Question

In: Computer Science

Question 1. The following code asks the user to enter the password and check it with...

Question 1. The following code asks the user to enter the password and check it with the pre-defined password that stored in the system. If the entered password is correct, it will authenticate the user to log-in into the account, otherwise reject!

  1. Analyze the following code, how it works?
  2. Do you think this code is safe? Justify?
  3. Try to overwrite this code and report the outputs?
  4. Define any vulnerabilities in this code if exist?
  5. What we can do to make this code more secure? Justify by writing a secure version of this code.

#include <stdio.h>

#include <string.h>

#include <stdbool.h>

int main(void)

{

    char buff[8];

    bool pass = true ;

    printf("\n Enter the password : \n");

    gets(buff);

        if(strcmp(buff, "admin") ==0)

    {

        printf ("\n Correct Password \n");

        pass = true;

    }

    else

    {

        printf ("\n Wrong Password \n");

        pass = false;

       

    }

    if(pass)

    {

       /* authorized the user*/

        printf ("\n Permission is given to the user \n");

    }

    return 0;

}

Submission

For this assignment, you need to write a report file of your work. The report should answer each question in details, providing outputs of the code to justify your answer.

Solutions

Expert Solution

Here is the source code in C to validate the username and password. For your convience, I have shared several source codes and each of them is written in C.

Kindly give a Thumbs up/Like if you find this answer helpful. It means a lot to me. God bless you !!

Solution 1:

#include <stdio.h>
#include <termios.h> // in gcc, use < conio.h > in turboc
#include <string.h>
 
#define USERNAME    "user001"
#define PASSWORD    "ok@123"
 
/************************************************
THIS CODE IS USED IN GCC LINUX
because getch() is not defined in library file
************************************************/
 
static struct termios old, new;
 
/* Initialize new terminal i/o settings */
void initTermios(int echo)
{
  tcgetattr(0, &old); /* grab old terminal i/o settings */
  new = old; /* make new settings same as old settings */
  new.c_lflag &= ~ICANON; /* disable buffered i/o */
  new.c_lflag &= echo ? ECHO : ~ECHO; /* set echo mode */
  tcsetattr(0, TCSANOW, &new); /* use these new terminal i/o settings now */
}
 
/* Restore old terminal i/o settings */
void resetTermios(void)
{
  tcsetattr(0, TCSANOW, &old);
}
 
/* Read 1 character - echo defines echo mode */
char getch_(int echo)
{
  char ch;
  initTermios(echo);
  ch = getchar();
  resetTermios();
  return ch;
}
 
/* Read 1 character without echo */
char getch(void)
{
  return getch_(0);
}
 
/* Read 1 character with echo */
char getche(void)
{
  return getch_(1);
}
 
/* function :   getPassword(),
   to get password from keyboard    */
 
void getPassword(char *pass)
{
    int c=0;
    char buff[30]={0},ch;
    int len=0;
    while((ch=getch())!='\n')
    {
        if(ch==0x7f)    // use 0x08 in turboc (WINDOWS)
        {
            if(len==0)  continue;
            printf("\b \b"); len--; continue;
        }
        printf("%c",'*');
        pass[len]=ch;
        len++;
    }
    pass[len]='\0';
 
}
 
int main()
{
 
    char user[30],pass[30];
    printf("Enter User Name :");
    gets(user);
    printf("Enter Password  :");
    getPassword(pass);
     
    if(strcmp(user,USERNAME)==0 && strcmp(pass,PASSWORD)==0)
        printf("\nLOGIN SUCCESS.\n");
    else
        printf("\nLOGIN FAILED.\n");
    return 0;
}

Output

  Enter User Name :user001
    Enter Password  :******
    LOGIN SUCCESS.

Solution 2:

#include<stdio.h>

#include<string.h>

void main()

{

char name[25],pwd[25],ver[25];

int i,a,digi=0,up=0,low=0,schar=0;

printf("Enter your Name: ");

gets(name);

printf("Hello %s, Enter your password:\n",name);

gets(pwd);

a=strlen(pwd);

if(a<5)

{

printf("Error: Password should contain contain minimum 5 characters ");

}

else if(a>12)

{

printf("Error: Password shouldn't exceed 12 characters ");

}

else

{

for(i=0;pwd[i]!=NULL;i++)

{

if(pwd[i]>='A' && pwd[i]<='Z')

up++;

if(pwd[i]>='a' && pwd[i]<='z')

low++;

if(pwd[i]>='0' && pwd[i]<='9')

digi++;

if(pwd[i]=='@'||pwd[i]=='#'||pwd[i]=='$')

schar++;

}

}

if(up==0)

printf("There must be at least one Uppercase\n");

if(low==0)

printf("There must be at least one Lowercase\n");

if(digi==0)

printf("There must be at least one Digit\n");

if(schar==0)

printf("There must be at least one Special Character\n");

else

{

printf("Confirm your Password\n");

gets(ver);

if(strcmp(pwd,ver)==0)

printf("Welcome %s, your is Password Verified",name);

else

printf("Password did not match");

}

getch();

}

Solution3:

#include <stdio.h> 
#include <conio.h> 
#include <string.h> 
 
void main() 
{ 
   
  char username[20]; 
  char userpwd[8]; // for storing password 
  int i; 
   
  printf("Enter your username : "); 
  //gets(username); 
  scanf("%s",username); 
   
  printf("Enter your password : "); 
  /* accept password */ 
 
  for(i=0;i<8;i++) 
  { 
   userpwd[i]=getch(); 
   printf("*");          
  } 
  userpwd[i]='\0'; 
 
/*------------------*/ 
 
  printf("\n\nPress any key to continue"); 
  getch(); 
 
 if(!strcmp(username,"sumitadmin") && !strcmp(userpwd,"sumit123")) 
 { 
  printf("\n\nLogged In Successful"); 
 }else 
 { 
  printf("\n\nIncorrect username or password"); 
 } 
}

Solution 4:

#include <stdio.h>
int main() {
        int pass, x=10; 

        while (x!=0)
        {
        printf("\nInput the password: ");
        scanf("%d",&pass);  
        
        if (pass==1234)
        {
                printf("Correct password");
                x=0;
    }
    else
    {
       printf("Wrong password, try another");       
        }
        printf("\n");
   }
        return 0;
} 


Related Solutions

C# Create an application that asks the user to enter their new password. The password must...
C# Create an application that asks the user to enter their new password. The password must be at least 6 characters long. Develop a custom exception handling case that checks for the password length. (hint: use " .Length " built-in method). If the new password is less than 6 characters long the custom exception should output an error message.
In.java Write a program that repeatedly asks the user to enter their password until they enter...
In.java Write a program that repeatedly asks the user to enter their password until they enter the correct one. However, after 5 failed attempts, the program "locks out" the user. We will show that with an error message. Assume the password is HOC2141 (case sensitive). Note that there is a special case that is not shown below. To identify it, think of all possible scenarios of input for this program. ----------- Sample run 1: Enter your password: Blake Wrong Enter...
Write Python code that asks the user for a password from the console and continues asking...
Write Python code that asks the user for a password from the console and continues asking for a password until the user enters a password that has greater than 10 characters. (language python)
1. [10 marks] (Changes.java) Write code that asks the user to enter an amount of money...
1. [10 marks] (Changes.java) Write code that asks the user to enter an amount of money from 0 to 99 cents. The program then calculates and displays the number of coins from each denomination: quarters (25 cents), dimes (10 cents), nickels (5 cents), and cents. For example, if the user enters 93, your program should display There are 3 quarters, 1 dimes, 1 nickels, and 3 cents in 93 cents Note: You must use integer division and modular division to...
Python. Write a code that asks the user to enter a string. Count the number of...
Python. Write a code that asks the user to enter a string. Count the number of different vowels ( a, e, i, o, u) that are in the string and print out the total. You may need to write 5 different if statements, one for each vowel. Enter a string: mouse mouse has 3 different vowels
Using the code below as a template, write a program that asks the user to enter...
Using the code below as a template, write a program that asks the user to enter two integers, and finds and prints their greatest common denominator (GCD) in Java! package cp213; import java.util.Scanner; public class Lab01 { /** * @param a * @param b * @return */ public static int gcd(int a, int b) { // your code here } /** * @param args */ public static void main(String[] args) { Scanner keyboard = new Scanner(System.in); int a = 0;...
Question : Write a C program that asks the user to enter an integer between 1...
Question : Write a C program that asks the user to enter an integer between 1 and 7 that represents a weekday number (1 = Sunday, 2 = Monday , …… , 6 = Friday , 7 = Saturday) and it prints the day (i.e., Sunday, Monday, …… , Friday or Saturday). The program continuously asks the user to enter a weekday number till the user responds by ‘N’. and give me an output please use printf and scanf #include...
// Add the following functions: // 1. 'getRadius' asks the user to enter the radius of...
// Add the following functions: // 1. 'getRadius' asks the user to enter the radius of a circle // and returns the given value. (should return a double) // 2. 'calcArea' takes the radius and returns the area of a circle. // 3. 'printResults' void type function that should print the results to // console. // Your function needs to have a local variable called 'PI' which holds the // value '3.14159'. // The function call is provided, you just...
Write a program that does the following in order: 1. Asks the user to enter a...
Write a program that does the following in order: 1. Asks the user to enter a name 2. Asks the user to enter a number “gross income” 3. Asks the user to enter a number “state tax rate” 4. Calculates the “Federal Tax”, “FICA tax” and “State tax” 5. Calculates the “estimated tax” and round the value to 2 decimal places 6. Prints values for “name”, “gross income” and “estimated tax” The program should contain three additional variables to store...
Using C++ Write a program to ask user to enter a password and validity the password....
Using C++ Write a program to ask user to enter a password and validity the password. The password should be 8 – 20 characters long (8 is included and 20 is included), it should contain at least one uppercase letter and one lower case letter. The password should contain at least one digit, and at least one symbol other than alphabets or numbers. Most importantly, the password may not contain any white space. Functions: You will need at least the...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT