Evasive Maneuvers and Combining Techniques Flashcards

1
Q

How can string terminators be used to bypass security controls?

A

Null bytes or other symbols are often interpreted as string terminators. When these symbols are not filtered out, they could terminate a security control process, because in many back-end programming languages a null byte is interpreted as a sign to stop processing. With that, string terminators could be used to bypass security controls like input validation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which BurpSuite Intruder attack mode is adequate to use when case switching resets the number of attempts limited by the security controls?

A

Pitchfork.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When can case switching result in a security control bypass?

A

When the security control is built around the literal spelling and case of the components within a request.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In a rate-limited API, what are the two things that a case switching can do?

A

Performing a case switching in this scenario can reset or completely remove the security control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three cited evasive maneuvers?

A

String terminators, case switching and encoding payloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What common API security control can detect an attack and prevent you from making additional successful requests?

A

WAF (Web Application Firewall)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following Wfuzz commands will result in applying multiple rounds of encoding to a single payload?
a) $wfuzz -e a-b-c,base64 -t http://example.com
b) $wfuzz -z list,a-b-c,base64-md5-url -u http://example.com/api/v2/FUZZ
c) $wfuzz -z list,a-b-c,base64-md5-url -u http://target.com/api/v2/FUZZ
d) $ wfuzz -z list,a-b-c,base64@base64@md5@ -u http://target.com/api/v2/FUZZ

A

Letter d. The use of @, indicates to apply multiple encodings in one single value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following vulnerabilities are great platforms to combine with other attack attempts? Select all that apply.
a) Excessive Data Exposure
b) Broken Function Level Authorization
c) Broken Object Level Authorization
d) Improper Assets Management
e) Cross-site Scripting

A

Letters a and d.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly