Cyber Attacks and Vulnerabilities Flashcards
Vulnerability where code placed in programs that bybass normal authentication and security mechanisms
Backdooor
Method of accessing unauthorized directories by moving through the directory structure on a remote server
Directory Traversal
when attacker is able to execute or run commands on a victim computer
Arbitrary Code Execution
Attacker is able to execute commands remotely
RCE - Remote Code Execution
Attack against a vulnerability that is unknown to original developer or manufacturer
Zero Day
attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed
SQL Injection
When a process stores data outside the memory range allocated by the developer
Buffer Overflow
Occurs when an attack fills up the buffer with a non-operational instruction (NOP) so that the return address may hit a NOP and continue on until it finds the attacker’s code to run
Smash the Stack
An attack that overflows a server with traffic, overloading and rendering it inaccessible to legitimate users
DOS - Denial of Service
Occurs when an attacker embeds malicious scripting commands into a trusted website
XSS - Cross Site Scripting
Type of XSS attack that attempts to get data provided by the attacker to be saved on the web server by the victim
Stored/Persistent XSS
Type of XSS attack that attempts to have a non persistent effect activated by a victim clicking a link on the site
Reflected XSS
XSS attack that attempts to exploit the victim’s web browser
DOM-Based XSS
Occurs when attacker forces a user to execute actions on a web server for which they are already authenticated
Cross Site Request Forgery - XSRF/CSRF
attack that involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a target website with fake traffic.
DDOS - Distributed Denial of Service
Attack that manipulates or compromises the logic of an XML application or service.
XML injection
XML attack that embeds a request for local resource
XML External Entity XXE
XML encodes entities that expand to exponential sizes, consuming memory on the host and potentially crashing (similar to DOS)
XML Bomb
Software vulnerability when the resulting outcome from execution processes is directly dependent on the order and timing of certain events, and those events fail to execute in the order and timing intended by the developer
Race Condition
Password attack where a threat actor uses a single common password or a short list of common passwords against multiple accounts on the same application. This avoids the account lockouts that typically occur when an attacker uses a brute force attack on a single account by trying many passwords.
Spraying Attack
Password Attack that uses a predefined list of words
Dictionary Attack
What is a rainbow table attack?
Password cracking method that uses a special table (a “rainbow table”) to crack the password hashes in a database. Used to speed up the process of password guessing.
What is an evil twin attack?
fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications.
What is bluesnarfing?
When a hacker accesses a wireless device through a Bluetooth connection.
What is bluejacking?
Sending unsolicited messages over bluetooth
What is wireless disassociation attack?
also known as deauthentication attacks
wireless network attacks that target the 802.11 Wi-Fi protocol by sending forged deauthentication frames to a wireless access point or client device, causing the device to disconnect from the network.
What is the most common form of DDoS attack?
Network Based
What factor has the biggest impact on domain reputation?
Distribution of spam
What enables client side URL redirection? Hosts or localhost?
Hosts
What is DNS poisoning?
Remapping a domain name to a rogue IP address
What is domain hijacking?
a situation in which domain registrants lose control over their domain names due to unlawful actions of third parties
An attack that relies on altering the burned-in address of a NIC to assume the identity of a different network host is known as
MAC cloning, MAC spoofing
What is MAC flooding?
network attack that overflows a switch’s memory used to store the MAC address table.
What is a smurf attack?
A Smurf attack is a distributed denial-of-service attack in which large numbers of ICMP packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP broadcast address.
Key word is ICMP Packets
What is a ping of death attack?
A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise malicious ping to a computer.
What is used in data URL phishing?
Prepending
What is prepending?
Prepending is the technique of adding a data URL prefix before a legitimate URL, making it appear like a secure link to the user. For example, an attacker may use a link such as “data:text/html,https://www.paypal.com” to create a fake PayPal login page. When the user clicks on the link, the malicious payload is executed, leading to the theft of the user’s PayPal credentials.
What is cryptomalware?
Malware that uses encryption
What is an SSRF attack?
Server Side Request Forgery - involves an attacker abusing server functionality to access or modify resources. The attacker targets an application that supports data imports from URLs or allows them to read data from URLs.
What is Integer Overflow?
programming error where an application tries to store a numeric value in a variable that is too small to hold it?
What is a null pointer deference?
When a computer attempts to read a variable value from an invalid memory address
Exploits the trust a user’s web browser has in a website….XSS or XSRF?
XSS
User’s browser executes attacker’s script…..XSS or XSRF?
XSS
