StudyDaddy Computer Science

Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.

QUESTION

Identify a bu er over ow vulnerability in the source of the login program in assignment.c. Show two possible inputs that can be used to bypass password authentication, i.e., that can allow the adversa

Identify a buffer overflow vulnerability in the source of the login program in assignment.c.

Show two possible inputs that can be used to bypass password authentication, i.e., that

can allow the adversary to login without knowing the victim's password.

This is the code:

#include

#include

#define BUFLEN 16

char enteredusername[BUFLEN];

char enteredpassword[BUFLEN];

char username[BUFLEN];

char password[BUFLEN];

void init()

{

   // Set all buffers to 0

   memset(username, 0, BUFLEN);

   memset(password, 0, BUFLEN);

   memset(enteredusername, 0, BUFLEN);

   memset(enteredpassword, 0, BUFLEN);

   // Set username and password for one user

   strcpy(username, "bob");

   strcpy(password, "bef9b9b9");

}

int main()

{

   init();

   printf("Enter username: \n");

   gets(enteredusername);

   printf("Enter password for user %s: \n", enteredusername);

   gets(enteredpassword);

   if (!memcmp(password, enteredpassword, BUFLEN) && !memcmp(username, enteredusername, BUFLEN))

   {

       printf("Access granted. Welcome %s\n", enteredusername); // now the user is logged in

       return 0;

   }

   else

   {

       printf("Access denied. Invalid username or password\n"); // the user authentication attempt is rejected

       return -1;

   }

}

Show more
Related Questions:

Have a similar question?

Continue to edit or attach image(s).

New questions
Homework Categories
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question