a malicious attacker has intercepted HTTP traffic and inserted an ASCII line that sets the referrer
URL. Which of the following is the attacker most likely utilizing?
A.
Header manipulation
B.
Cookie hijacking
C.
Cross-site scripting
D.
Xml injection
A.
0
0
Can’t be Header Manipulation because this involves manipulation of the TCP/IP packet
Can’t be XML injection because the question gives no foundation or inference to any XML based product or service.
Can’t be cookie hijacking because setting a referrer in a cookie makes no sense.
There are several forms of Cross Site Scripting, including Explicit and Referrer. The Referrer method involves setting the http referrer. Google it. Answer is C.
1
0
The answer is A, it doesn’t refer to the header of a TCP/IP packet, but HTTP Headers. There are requests and response headers. In the request HTTP headers you are sending details to the webserver, those details are included in headers, for instance User-Agent, which indicates to the web server which device and type of browser you use, the Referer, which indicate which site you come from… and in the response you have headers coming from the web server, for example Cache-Control header, which will indicate if an object is no-cache, private or cacheable for X seconds, days… among other details. There are plenty of tutorials out there if you want to learn about “HTTP headers”. I hope this helps.
0
0
I pick A.
A header manipulation attack uses other methods (hijacking, cross-site forgery, and so forth) to change values in HTTP headers and falsify access. When used with XSRF, the attacker can even change a user’s cookie. Internet Explorer 8 and above include InPrivate Filtering to help prevent some of this. By default, your browser sends information to sites as they need it — think of requesting a map from a site; it needs to know your location in order to give directions. With InPrivate Filtering, you can configure the browser not to share information that can be captured and manipulated.
https://code.tutsplus.com/tutorials/http-headers-for-dummies–net-8039
Cookie stealing is another name for session hijacking. In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session — sometimes also called a session key — to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer.
Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors. XSS can be mitigated by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.
When a web user takes advantage of a weakness with SQL by entering values that they should not, it is known as a SQL injection attack. Similarly, when the user enters values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack. XPath works in a similar manner to SQL, except that it does not have the same levels of access control, and taking advantage of weaknesses within can return entire documents. The best way to prevent XML injection attacks is to filter the user’s input and sanitize it to make certain that it does not cause XPath to return more data than it should.
http://projects.webappsec.org/w/page/13247004/XML%20Injection
0
0
It’s either A or C 🙁 i’m going with A
0
0