Scribd
Upload
53 views

IT7343 Module9 Lab9 LWatts25

The document describes a 3 part lab assignment on Perl, shell scripting, and buffer overflows. Part 1 involves using Perl to find and output environment variables to a log file. Part 2 has students create shell scripts to display system information and the IP address of an interface. Part 3 directs students to complete buffer overflow exercises from another document, providing screenshots at several steps of writing, running, and modifying an overflow program. Feedback is requested on difficulty, interest, time taken, and suggestions for improvement.

Uploaded by

Lorenzo Watts
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
53 views

IT7343 Module9 Lab9 LWatts25

The document describes a 3 part lab assignment on Perl, shell scripting, and buffer overflows. Part 1 involves using Perl to find and output environment variables to a log file. Part 2 has students create shell scripts to display system information and the IP address of an interface. Part 3 directs students to complete buffer overflow exercises from another document, providing screenshots at several steps of writing, running, and modifying an overflow program. Feedback is requested on difficulty, interest, time taken, and suggestions for improvement.

Uploaded by

Lorenzo Watts
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 14

Lab

There are 3 parts of the lab. They can be completed from the Kali VM located within the
Netlab environment.

Part I PERL [4 marks]


Use Kali VM. We will use Perl to find environment variables.
Perl maintains environment variables in a special hash named %ENV.
What are Environment Variables? Provide references to your answer. (1 point)

Environment Variables sets


the environment for the
program to run. Each and
every program creates its
environment to run certain
background tasks and keep
updated by time to time. For
example, consider Java JDK
in windows. When we
download JDK files and then
try executing it different
directory java wont get
1
executed because its
environment is not created
yet. And then when we add
the
path of the bin file in
environment variables we can
execute java codes
successfully in any folder.
That’s because the /bin folder
contains the variables
that can be used to setup and
environment. There are two
types of environment
variables: USER and
SYSTEM. We can find
2
environment variables in
JAVA,
PERL, ANT, ANDROID
SDK and several other
programs. These can be used
in
Windows, Linux and DOS
systems as well.
Environment variables are available via the special %ENV hash; each key
in this hash represents one environment variable. At the start of your
program's execution, %ENV holds values it has inherited from its parent
process (generally the shell).

O’Reilly. (n.d.). Learning Perl, 3rd Edition. https://docstore.mik.ua/.


https://docstore.mik.ua/orelly/perl4/lperl/ch14_03.htm#:~:text=In%20Perl
%2C%20the%20environment%20variables,process%20(generally%20the
%20shell).

Start command prompt and run the following command, you may see similar
screenshot
perl -e "print %ENV;"

3
Now create file env_var.pl that will display environment variable and it values on
one line (you may use any editor like vim, nano, leafpad, place the file in your home
folder)

Inside the file type the following code

foreach $key (sort(keys %ENV)) {


print $key, " = ", $ENV{$key}, "\n";
}

To execute this file

chmod u+x env_var.pl


perl env_var.pl

Insert screenshot of your perl program run with the above script, see an
example screenshot provided below. [1 point]

4
Now modify the perl code to write all environment variables to a new file called
logfile.txt (see http://www.bin-co.com/perl/tutorial/file.php)
provide your perl code here [2 points]

my $filename = ‘logfile.txt’;
open($FH, ‘>’, $filename) or die$!;
foreach $key (sort(keys %ENV)) {
print $key, " = ", $ENV{$key}, "\n";
}

5
Part II: Shell Scripts [3 points]
A shell script is a script written for the shell. The shell is a process that lets you edit
your command line input then runs the command. Security professional automate
tasks by creating and implementing shell scripts.

1. Create file lscript in /root directory (you can use any editor your wish like vim)
2. Type on separate lines
date
echo "hostname: $HOSTNAME"
echo "user: $USER"
cal
3. Save the file
4. Execute test. Type lscript. Nothing should happen. To execute file you need to
type ./lscript You should receive Permission denied error. To change permission
execute following command: chmod u+x lscript Execute test again. You should
receive results of all four commands you placed inside the file. Provide a
screenshot of the results. [1 point]

6
5. Now we will write a shell script to display IP address of a specified interface. You
know ifconfig command. Run it and check the results.
6. What if you'd like to see only IP addresses? You can modify your command as
ifconfig | grep 'inet '

grep is a command-line utility for searching plain-text data sets for lines matching
a regular expression. This line means run ifconfig and return only line that starts
with inet addr
7. You can add interface name to ifconfig as
ifconfig eth0 | grep 'inet '

8. Now we will create a script that display IP address of a specified interface. Create
new file lIPscript.

echo "Choose interface (eth0, wlan0, lo)"


read -e INTERFACE
echo "You chose $INTERFACE"

The first line will display input prompt, the second one accepts your input, then
your input is displayed.

7
9. Run your code and provide eth0 as input. If you see You chose eth0, then you are
ready for the next step. Provide a screenshot of your code run. [1 point]

10. Add one more line to your shell script

ifconfig $INTERFACE | grep 'inet '

11. Run your script and provide eth0 as input. You should see IP, broadcast address
and mask. Provide a screenshot of your results. [1 point]

8
Part III: Netlab buffer overflow practice [3 points]
Please complete the posted in the NDG_EH_Lab_15-bufferoverflow document.
Perform all the steps there. You will be providing screenshots for the following steps
(ensure your name/netid is visible in the screenshot for full points):

9
1) Writing a Buffer Overflow Program: steps 6,10

2) Run Code to Demonstrate Buffer Overflow: steps 2,3,5

10
11
3) Analyzing and Modifying Overflow Code: steps 5,11,13

12
13
Feedback:

 Difficulty (-2 - too easy ... 0 - just right ... 2 - too hard) _0__________________
 Interest level (-2 - low interest ... 0 - just right ... 2 - high interest) ___2________
 Time to complete the lab (min) __90min_________________________________
 Make a suggestion on how to improve this lab assignment

14

You might also like