Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
18 Cards in this Set
- Front
- Back
Abuse of Functionality |
Uses a web site's own features and functionality to attack itself or others. Ex. Abusing Send-Mail Functions, Abusing Password-Recovery Flows, Abusing functionality to make unrestricted proxy requests. |
|
Abusing Send-Mail Functions |
Web apps that have send mail must not allow complete control over the message headers and content. Attackers can control the from, to, subject, and body there are no anti-automation controls. |
|
Formmail |
HTTP GET could be used to send an email as the web server. |
|
Abusing Password Recovery Flows |
Can be abused if generic information is left on this step: Message the user that a email has been sent to their account. |
|
Unauthorized Proxy Requests |
Some services (Ex. Google Translate) can be used to act as an open proxy server.
|
|
Brute Force |
Method to determine an unknown value by using an automated process to try a large number of possible values. |
|
Brute Force Log-in Credentials |
Often used with a dictionary as most users utilized common words. Can also utilized number replacements, personal information, and family member name/birth dates/phone numbers. Reverse attacks guess the username with a set password, to attack a random user. |
|
Brute Force Credit Card Information |
If an attacker has the card but is missing the CVV/SCS or Expiration date, they can easily brute force the information. |
|
Buffer Overflow |
Flaw that occurs when more data is written to a block of memory, or buffer, than the buffer is allocated to hold. Uses: Control process execution, crash a process, modify internal variables. |
|
Buffer Overflow Defenses |
Avoid low level languages such as C and C++. Java, C+ or scripting languages instead. Or avoid dangerous APIs whose use often leads to buffer overflows. |
|
Content Spoofing |
Attack technique that allows an attacker to inject a malicious payload that is later misrepresented as legitimate content of a web application. |
|
Text Only Content Spoofing |
Dynamically built pages are often passed into the page via a query string value. A title content of a URL can be changed by an attacker, and then appear in the HTML body. |
|
Markup Reflected Content Spoofing |
Spoofing a web location to be embedded in a fake URL of a credible website. Used in emails, message boards, or forced on users by Cross-site scripting. |
|
Credential/Session Prediction |
Impersonating a web site user using the unique session ID identifying the user session. |
|
Cross-Site Scripting (XSS) |
Echo attacker-supplied code into a user's browser instance. Usually written in HTML/JavaScript. Can be written in any browser-supported technology. User could have their account hijacked (cookie theft), browser redirected to another location, shown fraudulent content. |
|
Non-Persistent XSS (DOM-Based) |
Requires user to visit specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. |
|
Persistent XSS |
Malicious code is submitted to a web site where it's stored for a period of time. Message boards, web mail messages, and web chat software are common targets. |
|
Cross-Site Request Forgery (CRSF, XSRF) |
Piggy-back onto a user to gain the trust of the web server to perform actions, and potentially read responses. Done by reading the format of a legitimate request, and forging a new request. Can be deployed via images, banners, etc... |