Flashcards in Chapter 10 - Application Security Deck (12)
What are the main categories of software development vulnerabilities?
The main categories of software development vulnerabilities include buffer
overflows, race conditions, input validation attacks, authentication attacks,
authorization attacks, and cryptographic attacks
Describe Buffer Overflows
Buffer overflows, occur when we do not
properly account for the size of the data input into our applications. If we are taking data into an application, we specify the amount of data we expect to receive, and set aside storage for that data. If we do not set a limit on the amount of data we take in, we may receive 1,000 characters of input where we had only allocated storage for 50 characters.
Describe Race Conditions, give an example
Race conditions occur when multiple processes or multiple threads within a process
control or share access to a particular resource, and the correct handling of
that resource depends on the proper ordering or timing of transactions.
For example, if we are making a $20 withdrawal from our joint bank account via an
Describe Input Validation Attacks, give an example
If we are not careful to validate the input to our applications, we may find
ourselves on the bad side of a number of issues, depending on the particular
environment and language being used. Format strings are an example, or htmlspecialchars
Briefly give an example of an authentication attack, an authorization attack, and a cryptographic attack
Authentication: attacker cracks our password
Authorization: attacker steals our SessionID and acts as admin
Cryptographic: attacker figures out decryption key
What is a client-side attack, give examples
Client-side attacks take advantage of weaknesses in the software loaded on our
clients, or those attacks that use social engineering to trick us into going along
with the attack.
Cross-site scripting (XSS), cross-site request forgery (XSRF), Clickjacking
What is a server side attack, give some examples
On the server side of the Web transaction, a number of vulnerabilities may
cause us problems as well. Such threats and vulnerabilities can vary widely
depending on our operating system, Web server software, various software versions,
scripting languages, and many other factors.
SQL injection, easily accessible config files, extra/unneeded files are examples of server side attacks/vulnerabilities
What are some of the security issues surrounding Databases?
-unauthenticated flaws in network protocol
-authenticated flaws in network protocols
-flaws in authentication protocols
-unauthenticated access to functionality
Arbitrary code Execution:
-arbitrary execution in intrinsic SQL elements
-arbitrary execution in securable SQL elements
-privilege escalation via SQL injection
-local privilege escalation issue
What is a sniffer?
sniffers can be of great use in a variety of
security situations. We can use them at a very high level to examine all the traffic
traveling over the portion of the network to which we are attached, presuming we
can get our sniffer placed properly to see the traffic in question. We can also use
such tools very specifically in order to watch the network traffic being exchanged
with a particular application or protocol.
Wireshark is an example of a sniffing tool.
What are Nitko and Witko?
Nikto is a free and open source Web server analysis tool that will perform
checks for many of the common vulnerabilities we might face in web security (both client and server side)
What is a fuzzer
In addition to all the tools we can use to look over our software for various
known vulnerabilities, there is another category of tools we can use to find
completely unexpected problems, a process referred to as fuzz testing. The
tools we use for this technique, referred to as fuzzers, work by bombarding our
applications with all manner of data and inputs from a wide variety of sources,
in the hope that we can cause the application to fail or to perform in unexpected