Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Yee > Pentest > Flashcards

Pentest Flashcards

1
Q

What is EternalBlue?

A

EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency (NSA). It targets a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol.

EternalBlue exploits vulnerabilities in SMBv1-packets and leads to arbitrary code execution.

The EternalBlue exploit was leaked by the hacker group known as The Shadow Brokers in April 2017.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which major ransomware attacks used the EternalBlue exploit?

A

The EternalBlue exploit was used in the WannaCry ransomware attack in May 2017 and the Petya (also known as NotPetya) cyberattack in June 2017.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Buffer Overflow - Canaries

A

Ennalta tiedetty joukko dataa, joka sijoitetaan stäkkiin bufferi ja kontrolli datan väliin. Sen eheyden perusteella tiedetään onko buffer overflow yritys käynnissä.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Buffer Overflow - ASLR

A

Address space layout randomization. ROP-hyökkäyksiä vastaan kehitetty tekniikka, jossa muistipaikkoja sekoitetaan niin, että niiden osoitetta ei voi tietää ennalta.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Buffer Overflow - DEP

A

Data execution prevention. Monitoroidaan ohjelman muistipaikkojen käyttöä. Jos poikkeaa normista, terminoidaan ohjelma.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Yee (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions