Personal CY501 – Quiz 1 Introduction to Cybersecurity 1 Lecture Review Before quiz 2 A program vulnerability is a software weakness that

Personal CY501 – Quiz 1
Introduction to Cybersecurity

1

Lecture Review Before quiz

2

A program vulnerability is a software weakness that could be exploited to cause harm
List:

Hard-coded Credentials
Buffer Overflow
SQL Injection
OS Command Injection
Integer Overflow or Wraparound
Uncontrolled Format String

Program Vulnerabilities

3

Hard-coded credentials
Embed login, identity, password, pin, secret key, etc. in code.

4

Quiz
Dr. Naive is a ‘good’ programmer except he never cared about SW security. You will convince him the vulnerabilities in his code by breaking one of his programs.

5

Quiz
Steps:

Download Dr.Naive.zip (which includes temp1.c, temp2.c, and temp3.c source templates and Dr.Naive executable generator) from Unit 3->Resources to your Virtual Machine

Use the following commands to generate 3 executables, which have hard-coded credentials. You will be prompted to provide your login for the 3 executables to name after
$>./Dr.Naive 1
$>./Dr.Naive 2
$>./Dr.Naive 3

Crack the pin for one of the 3 executables. Upload screenshots to prove you successfully cracked the pin

6

Submit a Comment

Open chat