Programming Vulnerabilities Flashcards
Buffer Overflows
When an attack goes past the boundary of the destination buffer and corrupts adjacent memory
Heap and Stack are buffer overflows
Stack Overflow
Buffer overlow that has a fixed size withtin program memory
Heap Overflow
Dynamic memory is overflowing
Integer Overflow
increments an integer variable beyond max value.
CSRF
attack based on behalf of authenticated user
Broken Access Control
manipulating URLs
Reflected XSS
steal users session token and gets reflected off a web app and then executed locally on browser
Persistent XSS
Malicious script is permanently stored on web server
LFI vs RFI
LFI allows access to local files on the server hosting the webapp bad input validation or insecure coding practices
RFI is code injection from a remote server.
Using Strings what tool can you use see obfuscated output
Base64