Introduction

A Mad Programmer got really mad and planted a slew of “binary bombs” on our class machines. A binary bomb is a program that consists of a sequence of phases. Each phase expects you to type a particular string on stdin. If you type the correct string, then the phase is defused and the bomb proceeds to the next phase. Otherwise, the bomb explodes by printing "BOOM!!!" and then terminating. The bomb is defused when every phase has been defused.

There are too many bombs for us to deal with, so we are giving each student a bomb to defuse. Your mission is to defuse your bomb before the due date. Good luck, and welcome to the bomb squad!

Your task

Submission

There is no explicit submission. The bomb will notify your instructor automatically about your progress as you work on it.

Viewing your results

You can see your grade, updated with about a 1-hour delay on the submission site under the bomblab and bombhw tasks.

There is scoreboard showing how many explosions and phases defused all bombs have here, which is updated more frequently.

About Collaboration

For phase 1, anything goes. Being a lab, you can work together as much as you want.

For phases 2 and beyond, it is homework so more restrictions apply. You are welcome to discuss with one another the process and tools you use, but please do not look at or describe one another’s code.

Obtaining your bomb

  1. Use Linux.

    This lab only works on 64-bit Linux machines. The department Unix machines qualify; see these instructions if you need help accessing them remotely.

  2. You can obtain your bomb by pointing your Web browser at:

    http://kytos02.cs.virginia.edu:15213/

    This will display a binary bomb request form for you to fill in. Enter your computing ID and email address and hit the Submit button. The server will build your bomb and return it to your browser in a tar file called bombk.tar, where k is the unique number of your bomb.

    Save the bombk.tar file to a (protected) directory in which you plan to do your work. Then give the command: tar -xvf bombk.tar. This will create a directory called ./bombk with the following files:

    • README: Identifies the bomb and its owners.
    • bomb: The executable binary bomb.
    • bomb.c: Source file with the bomb’s main routine and a mad greeting from the Mad Mad Programmer.

    If for some reason you request multiple bombs, this is not a problem. Choose one bomb to work on and delete the rest.

Getting a bombs from ssh

If you are trying to do the lab without a browser on the machine being used, try the following:

      curl "http://kytos02.cs.virginia.edu:15213/?username=$USER&usermail=$USER@virginia.edu&submit=Submit" > bomb.tar
mv bomb.tar $(head -1 bomb.tar | cut -d'/' -f1).tar

    

Note, this might fail if the remote machine you run it on is not a department machine because $USER might not be set correctly by other machines. Replace $USER with your computing ID if you are running this command e.g. in cloud9, koding, or codio.

Hints

Basic Strategy

Bomb Usage

Examining the Executable

Using GDB

On interpreting the disassembly