diff options
| author | mo khan <mo@mokhan.ca> | 2014-07-29 21:10:19 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2014-07-29 21:10:19 -0600 |
| commit | 59d00127429e17c779a07c1ff1369c02372b9abd (patch) | |
| tree | aaca277b49fd34d33b097b38c95aa21a1c3c6634 | |
| parent | 63848fcba6bc44b35c05e48450c4f55d0b1629d9 (diff) | |
add example of bypassing authentication using buffer overflow.
| -rw-r--r-- | auth_overflow.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/auth_overflow.c b/auth_overflow.c new file mode 100644 index 0000000..96848bc --- /dev/null +++ b/auth_overflow.c @@ -0,0 +1,33 @@ +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +int check_authentication(const char *password) +{ + int auth_flag = 0; + char password_buffer[16]; + + strcpy(password_buffer, password); + + if (strcmp(password_buffer, "brillig") == 0) + auth_flag = 1; + if (strcmp(password_buffer, "outgrabe") == 0) + auth_flag = 1; + + return auth_flag; +} + +int main(int argc, const char *argv[]) +{ + if (argc < 2) { + printf("Usage: %s <password>\n", argv[0]); + exit(0); + } + if (check_authentication(argv[1])) { + printf("\n,-=-=-=-=-=-=-=-=-=-=-=-\n"); + printf(" Access Granted.\n"); + printf("\n,-=-=-=-=-=-=-=-=-=-=-=-\n"); + } else { + printf("\nAccess Denied.\n"); + } +} |