- What is a CSRF attack? How does it use HTTP requests? And why do we call it the one-click attack?
- What is an XSS attack? And what is the connection between it and cookies/sessions? And what are the two main categories of XSS?
- What is SQL injection? and what is the attacker’s intention from it?
- Consider the below SQL command, where is the vulnerability? think about some ways an attacker can misuse it:
const { username, password } = req.body
let strQry = `SELECT Count(*) FROM Users WHERE username=${username} AND password=${password}`;
- What does End-to-End encryption means? Share an example of an well-known app using E2EE, how is that app using it?
team member : Raneem , Ahmed mash, Malak jabr , abdalrhmn rizk
Q1:
Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated. CSRF attacks exploit the trust a Web application has in an authenticated user. (Conversely, cross-site scripting (XSS) attacks exploit the trust a user has in a particular Web application). A CSRF attack exploits a vulnerability in a Web application if it cannot differentiate between a request generated by an individual user and a request generated by a user without their consent.
works>>>
Use of HTTP Requests: CSRF attacks manipulate users into submitting a request to a web application where they are already authenticated. For example, if a user is logged into their bank's website and then clicks on a malicious link, the malicious link can generate an HTTP request (such as a GET or POST request) to the bank's server. Since the user is already authenticated, the bank's server might execute the request without realizing it's malicious.
One-Click Attack: It's called a "one-click attack" because it generally requires only one action from the victim, such as clicking a link. This link triggers an HTTP request to the target site, leveraging the user's authenticated session. The simplicity of the attack is what makes it dangerous; users might not even realize they've initiated a harmful action.
Q2:
Cross-Site Scripting (XSS) is one of the dangerous assaults experienced while modifying an organization's or user's information.
two main categories of XSS:
1-Stored XSS (Persistent XSS)
2-Reflected XSS (Non-Persistent XSS)
The connection between xss attack and cookies/sessions:
The most severe XSS attacks involve disclosure of the user's session cookie, allowing an attacker to hijack the user's session and take over the account
This article suggests a comprehensive approach to detect and defend against XSS (Cross-Site Scripting) attacks using a blend of machine learning and deep learning techniques. It combines Naive Bayes (NB), Support Vector Machine (SVM), and k-Nearest Neighbors (k-NN) from machine learning, along with Recurrent Neural Networks (RNN), Convolutional Neural Networks (CNN), and Long Short-Term Memory (LSTM) networks from deep learning. This method, known as "hybrid stacking," is integrated with web applications for enhanced efficiency and accuracy.
Q3:
SQL injection is a type of cyber attack where malicious code is inserted into a SQL query, allowing the attacker to manipulate or extract data from a database.
The attacker's intention is usually to gain unauthorized access to a system, retrieve sensitive information, modify or delete data, or perform other malicious actions within a database.
This occurs when a web application does not properly validate or sanitize user input, enabling attackers to inject SQL code and exploit vulnerabilities in the system.
Q5:
End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.
In E2EE, the data is encrypted on the sender's system or device, and only the intended recipient can decrypt it. As it travels to its destination, the message cannot be read or tampered with by an internet service provider (ISP), application service provider, hacker or any other entity or service.
Examples : Facebook, WhatsApp and Zoom
In messaging services and email, E2EE ensures that the message contents remain encrypted from the sender’s device until it reaches the receiver’s device, thereby protecting the privacy of the communication from service providers, advertisers and hackers.