IS4680 Lab 4 Q&A

1180 WordsJun 28, 20145 Pages
The Lab #4 Assessment Questions and Answers 1. What is a PHP Remote File Include (RFI) attack, and why are these prevalent in today’s Internet world? RFI stands for Remote File Inclusion that allows the attacker to upload a custom coded/malicious file on a website or server using a script. This vulnerability exploits the poor validation checks in websites and can eventually lead to code execution on server or code execution on website (XSS attack using javascript). RFI is a common vulnerability and all website hacking is not entirely focused on SQL injection. Using RFI you can deface the websites, get access to the server and do almost anything. What makes it more dangerous is that you only need to have your common sense and basic…show more content…
7. What is a Server Side Include (SSI)? What are the ramifications if an SSI exploit is successful? The Server-Side Includes attack allows the exploitation of a web application by injecting scripts in HTML pages or executing arbitrary codes remotely. It can be exploited through manipulation of SSI in use in the application or force its use through user input fields. The attacker can access sensitive information, such as password files, and execute shell commands. The SSI directives are injected in input fields and they are sent to the web server. The web server parses and executes the directives before supplying the page. Then, the attack result will be viewable the next time that the page is loaded for the user's browser. 8. According to the TippingPoint Report researched in this lab how do SMB attacks measure up to HTTP attacks in the recent past? Symantec identified a significant shift in an attackers tactics: 31% of targeted attacks were aimed at businesses with fewer than 250 employees. This shows a threefold increase from Symantec Corp.'s 2012 report, and is the latest sign that attackers are broadening their search for susceptible targets. 9. According to the TippingPoint Report, what are some of the PHP RFI payload effects DVLabs has detected this year? The common vulnerabilities in a CMS are unpatched or poorly patched plug-ins rather than the core system. Poor patch management represents a large

    More about IS4680 Lab 4 Q&A

      Open Document