لطفا منتظر باشید ...
Appendix B: Glossary of Web Application Security Threats
Account Hijacking
Taking over the account of a legitimate user, sometimes denying the rightful user access to his or her account.
Account Hopping
Manipulating an existing authentication token to gain access to another user’s account.
Brute Force Attack
The process of discovering user credentials by trying every possible character combination. Brute force attacks can be optimized by first trying dictionary words, common passwords, or predictable character combinations.
Backdoor Attack
Exploiting poorly implemented protection mechanisms by circumventing authentication or accessing content directly.
Banner Grabbing
The process of connecting to TCP ports and reading return banners to determine the type of service and software platform.
Buffer Overflow
Overwriting a buffer by sending more data than a buffer can handle, resulting in the application crashing or executing code of the attacker’s choice.
Buffer Overrun
See Buffer Overflow.
Command Injection
Injecting special shell metacharacters or otherwise manipulating input to cause the server to run shell commands or other code of the attacker’s choice.
Console Attack
An attack launched physically from the system’s local console.
Content Spoofing
Creating fake web content that mimics a web site to deceive a user into revealing login credentials or other sensitive information.
Cookie Manipulation
Modifying a browser cookie to exploit a security flaws in a web application.
Cookie Hijacking
Stealing the authentication cookie of a legitimate user to authenticate as and impersonate that user.
Cross-Site Request Forgery (CSRF)
Exploiting a site’s trust of a user to perform a transaction in behalf of the user. Usually involves tricking a user to click on a link or embedding a link in an HTML IMG tag.
Cross-Site Scripting (XSS)
An attack that involves injecting HTML or script commands into a trusted application with the purpose of hijacking a user’s cookie, session token, or account credentials.
Denial of Service (DoS)
Causing an application to excessively consume system resources or to stop functioning altogether.
Directory Traversal
Accessing files outside the bounds of the web application by manipulating input with directory traversal characters also known as the double dot attack
File system access
Manipulating input to read, write, or delete protected files on disk.
Information leakage
Revealing or failing to protect information that an attacker can use to compromise a system.
Luring Attack
Tricking a victim to run code or take actions in behalf of the attacker.
Man-in-the-middle (MITM)
Intercepting web traffic in such a way that the attacker is able to read and modify data in transit between two systems.
Phishing
A form of man-in-the-middle attack where the attacker lures a legitimate user to enter a password through a fake e-mail or web form designed to look like that of a legitimate web site.
Privilege escalation
Allowing an attacker to gain the access privileges of a higher level account.
Repudiation
The ability for a user to deny having taken an action or performed a transaction.
Resource exhaustion
Server-side code access
Revealing the content of server-side code or configuration files by manipulating input to disguise the true file extension.
Session fixation
Providing another user with a known fixed token to authenticate and then gaining access to that user’s session.
Sniffing
Using a network monitoring utility to intercept passwords or other sensitive information that traverses a network.
Social engineering
Using a hacker’s social skills to extract information from or otherwise manipulate employees or other trusted individuals at a target organization.
SQL injection
Manipulating user input to construct SQL statements that execute on the database server.
Token brute force attacks
Discovering a valid session token by submitting all possible combinations within the token’s key space.
Token hijacking
Being able to access another user’s token and potentially gain access to their account.
Token keep-alive
The process of periodically sending web requests to keep a session token from expiring, often used with session fixation attacks.
Token manipulation
Modifying a token on the URL or in a cookie to gain unauthorized access to an application.
Token prediction
Guessing or predicting a valid session token because the token scheme uses a sequential or predictable pattern.
Unauthorized access
Gaining access to restricted content or data without the consent of the content owner.
