1.3 Application Attacks Flashcards
Priviledge Escalation
attacks seek to increase the level of access that an attacker has to a target system. They exploit vulnerabilities that allow the transformation of a normal user account into a more privileged account
Cross-site scripting
These occur when web applications allow an attacker to perform HTML injection, inserting their own html code into a webpage.
Injections
This is an attack that attackers use in order to break through a web application and gain access to the systems supporting that aplication
SQL injection
An attacker is able to provide input to the web application and then monitor the output of that application to see the result.
Dynamic link library
Malware triesd to inject code into the memory process space using a vulnerability.
Lightweight directory access protocol
Users input is not properly filtered and the return can be executed commands etc.
Extensible Markup Language (XML)
This is where attackers embed code in extensible markup language documents.
Pointer/object dereference
These are simply an area of memory that stores an address of another location in memory
Directory traversal
This is when a web server suffer from a security misconfiguration that allows users to navigate the directory structure and access files that should remain secure.
Buffer overflows
These occur when an attacker manipulates a program into placing more data into an area of memory than is allocated for that program’s use.
Time of check/time of use
This is a race condition that occurs when a program checks access permissions too far in advance of a resource request.
Error handling
This is when developers of code step in and handle security risks before an attacker can do their attacking.
Improper input handling
These can expose applications to injection attacks, XSS and other exploits.
Replay attack
an attempt to reuse authentication requests
Integer overflow
This is where the result of an arithmetic operation attempts to store an integer that is too large to fit into the specified buffer.
Request forgeries
These exploit trust relationships and attempt to have users unwittingly execute commands against a remote server.
server-side
These attacks trick a server into visiting a URL based on user-supplied input.
cross-site
Application programming interface (API) attacks
These allow anyone with knowledge of the API URL’s to modify a service. Make sure there is end to end encryption with API’s: HTTPS
Resource exhaustion
Systems may consume all of the memory, storage, processing time, or other resources available to them, rendering the system disabled or crippled from other uses.
Memory leak
This is when an application fails to return some memory that it no longer needs, perhaps by losing track of an object that it has written to a reserved area of memory.
Secure Sockets Layer (SSL ) stripping
Driver manipulation
When an attacker convinces a user to install a malicious driver on their computer, and then the attacker can gain complete control of the system
Shimming
This takes a legit driver and wraps a malicious driver around the outside of it
Refactoring
If an attacker has access to the driver’s source code, they can modify it to also include malware elements.
Island hopping attack
Compromising vulnerable vendors in the supply chain and then attempt to attack the target organization.
