Objective 1.3 - Application Attacks

Privilege Escalation

An attack that exploits a vulnerability in software to gain access to resources that the user normally would be restricted from accessing.

Structure Query Language

A fourth generation computer language that includes both DDL and DML components and is used to create and manipulates relational databases

Dynamic Link Library (DLL)

A shared library function used in the Microsoft Windows environment

Lightweight Directory Access Protocol (LDAP)

specifies the formats and methods to query databases of objects such as users, computers, and other objects within a network.

Extensible Markup Language (XML)

a markup language for documents, containing structured information

Pointer/object dereference

a memory vulnerability that is programming that references a portion of memory, the reference point is intentionally referenced to nothing so that debug information is displayed and or a DoS attack occurs

Directory Traversal

An attack that takes advantage of a vulnerability so that a user can move from the root directory to restricted directories.

Buffer Overflows

occurs when an application receives more input, or different input, than it expects. The result is an error that exposes system memory that would otherwise be protected and inaccessible.

Race Conditions

A type of software development vulnerability that occurs when multiple processes or multiple threads within a process control or share access to a particular resource, and the correct handling of that resource depends on the proper ordering or timing of transactions

Time Of Check/Time Of Use

A class of software bug caused by changes in a system between the checking of a condition (such as a security credential) and the use of the results of that check.

Error Handling

Coding methods to anticipate and deal with exceptions thrown during execution of a process.

Improper Input Handling

Software that allows the user to enter data but does not validate or filter user input to prevent a malicious action.

Replay Attack

A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.

Integer Overflow

occurs if an application receives a numeric value that is too big for the application to handle. The results is that the application gives inaccurate results.

Request Forgeries

An attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated.

Application programming interface (API) attacks

Vulnerabilities in the application's commination path. Example - sensitive data, DoS, privileged access

Resource Exhaustion

The malicious result of many DoS and DDoS attacks. The attack overloads a computer's resources (such as the processor and memory), resulting in service interruption.

Memory Leak

a bug in a computer application that causes the application to consume more memory the longer it runs. In extreme cases the application can consume so much memory that the operating system crashes.

Security Sockets Layer (SSL) Stripping

changes an HTTPS connection to an HTTP connection. HTTPS uses TLS instead of SSL in almost all instances, so you can also think of this as TLS stripping

Driver Manipulation

An attack that relies on compromising the kernel-mode device drivers that operate at a privileged or system level

Shimming

A driver manipulation method. It uses additional code to modify the behavior of a driver.

Refactoring

A driver manipulation method. Developers rewrite the code without changing the driver's behavior.

Pass The Hash

A password attack that captures and uses the hash of a password. It attempts to log on as the user with the hash and is commonly associated with the Microsoft NTLM protocol.