Professional Documents
Culture Documents
Unit 3 Wms
Unit 3 Wms
There are two types of session hijacking depending on how they are done. If the
attacker directly gets involved with the target, it is called active hijacking, and if an
attacker just passively monitors the traffic, it is passive hijacking.
A spoofing attack is different from a hijack in that an attacker is not actively taking
another user offline to perform the attack. he pretends to be another user or
machine to gain access.
Spoofing attacks come in many forms, including: Email spoofing. Website and/or
URL spoofing.when someone or something pretends to be something else
Session Fixing:
Session fixation is an attack that takes advantage of poor session ID management.
The attacker is able to hijack a valid user's session by tricking the user ...
Samy Kamkar is the person who created the first JavaScript-based worm known
as Samy Worm.Samy (also known as JS.Spacehero) is a cross-site scripting
worm (XSS worm) that was designed to propagate across the social networking
site MySpace by Samy ...
Samy Kamkar is the person who created the first JavaScript-based worm known
as Samy Worm
Buffer-overflow attack:
A buffer overflow attack works when an attacker manipulates coding errors to
overwrite computing memory. They can then carry out malicious actions like
stealing data and compromising systems.
or buffer overrun, is an anomaly where a program, while writing data to a buffer
Buffer overflow is a software coding error to gain unauthorized access to
corporate systems.
"Stack Overflow" is often used to mean the same thing as stack-based buffer
overflow
Overlong input (like buffer overflows): In a buffer-overflow attack, the extra
data sometimes holds specific instructions for actions intended by a hacker or
malicious user; for example, the data could trigger a response that damages files,
changes data or unveils private information.
Output Encoding:
The purpose of output encoding (as it relates to Cross Site Scripting) is to
convert untrusted input into a safe form where the input is displayed as data
to the user without executing.
Output encoding can be utilized to protect against these cross-site scripting attacks.
VoIP: VoIP encryption is the process of scrambling voice data packets into
unreadable jumbles while they are in transit, preventing them from being int
Even if a hacker somehow intercepts the call, encryption ensures they won’t
be able to make sense of anything they discover.
To understand how encryption works, we need to take a closer look at the
transmission process.
When voice data packets are transferred from the sender to the recipient,
they use an IP transport protocol called the SRTP (Secure Real-Time
Transport Protocol.) SRTP is a cryptographic protocol that applies the
Advanced Encryption Standard (AES) to data packets, provides message
authentication, and offers additional protection against potential replay
attacks.
In addition to SRTP, VoIP providers use another form of encryption called
Transport Layer Security (TLS) or SIP over TLS to protect additional call
information.
TLS scrambles data like phone numbers, the names of callers, usernames,
and more. It also works to stop message tampering and call eavesdropping.
Top VoIP security threats:
You’re probably curious about the types of VoIP security issues that are out
there. Here’s a rundown of what you’ll need to fend against.
Denial of Service (DoS) – This attack starves the network of resources to
interrupt phone service and drop phone calls. For a call center, this can
degrade call quality, latency, and uptime.
War dialing – This type of attack involves controlling your PBX to “scan”
other telephone networks. It works by dialing numbers to connect to
modems or other interesting extensions.
Toll fraud – Like war dialing, this requires access to make calls to an
outside line from your phone system. Attackers can dial expensive
international numbers that rack up expensive toll charges.
Phishing – This type of attack preys on unsuspecting users that trust their
caller ID. Victims divulge details about the internal IP network, passwords,
or other sensitive data.
Call interception – Attackers use unsecured networks to intercept
unencrypted SIP traffic. To make matters worse, this can include video as
well.
Spam – It should come as no surprise the voicemail box is a common target
for robocalls and other phone scams. Many use restricted or “Private” caller
ID.
Malware – Attackers use different malicious software to phone or email
credentials. This can open up more opportunities to infiltrate your network
and exfiltrate sensitive business data.
Meta Characters:
For many types of data, a program also maintains metadata (or meta-information)
that it tracks alongside the main data; metadata is simply information that
describes or augments the main data. It might include details on how to format
data for display, processing instructions, or information on how pieces of the
data are stored in memory. There are two basic strategies for representing
program data alongside its associated metadata: embedding the metadata in-
band or storing the metadata separately, out-of-band.
In-band representation embeds metadata in the data itself. When embedding
metadata in textual data, you indicate this information by using special
characters called metacharacters or metacharacter sequences. One of the
simplest examples of in-band representation is the NUL character terminator in
a C string.
Out-of-band representation keeps metadata separate from data and associates the
two through some external mechanism. String data types in other languages
provide a simple example of out-of-band data. Many programming languages
(such as C++, Java, PHP, Python, and Pascal) do not have a string terminator
character; instead these languages store the string's length in an out-of-band
variable.
external entity injection: XML external entity injection (also known as
XXE) is a web security vulnerability that allows an attacker to interfere with
an application's processing of XML data. It often allows an attacker to view
files on the application server filesystem, and to interact with any back-end
or external systems that the application itself can access.
In some situations, an attacker can escalate an XXE attack to compromise the
underlying server or other back-end infrastructure, by leveraging the XXE
vulnerability to perform server-side request forgery (SSRF) attacks.
Firewall software acts as an extra barrier between the Internet and the web
browser, which can block suspicious websites, and catch known threats before
they breach web security
2. Be careful when browsing the web, especially when downloading files
If a website looks suspicious, it probably is. Keep to well-known URLs and safe
websites. It’s very important that users only download files from trusted sources,
especially when it comes to downloading software applications or browser
extensions, which could easily be infected with an exploit
3. Keep all software up to date
Web browser software, and any applications that access the web, must be kept
up to date. This is because when a vulnerability in software is found, the
software vendor often releases a patch to fix the issue causing it, so that browser
exploits relying on the vulnerability cannot cause any harm. Regularly updating
software provides protection against more recent exploits.
Code injections are the oldest known web application attack vectors, with
successful hacks leading to a denial of service, loss of data integrity, data
loss, and the compromise of entire networks. They allow attackers to
apply malicious code to information systems through user input interfaces. One
such mechanism is a SQL Injection attack that involves the insertion of SQL
queries to client input to access and manage backend databases.
SQL Injection attacks are mostly carried out on web applications that rely on
dynamic databases but lack sufficient input validation.
SQLi is a common and well-documented attack strategy whose success has far-
reaching business consequences such as unauthorized viewing of credentials and
gaining administrative access to the application’s database. SQLi attacks are
categorized based on the following methods used to gain database access:
In-band SQLi
The attacker gathers their results using the communication channel they use to
launch attacks. This code injection technique is common since it offers a simple,
efficient way to access the database server. There are several types of in-band
SQLi, including:
Error-based SQLi
The attacker relies on error messages relayed by the database server to learn about
the database structure. Sometimes the error messages can provide sufficient data to
enumerate the entire database.
Union-based SQLi
In this case, the malicious payload uses SQL’s UNION operator to combine the
results of several SELECT statements to one output, which is returned along with
the HTTP response.
Content-based SQLi