This sponsored message has been brought to you by SecEDU:
Hey guys,
The UNSW teams for the SECedu CTF on Friday could use a few more people who can smash webapps, so if you're free on Friday register at https://forms.office.com/Pages/ResponsePage.aspx?id=pM_2PxXn20i44Qhnufn7o2BwUbXJlkBDuHXZR3Dv80ZUNzhEOEpJVDlDWjU1SzExT0I0NUhXNUo3TC4u - expressions of interest will close at 5pm today, so get in quick.
Reminder to submit within the next ~40m for the patch.
Reminder to submit within the next 5m for extended break.
Hey all,
For those of you doing the extended break make sure you submit your report before 9pm, any late submissions will be discounted and if you have no submissions before 9pm you will get 0 for this portion of the final exam.
For those of you doing the patch you must submit your patch by 10:30pm. any late submissions will be discounted and if you have no submissions before 10:30pm you will get 0 for this portion of the final exam.
Good luck.
Kind Regards,
Zain
Auth is back up.
If you are having trouble connecting, you may need to flush your DNS or add `13.237.157.238 auth.ns.agency` into your hosts file.
Ignore this message if you are not doing the extended break
The auth network has fallen over and the team is trying to fix it, we will let you know when it is back up.
This should only effect your ability to login to sites, not your current sessions
Hey,
Some people are getting issues with msn related to "capture_output". To fix this you may need to install python3.7-venv and python3.7-dev.
and then use python3.7 -m venv venv rather then python3
Hey all,
We found that a lot of students were confused about coursedb and what exactly you needed to patch, to make things easier we've edited the source code to present something closer to the break which is more clear in what you need to do.
Please download the latest version of the code from the website, it will be called code_a_v3.tar
Kind Regards,
Zain
The new patch has been released, place download it from the info.exam.a.ns.agency/patch
also refer to the readme for any troubleshooting before emailing the course account
we are aware there are multiple issues with the patch source code, we are working to fix them all
as such we are moving the start time of the exam back to 10:30am and everyone will get extra time making the due date of the exam 10:30pm.
please stay tuned, in the interm take a break, have some breakfast
We are aware of issues relating to starting the apps using ./run.sh. We are currently investigating and will put out a notice shortly.
If you are having issues with pg_config. Please install postgresql and postgresql-client on your host.
Hey,
Ignore this email if you are not doing exam pair A. For those of you doing either the patch exam or the extended break exam at 9am tomorrow please use the following links to access relevant information.
https://info.exam.a.ns.agency/patch
https://info.exam.a.ns.agency/extbreak
As before questions/links will go live at 9am and keep an eye on your email / webcms.
Best of luck.
Kind Regards,
Zain
Hey all,
For those of you doing exam A make sure you submit your report before 9pm, any late submissions will be discounted and if you have no submissions before 9pm you will get 0 for this portion of the final exam.
Good luck.
Kind Regards,
Zain
Hey everyone,
The exam is just over half way done, this is a reminder to take a break and grab something to eat, watch some chill youtube videos like some good quality lo fi hop hop beats to study to (i've linked one below and this time it's not a rick roll) and take a breather. Taking a break and coming back to a problem with a clear mind is sometimes all you need to crack it. Also working 12 hours straight is not good for anyone trust me.
https://www.youtube.com/watch?v=YM4J971Pv8s
In addition: Please refrain from messaging course staff on slack, if there is an issue or question flick a email to cs6443@cse.unsw.edu.au, the team is very responsive.
Kind Regards,
Zain
There was a configuration issue with the msn messenger challenge. This issue has been fixed, if you were unable to solve the challenge earlier try again now.
On msn you can register and login as users, please only login to the accounts you have registered and when you register for an account please set a password that can't be guessed. It may be possible to guess another students account and thus steal their work so please register somewhat secure accounts.
Hey,
There was a small issue with givejobpls that resulted in certain attack vectors returning a flag ID i.e flag{_hello} rather then a actual flag i.e COMP6443{dsfdgdfgsdgds}. This has been fixed, if you were having trouble earlier and were getting a flag ID try again.
Kind Regards,
Zain
Hey all,
For those of you doing exam pair A which starts in about 10 hours, the following link has some basic information and is where the questions will be released tomorrow at 9am.
Any questions should be directed to the class email, please avoid using slack.
https://info.exam.a.ns.agency/break
if you can not access the above link please try again tomorrow morning as some changes are still in progress
Kind Regards,
Zain
If you are not doing the extended break in exam pair b you may ignore this message.
Flag generation is broken on oops, if you manage to find the flag id, this counts as a valid flag. If you are unsure, please email the class account.
-- Tjp
This notice only applies to extended students.
Clarifying the scope of the challenges:
s3 is in scope if you are able to get access.
Tips:
If you are not doing the extended break in exam pair b you may ignore this message.
The issue with Ymger has been resolved, you may resume hacking
Kind Regards,
Zain
If you are not doing the extended break in exam pair b you may ignore this message.
We are aware there's an issue with Ymger. Please avoid attempting the challenge until further notice. The downtime of the challenge will be taken into consideration during marking of the reports.
Kind Regards,
Zain
Hey,
Ignore this email if you are not doing exam pair B. For those of you doing either the patch exam or the extended break exam at 9am today please use the following links to access relevant information.
https://info.exam.b.ns.agency/patch
https://info.exam.b.ns.agency/extbreak
As before questions/links will go live at 9am and keep an eye on your email / webcms.
Best of luck.
Kind Regards,
Zain
http://cgi.cse.unsw.edu.au/~cs6443/19T1/breaks/ext_break_3_sol.html
Hey all,
For those of you doing exam B make sure you submit your report before 9pm, any late submissions will be discounted and if you have no submissions before 9pm you will get 0 for this portion of the final exam.
Good luck.
Kind Regards,
Zain
Hey everyone,
The exam is just about half way done, this is a reminder to take a break and grab something to eat, watch some chill youtube videos (i've linked one below) and take a breather. Taking a break and coming back to a problem with a clear mind is sometimes all you need to crack it.
https://www.youtube.com/watch?v=dQw4w9WgXcQ
In addition: Please refrain from messaging course staff on slack, if there is an issue or question flick a email to cs6443@cse.unsw.edu.au, the team is very responsive.
Kind Regards,
Zain
There were a lot of dns records for the recon portion of the exam which were resolving despite not being the correct subdomain. We've patched this to make the recon portion less difficult.
The correct subdomain was still able to be found before this patch so no need to restart your scripts, this should just reduce the number of false positives you are getting.
Kind Regards,
Zain
For those doing the exam pair b the base site is now live at http://exam.b.ns.agency/
Tomorrow at 9am the questions will automatically get released here. No further actions are needed just giving you the base site now.
Note if you are not doing the exam in the b slot you will not be able to see the question sites / various other things.
Your password for 6443 sites is about to be cycled and we'll send you a new one, this is to give us a bit more security in your identity for the first exam pair. As such If you find yourself unable to access the sites you may just need to wait for the email and use the new creds. Apologies for any last minute studies this effects
Hey all,
You should all get a email telling you which exam slot you've been assigned to, because capacity is not an issue 100% of you should have your preferred seating, if you do not get a email in the next 10-20 minutes or something is wrong please email the class account.
Good luck studying.
Kind Regards,
Zain
Hey guys,
Hope your very long and ample stuvac is going well, just a reminder to please fill out the myexperience for this course
https://myexperience.unsw.edu.au/
It's super important we get feedback about the course esp. with this being the first trimester.
Thanks heaps,
Kind Regards,
Zain
The solutions for Break 3 and the practice Exam are up under week 11 under labs.
Please note idorface was broken until today due to an issue with how it was built. it's been fixed and is now hackable, have a crack at it before looking at the solutions.
Kind Regards,
Zain
Hey all,
Reminder that there is no lecture tomorrow and also no classes this week.
All the best for preparing for the final exam, please make sure you give us your preference for which exam slot you want to be placed into before wednesday week 11! After this point if you have not made a selection you will be auto placed. We will email out a comfirmation thursday.
Kind Regards,
Zain
Hey all,
Please jot down your preference for which exam you'd like to take here, you can only submit once so please make sure you are sure of your choice.
https://forms.gle/k6FzvUnDpj1dk2j28
In addition something awesome submission is now up, please provide a pdf file of no more then 5MB and submit via webcms or the command line via give cs6443 something_awesome file.pdf
Kind Regards,
Zain
If you're in the extended tutorials and intending on doing a fireball/lightning talk please PM @sy or @tjp before 11.59:59pm tonight. If no one responds, I'll cancel the tutorial(s) tomorrow so people don't have to travel in. Tomorrows lecture is cancelled. If you have content you're dying to cover. i'll cover it in tonight's stream
Hey All,
To replace the week 10 lecture that fell on easter monday we will be running a revision twitch stream (will be recorded) at 7pm tuesday. We'll post a link in the slack channel closer to the time of start but it will be up on the following channel
We will be going over the exam structure and revising the course and also answering your questions, you can ask during the stream or submit your questions via the google form link below. Please try to submit before the lecture start tomorrow at 7pm
https://forms.gle/dC8kvnWG4JeFkTeC6
Kind Regards,
Zain
Hey all,
For those who are in extended or were not able to do a lightning talk last week, this weeks tutorial will be your last chance to do so. The full spec is under course work on the webcms menu. In short, you can get 2 bonus marks towards your final exam by simply doing a 3-5m talk in front of your tutorial group on any topic you like, again more information on the webcms page. This can be but does not have to be related to your something awesome. Your something awesome is a seperate thing due at the end of week 10.
Have fun!
Kind Regards,
Zain
Hey all,
In light of how heavy Break 3 is, i'm extending the page limit to 7 pages, please don't feel as if you have to hit this. We are happy for short dot point explanations.
Kind Regards,
Zain
Hint for Feedback: Careys HackShield is unhackable but i don't think he knows that a child can reach across the same origin to access its parent
Hey all,
Patch 2 is released, see the patches section on webcms for more details.
Kind Regards,
Zain
Hey All,
To help alleviate some issues with people have exam clashes / commitments during the final exam dates we've released additional dates. We will run 2 exams, Exam A and Exam B. Both will be identical in difficulty but will feature different questions. You may do either one. Closer to the date of the exams we will release a form for you to pick a preference.
Exam Pair A
part 1 - 9:00 15/05/19 - 21:00 15/05/19
part 2 - 9:00 16/05/19 - 21:00 16/05/19
Exam Pair B
part 1 - 9:00 5/05/19 - 21:00 5/05/19
part 2 - 9:00 12/05/19 - 21:00 12/05/19
You may not mix and match, please email the course account if you think doing 1 exam from Exam Pair A and 1 exam in Exam Pair B is needed for you.
All this info is reflected in the final exam info document on webcms which should be your first point for any information about the final exam.
Kind Regards,
Zain
Hey All,
Reminder that your theory exam today is in K-G14-127 - The New South Global Theatre (it's in the webster building). This is a 45 minute written theory exam so make sure you bring a blue or black pen and your student ID.
See you all there.
Kind Regards,
Zain
Something that hopefully you've picked up on by now but in case you haven't: Within ctf challanges and the challenges we present in this course looking for things called "flag" "flag.txt" etc. is a good idea on top of searching for standard things such as /etc/passwd, passwords table etc.
Midsem marks are out, see them on webcms or give, on webcms it'll say "mark: N/A" ignore it and click through to view submission. Email the course email if you have any issues.
For those who have been working on byehealth for break3, i've rebuilt the challenge to be less difficult then before, the exploit is the same however. so have another crack at it.
Kind Regards, Zain
Hey all,
Final Exam information is available on webcms on the menu right under "Course Outline"near the top, this has information on both the final theory and final practical exams.
Due to various admin issues you must take this as a draft notice , we may change the length of the exam or the date if external factors prohibit us but we are aiming for the 15th and 16th of may. We will announce when we have confirmed this but the team felt giving you all a tentative date was better then nothing.
If you can't make this due to an exam clash or similar you may ask for a supplementary exam which we can provide, please note you can not use this take home exam to apply for a supplementary for another courses final.
Kind Regards,
Zain
Hi All,
Today's extended lecture (of examinable content) will be delivered by Luke from Elttam Security. AKA @BitcoinCTF, he wrote the one and only bitcoin CTF and does a whole bunch of crazy hacking stuff in his dayjob. Standard time, standard place.
We'll be covered the expected content on SSRFs and Cloud-ish stuff (which is examinable)
Hey all,
Extended Break 3 is out, You can find it under the breaks tab on webcms. Note unlike Break 3 the challanges here do not use the new auth system so be mindful of the flags you obtain and the payloads you leave on the site which other students can access.
Kind Regards,
Zain
Hey guys.
The week 8 lecture will start an hour late at 6pm
Kind Regards,
Zain
Hey all,
Break 3 is out! Couple of things to clarify
1. This is the last Break
2. You will only have 2 patches, there is no patch 3
3. All the sites on break3 use the new auth system, you will be emailed your password shortly, see the section on the break3 spec for more information.
4. All sites have a /core/checker endpoint which will check if your flag is legit for all flags under that domain
5. Note the new system we have in place makes it so every user gets a unique flag, your flag is useless to anybody else and vice versa. Keep this in mind.
6. any issues should be directed to comp6443-problems channel on slack or to the course account email
Kind Regards,
Zain
Hey guys,
The extended lecture for this week features a guest lecturer shubs from the mythical world of real world bug bounties, pen testing and hacking as a profession. Sean and him will be giving a more informal lecture about bug bounties and it's strongly recommended that you pop along if you can make it (standard stream students are encouraged also).
Usually with these guest lecturers there's always some time at the end to ask some questions about what's it like to work in the security/pentesting field so it's a valuable opportunity to get some insight into if the industry might be right for you. In addition it's always a riot cause sean and shubs are right lads.
Kind Regards,
Zain
Hey,
Sorry guys, made a typo in the last announcement, it should be MIN not MAX, i.e your final exam mark is capped at 30% of your final grade.
hey guys, just to clarify because there was some issues with the original something awesome spec that was released.
The way the lighting talk and something awesome bonus marks work is that your final exam is worth 30% and if you got 6% bonus marks then a mark of 24% in the final bumps you up to 30%
final_exam_mark = `MAX(30,mark+bonus)`
where mark is out of 30 and bonus is between 0-6
Kind Regards,
Zain
Hey guys,
Just giving you a fair heads up that the final theory exam is in the first hour or so (exact timing to be announced at a later date) of the Monday lecture slot in week 9, i.e 15th of April 5pm
Kind Regards,
Zain
Hint for pastebing: The type of vulnerability is a IDOR, this is the only vuln on the site
To clarify both comp6843 and comp6443 students are eligible for these bonus marks :)
Hey all,
We've released the spec for something awesome and the lightning talk, two mini assessments which are optional tasks for you to do. We've attached some bonus marks to them (5% and 2% respectively) to encourage you guys to have a crack at them!
These bonus marks will be added to your final exam mark for this course with a ceiling of 100% i.e if you got 95% in the final exam you would be bumped to 100% if you got 5% from your something awesome but if you got 98% you would just be bumped up to 100%.
The same deal applies with the lightning talk.
Hope you guys have fun with it and remember to start early if you want to do a something awesome project.
Kind Regards,
Zain
Hi All,
Apologies for the late notice, however this week was planned as the rest week for COMP6843. We will be running through standard content for the Tutorial, however there is no lecture this evening.
Catch up on your midsems or ask questions in slack.
We will resume normal lecture schedule next week.
Cheers,
Sean
Hey Guys,
Extended break 2 is out and due april 3rd midday. This is only for extended students.
In addition patch 1 had some issues which we fixed (missing db for the php challange), please make sure you've pulled the latest version of the repo.
Also note that the team is rolling out some more features into our infrastructure so some sites may happen to be a bit finicky, if you find anything is broken (or are not sure if it's broken) message the #cs6443 channel on the slack or email the class account.
Kind Regards,
Zain
For drive if you login with guessed / default credentials and immediately get a flag that is you logging into a account someone else has popped a flag under. You can state this in your write up but since there is another more complex vurnability present to pop the flag you won't get full marks unless you are also able to find that
patch 1 is to be done individually, not in groups, apologies for the confusion
Hey guys,
Patch 1 is released, any questions, direct them to the slack or to the course email cs6443@cse.unsw.edu.au
The spec is available from the "patches" item under Course work from the webcms navbar.
It's due 1st of april midday.
Good luck!
Cheers,
Zain
Break 1 has been marked, please check webcms / give to see how you went, we weren't able to give any feedback just yet but we will try to get some feedback to you on exactly your mark breakdown soon. Note that webcms may show you a `N/A` next to break 1, just ignore that and click through to view submission to see your mark
Hey all,
Below is the site on which the midsem questions will be launched when the time comes, please have a read over the instructions and stay tuned.
http://midsem.ns.agency/
Kind Regards,
Zain
Hey all,
Break 2 is out! available from the navbar on webcms under breaks, you have a bunch of time to do this but again try to get started earlier. Same as before this break is released before some of the relevant lectures so keep that in mind.
Little note: We don't want to tell you not to brute force because that is a valid way to tackle some problems and what we want you to do it but please refrain from using dirbuster or sqlmap on our servers as they cause strain that a normal burpsuite / python script would not. If you overload the servers they go down for everyone so keep that in mind.
Also another reminder the midsem is tomorrow at 5pm in your allocated rooms, good luck!
Kind Regards,
Zain
In reference to the course outline, 20% of your final grade will be made of `max(midsem,final_theory)` i.e whichever one you do better in, you can thus skip the mid sem or the final theory but it's a good idea to do both as the midsemester exam will set you up a bit better for the final exam as will the theory.
But at the end of the day we will just take your better mark and use that to give you a percentage out of 20% of this portion of the course.
Kind Regards,
Zain
Hey guys,
So the midsem for this course is Week 4 monday, i.e the 11th of march from 5pm to 6pm, After the midsem the lecture will continue from 6pm to 8pm in the normal lecture hall.
The midsem exam itself will take place in 2 rooms in the civil engineering building, please see below to see which room you need to go to.
COMP6443 T10A W14A W10A W16A --> CivEng G8 COMP6443 T12A --> CivEng 701 COMP6843 W12A W14A --> CivEng 701
The exam will be a practical exam so please bring a laptop or some device on which you can do the exam. If this is a issue let us know ASAP. This will be individual (no group work) and worth 10% of your final mark.
The exam will last for 1 hour and cover all topics covered in lectures up to Lecture 3 EXCLUDING xxe. Naturally given you only have an hour, you can expect any recon you will be required to do will not require long running scripts.
Please arrive at your room early so you can be seated down. During the exam time you may not communicate with each other or anybody else via social media, messaging apps, forums etc. but you may use google, the internet, connect to a box or use any tooling that you have prepared in advance. If you have any doubts about if something is allowed, email the class account or message the team on slack.
The exam will have 2 flags, Extended Students have 1 extra flag than normal students. You will be expected to write a very brief and quick write up and submit before the end of the 1 hour. More details will be provided on the day.
Please bring your device charged, we will try to have charging ports set up if possible but this is not guaranteed. If this is a issue again, let us know asap.
Good luck!
Kind Regards,
Zain
Since we've had a few requests for hints regarding the recon assignment, we've decided to give out a few to help those struggling to find flags:
1. There's more to find if you
dig
around.
2. DNS is more than A record(s).
3. It's subdomains all the way down.
Hopefully this helps if you've been struggling with the recon assignment.
Hey Guys,
So 2 major updates, 1 extended break 1 is now live (under breaks on the left panel) and due march 15th so get a crack on it! This is only for extended students so you can ignore that if you are a normal stream student.
Secondly we decided to make sso.ns.agency an optional challenge for normal stream (6443) students. If you get it, awesome! it'll count as bonus marks towards the assignment but you can get full marks without it. However it is a compulsory exercise for extended students (6843) as it is part of extended break 1.
Kind Regards,
Zain
Hey guys,
Break 1 is due in about a week now on march 8th so this a reminder to get started if you haven't already!
Submission has been set up and can be seen on the break spec now, let us know asap if you have any trouble submitting.
In addition we're gonna call quits on the checker script as if we want to update it you all have to download a new version of the script so instead the check.ns.agency site now has an extra feature to check your subdomain for you. You may find subdomains that are not in there but still yield flags, this is fine, this will just help you distinguish if the sites your brute forcer picked up are valid sites to explore further. If you think there is something missing as always ping us on slack.
Also we'd like to clarify a bit on what we expect from you all as we know the number of flags is a bit daunting, see below for some approximate numbers, these may change once the assignment is over and we see how the cohort performed but should be a good ballpark.
> 40 flags for the recon section and 2+ flags for sqli == full marks
> 30 flags for recon and 1 flags for sqli == In the Distinction to High Distinction range
> 20 flags for recon and 1 flags for sqli == In the Pass to Credit Range
> 10 flags for recon and 0 flags for sqli == borderline pass range
< 10 flags for recon and 0 flags for sqli == fail
Hope that helps, Feel free to ping us on slack or send an email to the course account.
Kind Regards,
Zain
Hey Guys,
I've gotten a lot of questions about what subdomain flag X falls under or if Y is a valid flag etc. etc. So to simplify it a lot there is now a site at check.ns.agency which given a flag will tell you A) if it's a legit flag and B) what subdomain it falls under, this is more for recon but it'll also clarify for the part 2 sqli challenges.
In addition the spec for break 1 has been updated once more with an update to the # of flags for part 1 recon. The number is now 47.
Please note that the checker script provided is more to give you confidence that a subdomain you found is one you should attempt to find a flag on (i.e the checker script fails on check.ns.agency because this is a site to help you, not a recon target).
Note not every subdomain has 1 and only 1 flag on it, some have more.
Kind Regards,
Zain
Hi All,
We've added a FAQ ( https://webcms3.cse.unsw.edu.au/COMP6443/19T1/reso... ) for questions we answer over email that we think might be useful to other students. You can find the link in the sidebar.
Cheers
IMPORTANT: please stop doing dns brute forcing on unsw wifi, we got a email from unsw it saying that it's Messing with their dns servers, please do your brute forcing on a AWS box or similar. If you have any trouble setting this up look at this weeks lab / ask questions here, we're more then happy to help you set up a box!
Please note that due to a student messing with sso.ns.agency moved the flag into a area where it was accessible without having to use sql injection, if you were able to get the flag without sql injection please reattempt the challenge, your write up will not get full marks if you do not demonstrate the actual exploit
Hey guys!
So in this course it's super useful having a box running somewhere you can run things on, being able to dns brute force on a aws box gives you more speed as you arn't restricted by your home internet and also lets you leave it running without affecting your current machine.
Note by a box we mean a VPS i.e a virtual private server, this is a virtual machine that a company like digital ocean or aws provides to you, it sets up up somewhere in the world and lets you ssh in and run things on it. They handle all the actual hardware and uptime for you, you can just run stuff.
So for an optional but highly recommended exercise you are required to deploy the application to a live running web server. This might be a bit more demanding and difficult but it is a skill that you will fid infinitely useful.
You may choose any VPS provider of your own choice. Suggestions: DigitalOcean, Google Cloud Engine, Amazon Web Services, Linode, Vultr, etc.
Free VPS credit, private GitHub repositories and domain names are all available to students, the GitHub education pack provides all of these for you. You should not have to pay money in order to get things up and running, there is almost always a free version for students. If you are having trouble, stop and ask for help on the slack.
You must NOT deploy the application by running something like a simple flask debug server on your VPS. This is literally the worst development practice you can do aside from leaving root SSH open with no password.
We recommend setting up UWSGI ( https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uwsgi-and-nginx-on-ubuntu-16-04 ) or some other daemon for running your application. Although we don't care running a simple flask application ( http://flask.pocoo.org/ ) is very easy and well documented.
Note: Setting up HTTPS is a bonus.
Part 3 - Give it a name
Create a free domain name, we don't care what, but make your web app accessible at that domain name.
You get a free domain name with the github eduation pack, so this should be easy.
Hey guys!
Important announcement: the team felt that having all the marks for the exploitation portion of break 1 concentrated in 1 domain was a bit intense so we added 2 more exploitation urls (bread.ns.agency and login.ns.agency) for you to have a crack at. The 40 marks for the exploitation section will now be spread across the 3 subdomains provided. See the break 1 page for more detail.
The due date is the same as before.
Kind Regards,
Zain
Hey everyone!
Break 1 has been released, your first assignment of the term. It's on the left panel under "Breaks". Please note that it covers both this weeks lectures and the coming lecture so you may run into things that haven't been covered in the course yet.
Of course do keep in mind these breaks are also designed to challenge you to think creatively so don't expect too much copying and pasting from the lectures.
The due date is in early march so make sure you have a look at it soon!
Kind Regards,
Zain
Hey all,
Since we are all hackers we love using slack for memes, course disucssion etc, so join the cs6[84]443 slack channel on the secedu slack.
To join the secedu slack just visit https://seceduau.slack.com/ click on "create an account" at the bottom and use your zid(z5555555@unsw,.edu.au) to set up an account and then join #comp6443.
Hey guys,
I've put up a poll with just 1 question asking you about how much experience you have with web applications. It's available under the "activities" heading, please take a couple seconds to pop over and answer it so the team can get a view of the cohort we have this semester.
Have a wonderful O-Week!
Kind Regards,
Zain
Hey guys!
The course outline had a little typo on the assessment table that made it look like COMP6443 (The standard stream) had to do extended break challenges and COMP6843 (Extended Stream) had to do patch challenges.
This has now been fixed and to clarify, extended students do not to patch challenges and standard students do not do extended break challanges.
Apologies for any confusion.
Hello!
I'm Zain, and i'll be the course admin for COMP6443/COMP6843 for 19T1, this is a little email to welcome you to the course and let you know some of the important admin things you need to know.
First of all, this course is entirely on Webcms3 this year, take some time in the coming week to have a little look see at the course outline.
https://webcms3.cse.unsw.edu.au/COMP6443/19T1/outl...
Your timetable should let you know what class you are enrolled in, our first lecture will be on Monday week 1, extended students also have a lecture Wednesday.
Please note that the team is trying to set up a a class that is later in the afternoon for students with day time commitments, stay tuned as we try to get that organised!
Also note classes also start in week 1, with the new trimester system we have to start as early as possible to give you that good good web security education.
If you have any questions, or issues with the above shoot me a email asap! Better to get everything sorted before semester starts. Of course you can also email the course account (cs6443@cse.unsw.edu.au / cs6843@cse.unsw.edu.au).
Secondly, we have a week 0 exercise for you all to do, it's super easy and just designed to get your PC set up for the course with relevant tools. You can see it on webcms or directly at the link below. Make sure to go through it, if you find yourself struggling a lot with the setup shoot us a email, but do note we expect a certain level of proficiency with web technologies. If you are feeling very lost during the set up, cs6443/cs6843 may be a course to attempt later in your degree. Feel free to have a chat with us if you are feeling unsure. This is unmarked and you can feel free to skip it if you already have the tooling set up.
http://cgi.cse.unsw.edu.au/~z5059449/cs6443/week0/Getting_Started.html
Thirdly, please note this is a Bring Your Own Device Course, the lab computers at CSE are unable to do a lot of the stuff we need you to do so we expect you to have your own laptop available to bring to class (any os is fine!). If you have any issues with that let us know and we'll see what we can do to help!
Lastly, A poll will go up later this week to gauge your current understanding. This will be unmarked and is just for us to get an idea of where the cohort is at so we can better pitch the lecturers.
That's about it! Looking forward to an awesome semester with all of you.
Kind Regards,
Zain Afzal