Welcome to

CSCI 591: Malicious Code Analysis
& CSCI xxx: Software Security

Project1: PE Headers

Due: Tuesday [10/24/2023] @ 11:59 PM (MST)

Objective

This assignment is meant to be a low stakes way to introduce you to this course and some of the technologies we will use. You may have opportunities to complete parts of this assignment in class, but you should plan to work on this outside of class as well. Of particular importance, by the end of this assignment you should be setup with a suitable environment for completing assignments for this course. You will also have had the chance to practice with tools we’ll be using this semester. Besides, the project requires you to parse two applications with different architectures for their DOS headers, NT headers (including signature, coff header and optional header), and section headers and print out their values in a format like (field name: field value). The codes should be written in C or C++.

Task 1: Sign-up on Slack

Please sign-up for our course Slack!

At a minimum, please also update your Slack profile to include some helpful information:

  1. First name
  2. Last name
  3. A nice photo that clearly shows your face

Task 2: Getting Your Repo Set Up

You will use a private GitHub repository for all of your work this semester, which will enable you to share code with the course staff so that we can assess your work and provide feedback. Please follow the instructions below to get set up.

2.0 Update Your GitHub Profile

At a minimum, please also update your GitHub profile to include some helpful information:

  1. First name
  2. Last name
  3. A nice photo that clearly shows your face

2.1 Setup Your PRIVATE Repo

Please follow these instructions

  • Create a private repository in your own account by
    • Going to https://github.com/new
    • Enter the name csci-591-fall2023-private
    • Select Private
    • Navigate to the Settings » Manage Access section
    • Add Fangtian and TA as a collaborator

Once your repository is initialized, you can pull it down to your local machine. Instructions can be found on the home page of your new repository.

2.2 Setup Your SSH Identity

Setting up an SSH identity makes it possible for you to interact with GitHub repos via the command line without having to re-enter your password all the time. If you’ve already setup an SSH key to have passwordless access to GitHub on the command line, you can probably skip this step. You can check to see if you have a key setup by looking in your ~/.ssh/ directory. If there is nothing there, or if you don’t have a key dedicated to using with GitHub, you should read the following article: Adding a new SSH key to your GitHub account

2.3 Register Your PRIVATE Repo

You will provide information about your PRIVATE repo in the course questionnaire. (see questionnaire)

Task 3: PE Headers

This project requires you to parse two applications with different architectures for their DOS headers, NT headers (including signature, coff header and optional header), and section headers and print out their values in a format like (field name: field value). The codes should be written in C or C++.

  1. Download Microsoft Visual Studio, Community Version on your machine.To unit the run-time environment, all students should use the same IDE.
  2. Download firefox on your machine. You should use Firefox browser to download the applications because Google Chrome does not allow you to download malware
  3. Download applications on your machine. One application is 32-bit executable, the other 64-bit executable.
  4. Follow the format to print out their values.
    • For example, Dos Header has 19 fields, you print like:
      • e_magic: 5A4D
      • e_cblp: 90
      • e_cp: 3
  • Only one source code file and one README.md file in your github, don't use existing API functions and use the structures you defined.
    • Troubleshooting
    1. After I run your source code, the IDE will produce a project1.exe file.
    2. I will use the command project1.exe filename.exe in command prompt to check for correctness.
    3. You can add the following codes to your project1.
    		 #include <stdio.h>
    		int main(int argc, char* argv[])
    		{
    		 if (argc < 2){
    		 printf("Usage: %s filename.exe", argv[0]);
    		 return 1;
    		 }
    		 return 0;
    		 }
    view raw project1.c delivered with ❤ by fangtian-zhong

    Task 4: Review

    We will use a variety of tools and languages in this class. Here is a list of some things you may want to review.

    NOTE: You don’t have to do anything here necessarily, but if one of these topics is unfamiliar I recommend you take some time to do some individual review. This list is not exhaustive, but it highlights some of the major tools and language we will use in this class. In my experience, students are happier later in the term if they spend some time up front reviewing some of these topics.

    • Your submissions in this course should have a README.md composed in Markdown. « cheatsheet »
      • (Try it!) Do a quick survey of READMEs on GitHub to see how other people/projects compose READMEs. (Focus on projects with lots of stars.)
    • We will make heavy use of Git to version control software, share code, and submit assignments. « cheatsheet »
    • You will spend a lot of time at the command line in this course. « cheatsheet »
    • We will read and write Python programs in this course. « cheatsheet »
    • Makefiles can be complicated, but they can be extremely useful even if we use only a small subset of Makefile features. « cheatsheet »

    Instructions On Submitting Your Assignment

    Please submit your assignment via your private GitHub repository.

    For general tips on how to write and format your submission, please see the Lab Info & Tips page.

    Specifically,

    • Create a top-level README.md file (written in Markdown) in your private repo that has your
      • FirstName LastName (NetID)
      • CSCI 591 or CSCI 594 (depending on which section you are enrolled in)
      • A good Email Address for you.
    • Create a project1/ directory for this assignment.
    • Create a project1/README.md file (written in Markdown) for this assignment.
    • Within your project1/README.md, please follow the instructions in Example Structure of a Project Report (README.md) :
      • The same information that you included in your top-level README.md.

        NOTE: While it may seem redundant, please always include the information requested above at the top of your README for each lab. This makes things a lot easier for us when we need to dig into your repo to provide help and feedback specific to a lab.