On your Debian 11 server, in an SSH shell, execute this command:
sudo nano /etc/apt/sources.list
Add this line to the end of the file,
as shown below.
deb http://deb.debian.org/debian/ buster main
Save the file with Ctrl+X, Y, Enter.
Execute these commands, one at a time, approving the changes:
sudo apt update
sudo apt install open-cobol
sudo apt --fix-broken install
sudo apt install open-cobol
nano hello.cbl
Insert this code,
as shown below:
IDENTIFICATION DIVISION.
PROGRAM-ID. HELLO-WORLD.
PROCEDURE DIVISION.
DISPLAY 'Hello world!'.
STOP RUN.
Save the file with Ctrl+X, Y, Enter.
Execute these commands to compile the code and run it:
cobc -free -x -o hello hello.cbl
./hello
The program prints "Hello world!",
as shown below.
Flag CBL 1.1: File Type (5 pts)
Execute this command to see the file type of the executable:The flag is the last word in the response, covered by a green rectangle in the image below.
file hello
nano var.cbl
Insert this code,
as shown below.
This program defines two variables, a string called NAME and a number called NUM. It also modifies them using the MOVE command.
IDENTIFICATION DIVISION.
PROGRAM-ID. VAR.
DATA DIVISION.
WORKING-STORAGE SECTION.
01 NAME PIC A(20) VALUE 'Barf'.
01 NUM PIC 9(5) VALUE 12345.
PROCEDURE DIVISION.
A-PARA.
DISPLAY 'Literal string'.
DISPLAY "NAME : "NAME.
DISPLAY "NUM : "NUM.
MOVE 'Barfolomew' TO NAME.
MOVE 31337 TO NUM.
DISPLAY "REVISED NAME : "NAME.
DISPLAY "REVISED NUM : "NUM.
STOP RUN.
Save the file with Ctrl+X, Y, Enter.
Execute these commands to compile the code and run it:
cobc -free -x -o var var.cbl
./var
The program prints the variables,
as shown below.
Flag CBL 1.2: COMPUTE (10 pts)
Modify your program by adding the three lines outlined in green in the image below.
Compile and run the program to see the flag, which is covered by a green rectangle in the image below.
http://ad.samsclass.info/COBOL/
A very simple page appears, as shown below.
Create a file named get1.cbl that constructs the GET request to load that page, as shown below.
IDENTIFICATION DIVISION.
PROGRAM-ID. GET1.
DATA DIVISION.
WORKING-STORAGE SECTION.
01 GETLINE PIC A(20).
01 HOSTLINE PIC A(24).
01 CR PIC X VALUE X'0A'.
PROCEDURE DIVISION.
A-PARA.
MOVE "GET /COBOL/ HTTP/1.1" TO GETLINE.
MOVE "Host: ad.samsclass.info" TO HOSTLINE.
DISPLAY GETLINE.
DISPLAY HOSTLINE.
DISPLAY CR.
STOP RUN.
Compile and run that program. It prints
a GET request,
as shown below.
Flag CBL 1.3: Server Version (10 pts)
Execute these commands to send that request to the server:The flag is covered by a green rectangle in the image below.
sudo apt install netcat -y ./get1 | nc ad.samsclass.info 80
Note that the GET line has changed also.
Send it to the server and the server will echo it back to you, as shown below.
Flag CBL 1.4: FLAG_ME (15 pts)
Send a request with a User-Agent of FLAG_ME to get the next flag, covered by a green rectangle in the image below.
IDENTIFICATION DIVISION.
PROGRAM-ID. LOOP.
DATA DIVISION.
WORKING-STORAGE SECTION.
01 NUM PIC 9(1) VALUE 0.
PROCEDURE DIVISION.
A-PARA.
PERFORM B-PARA WITH TEST AFTER UNTIL NUM>3.
STOP RUN.
B-PARA.
DISPLAY 'NUM : 'NUM.
ADD 1 TO NUM.
Compile and run that program. It
counts from 0 to 3,
as shown below.
Flag CBL 1.5: Total (10 pts)
Make a loop that totals the numbers from 10 through 49.The flag is that total, covered by a green rectangle in the images below.
...
Flag CBL 1.6: Fib(100) (15 pts)
Create a COBOL program to calculate Fibonacci numbers, as shown below.Find the 100th value. The flag is that value, covered by a green rectangle in the images below.
...
Create a file named red.cbl as shown below.
IDENTIFICATION DIVISION.
PROGRAM-ID. RED.
DATA DIVISION.
WORKING-STORAGE SECTION.
01 A PIC 9(5) VALUE 12345.
01 B REDEFINES A PIC A(5).
PROCEDURE DIVISION.
A-PARA.
DISPLAY "Number: "A.
DISPLAY "String: "B.
ADD 5 TO A.
DISPLAY "Number+5: "A.
DISPLAY "String+5: "B.
STOP RUN.
Compile and run that program.
The string variable changes along
with the numerical one,
as shown below.
Flag CBL 1.7: Numerical User-Agent (20 pts)
Make a loop that sends user agents from 0 through 9 to the server you used in Flag CBL 1.4.One of the responses shows a flag, covered by a green rectangle in the images below.
Hint: to concatenate strings, use STRING.
...
...
IDENTIFICATION DIVISION.
PROGRAM-ID. LOOP2.
DATA DIVISION.
WORKING-STORAGE SECTION.
01 NUM PIC 9(1).
PROCEDURE DIVISION.
A-PARA.
PERFORM VARYING NUM FROM 1 BY 1 UNTIL NUM>4
DISPLAY NUM
END-PERFORM.
STOP RUN.
Compile and run that program. It
counts from 1 to 4,
as shown below.
Flag CBL 1.8: Pythagoras (15 pts)
Find integers A, B, and C that satisfy the Pythagorean theorem:A*A + B*B = C*CAll three numbers should be between 1 and 100, and they should be in ascending order:A < B < CThe image below shows the first few results.The flag is the last set of results in the format shown below: three two-digit numbers with spaces between them.
Flag CBL 1.9: Rail Fence Cipher (15 pts)
Implement the Rail fence cipher, as shown below.
Decode this text to see the flag:
T_EEASIAHSTM_H_LGI_ALODIITF_RR
Flag CBL 1.10: Rail 5 (15 pts)
Implement the rail cipher with five rails, as shown below.
Decode this text to see the flag:
RUFEAON_LRRLRDEAOAL__HGMISYT_L
Flag CBL 1.11: Viginere Cipher With the Keyword (15 pts)
Implement the Viginere cipher, as shown below.
Decode this text with the keyword ORANGE to see the flag:
HYIF_XWDE_LPOX_VY_DFLLGPDYA
Flag CBL 1.12: Viginere Cipher Without the Keyword (15 pts)
Decode this text. The keyword is three letters long. The plaintext includes the word "FLAG".YVB_TIFU_NG_XSXWQENBD
Posted 4-5-2020 by Sam Bowne
CBL 1.8 added 4-9-2020
CBL 1.9 - 1.12 added 4-10-2020
Updated for Debian 11 6-24-22