CEH Certified Ethical Hacker Practice Exams by Matt Walker

Author:Matt Walker
Language: eng
Format: epub
Tags: -
Publisher: McGraw-Hill Education
Published: 2014-06-17T16:00:00+00:00

What is the attacker attempting to perform?

A. A SQL injection attack against the blog’s underlying database

B. A cross-site scripting attack

C. A buffer overflow DoS attack

D. A file injection DoS attack

 B. This is a classic (an overly simplified but classic nonetheless) example of cross-site scripting. In a blog, the post entry field is intended to take text entry from a visitor and copy it to a database in the background. What’s being attempted here is to have more than just the text copied—the <script> indicator is adding a nice little pointer to a naughty website. If it works, the next visitor to the site who clicks that news story will be redirected to the bad site location.

 A, C, and D are all incorrect because this example contains nothing to indicate a SQL injection or a buffer overflow. Additionally, the idea here is not to perform a denial of service. Actually, it’s quite the opposite: The attacker wants the site up and operational so more and more users can be sent to badsite.com.

26. An attacker attempts to manipulate an application by advancing the instruction pointer with a long run of instructions containing no action. What is this attack called?

A. File injection

B. Stack flipping

C. NOP-sled

D. Heap based

 C. Computer languages usually contain a command most CPUs will recognize as “do nothing.” This no-operation (NOP) instruction serves to advance an instruction pointer to a known memory area. The idea behind it is to provide time for unknown activities to occur until it’s time to execute the main code (avoiding an exception code and a halt to the system or application). For a ridiculously over-simplified example, if you were “coding” a human’s morning routine and wanted them to brush their teeth, you might provide a whole bunch of “do nothings” in front and behind the “pick up toothbrush, put toothpaste on brush, and so on” steps—to provide space for things you may not be aware of.

When it comes to attacks, hackers will send tons of NOP instructions in an effort to move the pointer to an area they control—and to execute the naughty payload there. This NOP-sled is relatively easy to see in action, and all IDSs will pick it up.

 A is incorrect because file injection occurs when the attacker injects a pointer in a web form input to an exploit hosted on a remote site. There is no file injection occurring in this example.

 B is incorrect because the term stack flipping is not a recognized term on the CEH exam and is included here as a distractor.

 D is incorrect because a heap-based buffer overflow deals with a buffer overflow specifically aimed at the lower part of the heap, to overwrite dynamic content there.

27. You are examining website files and find the following text file:

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.