pt.3

Created by

Corn

Cards (49)

Hash Collision
A situation where a cryptographic hash function produces two different digests for the same data input is referred to as a hash collision.
Hash collisions are a concern in cryptography because they can lead to vulnerabilities, especially when the security of a system relies on the uniqueness of hash values.
Downgrade Attack
A type of cryptographic attack that forces a network protocol to revert to its older, less secure version.
An attacker manipulates the communication between two parties to make them use a less secure version of a protocol.
This can weaken the security of the connection and make it vulnerable to various forms of exploitation.
Privilege Escalation Attacks
System/Application Vulnerability
Vulnerabilities in a system or application can be exploited to escalate privileges and gain unauthorized access to higher levels of authority.
System/Application Misconfiguration
Misconfigurations in system or application settings can create security weaknesses that attackers may exploit for privilege escalation.
Social Engineering Techniques
Social engineering can be used to trick individuals with higher privileges into taking actions that enable privilege escalation.
Cross-site Scripting
Exploits the trust a user's web browser has in a website
XSS attacks take advantage of the trust that a user's web browser has in a website to execute malicious scripts.
A malicious script is injected into a trusted website
In an XSS attack, the attacker injects a malicious script into a trusted website, often n the form of user-generated content.
User's browser executes attacker's script
Once the malicious script is injected and loaded in the user's browser, it is executed, allowing the attacker to perform various malicious actions on the victim's behalf.
XSS attacks exploit trust in the user's browser and inject and execute malicious scripts on trusted websites.
SQL Injection Attack Attempt
SELECT * FROM users WHERE userName = 'Alice' AND password = '' OR '1' = '1';
In this statement, the presence of '1' = '1' is an attempt to manipulate the SQL query.
The attacker is trying to exploit the query to return results, potentially bypassing authentication by making the statement always evaluate to true.
It's a common SQL injection technique.
DLL (Dynamic Link Library)
DLLs contain reusable code and data that multiple applications can access, helping to save memory and improve efficiency.
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources.
DLL Injection
Describes an application attack that relies on executing a library of code
Involves inserting or running a dynamic link library (DLL) in the address space of a running process.
This technique is often used to perform actions within the target process or to exploit vulnerabilities.
LDAP Injection attack
Attempts of this attack often involve manipulating input to exploit vulnerabilities.
The two fragments that might indicate an LDAP injection attack attempt are
search.aspx?name=userName)(zone=*)
administrator)(&))
This input looks like an attempt to inject LDAP query manipulation characters such as ')'and '&' which could be used to alter the structure of an LDAP query for malicious purposes.
LDAP stands for Lightweight Directory Access Protocol
It's a protocol used for accessing and managing directory services, typically over a network.
LDAP is commonly used for authentication, directory services, and information lookup in various applications and services.
Indications of an XML injection attack attempt
``... p@$$w0rdattacker ....
This input appears to be attempting to manipulate XML data by injecting unexpected content into it, which is a characteristic of an XML injection attack.
XML (Extensible Markup Language)
It is a versatile and human-readable makeup language used for structuring and encoding data in a format that is both machine and human-readable.
XML is often used to represent structured information, making it a popular choice for data interchange between different systems and platforms.
XL documents consist of elements enclosed in tags, much like HTML, but XML allows you to define your own custom tags and structure data in a way that suits your specific needs. This flexibility makes it valuable for various applications, including configuration files, data storage, web services, and more.
Null-pointer dereference
Describes an attempt to read a variable value from an invalid memory address.
This occurs when a program tries to access or dereference a memory address that is set to a null or invalid value, which can lead to program crashes or vulnerabilities.
Directory Traversal Attack
also referred to as a dot-dot-slash attack
In this type of attack, an attacker attempts to access files and directories outside the intended or restricted directory by using sequences like ../ to navigate up the directory tree.
It's a technique used to exploit vulnerabilities in web applications and potentially gain unauthorized access to files and data.
http://www.example.com/var/www/../../etc/passwd
example of a potential indicator of a directory traversal attack.
Buffer Overflow Attack
An attacker sends more data than a program's buffer can handle, causing the excess data to overflow into adjacent memory areas.
This can lead to memory corruption and potentially allow the attacker to execute arbitrary code, leading to unpredictable and often malicious outcomes.
A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application.
An application writes data beyond the bounds of a specific memory buffer, causing data to overflow into adjacent memory locations.
Race condition
A malfunction in a preprogrammed sequential access to a shared resource.
Occurs when two or more processes or threads access a shared resource in an unpredictable or unintended order, potentially leading to unexpected and erroneous outcomes.
Memory leak
When a program fails to release allocated memory, leading to a gradual increase in memory usage.
Pointer dereference
Attempting to access the data at a memory address pointed to by an invalid or null pointer.
Mean Time to Failure (MTTF)
The average time a system or component is expected to operate before it fails.
Replay Attack
A type of attack where an attacker intercepts and retransmits data to impersonate a legitimate user.
Mean Time Between Failures (MTBF)
The average time between one failure of a system or component and the next.
Time of Check to Time of Use (TOCTOU)
A security vulnerability that occurs when a system's state changes between the time a condition is checked and the time the result is used, leading to potential security issues.
A vulnerability caused by race conditions.
Patch Management
Updating software to fix security vulnerabilities.
Input Validation
Checking data input to prevent security issues.
Password Protection
Safeguarding passwords with security measures.
Error and exception handling
Managing and handling software errors.
Critical in secure application development process.
Application Whitelisting
Allowing only approved applications to run.
Zero-day vulnerability
A security flaw that's exploited by attackers before a fix is available.
Improper input validation
Failing to adequately check and verify user inputs, which can lead to security vulnerabilities.
Default configuration
Using the settings or configurations that come as the initial, often insecure, default options for a system or software.
Improper error handling
Handling errors in a way that may expose sensitive information or create security weaknesses.
Fuzzing
A testing technique that involves sending unexpected or random data to a software application to discover vulnerabilities.
Input validation
Checking and verifying data inputs to ensure they are safe and valid, helping to prevent security issues.
Critical in secure application development process.
Code signing
The process of digitally signing software with a certificate to verify its authenticity and integrity.