2: 3 Application Attacks Flashcards
OWASP
Open Web Application Security Project: maintains a top 10 application security list that all sec professionals should be aware of
Injection Flaws
insert unwanted code that a website will then run, SQLInjection
SQL
Structured Query Language - request data from database that applications often use
SQLInjection
Changes to SQL that can change the password
Ways to protect against Injection Flaws
Input Validation, Parameterized SQL
Broken Authentication
Flaws in a websites authentication process
Sensitive Data Exposure
discloses confidential information to the public
Broken Access Controls
Provides unauthorized access, insecure Direct Object References
Manually brute forcing IDs when they shouldn’t be able to
Security Misconfigurations
Can jeopardize systems - web servers, application servers, firewalls, other components
XSS
Cross Site Scripting - Scripts embedded in 3rd party system that executes in browser of victims, targets HTML
Protect against XSS
Input Validation
Application Hardening
ensuring apps are safe against attacks
What are different ways to harden an application
Proper authentication, encryption, validate user inputs, avoid and remediate known exploits, deploy obfuscation and camouflaged to hide source code details
ERP system
encryption type, user access type, types of access granted, and security of underlying infrastructure
CSRF
Cross Site Request Forgery - Use 1 site to trick a users browser to send info from one site to another (multiple tabs communicate each other). XSRF secretly sends requests without users knowledge
SSRF
Variant of CSRF that is server sided - pretending to be a trusted server to manipulate server
Directory Traversal attacks
manipulate file structure on a server using linux commands
Best way to beat Directory Traversal attacks
Input validation, strict file access control
Overflow Attacks
Target the memory set aside to store user variable content, large inputs yield unexpected behavior, getting dangerous result
Best way to beat Overflow Attacks
Input validation
Cookies and attachments
Track behavior across multiple websites
Guessable Cookies
Using known changes in the format of the cookies - dangerous
Cookie Guessing
Attempting to breach cookies by changing their value
Session Replay Attacks -
possible cookie values are not encrypted in transit
Protect by making cookies secure
Code Execution Attacks
attack exploits vulnerabilities that allows them to run code
Privilege Escalation Attack
Takes a normal user account and transforms them to those with admin rights
What are the ways to protect against a privilege escalation attack
Input Validation, Patch OS and apps, Enforce principle of least privilege, Use DEP and ASLR Technologies
Driver Manipulation
Installing Malicious drivers/modifying existing drivers to access drivers that have low level access to the OS
Shimming
Wraps legit driver with a malicious shim, does not require access to source code
Code Signing
Digital sign of driver that validates functions
Memory Overflow
Allows arbitrary code execution
Resource Exhaustion
Slows down/disables system
Memory Leak
Fails to release memory for reuse
Memory Pointer
Area of memory that stores the address of another location in memory
Null-pointer dereferencing
Causes Application to Crash
DLL lnjection
Trick an application into loading malicious code i.e. library
Race Conditions
Proper Functions of a security controls depends upon the timing of actions i.e. accessing the same bank account
Best ways to protect against a Time of Use/Time of Check vulnerability
Using a lock that prevents two people from accessing the same account
