What type of attack did the Hacker attempt?

Central Frost Bank was a medium-sized, regional financial institution in New York. The bank recently deployed a new Internet-accessible Web application. Using this application, Central Frost’s customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business through a Web browser. John Stevens was in charge of information security at Central Frost Bank. After one month in production, the Internet banking application was the subject of several customer complaints. Mysteriously, the account balances ofmany of Central Frost’s customers had been changed! However, moneyhadn’t been removed from the bank. Instead, money was transferred between

accounts. Given this attack profile, John Stevens reviewed the Web application’s logs and found the following entries:

Attempted login of unknown user: johnm

Attempted login of unknown user: susaR

Attempted login of unknown user: sencat

Attempted login of unknown user: pete”;

Attempted login of unknown user: ‘ or 1=1–

Attempted login of unknown user: ‘; drop table logins–

Login of user jason, sessionID= 0x75627578626F6F6B

Login of user daniel, sessionID= 0x98627579539E13BE

Login of user rebecca, sessionID= 0x9062757944CCB811

Login of user mike, sessionID= 0x9062757935FB5C64

Transfer Funds user jason

Pay Bill user mike

Logout of user mike

What type of attack did the Hacker attempt?

Central Frost Bank was a medium-sized, regional financial institution in New York. The bank recently deployed a new Internet-accessible Web application. Using this application, Central Frost’s customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business through a Web browser. John Stevens was in charge of information security at Central Frost Bank. After one month in production, the Internet banking application was the subject of several customer complaints. Mysteriously, the account balances ofmany of Central Frost’s customers had been changed! However, moneyhadn’t been removed from the bank. Instead, money was transferred between

accounts. Given this attack profile, John Stevens reviewed the Web application’s logs and found the following entries:

Attempted login of unknown user: johnm

Attempted login of unknown user: susaR

Attempted login of unknown user: sencat

Attempted login of unknown user: pete”;

Attempted login of unknown user: ‘ or 1=1–

Attempted login of unknown user: ‘; drop table logins–

Login of user jason, sessionID= 0x75627578626F6F6B

Login of user daniel, sessionID= 0x98627579539E13BE

Login of user rebecca, sessionID= 0x9062757944CCB811

Login of user mike, sessionID= 0x9062757935FB5C64

Transfer Funds user jason

Pay Bill user mike

Logout of user mike

What type of attack did the Hacker attempt?

A.
Brute force attack in which the Hacker attempted guessing login ID and password from password cracking tools.

B.
The Hacker used a random generator module to pass results to the Web server and exploited Web application CGI vulnerability.

C.
The Hacker attempted SQL Injection technique to gain access to a valid bank login ID.

D.
The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session.

Explanation:
The 1=1 or drop table logins are attempts at SQL injection.



Leave a Reply 0

Your email address will not be published. Required fields are marked *