Encerrado

Reference monitor - security layer

Job Description:

I need help building the security layer.

A basic (and inadequate) defense

"""

This security layer inadequately handles A/B storage for files in RepyV2.

Note:

This security layer uses [login to view URL], [login to view URL], [login to view URL] and Python

Also you need to give it an application to run.

python [login to view URL] [login to view URL] [security_layer].r2py [attack_program].r2py

"""

TYPE="type"

ARGS="args"

RETURN="return"

EXCP="exceptions"

TARGET="target"

FUNC="func"

OBJC="objc"

class ABFile():

def __init__(self,filename,create):

# globals

mycontext['debug'] = False

# local (per object) reference to the underlying file

[login to view URL] = filename+'.a'

[login to view URL] = filename+'.b'

# make the files and add 'SE' to the readat file...

if create:

[login to view URL] = openfile([login to view URL],create)

[login to view URL] = openfile([login to view URL],create)

[login to view URL]('SE',0)

def writeat(self,data,offset):

# Write the requested data to the B file using the sandbox's writeat call

[login to view URL](data,offset)

def readat(self,bytes,offset):

# Read from the A file using the sandbox's readat...

return [login to view URL](bytes,offset)

def close(self):

[login to view URL]()

[login to view URL]()

def ABopenfile(filename, create):

return ABFile(filename,create)

# The code here sets up type checking and variable hiding for you. You

# should not need to change anything below here.

sec_file_def = {"obj-type":ABFile,

"name":"ABFile",

"writeat":{"type":"func","args":(str,int),"exceptions":Exception,"return":(int,type(None)),"target":[login to view URL]},

"readat":{"type":"func","args":((int,type(None)),(int)),"exceptions":Exception,"return":str,"target":[login to view URL]},

"close":{"type":"func","args":None,"exceptions":None,"return":(bool,type(None)),"target":[login to view URL]}

}

CHILD_CONTEXT_DEF["ABopenfile"] = {TYPE:OBJC,ARGS:(str,bool),EXCP:Exception,RETURN:sec_file_def,TARGET:ABopenfile}

# Execute the user code

secure_dispatch_module()

Requirement 1:

Be a silent process (no exceptions). Do not output any logs. Do not raise any exceptions. Your program should never return any output to the user.

Requirement 2:

A valid file must start with the character 'S' and end with the character 'E'. If any other characters (including lowercase 's', 'e', etc.) are the first or last characters, then the file is considered invalid.

Requirement 3:

Applications use ABopenfile() to create or open a file. Files are created by setting create=True when calling ABopenfile(). The reference monitor will create a valid file called filename.a and an empty file we will write to, called filename.b. [If you are the attacker, think about how you can mess with the create value to break the monitor.]

Requirement 4:

When close() is called on the file, if both filename.a and filename.b are valid, the original file's data is replaced with the data of filename.b. If filename.b is not valid, no changes are made.

Habilidades: Programação C++ , Python

Sobre o Cliente:
( 0 comentários ) Brooklyn, United States

ID do Projeto: #35439603

2 freelancers estão ofertando em média $60 nesse trabalho

danilosantanadev

Hi. I have already built one that you want. I'm very interested in your description and as a Senior developer, I can complete your task perfectly and will be my best for you and provide the successful results that you Mais

$100 USD in 7 dias
(2 Comentários)
3.5
aachalthakur66

Hello Sir i am a Cybersecurity analyst i can help you with creating a security layer here we can use secure socket layer

$20 USD in 7 dias
(0 Comentários)
0.0