What would you term this attack?

Kevin sends an email invite to Chris to visit a forum for security professionals. Chris clicks on the
link in the email message and is taken to a web based bulletin board. Unknown to Chris, certain
functions are executed on his local system under his privileges, which allow Kevin access to
information used on the BBS. However, no executables are downloaded and run on the local
system. What would you term this attack?

Kevin sends an email invite to Chris to visit a forum for security professionals. Chris clicks on the
link in the email message and is taken to a web based bulletin board. Unknown to Chris, certain
functions are executed on his local system under his privileges, which allow Kevin access to
information used on the BBS. However, no executables are downloaded and run on the local
system. What would you term this attack?

A.
Phishing

B.
Denial of Service

C.
Cross Site Scripting

D.
Backdoor installation

Explanation:
This is a typical Type-1 Cross Site Scripting attack. This kind of cross-site scripting
hole is also referred to as a non-persistent or reflected vulnerability,and is by far the most common
type. These holes show up when data provided by a web client is used immediately by server-side
scripts to generate a page of results for that user. If unvalidated user-supplied data is included in
the resulting page without HTML encoding,this will allow client-side code to be injected into the
dynamic page. A classic example of this is in site search engines: if one searches for a string
which includes some HTML special characters,often the search string will be redisplayed on the
result page to indicate what was searched for,or will at least include the search terms in the text
box for easier editing. If all occurrences of the search terms are not HTML entity encoded,an XSS
hole will result.



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Q 

Q 

Without mentioning stealing cookies, a better answer for this question would be CSRF.