1.3 Application Attacks Flashcards
This type of attack involves gaining higher-level access to a system by exploiting a vulnerability or design flaw.
Privilege Escalation
This type of attack is the most common attack carried out on web pages. Involves the injection of javascripts into a webpage in order to carry out malicious scripts, capture entered information, or display messages.
Cross Site Scripting (XSS)
This type of XSS attack involves scripts running as input, which then get returned to the user and executed on the victim machine. Can also be a URL hyperlink in an email that runs the script when the victim click the link in the email.
Non-persisten (reflected)
This XSS attack type is kept stored in a database or web server, allowing a script to be ran against every user who accesses the targeted webpage. There is no specific target involved.
Persistent (stored)
This type of attack is often the result of bad programming by not handling input/output correctly. Involves an attacker inserting their own information into a data stream.
Injection attacks
This type of injection attack focuses on modifying the requests going into a relational database in order to perform malicious queries.
SQL Injection
These two injection types will modify data transfer and storage requests, and manipulate the results of directory access requests.
XML and LDAP Injection
This type of injection attack involves the manipulation of dynamic-link library code that can unintentionally run programs or applications.
DLL Injection
This type of attack involves overwriting the memory buffer in order to cause data to spill over into other memory areas. Can cause DoS and allow a system to be compromised. Complex exploit that can be repeatable.
Buffer Overflow
This type of attack involves capturing useful information from network traffic and then send the data back out across the network in order to appear as the person they captured the info from.
Replay Attack
This type of replay attack involves an attacker capturing a password hash being transported over the network and then passes it on to the server as its own request in order to gain authentication.
Pass the hash
This happens when an attacker uses headers, browser cookies, or any captured network traffic in order to take over the target’s trusted session with a website.
Session Hijacking
This type of request forgery is often known as a one-click attack and takes advantage of the inheirent trust between the website and your browser. Often sent as a hyperlink in an email with the request in it that runs when clicked.
Cross site request forgery (XSRF)
This type of forgery eliminates the need for a client and allows an attacker to perform requests to a web server on behalf of the attacker. Often caused by bad programming practices.
Server Side Request Forgery (SSRF)
This type of attack utilizes the trust between your OS and your PC hardware.
Driver Manipulation
This driver manipulation technique involes inserting a shims to circumvent security on a system.
Shimming
This process creates metamorphic malware that can appear differently each time it is loaded. It is very difficult to track using signature-based malware detection.
Refactoring
This type of attack in on-path and is carried out by an attacker where they sit in the middle between a victim and server and downgrade the session from TLS to SSL.
SSL Stripping
This scenairio involves processes happening simultaneously that can cause malfunctions in a program.
Race Condition
This is what it is called when unused memory on a system is not properly released and continues to grow in size until there is no memory left on a system.
Memory leak
This type of vulnerability is exploited by pointing portions of memory to empty space that can cause bugs and application crashes.
Null pointer dereference
This is what it is called when an attacker is able to gain access to unauthorized directories by utilizing the .\ command
Directory Traversal
Why should errors be handled properly when programming?
They can display system info useful to attackers
This type of attack invovles the attacker exploiting vulnerabilities in the application programming interface.
API Attacks
