CYS523 M3.6
Two part: 1st part is the instruction below and in order to provide second part i have to post 1st part by deadline. 2nd part is three response to other strudents post.
Introduction
Invalidated inputs are always a big threat to website security. In this activity, you will discuss the popular buffer overflow attack and its countermeasures.
Instructions
Before starting with the assignment, refer to the following website:
A Shellcode: The Payload https://www.tenouk.com/Bufferoverflowc/Bufferoverflow5.html
Now, consider the following C program used for authenticating a user to log into the software. The hacker bypasses the authentication and logs into the software. Analyze the following program to identify the possible cause of the breach in the code.
#include <stdio.h> #include <string.h> void main { char buffer[20]; int flag = 0; printf(” Enter your password : n”); gets(buffer); if(strcmp(buffer, “123456”)) { printf (“n Incorrect Password n”); } else { printf (“n Correct Password n”); flag = 1; } if(flag) { printf (“n Granted Access n”); } }
Respond to the following:
Examine the above code and discuss how it is vulnerable to Buffer Overflow Attack.
Explain how hackers inject shellcodes into the system using a Buffer Overflow Attack.
After posting your initial response, select two of your peers to discuss how you would each refine the code to mitigate the vulnerabilities in the existing code.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.