Uncategorized

Project 2 Review common security issues that may be identified through reverse engineering

Recently, they have been trying to move their legacy code into a cloud-based application. You were selected to participate in a proficiency test as part of the interview process. In the proficiency test, you demonstrated your ability to reverse engineer code.
For the next part of the proficiency test, you have been asked to identify and explain security vulnerabilities within the client management application. You will identify multiple security vulnerabilities within blocks of assembly code, explain the vulnerabilities, and describe recommendations to fix the vulnerabilities.
DirectionsUsing the C (CPP file) that you created in Project One, you will identify multiple security vulnerabilities, explain the vulnerabilities, and describe recommendations to fix the security vulnerabilities.
Identify where multiple security vulnerabilities are present within the blocks of C code.Use the first section in the Project Two Security Report Template, located in the Supporting Materials section, to map each security vulnerability to the block of C code.

Comment within the C code (CPP file) to indicate where the security vulnerabilities are identified.
Explain the security vulnerabilities that are found in the blocks of C code.Use the second section of the Project Two Security Report Template to explain in detail how and why these are security vulnerabilities.

Describe recommendations for how the security vulnerabilities can be fixed.Use the third section of the Project Two Security Report Template to complete this step.

Fix some of the security vulnerabilities within the “main” function.Correct the C code to fix the security vulnerabilities. There will be security vulnerabilities which you cannot correct by adjusting the C code. Determine which vulnerabilities you are able to fix by adjusting the C code, and fix them. You are not required to fix the others.

Comment within the C code to indicate how the security vulnerabilities were fixed.
Convert the CPP file to a binary file (O file).
What to SubmitTo complete this project, you must submit the following:
Project Two Security Template
This should be a Word Document (DOCX) identifying where the security vulnerabilities are, explaining how these are security vulnerabilities, and including recommendations to fix them. Use the template provided in the Supporting Materials section.
C File (CPP file)
This file includes your comments on the identified security vulnerabilities, the fixes, and the comments about how the security vulnerabilities were fixed.
Binary (O file)
This file includes some of the repairs of the security vulnerabilities.
Supporting MaterialsThe following resource(s) may help support your work on the project:
Project Two Security Report Template Word DocumentUse this Word document template to complete steps one, three, and four in the directions.
Guide to Reverse Software Engineering
This guide provides information on the process of software reverse engineering, assembly language, binary, C , and more.
Codio GuideThis guide provides information on how to use the Codio platform to complete aspects of this project.