3.5 Attacks and Exploits Flashcards
Explain common attacks and vulnerabilities against specialized systems.
What is patching fragmentation?
Patching fragmentation is when device updates are not implemented in a timely manner, leading to individuals using unsupported versions that leave the system vulnerable.
Name a few issues related to mobile devices that can affect the business logic process.
-Lack of antimalware protection
-Using known vulnerable components
-Dependency vulnerabilities
-Insecure mobile device storage
-Passcode vulnerabilities
What is Ettercap?
Ettercap is a suite of tools used to launch various types of MITM attacks.
What is Android SDK tools?
Android SDK tools have packages so you can design, build and test mobile apps for Android devices along with reverse engineering an existing device.
What is the Mobile Security Framework (MobSF)?
The MobSF can provide an automated evaluation of code and malware analysis using both static and dynamic analysis. It conducts a thorough assessment to determine parameters such as OS reputation, whether it has been rooted or jail broken and app security.
What is Frida?
Frida is an open-source tool that can work with a wide range of OS’s. It includes custom developer tools that can help with application PenTesting, as well as many other features, such as:
-Dumping process memory
-In-process fuzzing
-Anti-jailbreak detection
-Changing a program’s behavior
What is Objection?
Objection is a runtime exploration toolkit that works on iOS devices. It’s a scriptable debugger that allows you to perform various security related tasks on unencrypted iOS applications.
How can the tools Frida and Objection work together?
With Objection, the team can run custom Frida scripts and interact with the filesystems on non-jailbroken iOS devices. It uses Frida to inject objects into an application and then monitors the behavior. It can also simulate jailbroken environments.
What is Drozer?
Drozer is an open-source attack framework that allows you to find security flaws in the app and devices. It works as a client-server model and lets you assume the role of an Android app so you can observe the behavior of the app as it interacts with other apps.
What is APKX?
APKX tool is an Android APK decompiler that allows you to pull and analyze the Java source code to see what’s going on inside.
What is APK Studio?
APK Studio is an integrated development environment (IDE) designed so you can decompile or edit an APK file.
What is Postman?
Postman provides an interactive and automatic environment used to interact and test an HTTP API. It contains features, such as:
-Explore and create an API
-Build and run a test suite
-Work with other team members
-Analyze results and run reports
-Integrate within the DevOps life cycle
What are some common IoT vulnerabilities?
-Insecure default credentials
-Lack of physical security
-Hard-coded configurations
-Outdated firmware/hardware
-Poorly designed code
-Data leakage
What are some attacks to Constrained Application Protocol (CoAP)?
-Coercive parsing attack - exhausting system resource by sending a Simple Object Access Protocol (SOAP) message with open tags
-Spoofing - possible because UDP does not use a handshake
-Packet Amplification - sending a flood of UDP packets to a DNS server with the source IP set as the victim
What are some attacks to Message Queuing Telemetry Transport (MQTT)?
-Sniffing - possible because data is not encrypted
-Data modification - obtaining the traffic while data is being transferred between devices during a MITM attack
-Joining a botnet - with Shodan, it’s possible to poison unsecured devices so they become part of a botnet
