Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
6 views

Cyberattacks-Assignment (Copy 1)

Uploaded by

sweetwithclips
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6 views

Cyberattacks-Assignment (Copy 1)

Uploaded by

sweetwithclips
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

CYBER ATTACKS

1. Login Bypass Using SQL Injection


A user has reported that they were able to log into your web application without valid credentials. After
investigating, you find that they entered the following in the password field: 1234' OR '1'='1.
Describe how this SQL injection works, why it is a vulnerability, and the steps you would take to
prevent such issues.

2. Data Exfiltration via SQL Injection in Search Forms


Your e-commerce platform has a search feature that queries the database based on user input. A security
audit reveals that a simple search term like "product_id=-1' UNION SELECT username,
password FROM users --" returns user credentials instead of product data. Explain how this
form of SQL injection could lead to data exfiltration and what methods you would use to protect
sensitive data in such fields.

3. Detection of Blind SQL Injection through Time Delays


During a penetration test, it is found that appending "AND SLEEP(5)" to an input field causes the
web application to delay responses by five seconds. What is a blind SQL injection, and how does this
technique help attackers probe the database? Detail how you could detect and remediate blind SQL
injection vulnerabilities in the system.

4. Cross-Database SQL Injection Attacks


Your multi-platform database application integrates with MySQL, PostgreSQL, and MS SQL
databases. During testing, a vulnerability is identified where the input "'; EXEC
xp_cmdshell('whoami') --" executes on the MS SQL database and reveals sensitive OS-level
information. Discuss how SQL injection can vary across databases, the risks of system-level command
execution, and the mitigation strategies for cross-database security.

5. SQL Injection in JSON-Based API Requests


Your web service offers a RESTful API where clients send JSON payloads. However, an attacker finds
that adding SQL code into certain JSON fields retrieves unauthorized data. Explain how SQL injection
can occur in JSON-based APIs, the risks involved, and how you would secure such APIs against
injection attacks.
6. Stored SQL Injection through User Profile Data
A vulnerability has been reported in your social media application: a user can insert SQL commands in
their profile's "About Me" section, which is later executed by an admin user viewing it. How does
stored SQL injection differ from other types, and why is it particularly dangerous? Outline measures
you would implement to prevent stored SQL injection vulnerabilities in user-generated content.

7. Second-Order SQL Injection


Your company has a sign-up form that validates inputs for SQL injection. However, SQL injection
occurs in an internal application that processes user registration data after they sign up. Describe a
second-order SQL injection, how it can go undetected during input validation, and what safeguards you
would establish to protect against it.

8. Privilege Escalation through SQL Injection


A SQL injection vulnerability in a report generation tool allows an attacker to gain admin access to the
database by elevating their privileges. How can SQL injection lead to privilege escalation, and what
potential database and system-level risks could result? Explain the steps needed to prevent
unauthorized privilege escalation.

9. Detecting SQL Injection with WAF (Web Application Firewall)


A user has triggered several alarms on your Web Application Firewall (WAF) by inputting SQL-
specific commands like UNION SELECT and ORDER BY 1. Discuss how a WAF detects SQL
injection attempts, the limitations of WAFs in detecting advanced SQL injection attacks, and the
measures you’d take to complement WAF security.

10. SQL Injection in Stored Procedures


Your team finds a vulnerability in a stored procedure that concatenates user input into a query before
executing it. Explain why stored procedures are generally safer but still vulnerable to SQL injection if
not parameterized. Describe how to write secure stored procedures and prevent SQL injection even
when using database-side code.

You might also like