cybersecurity · beginner · ~15 min · safe pentest lab
Spot the userinfo-confusion trick.
An '@' in a URL can hide the real host (https://trusted.com@evil.tld). Implement int has_at_sign(const char *url) returning 1 if url contains '@', else 0.
#include <string.h>
int has_at_sign(const char *url) {
/* TODO */
return 0;
}
Solve this exercise in the browser editor — compile and run against the test harness, no setup required.