Study the following program and answer the questions. [total 6 points]

#include

#include

int main(void)

{

    char buff[15];

    int pass = 0;

    printf(" Enter the password : ");

    gets(buff);

    if(strcmp(buff, "thegeekstuff"))

    {

        printf (" Wrong Password ");

    }

    else

    {

        printf (" Correct Password ");

        pass = 1;

    }

    if(pass)

    {

       /* Now Give root or admin rights to user*/

        printf (" Root privileges given to the user ");

    }

    return 0;

1. What vulnerability does the above program have and why? [1 point]
2. If there is an attack that exploits the vulnerability, which part of memory will be affected – stack or heap? Explain your answer. [1 point]
3. Explain with appropriate illustration and tracing of the program, how the vulnerability can be exploited to get the root privilege without entering correct password. [2 points]
4. Fix the program to remove the vulnerability, while keeping the intended functionality (submit the solution as a .cpp file). [2 points]

Answer rating: 100% (QA)

What vulnerability does the above program have and why 1point it is buffer overflow attack as you ca... View the full answer