1.3 Given a scenario, analyze potential indicators associated with application attacks Flashcards
Privilege Escalation
Gain higher-level access to a system
Privilege Escalation
When a user grants themselves HIGHER security privileges than they are supposed to have
Cross-site Scripting (XSS)
A type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.
Cross-site request forgery (XSRF or CSRF)
exploits trust that a user has in a website to execute code on
the user’s computer.
Dynamic-link library (DLL)
Attacker injects a code and the application runs it for the attacker
Lightweight Directory Access Protocol (LDAP)
This can occur when the user’s input is not properly filtered, and the result can be executed commands, modified content, or results returned to unauthorized queries.
Extensible Markup Language (XML)
when users enter values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack.
SQL injection attacks
“1+1” input on a web app
Use unexpected input to a web application to gain
unauthorized access to an underlying database.
Point/Object Deference
An attack that consists of finding null references in a target program
and dereferencing them, causing an exception to be generated.
Directory Traversal
If an attacker is able to gain access to restricted directories through
HTTP
Buffer Overflow
appropriate size (allows Input that is too large can “overflow” memory buffer).
Race Conditions
A condition where the system’s behavior is dependent on the
sequence or timing of other uncontrollable events
Error Handling
the user will simply see an error message box
Replay Attack
an attempt to reuse authentication
requests.
Session Replay
an attacker steals a valid session ID of a
user and reuses it to impersonate an
Integer Overflow
A type of arithmetic overflow error when the result of an integer operation does not fit within the allocated memory space.
resource exhaustion
When an application continuously allocates additional resources,
exhausting machine resources, leading the system to hang or crash.
Application
programming interface (API)
Attempts to manipulate the application
programming interface (API)
Memory Leak
Memory leaks are usually caused by failure to deallocate
memory that has been allocated.
secure sockets layer (ssl) stripping
A technique by which a website is downgraded from https to http
Shimming
A
shim is a small library that is created to intercept API calls transparently and
Refactoring
The name given to a set of techniques used to identify the flow and then modify
the internal structure of code without changing the code’s visible behavior.
Pass the Hash
a technique whereby an attacker captures a password hash (as opposed to the
password characters) and then passes it through for authentication and lateral access
Non-persistent XSS Attack
Scripts ran through a search box and is started by a a user CLICKING a EMAIL.
