This project will combine the microcontroller and memory management topics that we have discussed this semester to explore secure programming practices in the context of embedded systems. It involves a simplified implementation of a security system, similar to the one used to secure the Computer Science lab doors in Ayers Hall. This system is written to accept input from a $16-$key keypad matrix, connected to one of the BIG$8051\text{'}$s I$/$O ports. $($The keypads are available in the equipment cabinet in Room $261,$ and like the other lab equipment, they must be returned to the cabinet when they are not in use!$)$

The firmware for this system deliberately exhibits several poor programming practices; in particular, it contains a nasty vulnerability which will allow anyone who understands it to "open the door," even if they do not know any of the correct door codes! The firmware is provided in the attached "Part $1"$ archive as a HEX file $($a precompiled binary image$)$; the assignment instructions outline the procedure for downloading this file to your BIG$8051$ board using the Silicon Labs Flash Programming Tool. $($Note: "Opening the door" is represented by an animation in the P$6$ LED array, so among the other setup steps, be sure that the LED array for Port $6$ is properly enabled in the DIP switch bank SW$9$ on the BIG$8051$ board!$)$

Your first task will be to discover the nature of the vulnerability, and a minimal and consistent method of exploiting it$.$ The vulnerability is related to the memory and security topics recently discussed in class, but beyond that hint, you will be left to discover the details on your own. You will be working individually on this project, so as you work through the discovery of the exploit,

Discover the nature of the bug, and determine how to exploit it$.$ You should be prepared

to outline a precise, minimal, and repeatable list of steps that can consistently reproduce

your exploit. $($Hint: the exploit involves the memory management topics we have

discussed recently in class. Review the lecture notes for more details.$)$

This project will combine the microcontroller and memory management topics that we have discussed this semester to explore secure programming practices in the context of embedded systems. It involves a simplified implementation of a security system. This system is written to accept input from a

$1$

$6$

$-$

key keypad matrix, connected to one of the BIG

$8$

$0$

$5$

$1$

$\text{'}$

s I

$/$

O ports. The firmware for this system deliberately exhibits several poor programming practices; in particular, it contains a nasty vulnerability which will allow anyone who understands it to "open the door," even if they do not know any of the correct door codes! Your first task will be to discover the nature of the vulnerability, and a minimal and consistent method of exploiting it

$.$

:

$1$

$0$

$0$

$5$

$3$

$9$

$0$

$0$

AE

$8$

$4$

E

$4$

F

$5$

$8$

$4$

$7$

$5$

$8$

$9$

$1$

$1$

F

$5$

$8$

EFDEDC

$3$

$9$

F

$5$

$0$

$1$

$2$

E

$3$

:

$1$

$0$

$0$

$5$

$4$

$9$

$0$

$0$

$7$

$5$

$8$

CB

$0$

$7$

$5$

$8$

A

$3$

EC

$2$

$8$

DD

$2$

$8$

C

$3$

$0$

$8$

DFDC

$2$

$8$

C

$0$

DF

$2$

:

$0$

$4$

$0$

$5$

$5$

$9$

$0$

$0$

$8$

$0$

E

$9$

$8$

E

$8$

$4$

$2$

$3$

:

$0$

$1$

$0$

$5$

$5$

D

$0$

$0$

$2$

$2$

$7$

B

:

$1$

$0$

$0$

$5$

$1$

$3$

$0$

$0$

AE

$8$

$4$

E

$4$

F

$5$

$8$

$4$

$7$

$5$

$8$

$9$

$1$

$1$

$7$

$5$

$8$

E

$0$

$2$

FDEDC

$3$

$9$

F

$5$

$0$

$9$

$9$

:

$1$

$0$

$0$

$5$

$2$

$3$

$0$

$0$

$1$

$2$

$7$

$5$

$8$

C

$3$

$8$

$7$

$5$

$8$

A

$9$

DC

$2$

$8$

DD

$2$

$8$

C

$3$

$0$

$8$

DFDC

$2$

$8$

C

$2$

C

:

$0$

$5$

$0$

$5$

$3$

$3$

$0$

$0$

$0$

D

$8$

$0$

E

$9$

$8$

E

$8$

$4$

$3$

B

:

$0$

$1$

$0$

$5$

$3$

$8$

$0$

$0$

$2$

$2$

A

$0$

:

$1$

$0$

$0$

$5$

$7$

A

$0$

$0$

$1$

$0$

$0$

A

$3$

$1$

$3$

$2$

$3$

$3$

$4$

$1$

$3$

$4$

$3$

$5$

$3$

$6$

$4$

$2$

$3$

$7$

$3$

$8$

$3$

$9$

$4$

$3$

$2$

A

$3$

$0$

$5$

A

:

$0$

$8$

$0$

$5$

$8$

A

$0$

$0$

$2$

$3$

$4$

$4$

$0$

$1$

$0$

$8$

$0$

$0$

$0$

$1$

$0$

$9$

FFF

$0$

:

$1$

$0$

$0$

$1$

$9$

E

$0$

$0$

$7$

FFFE

$4$

FDEDC

$3$

$9$

$4$

$0$

$4$

$7$

$4$

$8$

$0$

$9$

$4$

$8$

$0$

$4$

$0$

$0$

$3$

$0$

$2$

$0$

$2$

$5$

B

:

$1$

$0$

$0$

$1$

AE

$0$

$0$

C

$8$

D

$2$

FFD

$2$

FED

$2$

FDD

$2$

FCED

$1$

$4$

$6$

$0$

$5$

$2$

$1$

$4$

$7$

$0$

$0$

$3$

$0$

$1$

:

$1$

$0$

$0$

$1$

BE

$0$

$0$

$0$

$2$

$0$

$2$

$4$

C

$1$

$4$

$7$

$0$

$0$

$3$

$0$

$2$

$0$

$2$

$8$

$8$

$2$

$4$

$0$

$3$

$6$

$0$

$0$

$3$

$0$

$2$

$0$

$2$

C

$4$

$7$

C

:

$1$

$0$

$0$

$1$

CE

$0$

$0$

C

$2$

FCE

$4$

FEEEC

$3$

$9$

$4$

$0$

$4$

$7$

$4$

$8$

$0$

$9$

$4$

$8$

$0$

$4$

$0$

$0$

$3$

$0$

$2$

$0$

$2$

E

$9$

:

$1$

$0$

$0$

$1$

DE

$0$

$0$

C

$4$

EE

$1$

$4$

$6$

$0$

$0$

F

$1$

$4$

$6$

$0$

$1$

$1$

$1$

$4$

$6$

$0$

$1$

$3$

$2$

$4$

$0$

$3$

$7$

$0$

$1$

D

$2$

$0$

FC

:

$1$

$0$

$0$

$1$

EE

$0$

$0$

F

$8$

$1$

A

$8$

$0$

$0$

D

$2$

$0$

F

$9$

$1$

$5$

$8$

$0$

$0$

$8$

$2$

$0$

FA

$1$

$0$

$8$

$0$

$0$

$3$

$2$

$0$

FBE

$4$

:

$1$

$0$