1
Q
Injection Attacks (Application Vulnerabilities)
A
- insertion of additonal code or information via a data input from a client to the application
- most common through SQL, but can also be HTLM, command or code - preventable through input validation and least privilege for databases
2
Q
SQL Injection (Application Vulnerabilities)
A
- injectinon of SQL commands, specific injection
3
Q
Authentication (Application Vulnerabilities)
A
- credential brute forcing
- session hijacking - attacks web session control mechanism by taking over a session by guessing session token
- redirect - sends user to malicious page
- default credentials
- weak credentials
4
Q
Kerberos Authentication (Application Vulnerabilities)
A
- kerberos is a system of tickets that grant devices permission to communicate over a non secure network and ID themselves
- golden ticket - Kerberos ticket granting ticket TGT, can be used to access any kerberos service
- silver tickets - kerberos TGT, can be used for a specific kerberos service
5
Q
Parameter Pollution - Authorization (Application Vulnerabilities)
A
- HTTP parameters are modified in order to conduct malicious attack
6
Q
Insecure Direct Object Reference - Authorization (Application Vulnerabilities)
A
- app provides direct access to an object based on user supplied input
7
Q
Cross Site Scripting XSS (Application Vulnerabilities)
A
- attacker embeds malicious scripting commands on a trusted website, target is the user
- stored/persistent - data provided by attacker is saved on server
- reflected - non persistent, activated through link on site
- DOM - Document Object Model DOM is vulnerable, victims browser is exploited (client side XSS)
8
Q
Cross Site Request Forgery CSRF (Application Vulnerabilities)
A
- attacker forces user to execute actions on web server which they authenticated, cannot see web servers response but this can have the victim transfer funds, change passwords and more
9
Q
Clickjacking (Application Vulnerabilities)
A
- uses multiple transparent layers to trick a user into clicking on a button or link on a page when they were intending to click on the actual page, hyperlinks concealed under legit clickable content
10
Q
Security Misconfiguration (Application Vulnerabilities)
A
- attacks rely on app or server using insecure settings
- Directory traversal - allows access to restricted directories and for command execution outside of webservers root directory
- Cookie Manipulation - DOM based cookie manipulation that allows a script to write data into the value of a client stored cookie
11
Q
File Inclusion (Application Vulnerabilities)
A
- includes a file into targeted application by exploiting a dynamic file inclusion mechanism, usually due to lack of input validation
- Local - ../../uploads/malware.exe
- remote - https.www.xyz.com/malware.exe
12
Q
Insecure Code Practices (Application Vulnerabilities)
A
- commends in source code,
- lack of error handling
- verbose error handling
- hard coded credentials - credentials are wirtten in source *code instead of inclusion file
- race conditions
- unauthorized use of function/unprotected API
- hidden elements
- lack of code signing
CompTIA PenTest+
flashcards
Decks in class (30)
# Cards
-
PenTest Methodologies3
-
Rules of Engagement5
-
White Box Support Resources8
-
Types of Assessments6
-
Open Source Intelligence (OSINT7
-
Vulnerability Scans5
-
Common Attack Techniques7
-
Physical Security Attacks7
-
Network Based Vulnerabilities18
-
Wireless Based Vulnerabilities10
-
Application Based Vulnerabilities12
-
Privilege Escalation (Linux)4
-
Privilege Escalation (Windows)11
-
Privilege Escalation (General)7
-
Lateral Movement9
-
Persistence5
-
Covering Your Tracks4
-
Use Cases For Tools11
-
Scanning Tools5
-
Credential Testing Tools10
-
Debugging Tools5
-
Software Assurance Tools5
-
OSINT Tools8
-
Wireless Tools4
-
Web Proxy Tools2
-
Social Engineering Tools2
-
Remote Access Tools4
-
Networking Tools2
-
Mobile Tools3
-
Miscellaneous Tools6
