This assignment MUST be done on a particular Google Cloud machine;
John will send out instructions on how to log in.

-----------------

The goal of this assignment is to find some (deliberate) security
holes in a short program I wrote.  (It's quite possible there are
more than I intended -- you get extra credit if you find a new one,
so long as your attack techniques only target this program and not,
say, my account, the network, etc....)

The program in question is /usr/local/bin/file-hmac 

file-hmac computes an HMAC-MD5 (more or less; see RFC 2104) on a file
or set of files.  It's up to you to figure out how to invoke it.

Roughly speaking, HMAC involves a secret key K and a hash function.
You calculate the HMAC of message M as H(K, H(K, M)).  This program
does the same as

	cat secretfile input | md5sum | cat secretfile - | md5sum

The goal of this assignment is to figure out what the secret is.
The actual attack program is likely to be quite small; the real
effort here is in finding the holes.  As such, you need to turn in
a written document explaining your analysis, including the output
of any commands you ran.

*This is not a paper-writing exercise*.  If you found it useful to
run

	snark --boojum

say so, and mention signficant output lines from the program.
Don't bother to explain what snark or its --boojum option do; assume
that I either know or can find out.  An annotated session from
"script", though not quite what I want, is much closer to what I'm
looking for than a technical paper is.  Again -- concentrate on
the techniques; don't spend your time writing or (worse yet)
formatting.

There are at least three (maybe four, depending on how you count)
holes in the program -- impressive, in a source file that's only
123 lines long.  You only need to find one hole.

In addition to those bugs, there may be a buffer overflow.  Since
knowledge of assembler is not a prerequisite for this class, I'm not
asking you to exploit any buffer overflows if they exist.  However,
you *must* write up how you tested for their presence or absence,
and how you reached the conclusion you did.

I do not think you can damage /usr/local/bin/file-hmac;
regardless, it's against the rules to try.  If you think you've
done so accidentally, notify me *immediately*.