Background: autograders CS1660's autograders are composed of two components: A "loader": which is a tiny bit of code that we give to Gradescope The "main autograder code", which is stored in the ag-gradescope repository. Gradescope clones the main branch of this repository each time the autograder is run. There are two important things to know about this architecture: To update the autograder, you generally only need to push code to the main autograder repo The main autograder repo contains a configuration file which tells it about which code to run for each Gradescope assignment. This guide explains how to update this while.

Wireshark a network traffic analyzer. It is widely regarded as the de facto tool for capturing and examining network traffic. In this lab, you'll install Wireshark on your own system and become familiar with a few of its key features: capturing traffic, exploring packets, and extracting data from captures.There will be a few points in this tutorial where you can demonstrate your progress, which you can include in your homework submission to receive credit. Installing Wireshark To install Wireshark: Download Wireshark via this link and install it on your system. Install Wireshark using the installer you downloaded. You may be prompted to install some additional components (eg. WinPcap on Windows or BPF tools on MacOS); you should install these as well. Next, open wireshark! You should be greeted with a window like this:

« Back to the main CSCI1660 website Due: Thursday, February 13 by 11:59pm EST :::danger Note: We're still setting up the Gradescope submission for this assignment, so it's not possible to submit your work yet. We'll post an announcement on Ed when the Gradescope submission is ready, after which this message will be removed. :::

This document contains notes on how to get started with and run a test problem that Nick is planning to incorporate into project 1. There's no handout yet, but the hope is that this should be sufficient to get started. Initial setup (TA testing only) The stencil version of this project uses Python. To set it up, Clone this repository Go to the pwfind directory. For this test, do everything from this directory Do the environment setup according to these instructions. Stop at the "working with the stencil code section" and then come back here Premise

Burp Suite is a framework of web application testing tools. It is widely regarded as the de facto tool to use when performing web app testing. In this lab, you'll install Burp on your own system and become familiar with a few of Burp's key features: intercepting and modifying web requests. At the end of this tutorial, there will be instructions on how to demonstrate your progress, which you can include in your homework submission to receive credit. In the next project, you'll be testing an insecure website--you may find it useful to use Burp to help with this process! Installing Burp Suite To install Burp: Download Burp Suite Community Edition via this link and install it on your system. To run Burp, you may also need to install Java (see this link) if you don't already have it on your machine.

« Back to the main CSCI1660 website This guide is designed to help you get started with setting up the development environment for the Dropbox project. In this project, you'll build a client for a simulated version of a secure storage system that uses end-to-end encryption. This project has significantly less infrastructure compared to other projects: you'll reuse our existing development container and build your implementation entirely in Python. This guide will describe how to set up your development container environment for this project and how to work with the stencil code for this project. Initial setup: Updating your development container New to docker? If you do not have Docker installed from the last project, or you have not used the development container from Project 1, you can set up your environment using this guide and then skip this section.

This guide is meant to serve as a starting point for reading and understanding elements of Bash scripts. In general, shell scripting is a powerful way of automating tasks and "gluing" parts of programs together in a manner similar to how you type commands in a terminal. Shell scripting has evolved over many decades and across many types of operating systems, shells, and programming goals. This long history, and some semantic quirks of shells in general, can make shell scripting seem quite obtuse at first--indeed, there are a lot of exceptions, edges, and quirks to almost everything in shell scripting. However, there are a few common principles that can help you understand how most shell scripts work and give you the tools you need to help figure out the rest as you need them! This guide isn't intended to be comprehensive, but intends to give some examples of the most common script elements and some resources on where you can read more. We focus specifically on scripting with bash--other shells may have slightly different semantics. Anatomy of a shell script #!/bin/bash # <--- Interpreter line something="hello world" # A variable

« Back to the main CSCI1660 website This guide is designed to help you get started with setting up the container environment you'll use for the Handin project. The primary component of the project is cs666's course infrastructure, i.e. a very insecure filesystem that you will attack in order to give you practice discovering some real vulnerabilities and proposing fixes. In order to let you conduct attacks in a safe, repeatable way, we provide this filesystem to you as a container image--you can run this container on your computer, which will give you access (as a student, not a TA) to cs666's course infrastructure. This guide will provide instructions on how to set up the Handin container environment and how to work with it for the project. Some background: This is the first year we are using containers for this course, after we learned that the method we've used in the past wasn't viable this year. While we'd always planned to make this change, we had to accelerate the process significantly. We've tested as best we can, but we appreciate your feedback and your patience as we work to find the best workflow for everyone!