No report is required for turn-in, but please tell me who is in your group and the way that work was distributed.
Below is how I will grade each groups homework:

1) For each solution, I will start from scratch (e.g. make clean)

2) After I run solution #1, I will examine the log file and the users directory to see that you created a valid user.

3) After I run solution #2, I will examine the log file and the users directory to see that you created a valid users.  Your code should perform the following actions:
a) enumerate whether these users exist in the application or not
b) use writeArticle to write arbitrary passwords into each existing user’s password as an authenticated user

You should include users you know will and will not exist in the application in your exploit, as this will be the most precise demonstration that your tool meets the grading criteria.

4)  After I run solution #3 and/or #4, I will try to connect to the remote port that the shell code binded too.  Then I will connect to the port and type:
‘ls’, ‘whoami’, and ‘date’.
I will read your code and comments to figure out how to run the exploit.  If I can’t figure out your exploit or get it to run, you will not get credit for the problem.  Be very verbose in your comments and instructions about how to run the code.

If you want your grades and comments for HW 5, please drop by the TAs office today before 4p.  Otherwise they will be available to you at the end of class on Thursday.  No grades will be sent out for this assignment.  Thanks.

The TAs office hours will not be held at the normal time tomorrow.  They will be held after class tomorrow.

Just a friendly reminder that class will be held on Monday of next week.  The place is Keck 101 at 3:00-4:30pm.  Thanks.

HW 6: Exploiting the bad code is now assigned.  Before you get started, there are a couple of points:
1)  This is the first time this assignment has been used, so please make sure you email the TA if you have problems getting started or you get stuck on a problem.
2)  Everyone must work in a group of 2 or more, no exceptions.
3)  The required environment for this assignment is a 32-bit Linux system.
4)  Please read the instructions carefully before emailing the TA.
5) Do not hesitate to ask for guidance.

The TA’s office hours for Monday (4/2/12) will be canceled.  If you need assistance, please send the TA an email to ask your question or schedule an appointment. This an official decree, and it is not related to 4/1/12.   Thanks.

Homework 5, Source Code Auditing is now assigned,

HW4 has been posted here, and it will be due on March 26, 2012.

Update Assignment #3: FTP Upload 2 problem is now extra credit.

Assignment #3’s deadline has been extended too Thursday March 8th.