Obj 1.3 - Indicators of Application Attacks Flashcards
Privilege Escalation
gaining higher-level access to a system to exploit it
can be horizontal - another user of same level
Cross-site scripting
usually uses JS to inject code via a non-validated input on a web page
Two types:
- persistent (stored)
- non-persistent (reflected)
Non-persistent (reflected)
an XSS attack requiring user to click a specific link
persistent (stored)
an XSS attack stored permanently on a server
all page visitors will be running malware script
spreads quickly through “sharing pages” on social media
injection types
SQL
DLL
LDAP
XML
SQL injection
Structured Query Language
most common injection type
exploits site inputs without input validation
DLL injection
Dynamic Link Library
hijacking an application to run a malicious DLL
often takes advantage of escalated privileges that host application has.
used to evade process-based defenses
LDAP injection
Lightweight Directory Access Protocol
similar to SQL injection
exploits web apps that construct LDAP statements based on user input
executes arbitrary commands, grants permissions to unauth. queries, modifies content in the LDAP tree.
null pointer reference || pointer/object dereference attack
Nullifying a value
can cause application crash, debug info display, DoS
directory traversal
reading files outside of a website’s file directory
e.g. users shouldn’t be able to browse the windows folder
../../../
either web server or web application vulnerability
SSL Stripping
HTTP downgrade + on-path attack
on-path attacker removes the “s” from https
ssl = secure sockets layer
buffer overflows
writing data that overwrites adjacent memory locations.
enables malicious code to be written in areas for executable code, or to overwrite data, or gain privilege escalation.
can corrupt data, crash the program, or cause the execution of malicious code.
race condition
when two things try to happen at the same time
TOCTOU (time of check, time of use) attack
a race condition exploit
taking advantage of any gap in time between a “check” of valid data and the “use” of that data.
can cause: reboot loops (mars rover) communication failures (blackout of 2003) or death (therac-25 radiation therapy in 80s)
memory leak
unused memory not released grows uses all memory system crashes e.g. DoS