Course Overview
1.0: Threats, Attacks, and Vulnerabilities
Section 1.0: Test Your Knowledge
Section 1.0: Identifying Scenario & Questions
2.0: Technologies and Tools
Section 2.0: Test Your Knowledge
Section 2.0: Identifying Scenario & Questions
3.0: Architecture and Design
1 of 3

1.2.4: Application/Service Attacks

WORDS

TERM

LAYMAN'S TERM

DoS

This attack can disrupt services such as your computers internet, microphone and or speaker outputs. 

DDoS

This type of attack is designed to come from more than one source whether it’s from a computer in Japan vs a computer in the USA, both make attempts to hit the same target.

Man-in-the-middle

This attack name is self-explanatory. There is a computer system in the middle of two other systems gathering data that the two computer systems send to one another. 

Buffer overflow

This attack happens when an application for an example like your Facebook gets more information than it asks for you to put like your username and password but the attack would also something like your First Name.

Injection

An example of this attack is if you pressed the letter “A” the injection attack would run a command or code to run the next letter after the letter “A”.

Cross-site scripting

This type of attack happens from the back-end of things. Usually an attacker has access to a developer’s server and places cross-site scripting to it, which in return the code executes when a user visits the site and do what the attacker intended for it to do. 

Cross-site request forgery

This attack it similar to cross-site scripting but instead re-route the user from the original page they landed on to pages for things like making purchases even if the site isn’t an e-commerce site. 

Privilege escalation

This allows an attacker to get admin like access to data a basic user couldn’t get using different hacking methods.  

ARP poisoning

This attack makes a system MAC address number seem different than what it actually is. 

Amplification Attack

DNS amplification is a type of reflection attack which manipulates publicly-accessible domain name systems, making them flood a target with large quantities of UDP packets.

This attack uses a spoof IP address to send UDP packets to overwhelm the target system.

DNS poisoning

An attack that modifies or corrupts DNS results. DNSSEC helps prevent DNS poisoning.

This attack enters false information into a DNS cache, so that queries return an incorrect response and users are directed to the wrong website.

Domain hijacking

This attack changes the name, address, and so on of the original person who bought and registered the domain for themselves. 

Man-in-the-browser

This attack targets web browsers like google and allow attackers to gather data and keystrokes of targeted users. 

Zero day

This attack happens when a developer (programmer) has created an application but are unknown of the errors that the program holds. 

Replay Attack

Data like credentials such as user names and passwords, is intercepted, and replayed back on the network to an unsuspecting host. 

This attack happens by the attacker making the user think they have successfully completed the data transmission. So, if you put all the required information asked to pay your phone bill, this attack would make it seem as if you successfully submitted the information.

Pass the hash

This attack uses an algorithm like method. A key known to the site and the user’s password are both used. The “hash” value is made from both the user password and key site. 

Remember: A hash is a string of random-looking characters that uniquely identifies that data in question, similar to how our fingerprint identifies us.

MAC spoofing

An attack that changes the source Mac address.

This attack changes the MAC address of the original system to match another targeted system.

Hijacking and Related Attacks

Clickjacking

This attack makes you think your clicking for an example would be the homepage of a website but in reality, your clicking something the intended attacker wants you to click.

Session hijacking

This attack takes your session information like if you logged into walmart.com. The attacker could act as you and if you had a credit card on file make purchases.

URL hijacking

This attack happens by attackers purchasing domain names close to familiar site names in an attempt to trick users who mistakenly type the wrong domain name in the address bar. For an example if you were to type “facebok.com” instead of “facebook.com”, the attack site would look exactly like the original site and possibly capture your username and password if you entered it. 

Driver Manipulation

Shimming

This attack is created using programming code that tells a driver on a device or system what to do. 

Refactoring

Reprogramming devices drivers’ internals so that the device driver responds to all of the normal inputs and generates all the regular outputs, but also generates malicious outputs. 

This attack allows drivers to run normally but only difference is when regular outputs from the driver generates, the attacker make sure malicious outputs are generated as well.