security.md

1. What is a CSRF attack? How does it use HTTP requests? And why do we call it the one-click attack?
2. What is an XSS attack? And what is the connection between it and cookies/sessions? And what are the two main categories of XSS?
3. What is SQL injection? and what is the attacker’s intention from it?
4. Consider the below SQL command, where is the vulnerability? think about some ways an attacker can misuse it:

const { username, password } = req.body
let strQry = `SELECT Count(*) FROM Users WHERE username=${username} AND password=${password}`;

5. What does End-to-End encryption means? Share an example of an well-known app using E2EE, how is that app using it?

1. (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated.
2. It is a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
3. SQL Injection: An attack that manipulates a database by inserting malicious SQL queries via user input fields. It aims to read or manipulate database information unauthorizedly.
4. Vulnerability Example: The provided SQL command could be exploited through user inputs that alter the query, leading to unauthorized access, especially without proper input sanitization or parameterization.
5. End-to-end encryption means that data is encrypted on the sender's device and only the recipient can decrypt it. No intermediaries, not even the service providers, can read the data.

Room 7:

• Hanan Islam
• Halwest Abubakir
• Nooralhussian
• Sajad Ismael
• Helin Tayeb

Arass , Amal, Afeaa,Mohammad Nazar,
1.Cross-site request forgery (CSRF), also known as one-click attack or session riding, is a type of cyber attack that tricks a user into submitting an unwanted web request to a website or application they are authenticated to. The attacker can then use the user's identity and privileges to perform actions such as transferring funds, changing an email address, or making a purchase.
2.Types of XSS: Stored XSS, Reflected XSS and DOM-based XSS. Cross-site Scripting attacks (XSS) can be used by attackers to undermine application security in many ways. It is most often used to steal session cookies, which allows the attacker to impersonate the victim.
3. SQL injection is a cyber attack where malicious SQL code is inserted into input fields of a website or app. The attacker's goal is to manipulate the database, steal data, bypass authentication, or even take over the entire system. It's a serious threat that requires proper input validation and secure coding practices to prevent.
4.The vulnerability lies in the lack of proper sanitization or parameterization of user inputs in the SQL query, making it susceptible to SQL injection attacks. An attacker could exploit this to bypass authentication, retrieve sensitive data, or execute malicious SQL commands. To mitigate this, use parameterized queries or prepared statements to separate SQL code from user input.
5.End-to-end encryption (E2EE) ensures that only the sender and recipient can read messages. WhatsApp uses E2EE by encrypting messages on the sender's device and decrypting them on the recipient's device, preventing anyone else, including WhatsApp itself, from accessing the content.

1- it's the Cross-site request forgery, it use cookies, which have user credentials to be send on every request to validate user authentication and http is stateless and not encrypted the same as https and hacker can get these cookies and send request using it, CSRF is sometimes called a "one-click attack" because it typically only requires the victim to click on a link or visit a webpage containing the malicious code once.
2- Cross-site scripting, XSS attacks allow attackers to inject malicious scripts into trusted websites. By doing so, they can steal cookies or session tokens from other users who visit the compromised site, potentially compromising their accounts. The two main categories are Reflected XSS ,Stored XSS
3-SQL Injections is when the user inject a malicious SQL command into the query by form for example, for example to have access during sign in or delete data from database and that is why data sanitization is important.
4- The vulnerability is that we are putting data collected from the client directly to SQL query without validating or sanitize it
and preferably we should use a package for that.
5- End-to-end encryption (E2EE) is a method of secure communication that prevents third-parties from accessing data while it's transferred from one end system or device to another, WhatsApp is using this type of encryption.

Abdulrahman Khalil, Elaf Gardi, Dawood Alkawaz, Meer Atta, Vinos sarhad, AbdAlRahman Muayid

1- A CSRF (Cross-Site Request Forgery) attack tricks users into making unwanted actions on a website where they're logged in, by exploiting their session cookies. To prevent these, websites use CSRF tokens and other security measures.

2-An XSS (Cross-Site Scripting) attack injects malicious scripts into websites to steal cookies and hijack sessions. The two main types are:
Stored XSS: Malicious scripts are saved on the server.
Reflected XSS: Malicious scripts are echoed by the server from user inputs.

3-SQL injection involves inserting malicious SQL code into databases via user input, aiming to manipulate or steal data.

4- The vulnerability lies in directly inserting user input into the SQL query, allowing SQL injection. Attackers can bypass authentication or extract data by altering the query with malicious input, such as username=admin'-- to ignore the password check.

5-End-to-End Encryption (E2EE) means only communicating users can read messages, preventing access from third parties, including service providers. WhatsApp uses E2EE for messages and calls, ensuring that only the communicating users can decrypt and view the content.

with :
1-Ninos Dinkha
2-aween ezzat
3-lava ahmed
4-teba kaaed

Room 5
Nada - Mardin - Ibrahim - Shvan - Zainab Al-Najjar

1. A CSRF (Cross-Site Request Forgery) attack tricks a user's browser into making unintended HTTP requests to a different site. It's often accomplished by luring a user to click on a malicious link or visit a compromised website. The attack exploits the fact that browsers automatically include stored session cookies when making requests to a site, potentially allowing an attacker to perform actions on behalf of the user without their consent. It's called a "one-click attack" because a single click by the user triggers the malicious action.

2. Cross-site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website.
   They often target cookies to hijack user sessions. where attackers inject malicious code into websites to steal data or take control.
   The two main types: non-persistent (reflected) and persistent (stored).

3. SQL injection is a code injection technique that exploits vulnerabilities in an application's software layer to execute malicious SQL statements. The attacker's intention with SQL injection is typically to gain unauthorized access to the application's database or to manipulate its data.

4. how an attacker can misuse it:
   SQL Injection: An attacker can manipulate the username or password fields to inject arbitrary SQL code, bypassing authentication or accessing unauthorized data. For example, they could input ' OR 1=1 -- as the password, effectively turning the query into SELECT Count(*) FROM Users WHERE username='someusername' AND password='' OR 1=1 --', which would always return true, effectively bypassing authentication.
   Brute Force Attack: Even without exploiting SQL injection directly, an attacker could use this vulnerability to launch a brute force attack by trying different combinations of usernames and passwords until they find a valid pair. This is particularly dangerous if the application doesn't have any protection against multiple failed login attempts.

5. End-to-end encryption means your messages are scrambled from when you send them until the recipient reads them, so nobody else can snoop. WhatsApp is a popular app using this. When you send a message, it's locked with a key only you and the receiver have, keeping it safe from hackers or even WhatsApp itself.

Shinak Mohemed, Zhin abubaker, Barham Baper, Koshyar Abdurrahaman , Yousra Yaarob

1. A CSRF attack tricks a user into unintentionally performing actions on a trusted website. It happens when a user, logged into a site, visits a malicious site that sends requests to the trusted site on behalf of the user. These requests, often disguised as innocent clicks, can lead to unauthorized actions like fund transfers. It's called a "one-click attack" because it appears to the victim as a single click initiates the attack.
2. An XSS attack injects malicious scripts into a website, which then execute in users' browsers. These scripts can steal sensitive data like cookies or sessions, allowing attackers to impersonate users. There are two main types: Reflected XSS, where the script is reflected off the server, and Stored XSS, where the script is permanently stored on the server.
3. SQL injection is a type of cyber attack where an attacker injects malicious SQL (Structured Query Language) code into input fields or parameters of a vulnerable website or application. The intention of SQL injection attacks is to manipulate the database queries executed by the application, allowing the attacker to access, modify, or delete data stored in the database.
4. One way is the query is not hashing the password
   -SQL Injection: An attacker can manipulate the username or password input fields to inject malicious SQL code. For example, by inputting ' OR '1'='1' as the password, the attacker could bypass authentication entirely because the query would evaluate to true, allowing them to log in without a valid password.
   -Authentication Bypass: If the query returns any results, it indicates a successful login. An attacker can exploit this by guessing valid usernames and using a crafted password to log in without knowing the correct credentials.
5. E2EE is a communication method that uses encryption and decryption. when the user sends a message, that message is being encrypted using an encryption key, and when a user receives that message it's being decrypted using a decryption key. And the well-known app that using E2EE is Whatsapp.

Room 3:-
Members:- Zainab Mirza - Rafeef Thamer - Shkar Gharib - Omer Sardar - Ahmed Jalal

1/ A CSRF (Cross-Site Request Forgery) attack is a type of exploit where an attacker tricks a logged-in user into unknowingly executing malicious actions on a trusted website. This attack is executed through forged HTTP requests that appear legitimate to the website, exploiting the user's authenticated session. It's called a "one-click attack" because it can be triggered with a single click by the victim, requiring no additional authentication.

2/ An XSS (Cross-Site Scripting) attack injects malicious scripts into a website, which can then execute in users' browsers. It can steal cookies or session tokens, leading to unauthorized access. The two main categories are:
Stored XSS: The injected script is permanently stored on the server, affecting all users who access the vulnerable page.
Reflected XSS: The injected script is reflected off the web server, usually via a link or input field, targeting a specific user at the time of the attack.

3/ SQL injection is a type of cyber attack where malicious SQL (Structured Query Language) code is inserted into input fields of a web application, exploiting vulnerabilities in the application's database layer. The attacker's intention is typically to gain unauthorized access to the database, retrieve sensitive information, modify or delete data, or execute arbitrary commands on the database server.

4/ The SQL command is vulnerable to SQL injection due to the lack of input validation and sanitization. Attackers can exploit this vulnerability to bypass authentication, extract sensitive information, manipulate data, or compromise the entire database server.
Attackers can misuse this vulnerability in several ways:

SQL Injection
Authentication Bypass
Information Disclosure
Data Manipulation
Database Server Compromise

5/ End-to-end encryption (E2EE) ensures that only the sender and recipient can access the content of their communication by encrypting messages on the sender's device and decrypting them on the recipient's device. WhatsApp uses E2EE by generating cryptographic keys for each user's device, exchanging public keys to encrypt messages, and ensuring that encryption keys are not stored on its servers, thus maintaining the confidentiality of conversations.

Telegram is a big example of this method.

Room 11 , Pasand Yaba , Hana Abdulla , Ahmed Sabah , Muhammed Sabah , Ali Izaddin

1- A CSRF (Cross-Site Request Forgery) attack is a type of security exploit where an attacker tricks a user into unintentionally performing actions on a web application in which the user is authenticated. The attacker accomplishes this by embedding malicious code in a link or website visited by the user. When the user clicks the link or visits the website, their browser sends unauthorized requests to the target web application, which processes them as if they were legitimate actions by the user. CSRF attacks use HTTP requests to execute actions on the target application, such as transferring funds or changing account settings. They are often referred to as "one-click attacks" because they can be triggered with just one click by the user, without their knowledge.
2- XSS attacks involve injecting malicious scripts into web pages to steal sensitive information like cookies or session tokens from the user , Stored XSS (persistent) and Reflected XSS. Developers can prevent XSS by sanitizing input and using security measures like Content Security Policy (CSP).

3- SQL injection is when a sneaky hacker tricks a website into running bad commands. For example, imagine a website with a search bar. If the website is not well protected, the hacker could type something like this into the search bar: '; DROP TABLE users; -- :
4- user name = " or ""="
password = " or ""="
5- End-to-end encryption (E2EE) ensures that only the communicating users can read messages by encrypting data on the sender's device and decrypting it on the recipient's device, with no intermediary access. Signal is an example of an app using E2EE, where users' devices generate cryptographic keys for secure messaging. Messages are encrypted with the recipient's public key and decrypted with their private key, ensuring privacy and security. Signal's implementation of E2EE safeguards communications from eavesdropping and surveillance, making it highly secure.

Ahmed Isam , Mawj M Basheer , Ahmad Qarany, Dilan M Ahmed.

1. it is Cross Site Request Forgery which attackers will use to trick the web browser user to perform actions and providing sensitive data and information to the cloned webpage and the data will be stolen . The reason we call it one click attack is that the user is just one click away from giving up the sensitive information like email and passwords or bank card PIN number.

2. XSS is the cross site scripting cyber attack in which scripts have been injected by hackkers into web pages browsed by the users. the scripts that being added will be able to sensitive information, manipulate, or sending the user to other cloned websites.the cookies and session tokens might hold authentication information like passcodes and they can be obtained through injecting scripts.there are two main categories of XSS , which are Reflected XSS and Stored XSS. Reflected XSS is a script being adedd that can be executed in the attacked user browser this category of XSS will involve the tricks that user might fall for and cliick on the script triggers. the Stored XSS on the other hand is more about permenantly stored scripts that injected into the targeted server, for example a database for a web application that a user has an account for log in into.

3. it is another type of cyber attack in which the attacker will put some SQL code into the INPUT fileds of a web app in order to control and manipulate the APP database. from this type of attack, the attacker can get delete and add data from the database and passcodes or execute commands on the server .

4. the attacker can inject a query inside the username or password and manipulate the data. the attacker can do such a thing through having the direct explicit username and passowrd in the input field. Therefore, the attacker can run its script into the database server and get what it is attacked for initially .

5. The data will be encrypted from the sender and only the recipient can de-coded by their side only. for example WhatsApp or telegram their chats are E2EE .