Final exam Summer 2024 Q-and-A
Contents
Final exam Summer 2024 Q-and-A¶
Number of exercises: 5. Each exercise has a maximum score.
In home directory of user hostadm, you need to create a new subdirectory, FINAL and a file within it, answers.txt, where you will be writing answers to the exam exercises.
In the file, first, put your name, then proceed with answering to the questions below. Please report all the commands and options used in each exercise.
All the exercises should be done on the VDI desktop solely.
1. Compilation and Makefiles (max score 8)¶
On your desktop, download a tar archive from http://capone.rutgers.edu/coursefiles/Poisson_serial.tgz It contains source code files. Untar the archive.
A) Compile the source code files into one executable file
poisson.x. Make sure the executable,poisson.x, can run.B) Create static library
swtime.afromtimestamp.c,sweep.c, andr8mat_rms.cfiles. Also create another static libraryexact.afromuxeact.canduxxyy_exact.cfiles.C) Develop makefile
Makefile, that includes two targets for building librariesswtime.a, andexact.a, the compilation forpoisson.x, as well as thecleantarget to remove the compilation products.
Answer:
A)
gcc -o poisson.x main.c r8mat_rms.c rhs.c sweep.c timestamp.c uxeact.c uxxyy_exact.c -lm
B)
gcc -c timestamp.c
gcc -c sweep.c
gcc -c r8mat_rms.c
ar -cr libswtime.a timestamp.o sweep.o r8mat_rms.o
ranlib libswtime.a
gcc -c uxeact.c
gcc -c uxxyy_exact.c
ar -cr libexact.a uxeact.o uxxyy_exact.o
ranlib libexact.a
gcc -o poisson.x main.c rhs.c -lexact -lswtime -L. -lm
C)
poisson.x: main.c rhs.c libexact.a libswtime.a
gcc -o poisson.x main.c rhs.c -lexact -lswtime -L. -lm
libswtime.a: timestamp.c sweep.c r8mat_rms.c
gcc -c timestamp.c
gcc -c sweep.c
gcc -c r8mat_rms.c
ar -cr libswtime.a timestamp.o sweep.o r8mat_rms.o
ranlib libswtime.a
libexact.a: uxeact.c uxxyy_exact.c
gcc -c uxeact.c
gcc -c uxxyy_exact.c
ar -cr libexact.a uxeact.o uxxyy_exact.o
ranlib libexact.a
clean:
-rm *.x *.o *.a
2. Deploying VM appliance (max score 4)¶
Download VM appliance archive file from http://capone.rutgers.edu/coursefiles/final_exam2024.tgz
Deploy
exam2024VM on the desktop from the archive. Report the deployment steps.
Answer:
cd KVM
wget http://capone.rutgers.edu/coursefiles/final_exam2024.tgz
tar -zxvf final_exam2024.tgz
sudo cp final2024.xml /etc/libvirt/qemu/
virsh define /etc/libvirt/qemu/final2024.xml
virsh start final2024
3. File consistency check with command dlocate (max score 4)¶
Which of the four executables on exam2024 VM,
gprof,setpci,xzless,setarch, in directory/usr/binhave been altered since their installation. Report the commands used in the exercise.Hint: identify the packages that own the files above, then use command
dlocate.
Answer:
dpkg -S /usr/bin/gprof
binutils: /usr/bin/gprof
dpkg -S /usr/bin/setpci
pciutils: /usr/bin/setpci
dpkg -S /usr/bin/xzless
xz-utils: /usr/bin/xzless
dpkg -S /usr/bin/setarch
util-linux: /usr/bin/setarch
dlocate --md5check binutils | grep FAILED
dlocate --md5check pciutils | grep FAILED
dlocate --md5check xz-utils | grep FAILED
dlocate --md5check util-linux | grep FAILED
usr/bin/xzless: FAILED
4. Shell and Python scripting (max score 10)¶
A) Develop a shell script that solves Exercise 3 above.
Hint: use loop over the executables.
B) Develop a python script that solves Exercise 3 above.
Hint: create a list with the executables, then use loops. Utilize module
subprocess.
Make sure the scripts run and provide the correct answer.
Answer:
A) check_md5.sh
#!/bin/bash
DIR=/usr/bin
files='gprof setpci xzless setarch'
for i in $files
do
# echo $i
pkg=$(dpkg -S $DIR/$i | awk -F: '{ print $1 }')
dlocate --md5check $pkg | grep FAILED
done
chmod u+x check_md5.sh
./check_md5.sh
B) check_md5.py
#!/usr/bin/python3
import subprocess, re
files=['gprof', 'setpci', 'xzless', 'setarch']
pkgs=[]
for i in files:
cmd = f'dpkg -S /usr/bin/{i}'
s=subprocess.Popen(cmd,shell=True,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
stdout_value,stderr_value = s.communicate()
pkg,file = stdout_value.decode().strip().split(':')
pkgs.append(pkg)
for i in pkgs:
cmd = f'dlocate --md5check {i}'
s=subprocess.Popen(cmd,shell=True,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
stdout_value,stderr_value = s.communicate()
output = stdout_value.decode().split('\n')
for line in output:
match = re.search(r'FAILED', line)
if match:
print(line)
chmod u+x check_md5.py
./check_md5.py
5. Password cracking (max score 4)¶
There is user account testusr on final2024 VM.
Crack the password hash to find the password of the user. Report the steps and the revealed password.
Login to the VM as user
testusrto verify the password.
Answers:
sudo tail -1 /etc/shadow > pass.txt
john pass.txt
john -show pass.txt
testusr:blink1
1 password hash cracked, 0 left