Vulnerabilities and Attacks Flashcards
Firmware
Specialized forms of software stored on hardware devices, like a router or smart thermostat, provide low-level control for the device’s specific hardware.
End-of-life Systems
Refer to hardware or software products that have ended their life cycle.
Patch Management Process
Regularly monitoring for updates
Assessing the relevance and impact of patches
Deploying patches in a timely manner
Hardening
Involves Tightening the security of a system
Patching
Involves the regular updating of the software, firmware, and applications with the latest security patches
Configuration Enforcement
Used to ensure that all devices and systems adhere to a standard secure configuration
Decommissioning
This means that the system is retired and removed from the network.
Isolation
Used to limit the potential damage that might occur from a potential security breach.
Segmentation
Used to divide the network into segments
Bluetooth Vulnerabilities
Insecure Device Paring - This occurs when Bluetooth devices establish a connection without proper authentication.
Device Spoofing - This occurs when an attacker impersonates a device to trick a user into connecting.
On-Path Attack - Exploits Bluetooth protocol vulnerabilities to intercept and alter communications between devices without either party being aware.
Bluetooth Attacks
Bluejacking
Bluesnarfing
Bluebugging
Bluesmack
Blueborne
Sideloading
Mobile Vulnerabilities and Attacks
The practice of installing applications on a device from unofficial sources which actually bypasses the device’s default app store.
Jailbreaking and Rooting
Mobile Vulnerabilities and Attacks
Process that gives users escalated privileges on the devices and allows users to circumvent the built-in security measures provided by the devices.
Mobile Device Management (MDM) Solution
Used to conduct patching of the devices by pushing any necessary updates to the devices to ensure that hey are always equipped with the latest security patches.
Used to disable a device’s ability to sideload programs, Detect if a device has been jailbroken or rooted, and forces each device to use a VPN connection.
What are the 4 primary SQL commands?
SELECT - Read from DB
INSERT - Write to DB
DELETE - Remove from DB
UPDATE - Overwrite Data on DB
How to prevent SQL injection?
Use input validation
Sanitize Data
Use a web application firewall placed between the client and server
Extensible Markup Language (XML)
Used by web applications for authentication, authorization, and other types of data exchange.
To protect XML data in transit, it should always be placed in an encrypted tunnel, such as TLS.
Input Validation + Input Sanitization to protect the server receiving the data
Without encryption or validation its vulnerable to:
Snooping
Spoofing
Request Forgery
Injection of Arbitrary Code
XML Bomb
XML encodes entities that expand to exponential sizes, consuming memory on the host and potentially crashing it.
Cross-Site Scripting
Injects a malicious script into a trusted site to compromise the site’s visitors.
XSS Steps
- The attacker identifies an input validation vulnerability within a trusted website.
- The attacker crafts a URL to perform code injection against the trusted website.
- The trusted site returns a page containing the malicious code injected.
- Malicious code runs in the client’s browser with permission level as the trusted site.
XSS Example (No Question)
https://diontraining.com/search?Q=<SCRIPT%20Type=Application/JavaScript’>Alert(‘xss’)</SCRIPT>
https://diontraining.com - Trusted Site
/Search?Q=<SCRIPT%20Type= - Query
Application/JavaScript’> - Javascript Script
Alert(‘xss’)</Script> - Output
Non-Persistent XSS
This type of attack only occurs when its launched hand happens once
Persistent XSS
Allows an attacker to insert code into the backend database used by that trusted website.
Document Object Model (DOM) XSS
Exploits the client’s web browser using client-side scripts to modify the content and layout of the webpage.
