packet analysis Flashcards

1
Q

What helps move code into the next memory address?

A

NOP Sled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the structure that stores data held on the stack?

A

Stack frame

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How many bytes make up a shellcode?

A

25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the storage region that holds data while being transferred called?

A

Buffer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In a buffer overflow attack what gets over-written?

A

Memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

If an attacker knew how a program organizes its memory how could it attack that system?

Inputting too much information for the buffer to handle
Logically remote into the areas of memory
Replicate the application to learn its weaknesses
Attack it with disorganized information

A

Inputting too much information for the buffer to handle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does a multi-byte sled have to support?

A

A single opcode inside

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In what type of sled can the opcode jump straight to the shell code?

A

Trampoline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In a reverse shell who establishes the connection?

A

Remote machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is it called when data stored in the heap is overwritten?

A

heap overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is it called when data stored in the heap is overwritten?

A

Morris worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

_____ is a form of buffer overflow attack.

Heap overflows
Return to System call
Replacement stack frame
All of the Above

A

All of the Above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A buffer can be located _____

In the heap
On the stack
In the data section of the process
All of the Above

A

All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a data structure that is used to store values in a particular order and processes the dynamic variables used in the program?

A

A stack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the process called of setting a port number to a socket?

A

binding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of an attack is it when the user-supplied input is used to construct a SQL request to retrieve information from a database?

A

SQL injection

17
Q

Servers can find it inconvenient to have ____ ____ port numbers assigned.

A

short term

18
Q

True/False You can determine in advance exactly where the targeted buffer will be located in the stack frame.

True
False

A

False

19
Q

What are the locations in the stack area used to store the values referring to one invocation of a routine?

A

Stack frame

20
Q

What type of an attack is it, when the input is used in the construction of a command that is subsequently executed by the system with privileges of the Web server.

A

command injection

21
Q

What is the code supplied by the attacker which is often saved in the buffer being overflowed so that it can be executed?

A

shellcode

22
Q

True or False Shellcode is not specific to a particular processor architecture?

True
False

A

False

23
Q

What are the three places a buffer overflow usually targets? (use format xxx, xxx, xxx)

A

Stack, heap, data section