Exercise

Laboratory Exercise: Hands-on with Password Auditing and Buffer Overflows

This individual laboratory exercise will familiarize you with the Virginia Cyber Range and provide some hands-on experience with password cracking and buffer overflows.

Faculty Instructions

Resources required

This exercise makes use of resources provided in the Virginia Cyber Range. It is a single Ubuntu virtual machine with artifacts necessary (hashed passwords and executable files with buffer overflow vulnerabilities).

This lab exercise requires an account on The Range.  To sign up for an account on The Range, please visit our Sign-Up page.  Your students will also require an account on the Virginia Cyber Range; this will be explained in the setup of your course.

For Task 2 (Basic Buffer Overflow), this lab exercise comes with a video file called Buffer_oflow_walkthru.mp4 that is very helpful in describing to students the process for exploiting buffer overflow vulnerabilities.  You may access and download it here: buffer_oflow_walkthru_v2.mp4

Files
Hands-on with Password Auditing and Buffer Overflows Instructions Handout

Log In
to download materials

* NICE Cybersecurity Workforce Framework KSAs Addressed
  • K0018: Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).
  • K0068: Knowledge of programming language structures and logic.
  • K0070: Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0158: Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).
  • K0372: Knowledge of basic programming concepts (e.g., levels, structures, compiled vs. interpreted languages).
  • S0067: Skill in identifying, modifying, and manipulating applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files).
  • S0089: Skill in one-way hash functions (e.g., Secure Hash Algorithm [SHA], Message Digest Algorithm [MD5]).
  • S0239: Skill in interpreting compiled and interpretive programming languages.
  • S0264: Skill in recognizing technical information that may be used for leads to enable remote operations (data includes users, passwords, email addresses, IP ranges of the target, frequency in DNI behavior, mail servers, domain servers, SMTP header information).
* NSA/DHS Center of Excellence (CAE) KUs Addressed
  • Cyber Threats
  • Intro to Cryptography
  • Fundamental Security Design Principles
  • Operating Systems Concepts
  • Secure Programming Practices
  • Software Reverse Engineering
  • Software Assurance
  • Vulnerability Analysis

* Most courseware content maps to NIST NICE Cybersecurity Workforce Framework (NCWF) Knowledge, Skills, and Abilities (KSAs) and/or NSA/DHS CAE Knowledge Units (KUs). For more information on KSAs and KUs, please visit:

KSAs: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

KUs: https://www.iad.gov/NIETP/documents/Requirements/CAE-CD_Knowledge_Units.pdf