Answer Happy

Provide THREE INPUTS that can be used to bypass password
authentication, i.e., that
can allow the adversary to login without knowing the victim's
password.
Use the following code:
#include <stdio.h>
#include <string.h>
#define BUFLEN 16
char enteredusername[BUFLEN];
char enteredpassword[BUFLEN];
char username[BUFLEN];
char password[BUFLEN];
void init()
{
// Set all buffers to 0
memset(username, 0, BUFLEN);
memset(password, 0, BUFLEN);
memset(enteredusername, 0, BUFLEN);
memset(enteredpassword, 0, BUFLEN);
// Set username and password for one user
strcpy(username, "bob");
strcpy(password, "bef9b9b9");
}
int main()
{
init();
printf("Enter username: \n");
gets(enteredusername);
printf("Enter password for user %s: \n",
enteredusername);
gets(enteredpassword);
if (!memcmp(password, enteredpassword, BUFLEN)
&& !memcmp(username, enteredusername, BUFLEN))
{
printf("Access granted. Welcome %s\n",
enteredusername); // now the user is logged in
return 0;
}
else
{
printf("Access denied. Invalid username
or password\n"); // the user authentication attempt is
rejected
return -1;
}
}