Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
February
S M T W T F S
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29
Sponsored Links
Latest Postings
Topic Options
Rate This Topic
#10304 - 06/11/04 01:49 AM Little Quiz
Joined: Jun 2004
Posts: 2
ninji1234 Offline
Junior Member
ninji1234 Offline
Junior Member

Joined: Jun 2004
Posts: 2
Afha
Hi there,
here is a little quiz for you, i hope you can break it out, enjoy.

Here we go:

It was known, that at one server (bolero) runs a program exchanging secret messages. The client file in order to use this service can be seen here client.c

The client muss type the username and one-time-password, which sent unencrypted and can not be used for the next time.

Meanwhile, part of the Authenticationscomponents from the server is known, and unfortunately only three are arrive with SMS, namely:

Code:
 #include <sys/socket.h> #include <netinet/in.h> #include <time.h> #define LISTENPORT 12012 #define MAXLINELEN 128 #define PASSLEN 32 void passwd_gen(char *pass) {int i; 
Code:
  return; } int main(int argc, char **argv) {int s; int client; struct sockaddr_in addr; socklen_t addrlen;char *str,*str2; FILE *sock;char password[PASSLEN];char line[MAXLINELEN];
Code:
 ;read(client,line,MAXLINELEN);if (strncmp (line,"USER QAEDA",10)) {fclose (sock);close (client);continue;}fflush (sock);fprintf(sock,"USER %s OK, SEND PASSWORD\n",line); 
The Mission:
The program in the server is vulnerable.
modify the client in order to get the secret message without any passwort

Top
Sponsored Links
#10305 - 06/11/04 03:10 AM Re: Little Quiz
Joined: Oct 2002
Posts: 955
jonconley Offline
UGN Super Poster
jonconley Offline
UGN Super Poster

Joined: Oct 2002
Posts: 955
Merrill, IA, USA
Don't post topics in multiple forums.

Top
#10306 - 06/11/04 11:27 AM Re: Little Quiz
Joined: Jan 2003
Posts: 217
Ntd Offline
Member
Ntd Offline
Member

Joined: Jan 2003
Posts: 217
Melbourne, Victoria, Australia
Oooo i love quizs, too bad i have no idea what to do. Could you some how do a goto and skip the password?

Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,194
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics43,996
Posts79,170
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 37,159
Gremelin 7,194
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 1 guest and 1 spider.
Latest News