What attack has been carried out?

In the process of hacking a web application, attackers manipulate the HTTP requests to
subvert the application authorization schemes by modifying input fields that relate to the user
ID, username, access group, cost, file names, file identifiers, etc. They first access the web
application using a low privileged account and then escalate privileges to access protected
resources. What attack has been carried out?

In the process of hacking a web application, attackers manipulate the HTTP requests to
subvert the application authorization schemes by modifying input fields that relate to the user
ID, username, access group, cost, file names, file identifiers, etc. They first access the web
application using a low privileged account and then escalate privileges to access protected
resources. What attack has been carried out?

A.
XPath Injection Attack

B.
Authorization Attack

C.
Authentication Attack

D.
Frame Injection Attack

Explanation:

Reference:
http://luizfirmino.blogspot.com/2011_09_01_archive.html(see authorization attack)

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

Naveen Kumar

Naveen Kumar

B according to ECSAv8

Reply

alrooc

alrooc

“B” Module 16 Page 574 ECSAv8

Reply