1.3 Application Attacks Flashcards
Define Privilege Escalation
Using an existing account to gain privileges beyond that account
Examples of privilege escalation attacks (2)
- User A gaining access to resources that only granted to User B
- Using a regular user account to launch an attack gaining Administrator/Root access
Preventing Privilege Escalation attacks (3)
- Data Execution Prevention (DEP)
- Anti-Virus/Malware
- Keeping OS patches up-to-date
Cross Site Scripting attack (XSS)
Taking advantage of web browsers and web-based applications use of JavaScript to launch attacks
2 Types of Cross Site Scripting attacks
- Non-Persistent (Client-side)
- Persistent or Reflected (Server-side)
Define Non-Persistent Cross Site Scripting Attack
Sends a malicious link to a valid, vulnerable web site with malicious JavaScript appended to input fields that will run silently in the background when the user clicks it
Define Persistent Cross Site Scripting Attack
Permanently posting malicious JavaScript on a site that runs every time the page is launched, i.e. via sites that display user messages or forum sites
Difference between Persistent and Non-Persistent Cross Site Scripting Attack
Non-persistent initiated from user’s browser, Persistent is stored on the web-server and runs every time some one accesses the web page
Define Injection Attack
Adding or removing information from a data stream for malicious intent
4 Common Injection Attacks
- SQL Injection
- XML Injection
- DLL Injection
- LDAP Injection
Define SQL Injection
Capitalizing on poorly designed web sites to extract data from databases via modified SQL statements
Define XML Injection
Appending malformed XML to XML exchanged between devices for malicious intent
Define LDAP Injection
Injecting data to LDAP data exchanges to access information from LDAP database
Define DLL Injection
Attaching a malicious DLL to a valid process so that whenever the valid process is run, the malicious process is also run
Define Pointer/Object Dereference, how and result
- supply a pointer for memory locations that the product is not expecting
- attack might allow modification of critical state variables, cause a crash, or execution of code
Define Directory Traversal attack and specific server type vulnerable to it
Accessing directories on a web server outside of the publicly available directories hosting the web content