Chapter 3 Application Attack Indicators Flashcards
Denial-of-Service Attack
- Denies authorized users access either to specific information or to the computer system or network itself.
- Denies the use of or access to a specific service or system.
Bluejacking
- Used for sending of unauthorized messages to another Bluetooth device.
Man in the Middle Attack
A mechanism whereby an attacker can inject himself into the middle of a conversation between two devices.
Refactoring
- The process of restructuring existing computer code without changing its external behavior.
- A means by which an attacker can add functionality to a driver yet maintain its desired functionality.
Shimming
- A process of putting a layer code between the driver and the OS.
- Allows flexibility and portability by enabling changes between different versions of an OS without modifying the original driver code.
Pass the Hash
- The attacker captures the hash used to authenticate a process.
- The attacker does not need to know the password.
Resource Exhaustion
- The state where a system does not have all of the resources it needs to continue to function.
- The aim attack;s aim is to deplete resources.
Improper Error Handling
- Attackers can use the information they gather from errors to further their attack.
Memory Leak
- Errors in memory management.
- Memory issues can go over time which consume more and more resources.
Integer Overflow
- A programming error condition that occurs when a program attempts to store a numeric value.
DLL Injection
An attack that uses the injection of a DLL onto a system, altering the processing of a program by in essence recoding it.
Race Condition
An error condition that occurs when the output of a function is dependent on the sequence or timing of the inputs.
Privilege Escalation
When the attacker exploits vulnerabilities to achieve root- or admin-level access.
Injection Attacks
- When input is used in a fashion that allows command-line manipulation.
- Gives that attacker command-line access at the privilege level of the application.
Structured Query Language (SQL)
- A form of code injection aimed at any SQL-based database, regardless of vendor.
Dynamic-Link Library (DLL)
- A piece of code that can add functionality to a program though the inclusion of library routines linked at runtime.
Lightweight Directory Access Protocol (LDAP)
- An injection-based attack.
- When an application constructs an LDAP request based on user input, failure to validate the input can lead to a bad LDAP request.
Extensible Markup Language (XML)
XML that is maliciously altered can affect changes in configurations, changes in the data streams, changes in outputs.
