Introduction to Systems Security
================================

We make the first steps into systems security and talk about the high level topics. We present logistics and organizational aspects for the "Security of Information Systems" class.

Slides for this session:

* handout_
* handout_4on1_notes_
* handout_8on1_

.. _handout: http://elf.cs.pub.ro/sis/res/01-intro-systems-security-handout.pdf
.. _handout_4on1_notes: http://elf.cs.pub.ro/sis/res/01-intro-systems-security-handout-4on1-notes.pdf
.. _handout_8on1: http://elf.cs.pub.ro/sis/res/01-intro-systems-security-handout-8on1.pdf

Tasks
-----

1. Use ``checksec.sh`` to audit the security of the executables on your system. You can download ``checksec.sh`` from the `following link`_.

   .. _following link: https://raw.githubusercontent.com/slimm609/checksec.sh/master/checksec

   Or you can use pwntools_ as a wrapper of ``checksec``.

   .. _pwntools: http://docs.pwntools.com/en/stable/commandline.html#pwn-checksec

   Use GCC and its options to create executables with all sorts of combinations (NX, PIE, stack canary, RELRO). Build (compile and link) an executable with all hardening options on::

     $ checksec a.out
       [...]
       Arch:     amd64-64-little
       RELRO:    Full RELRO
       Stack:    Canary found
       NX:       NX enabled
       PIE:      PIE enabled


   And build (compile and link) an executable with all hardening options off::

     $ checksec a.out
       [...]
       Arch:     amd64-64-little
       RELRO:    Partial RELRO
       Stack:    No canary found
       NX:       NX disabled
       PIE:      No PIE (0x400000)
       RWX:      Has RWX segments

2. You can't read the ``/flag`` file. Still, it might be **duplicated** somewhere else. Where could you find it?

   Connect using SSH to **ctf@141.85.224.104:10000**. The account password is **look-for-me-0**.

   Submit the flag on the `CTF platform <https://sis-ctf.security.cs.pub.ro/challenges?category=session-01-intro>`_. You need to create an account on the platform if you don't already have one.

3.  When you can't read the ``/home/ctf/flag``, ask someone else.

    Connect using SSH to **ctf@141.85.224.104:10001**. The account password is **reverse-kitten-0**.

    Submit the flag on the `CTF platform <https://sis-ctf.security.cs.pub.ro/challenges?category=session-01-intro>`_. You need to create an account on the platform if you don't already have one.

4. The ``/home/ctf/flag`` is already there. You just have to read it.

   Connect using SSH to **ctf@141.85.224.104:10002**. The account password is **hit-me-hard-0**.

   Submit the flag on the `CTF platform <https://sis-ctf.security.cs.pub.ro/challenges?category=session-01-intro>`_. You need to create an account on the platform if you don't already have one.

5. You know how the flag looks. Find it somewhere where **data** could be stored.

   Connect using SSH to **ctf@141.85.224.104:10003**. The account password is **cant-find-me-0**.

   Submit the flag on the `CTF platform <https://sis-ctf.security.cs.pub.ro/challenges?category=session-01-intro>`_. You need to create an account on the platform if you don't already have one.