Due: Check Blackboard
Weight: 1% of the final mark
Type: Electronic submit your files using eSubmit
Demo to be presented to the lab instructor at the end of your lab session Work: Individual
• To get hands on experience with secure coding in C
• To get familiar with discovering and fixing security vulnerability in C code
• Properly acknowledge (add a note and/or hyperlink and/or comment) any help or resource you used.
• Programs without ID boxes will have marks deducted
Create a new directory named lab9. Copy the following files (attached to the Lab exercise on BB): Lab9.c, Lab9_PASSMGMT.c, Lab9_PASSMGMT.h, Makefile, and Lab9Demo.c to the newly created directory.
1) Identify 3 security vulnerabilities in the Lab9.c. file
Use Makefile to generate the executable for the Lab9.c file (secMailCreate). The purpose of this application is to create a mail directory for a user who has been authenticated using a user name and password, which are supplied in the command line. There are 3 user names created each with its own password. The information can be found in the init function.
The program has some significant security issues for you to work out. It is possible that you can detect these problems without running the program but one of the purposes of this lab is to understand how vulnerabilities can be exploited, so please give examples which show how the program can be compromised.
• Focus your attention on Lab9.c only. Assume that the password management module, works properly.
• Ignore the init() function in Lab9.c .Yes, it is insecure as it adds passwords in clear text, but it is there just to initialize password table entries. In a real life scenario the password table would have been populated
by other applications.
In a file named README, document 3 security vulnerabilities you found in the program. For each identified vulnerability add an example of using the program which may exploit the vulnerability.
2) Fix the code provided (do not remove any of the functionality, so no deleting a bunch of lines from the main so that it does not longer contain any vulnerability), and submit the fixed program . Lab9.c is the only file you may change.
3) Comment the mostly uncommented code given to you in this assignment and explain why the code is now secure.
4) DEMO This part is to be a demoed to your lab instructor. When compiled, the program contained in Lab9Demo.c is supposed to ask the user for his/her name and then print a small message and the name of the user. The program also contains what is supposed to be a “secret” value. For this part you have to demo to your lab instructor “your ability to guess the secret value”. You are not supposed to change the program in any way. Just use it and find a way of “guessing” the secret. Obviously there is a security issue in the code. Find it and explain it to your lab instructor. Fix the issue and demo to your lab instructor the secured version of the program.
Create a new tarball of your directory named lab9.tar.gz that contains this directory. The tarball should only include the following:
• Lab9.c • README
Marks will be deducted for any .o files or executables in your submission. All submissions should be through eSubmit.
If files are not named as specified, you risk receiving a mark of zero.
Question 4 (Demo)