Injection Flaws Flashcards
1
Q
What is an SQL injection
A
- An attack that exploits the vulnerability of the invalidated user input
- can reveal data not meant to be seen
2
Q
How does an SQL injection work
A
- SELECT * FROM users WHERE name = “smith”
- smith ‘ OR ‘1’ = ‘1
- 1=1 is logically always true
3
Q
How to prevent an SQL injection
A
- input validation
- input sanitation
- query parameters
- prepared statements
- can be done at either web application layer or db layer
4
Q
What is XSS
A
- when data enters an application from an untrusted source
- data is not validated for malicious content
- can be used to steal cookies or hijack a session
5
Q
What is stored XSS
A
- permently stored in the website database
- doesnt need a user to click a link
- can happen when a user visits a website where the malicious code is stored in a blog comment or message forum
6
Q
What is reflected XSS?
A
- Where the victim typically follows a link
- malicious code is contained within the link
- malicious code runs on the client browser
7
Q
How to prevent XSS?
A
- subsitute HTML characters like < to <
- Whitelist acceptable characters
- escape all untrusted data
*
8
Q
XSS Example
A
- simple test
- inserting
- script alert() scriptalert()
- sCript alert() sCript
- url or a blog comment
