Chapter 1.3 - Application Attacks Flashcards

Given the scenario, analyze potential indicators associated with application attacks

1
Q

Privilege Escalation

A

Gaining higher-level access to a system
More capabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cross-Site Scripting (XSS)

A

Type of injection, in which malicious scripts are injected into otherwise benign and trusted websites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Non-persistent (Reflected) Cross-Site Scripting Attack

A

The injected malicious script is “reflected” off the web server as a response that includes some or all of the input sent to the server as part of the request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Persistent (Stored) Cross-Site Scripting Attack

A

Posting a message to a social network that includes a malicious payload
Posted and propagated to others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Code Injection

A

Adding your own information into a data stream

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Structured Query Language (SQL) Injection

A

Inserting an SQL query into regular input or form fields in order to get credentials such as a username or password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Extensible Markup Language (XML) Injection

A

Modify requests and sending data and storing it in a different location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Lightweight Directory Access Protocol (LDAP) Injection

A

Modify requests and gaining directory information you normally would not have access to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Dynamic-Link Library Injection

A

Inject a DLL into an application and have that application run the code for us

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Buffer Overflows

A

Overwriting a buffer memory and have it spill over into other memory areas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Replay Attacks

A

Data transfer is maliciously repeated or delayed
NOT an On-path attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Cross-Site Request Forgery

A

Malicious exploit of a website or web application where unauthorized commands are submitted from a user that the web application trusts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Pointer/ Object Dereference

A

Programming technique that references a portion of memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Directory Traversal/ Path Traversal

A

Reading files from a web server that are outside the website’s file directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Race Conditions

A

Two commands happening at the same time without being planned for

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Error Handling

A

Giving just enough information when an error is made so an attacker exploit the system

17
Q

Improper Input Handling

A

Finding input that can be malicious so an attack can be executed

18
Q

Session Replays

A

Reproduction of a user’s interactions on a website or web application exactly how the user actually experienced it

19
Q

Integer Overflow

A

When you attempt to store inside an integer variable a value that is larger than the maximum value the variable can hold

20
Q

Server-Side Request Forgery

A

Attacker abuses the functionality of a server causing it to access or manipulate information in the realm of that server that would otherwise not be directly accessible to the attacker

21
Q

Application Programming Interface (API) Attacks

A

The malicious usage or attempted usage of an API from automated threats such as access violations, bot attacks or abuse

22
Q

Resource Exhaustion

A

Happens when a system or system user uses up all the available resources that the system has, leading it to be completely drained
Specialized DoS attack
Zip Bomb

23
Q

Memory Leak

A

When unused memory is not properly released, begins to grow in size, eventually uses all available memory, and the system crashes

24
Q

Secure Sockets Layer (SSL) Stripping

A

Combines on-path attack with a downgrade attack
Type of cyberattack in which an attacker downgrades a website from secure HTTPS to an insecure HTTP connection

25
Driver Manipulation
The alteration of system drivers to achieve a malicious outcome
26
Shimming
Filling in the space between two objects (middleman) Inserting a layer between an application and the operating system to modify the behavior of the application
27
Refactoring
Appears different each time malware is downloaded Add loops, points string codes, etc. Can intelligently redesign itself
28
Pass the Hash (PtH)
Type of cybersecurity attack in which an attacker steals a “hashed” user credential and uses it to create a new user session on the same network
29
Time-of-check to Time-of-use Attack (TOCTOU)
Race condition that occurs when a resource is checked for a particular value, such as whether a file exists or not, and that value then changes before the resource is used, invalidating the results of the check