General Flashcards
What is dns fast flux?
It’s where IP addresses are rapidly changed pointing to a malicious dns domain
What is double flux?
Where the DNS is replaced with fast flux
What is domain flux network
Where random DGA is used to rotate domain name.
What is a birthday attack
Brute force to exploit collisions in hash functions
What is a plaintext/ unencrypted attack ?
Exploits password storage or network authentication that isn’t encrypted
What is an online password attack ?
Where attackers interacts directly with authentication service such as RDP or web login form
What is password spraying ?
Horizontal brute force where a few passwords are used against a range of different accounts
What is a offline password attack ?
Where attacker has a database of password hashes and tries to crack it offline
How to make rainbow table attacks harder to do?
Use a salt and password length above 14 characters
When assessing supplier risk what two relationships should you keep in mind
Vendor and business partner relationships
What is a TOCTTOU race condition?
Time of check to time of use occurs when there is a change between when resource is checked and used
What is DLL injection?
Where a legitimate apps process can be forced to run a malicious DLL
How can malware use shim database?
It’s there for legacy apps to run
Malware with local admin rights can use it to gain persistence
What is session replaying ?
An attack that involves replaying a session such as a token or cookie
3 ways to counter cookie hijacking
Encrypt cookies during transmission
Delete cookie from browser cache
Use new cookie for each new session between client and app
What is a csrf and xsrf attack in general ?
An attack that exploits a session a user already has by sending them for example malicious link
What is click jacking ?
Type of hijack attack that forces or tricks user to click link embedded or hidden on website
What is an sslstrip attack and how can it be prevented
Where a request can be set to http through mitm attack
To prevent this use hsts in browser and only allow https links
What is a cross site scripting attack XSS?
Malicious script hosted on attackers site or coded in a link on trusted site to compromise clients visiting it
What is a reflected non persistent XSS attack
Malicious Input comes from a crafted link
What is a stored persistent XSS attack
aims to insert code in back end database or cms. Such as a comment on website
Can XSS attacks exploit client side scripts
Yes and it involves DOM at times
Data submitted through xml unencrypted is vulnerable in what 3 ways
Spoofing, request forgery, and injection of arbitrary code or data
What is a server side request forgery attack ssrf?
Where attackers abuse servers access to internal resources by abusing implicit trust between servers and services or weak input validation
What is the confused deputy problem
It’s where an attacker tricks a more privileged entity such as a server to perform an action abusing the access said entity has to other entities
What else is a man in the middle mitm attack called ?
On path attack
What is vertical privilege escalation?
When an attacker performs functions that are typically assigned to higher roles
What is horizontal privilege escalation
When user access or modified specific resources they are not entitled to
What does a wifi krack attack exploit?
4 way handshake to reveal encrypted data like passwords
What can be used to protect against some wifi deauthentication attacks
Management frame protection 802.11w
What is blue jacking ?
Bluetooth attack where you are send spam through Bluetooth like image
What is blue snarfing?
An exploit that hacks device through Bluetooth
3 traits of fileless malware
Doesn’t write to disk
Uses lightweight shell code
Live off the land techniques rather than compiled executables
