- What is a CSRF attack? How does it use HTTP requests? And why do we call it the one-click attack?
- What is an XSS attack? And what is the connection between it and cookies/sessions? And what are the two main categories of XSS?
- What is SQL injection? and what is the attacker’s intention from it?
- Consider the below SQL command, where is the vulnerability? think about some ways an attacker can misuse it:
const { username, password } = req.body
let strQry = `SELECT Count(*) FROM Users WHERE username=${username} AND password=${password}`;
- What does End-to-End encryption means? Share an example of an well-known app using E2EE, how is that app using it?
Room 12: Baraa
A.1. Cross-Site Request Forgery (CSRF), commonly known as a one-click attack, is a web security vulnerability. It tricks a user's browser into performing unauthorized actions on a trusted website by exploiting the user's existing authenticated session. In simple terms, an attacker sends a hidden request using your logged-in session, and when you click a link, the website, thinking it's you, executes hidden actions, potentially causing significant harm with just one click.
A.2. XSS injects malicious scripts into trusted websites, exploiting your cookies and session data. There are two main types:
Reflected: Your own input gets weaponized against you.
Stored: Hidden scripts lurk on compromised pages, attacking any visitor.
A.3. SQL injection is a cyberattack where malicious SQL code is injected into a web application's inputs. The goal is to compromise the database, enabling unauthorized data access, modification, or command execution. Prevention involves input validation and secure database practices.
A.4. The vulnerability in the provided SQL command is due to the direct insertion of user inputs (username and password) without proper validation.
A.5. E2EE ensures that data is securely transmitted and only accessible by the sender and intended recipient. WhatsApp employs E2EE by generating cryptographic keys on users' devices, exchanging keys, and encrypting messages. This guarantees that even WhatsApp cannot access the content, providing a high level of privacy and security.