Study the following program and answer the questions. [total 6 points] #include #include int main(void) { char
Fantastic news! We've Found the answer you've been seeking!
Question:
Study the following program and answer the questions. [total 6 points]
#include
#include
int main(void)
{
char buff[15];
int pass = 0;
printf(" Enter the password : ");
gets(buff);
if(strcmp(buff, "thegeekstuff"))
{
printf (" Wrong Password ");
}
else
{
printf (" Correct Password ");
pass = 1;
}
if(pass)
{
/* Now Give root or admin rights to user*/
printf (" Root privileges given to the user ");
}
return 0;
- What vulnerability does the above program have and why? [1 point]
- If there is an attack that exploits the vulnerability, which part of memory will be affected – stack or heap? Explain your answer. [1 point]
- Explain with appropriate illustration and tracing of the program, how the vulnerability can be exploited to get the root privilege without entering correct password. [2 points]
- Fix the program to remove the vulnerability, while keeping the intended functionality (submit the solution as a .cpp file). [2 points]
Posted Date: