6.033 - Computer System Engineering Trust & Web Certificates Assignment

Hands-on 11: Trust

Complete the following hands-on assignment. Do the activities described, and submit your solutions using the online submission site by 11:59pm on the due date.

This assignment explores the meaning of "trust" when using computers, and in particular how downloading malicious code can be non-trivial to detect. You will be taking a simple Python "shell" and inserting a backdoor to add malicious functionalities.

This assignment must be completed on a Unix based OS running Python. Athena is a suitable environment.

This assignment involves programming.

I. Warmup

Download and save shell.py, which contains our sample shell. You might run the following command to do this:

  $ wget http://web.mit.edu/6.033/www/assignments/trust/shell.py

Read through the code briefly to get a sense of how it works before continuing.

Ensure that you are in the directory you downloaded shell.py into, mark it executable with chmod +x shell.py, and then run it with ./shell.py. Once in the shell, you can use the help command to see what commands are available.

Exercise 1: What should you type (within the shell) to see the source of "shell.py"?

Our shell supports downloading new code from the Internet, which will be relevant to the backdoor that you'll write later and the web certificates questions. We've written a slightly different version of the shell that colorizes the prompt and does a couple of other things.

Exercise 2: Use the shell's built-in update command to download http://web.mit.edu/6.033/www/assignments/trust/shell.color.py. Note that you have a chance to read the new code before it is installed. Once you have the new code, run reexec to start the new shell. You should see a colored prompt. What else has changed?

Note that shell.py has now been overwritten with the colored version. You will need to redownload the original shell.py later.

Exercise 3: The shell also supports "logging in". Try using the login and logout commands to log in and out. Another command shows the authentication status — which command is it?

II. Writing a backdoor

You need to trust a wide variety of parties when downloading software from the Internet. If untrusted code gets installed (by downloading software from an untrusted source or over an untrusted wi-fi connection, for example), it can be very difficult to detect or remove it. Next, you will add a backdoor to the shell you worked with earlier. This backdoor will have both a payload and a mechanism to compromise new versions of the code. Your backdoor will compromise the update mechanism. The basic idea is that your backdoor code should overwrite some of the functionality of shell.py file, including functions involved in updating the code from the web. Since shell.py is responsible for executing its own updates (see call to "write_code" in "update" in shell.py).

Exercise 4: Modify the original shell (not the colored version) to add an undetectable "backdoor" that saves usernames to a file on disk. Include your code in your submission for this assignment.

Some requirements for your backdoor:

You can implement your backdoor however you wish. One possible approach takes advantage of the fact that, in Python, later function declarations replace earlier ones. You can create a separate file containing alternate definitions of some functions and include it using Python's execfile function. You should only need to redefine the read_file, write_code, and login functions. You will probably need to write 15–50 lines of code for this section.

Exercise 5: How long did it take you to complete this assignment?

Go to 6.033 Home Page