If you wanted to get access to a file in the file system on a web server, which of these attack techniques might you use?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAFile scriptingoptionBFile traversaloptionCSQL injectionoptionDCommand injection
Question
If you wanted to get access to a file in the file system on a web server, which of these attack techniques might you use?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAFile scriptingoptionBFile traversaloptionCSQL injectionoptionDCommand injection
Solution
You might use File Traversal. This attack technique involves exploiting insufficient security validation or sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs. This allows the attacker to access files that they should not be able to access.
Similar Questions
What is the target of a command injection attack?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAOperating systemoptionBWeb serveroptionCDatabase serveroptionDUser
Which of these prevention techniques would be best used against an SQL injection attack?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAAddress space layout randomizationoptionBStack canaryoptionCReturn to libcoptionDWeb application firewall
What technique does a slow read attack use?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionASmall HTTP POST requestsoptionBSmall file retrieval requestsoptionCSmall HTTP header requestsoptionDSmall HTTP body requests
Which technique would you employ to move from an attack system on the outside to an inside network via a compromised system?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAReverse shelloptionBXML injectionoptionCBuffer overflowoptionDPivoting
An attacker tries to replace a file in the file system with a Trojan that contains a payload he has created. The payload has records associated with the file he is uploading. Which of the following will you use to detect the file that is being uploaded by the attacker in the given scenario?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAdigoptionBtimestompoptionCtheHarvesteroptionDnetstat
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.