FREE Trial
Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

For each code specify: What data is being exposed and how? What line(s) in the source present the vulnerability? Describe how you would fix the

For each code specify:

What data is being exposed and how?

What line(s) in the source present the vulnerability?

Describe how you would fix the vulnerable code.

CWE615_Info_Exposure.c

#include "std_testcase.h"

#include #pragma comment(lib, "advapi32.lib")

#define PASSWORD "ABCD1234!" #define USERNAME "XXXXX Smith!"

void CWE615_Info_Exposure_bad() { int j; for(j = 0; j < 1; j++) { { size_t passwordLen = 0; HANDLE hUser; char * domain = "Domain"; /* Use the password in LogonUser() to establish that it is "sensitive" */ if (LogonUserA( USERNAME, domain, PASSWORD, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hUser) != 0) { /* Logged in XXXXX Smith using password ABCD1234 */ printLine("User logged in successfully" ); CloseHandle(hUser); } else { printLine("Unable to login."); } } } }

int main(int argc, char * argv[]) { /* seed randomness */ srand( (unsigned)time(NULL) ); #ifndef OMITGOOD printLine("Calling good()..."); CWE615_Info_Exposure_good(); printLine("Finished good()"); #endif /* OMITGOOD */ #ifndef OMITBAD printLine("Calling bad()..."); CWE615_Info_Exposure_bad(); printLine("Finished bad()"); #endif /* OMITBAD */ return 0; }

CWE535_Info_Exposure_Shell.c

#include "std_testcase.h"

#include

#include #pragma comment(lib, "advapi32.lib")

void CWE535_Info_Exposure_Shell_bad() { int j; for(j = 0; j < 1; j++) { { wchar_t password[100] = L""; size_t passwordLen = 0; HANDLE pHandle; wchar_t * username = L"User"; wchar_t * domain = L"Domain"; if (fgetws(password, 100, stdin) == NULL) { printLine("fgetws() failed"); /* Restore NUL terminator if fgetws fails */ password[0] = L'\0'; } /* Remove the carriage return from the string that is inserted by fgetws() */ passwordLen = wcslen(password); if (passwordLen > 0) { password[passwordLen-1] = L'\0'; } /* Use the password in LogonUser() to establish that it is "sensitive" */ if (LogonUserW( username, domain, password, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &pHandle) != 0) { printLine("User logged in successfully."); CloseHandle(pHandle); } else { printLine("Unable to login."); } fwprintf(stderr, L"User attempted access with password: %s ", password); } } }

int main(int argc, char * argv[]) { /* seed randomness */ srand( (unsigned)time(NULL) ); #ifndef OMITGOOD printLine("Calling good()..."); CWE535_Info_Exposure_Shell_good(); printLine("Finished good()"); #endif /* OMITGOOD */ #ifndef OMITBAD printLine("Calling bad()..."); CWE535_Info_Exposure_Shell_bad(); printLine("Finished bad()"); #endif /* OMITBAD */ return 0; }

#endif

CWE534_Info_Exposure_Debug.c

#include "std_testcase.h"

#include

#include #pragma comment(lib, "advapi32.lib")

#ifndef OMITBAD

void CWE534_Info_Exposure_Debug_bad() { int j; for(j = 0; j < 1; j++) { { wchar_t password[100] = L""; size_t passwordLen = 0; HANDLE pHandle; wchar_t * username = L"User"; wchar_t * domain = L"Domain"; FILE * pFile = fopen("debug.txt", "a+"); if (fgetws(password, 100, stdin) == NULL) { printLine("fgetws() failed"); /* Restore NUL terminator if fgetws fails */ password[0] = L'\0'; } /* Remove the carriage return from the string that is inserted by fgetws() */ passwordLen = wcslen(password); if (passwordLen > 0) { password[passwordLen-1] = L'\0'; } /* Use the password in LogonUser() to establish that it is "sensitive" */ if (LogonUserW( username, domain, password, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &pHandle) != 0) { printLine("User logged in successfully."); CloseHandle(pHandle); } else { printLine("Unable to login."); } fwprintf(pFile, L"User attempted access with password: %s ", password); if (pFile) { fclose(pFile); } } } }

int main(int argc, char * argv[]) { /* seed randomness */ srand( (unsigned)time(NULL) ); #ifndef OMITGOOD printLine("Calling good()..."); CWE534_Info_Exposure_Debug_good(); printLine("Finished good()"); #endif /* OMITGOOD */ #ifndef OMITBAD printLine("Calling bad()..."); CWE534_Info_Exposure_Debug_bad(); printLine("Finished bad()"); #endif /* OMITBAD */ return 0; }

#endif

CWE226_Sensitive_Information.c

#include "std_testcase.h"

#include #include #pragma comment(lib, "advapi32.lib")

#ifndef OMITBAD

void CWE226_Sensitive_Information_bad() { int j; for(j = 0; j < 1; j++) { { wchar_t password[100] = L""; size_t passwordLen = 0; HANDLE hUser; wchar_t * username = L"User"; wchar_t * domain = L"Domain"; if (fgetws(password, 100, stdin) == NULL) { printLine("fgetws() failed"); /* Restore NUL terminator if fgetws fails */ password[0] = L'\0'; } /* Remove the carriage return from the string that is inserted by fgetws() */ passwordLen = wcslen(password); if (passwordLen > 0) { password[passwordLen-1] = L'\0'; } /* Use the password in LogonUser() to establish that it is "sensitive" */ if (LogonUserW( username, domain, password, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hUser) != 0) { printLine("User logged in successfully."); CloseHandle(hUser); } else { printLine("Unable to login."); } } } }

#ifdef INCLUDEMAIN

int main(int argc, char * argv[]) { /* seed randomness */ srand( (unsigned)time(NULL) ); #ifndef OMITGOOD printLine("Calling good()..."); CWE226_Sensitive_Information_good(); printLine("Finished good()"); #endif /* OMITGOOD */ #ifndef OMITBAD printLine("Calling bad()..."); CWE226_Sensitive_Information_bad(); printLine("Finished bad()"); #endif /* OMITBAD */ return 0; }

#endif

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Introduction To Data Mining

Introduction To Data Mining

Authors: Pang Ning Tan, Michael Steinbach, Vipin Kumar

1st Edition

321321367, 978-0321321367

More Books

Students also viewed these Databases questions

Question

(a) How do you recognize the independent variable of an experiment? (b) How do you recognize the dependent variable?

Answered: 1 week ago

Question

94 EXAMPLE1 A fraction becomes 4/5, if 1 is added to both numerator and denominator. If, however, 5 is subtracted from both numerator and denominator, the fraction becomes 1/2. What is the fraction

Answered: 1 week ago

Question

Choose one country abroad and write 200 words on this topic: Here is what we should cover in our realistic preview to someone we are sending to this country.

Answered: 1 week ago

Question

Table 2-9 gives data on the Consumer Price Index (CPI) for all items (1982-1984 = 100) and the Standard & Poor's (S&P) index of 500 common stock prices (base of index: 1941-1943 = 10). CONSUMER PRICE...

Answered: 1 week ago

Question

For each code specify: What data is being exposed and how? What line(s) in the source present the vulnerability? Describe how you would fix the vulnerable code. CWE615_Info_Exposure.c #include...

Answered: 1 week ago

Question

please format neatly Suppose the term structure of risk-free interest rates is shown below. What is the present value of an investment that pays $100 at the end of each of years 1,2 , and 3 ? If you...

Answered: 1 week ago

Question

An analysis of the transactions of Pickett Shipping Services for the month of May appears below. Line 1 summarizes Pickett's accounting equation data as of May 1; lines 2-10 represent the...

Answered: 1 week ago

Question

Great Outdoors Airlines, Inc., operates leased amphibious aircraft and docking facilities, equipping the firm to transport campers and hunters from British Columbia, Canada, to outpost camps owned by...

Answered: 1 week ago

Question

Ashley Conners owns La Jolla Art Company, a firm providing designs for advertisers, market analysts, and others. On July 1, the business's general ledger showed the following normal account balances:...

Answered: 1 week ago

Question

University Sales had the following transactions for T-shirts for 2011, its first year of operations. During the year, University Sales sold 725 T-shirts for \(\$ 20\) each. Required a. Compute the...

Answered: 1 week ago

Question

The following information pertains to Ping Company for 2011. Ending inventory consisted of 30 units. Ping sold 210 units at \(\$ 50\) each. All purchases and sales were made with cash. Required a....

Answered: 1 week ago

Question

KEY QUESTION Referring to the table in question 10, suppose improvement occurs in the technology of producing forklifts but not in the technology of producing automobiles. Draw the new production...

Answered: 1 week ago

Question

KEY QUESTION Cite three examples of recent decisions that you made in which you, at least implicitly, weighed marginal cost and marginal benefit.

Answered: 1 week ago

Question

KEY QUESTION With current technology, suppose a firm is producing 400 loaves of banana bread daily. Also assume that the least-cost combination of resources in producing those loaves is 5 units of...

Answered: 1 week ago

Previous Question Next Question