From 2d4b7733e92b1d49799ff5c60f09d9a7955089dd Mon Sep 17 00:00:00 2001
From: AlaRduTP <alardutp37259418@gmail.com>
Date: Thu, 2 May 2024 14:08:02 +0800
Subject: [PATCH] feat: lab7

---
 .github/workflows/lab-autograding.yml |  2 +-
 lab7/Makefile                         |  7 +++++
 lab7/README.md                        | 25 ++++++++++++++++
 lab7/login.c                          | 26 +++++++++++++++++
 lab7/sol.py                           |  0
 lab7/validate.sh                      | 42 +++++++++++++++++++++++++++
 6 files changed, 101 insertions(+), 1 deletion(-)
 create mode 100644 lab7/Makefile
 create mode 100644 lab7/README.md
 create mode 100644 lab7/login.c
 create mode 100644 lab7/sol.py
 create mode 100755 lab7/validate.sh

diff --git a/.github/workflows/lab-autograding.yml b/.github/workflows/lab-autograding.yml
index 4e7a54f7..ba7a31f9 100644
--- a/.github/workflows/lab-autograding.yml
+++ b/.github/workflows/lab-autograding.yml
@@ -45,7 +45,7 @@ jobs:
                       const files = await github.rest.pulls.listFiles({ owner, repo, pull_number: issue_number });
                       const changedFiles = files.data.map((file) => file.filename);
                       const allowedFileRegex = /^lab\d+\/main_test.js$/;
-                      const specialChangedFiles = ["lab5/Answer.md", "lab5/antiasan.c", "lab6/Answer.md"];
+                      const specialChangedFiles = ["lab5/Answer.md", "lab5/antiasan.c", "lab6/Answer.md", "lab7/sol.py"];
                       if (!changedFiles.every((file) => (allowedFileRegex.test(file) || specialChangedFiles.includes(file)))) {
                         core.setFailed('The PR contains changes to files other than the allowed files.');
                       }
diff --git a/lab7/Makefile b/lab7/Makefile
new file mode 100644
index 00000000..47db0d2b
--- /dev/null
+++ b/lab7/Makefile
@@ -0,0 +1,7 @@
+login: login.o
+
+login.o: login.c
+
+.PHONY: clean
+clean:
+	rm login login.o
diff --git a/lab7/README.md b/lab7/README.md
new file mode 100644
index 00000000..37076c51
--- /dev/null
+++ b/lab7/README.md
@@ -0,0 +1,25 @@
+# Lab7
+
+## Introduction
+
+In this lab, you will write a python script with Angr to find the password in executalbe file named 'login'.
+
+## Preparation (Important!!!)
+
+1. Sync fork your branch (e.g., `SQLab:311XXXXXX`)
+2. `git checkout -b lab7` (**NOT** your student ID !!!)
+
+## Requirement
+
+1. (100%) Detect the condition that login will print 'Login successful' if login success and print 'Login failed' if login fail, find the input of successful condition by Angr.
+
+Please note that you must not alter files other than `sol.py` or just print the input. You will get 0 points if
+
+1. you modify other files to achieve requirements.
+2. you can't pass all CI on your PR.
+
+## Submission
+
+You need to open a pull request to your branch (e.g. 311XXXXXX, your student number) and contain the code that satisfies the abovementioned requirements.
+
+Moreover, please submit the URL of your PR to E3. Your submission will only be accepted when you present at both places.
diff --git a/lab7/login.c b/lab7/login.c
new file mode 100644
index 00000000..e6d863c9
--- /dev/null
+++ b/lab7/login.c
@@ -0,0 +1,26 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+int encrypt(int a1, int a2) {
+        if ( a1 <= 0x40 || a1 > 90 ) {
+                puts("Login failed");
+                exit(1);
+        }
+        return (0x1F * a2 + a1 - 65) % 26 + 65;
+}
+
+int main(void) {
+        char secret[0x20] = "VXRRJEURXDASBFHM";
+        char pwd[0x20] = {0};
+
+        printf("Enter the password: ");
+        scanf("%16s", pwd);
+        for ( int j = 0; j < 0x10; ++j )
+                pwd[j] = encrypt(pwd[j], j + 8);
+        if ( !strcmp(secret, pwd) )
+                puts("Login successful");
+        else
+                puts("Login failed");
+        return 0;
+}
diff --git a/lab7/sol.py b/lab7/sol.py
new file mode 100644
index 00000000..e69de29b
diff --git a/lab7/validate.sh b/lab7/validate.sh
new file mode 100755
index 00000000..a6be9226
--- /dev/null
+++ b/lab7/validate.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+# Check for unwanted files
+for file in *; do
+  if [[ $file != "login.c" && $file != "sol.py" && $file != "Makefile" && $file != "README.md" && $file != "validate.sh" ]]; then
+    echo "[!] Unwanted file detected: $file."
+    exit 1
+  fi
+done
+
+test_path="${BASH_SOURCE[0]}"
+solution_path="$(realpath .)"
+tmp_dir=$(mktemp -d -t lab7-XXXXXXXXXX)
+answer=""
+
+cd $tmp_dir
+
+pip install angr
+rm -rf *
+cp $solution_path/Makefile .
+cp $solution_path/*.c .
+cp $solution_path/sol.py .
+
+make
+result=$(python3 sol.py)
+if [[ $result != "b'HETOBRCUVWOBFEBB'" ]]; then
+  echo "[!] Expected: "
+  echo "b'HETOBRCUVWOBFEBB'"
+  echo ""
+  echo "[!] Actual:   "
+  echo $result
+  echo ""
+  exit 1
+else
+  echo "[V] Pass"
+fi
+
+rm -rf $tmp_dir
+
+exit 0
+
+# vim: set fenc=utf8 ff=unix et sw=2 ts=2 sts=2: