- What is a CSRF attack? How does it use HTTP requests? And why do we call it the one-click attack?
- What is an XSS attack? And what is the connection between it and cookies/sessions? And what are the two main categories of XSS?
- What is SQL injection? and what is the attacker’s intention from it?
- Consider the below SQL command, where is the vulnerability? think about some ways an attacker can misuse it:
const { username, password } = req.body
let strQry = `SELECT Count(*) FROM Users WHERE username=${username} AND password=${password}`;
- What does End-to-End encryption means? Share an example of an well-known app using E2EE, how is that app using it?
Room2 <Najwan Abu Shawareb - lina abumahfood - Yassin Aji - Ahmad juma>
Q1. What is a CSRF attack? How does it use HTTP requests? And why do we call it the one-click attack?
CSRF (Cross-Site Request Forgery) is a web security attack where an attacker tricks a user's browser into making unauthorized requests on a different site where the user is authenticated. It works by exploiting the automatic inclusion of authentication cookies in HTTP requests. It's called a "one-click attack" because a victim can be tricked with just a single click on a malicious link or button. To mitigate CSRF, developers use anti-CSRF tokens to validate the legitimacy of requests.
Q2.What is an XSS attack? And what is the connection between it and cookies/sessions? And what are the two main categories of XSS?
XSS (Cross-Site Scripting) is a web security vulnerability where attackers inject malicious scripts into web pages viewed by other users. It can compromise cookies and sessions. Two main categories are:
Stored XSS: The script is permanently stored on the server.
Reflected XSS: Script is temporarily included in URLs or input fields, reflected to users.
Q3.What is SQL injection? and what is the attacker’s intention from it?
SQL injection is a security vulnerability where attackers inject malicious SQL code into input fields to manipulate and exploit a web application's database. The intention is to gain unauthorized access, retrieve or manipulate data, and potentially disrupt the application.
Q4.Consider the below SQL command, where is the vulnerability? think about some ways an attacker can misuse it:
The vulnerability in the provided SQL command is SQL injection. An attacker can misuse it to bypass authentication, disclose information, or attempt a denial of service attack by manipulating the username and password inputs. To prevent this, use parameterized queries or prepared statements.
Q5.What does End-to-End encryption mean? Share an example of a well-known app using E2EE, how is that app using it?
that only the sender and the receiver can read the messages, examples: signal and WhatsApp use E2EE for all chats by default