Hi there,
here is a little quiz for you, i hope you can break it out, enjoy.
Here we go:
It was known, that at one server (bolero) runs a program exchanging secret messages. The client file in order to use this service can be seen here
client.c The client muss type the username and one-time-password, which sent unencrypted and can not be used for the next time.
Meanwhile, part of the Authenticationscomponents from the server is known, and unfortunately only three are arrive with SMS, namely:
#include <sys/socket.h> #include <netinet/in.h> #include <time.h> #define LISTENPORT 12012 #define MAXLINELEN 128 #define PASSLEN 32 void passwd_gen(char *pass) {int i; return; } int main(int argc, char **argv) {int s; int client; struct sockaddr_in addr; socklen_t addrlen;char *str,*str2; FILE *sock;char password[PASSLEN];char line[MAXLINELEN]; ;read(client,line,MAXLINELEN);if (strncmp (line,"USER QAEDA",10)) {fclose (sock);close (client);continue;}fflush (sock);fprintf(sock,"USER %s OK, SEND PASSWORD\n",line);
The program in the server is vulnerable.
modify the client in order to get the secret message without any passwort
