1.3 - Application Attacks Flashcards
Define privilege escalation attack.
A cyberattack to gain illicit access of elevated rights, permissions, entitlements, or privileges beyond what is assigned for an identity, account, user, or machine.
Define horizontal privilege escalation.
When someone obtains the permissions that someone else in the same group has.
List a few ways that you can mitigate privilege escalation.
1) Patch quickly
2) Updated anti-virus/anti-malware software
3) Data execution prevention
- Only data in executable areas can run
4) Address space layout randomization
- Prevent a buffer overrun at a known memory
address
What is Cross-site Scripting(XSS)?
A type of attack that injects some kind of malicious script that is executed in the web browser.
Name three types of Cross-Site Scripting (XSS).
1) Reflected XSS
2) Stored XSS
3) DOM-based XSS
What is a Reflected XSS attack?
When a malicious script is reflected off a web application to the victim’s browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts. Comes from the current HTTP request.
What is a DOM-based XSS attack?
When the attack payload is executed as a result of modifying the DOM “environment “ in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner. Exists in the client-side code rather than server-side code.
What is a Stored XSS attack?
When an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way. This is only possible if your application is designed to store user input (a message board or social media website).
List a few ways to protect against XSS.
1) Be careful when clicking untrusted links
2) Consider disabling JavaScript
3) Keep your browser and applications updated
4) Validate input
- Don’t allow users to add their own scripts to an
input field
Define a code injection attack.
When someone puts their own code inside of an application. This is possible due to bad programming.
Define a SQL injection.
An attack that injects malicious SQL code into an application, allowing the attacker to view or modify a database.
What is an LDAP Injection?
An attack in which queries are constructed from untrusted input without prior validation or sanitization. Arbitrary commands can be used to grant permission to unauthorized queries and modify content within the LDAP tree. Similar to a SQL injection.
What is an XML Injection?
An attack technique used to manipulate or compromise the logic of an XML application or service. The injection of unintended XML content and/or structures into an XML message can alter the intended logic of the application to perform unauthorized actions or access sensitive data.
What is a DLL Injection?
An attack technique that allows users to run any code in the memory of another process, by forcing the process to load a foreign DLL file. This can allow for unauthorized actions.
Define a buffer overflow.
Occurs when the amount of data in the buffer exceeds its storage capacity. That extra data overflows into adjacent memory locations and corrupts or overwrites the data in those locations.