (Guided) | /4 |
| 1.2 Password Extraction (Advanced) | /3 |
| 2.1 Authenticator (Guided) | /4 |
| 2.2 Authenticator (Advanced) | /2 |
| 3.1 Password Cracking (Guided) | /4 |
| 3.2 Password Cracking (Advanced) | /3 |
| Total: | /20 |
Intended Learning Outcomes (ILOs)
By the end of this lab, students will be able to:
- Analyse and reverse-engineer compiled binaries to extract hardcoded credentials using static analysis tools and techniques.
- Design and implement secure authentication mechanisms that store user passwords using salted cryptographic hashes.
- Demonstrate the vulnerability of weak passwords by applying password cracking tools and techniques on weak passwords.