Application Attacks

Question 1

What is an Injection?

Answer 1

An attack in which the attack supplies untrusted input to a program.

Question 2

What are the 5 types of of Application Attacks?

Answer 2

1) Structured query language (SQL)
2) Lightweight directory access protocol (LDAP)
3) Extensible markup language (XML)
4) Dynamic link library (DLL)
5) Command Injection

Question 3

What is a SQL Injection?

Answer 3

An attack that injects malicious SQL code into an application, allowing the attacker to view or modify a database.

Question 4

What is an LDAP Injection?

Answer 4

An attack in which queries are constructed from untrusted input without prior validation or sanitization. Arbitrary commands can be used to grant permission to unauthorized queries and modify content within the LDAP tree. Similar to a SQL injection.

Question 5

What is an XML Injection?

Answer 5

An attack technique used to manipulate or compromise the logic of an XML application or service. The injection of unintended XML content and/or structures into an XML message can alter the intended logic of the application to perform unauthorized actions or access sensitive data.

Question 6

What is a DLL Injection?

Answer 6

An attack technique that allows users to run any code in the memory of another process, by forcing the process to load a foreign DLL file. This can allow for unauthorized actions.

Question 7

What is a memory leak?

Answer 7

A type of resource leak that occurs when a computer program incorrectly manages memory allocations in a way that memory which is no longer needed is not released.

Question 8

How do Application Attacks attempt to take advantage of Resources and Memory?

Answer 8

They attempt to exhaust resources and cause memory leaks.

Question 9

What is a Driver Manipulation attack?

Answer 9

A sophisticated attack in which a program attempts to modify a driver’s functionality. The program exploits the legitimate purpose of the driver.

Question 10

What is Shimming?

Answer 10

An application attempts to call an older driver, and the OS intercepts the call and redirects it to run the shim code instead. A driver shim is additional code that can be run instead of the original driver. Shimming provides the solution that makes it appear that the older drivers are compatible.

Question 11

What is Refactoring?

Answer 11

The process of rewriting the internal processing of the code, without changing its external behavior. It is usually done to correct problems related to software design.

Question 12

What are Race Conditions?

Answer 12

An undesirable situation that occurs when a device or system attempts to performs two or more operations at the same time, but because of the nature of the device or system, the operations must be done in the proper sequence to be done correctly.

Question 13

What is Time-of-Check to Time-of-Use (TOCTOU)?

Answer 13

A file-based race condition that occurs when a resource is checked for a particular value, such as whether a file exists or not, and that value then changes before the resource is used, invalidating the results of the check.

Can be when multiple people access a resource at the same time and one of them makes changes.

Question 14

What is a Pointer/Object Dereference?

Answer 14

A common practice in some programming languages. It allows access to memory. It can be used to execute a code or in a DOS attack.

Question 15

What is an Integer Overflow?

Answer 15

When you attempt to store inside an integer variable a value that is larger than the maximum value the variable can hold.

Question 16

What is Cross-site Scripting(XSS)?

Answer 16

A type of attack that injects some kind of malicious script that is executed in the web browser.

Question 17

Name three types of Cross-Site Scripting (XSS).

Answer 17

1) Reflected XSS
2) Stored XSS
3) DOM-based XSS

Question 18

What is a Reflected XSS attack?

Answer 18

When a malicious script is reflected off a web application to the victim’s browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts. Comes from the current HTTP request.

Question 19

What is a Stored XSS attack?

Answer 19

When an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way. This is only possible if your application is designed to store user input (a message board or social media website).

Question 20

What is a DOM-based XSS attack?

Answer 20

When the attack payload is executed as a result of modifying the DOM “environment “ in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner. Exists in the client-side code rather than server-side code.

Question 21

What is Cross-site Request Forgery?

Answer 21

An attack vector that tricks a web browser into executing an unwanted action in an application to which a user is logged in. The hacker uses an already authenticated session. An example is changing the mail address or password in order to make a fund transfer.

Question 22

What is Server-side Request Forgery?

Answer 22

An attacker abuses server functionality to access or modify resources. The server is tricked into making HTTP requests to internal resources or other servers on behalf of the attacker.

Question 23

What is a Replay Attack?

Answer 23

An attack that involves the capture of transmitted authentication or access control information and its subsequent retransmission with the intent of producing an unauthorized effect or gaining unauthorized access. Attacker may sit in the middle with a packet sniffer and transmit the captured logon against a resource server at a later time.

Question 24

What is a Pass the Hash attack?

Answer 24

A type of attack in which an adversary steals a “hashed” user credential and uses it to create a new user session on the same network.