Application Security Vulnerabilities

Questions and Answers

What is the primary goal of most application attacks?

To run arbitrary code on the system (correct)

To disable the system in a denial of service attack

To read and write data without privileges

To crash the application system

What is the term used to describe when an attacker executes code on a system with elevated privileges?

Remote code execution

Application vulnerability

Privilege escalation (correct)

Arbitrary code execution

What is the primary benefit of performing detailed analysis of code or process execution in real-time?

To eliminate the need for privilege escalation detection

To detect application attacks (correct)

To prevent arbitrary code execution

To identify system vulnerabilities

What is the purpose of error handling in an application?

To provide a signal of an application attack

What type of account is used to run a process, depending on the software configuration?

All of the above

What is the term used to describe the transmission of code from one machine to another?

Remote code execution

What could be located in the data section of the process?

Return addresses and pointers to previous stack frames

What is the consequence of a buffer overflow error?

Data corruption and memory access violations

What is the purpose of the strcpy function in the vulnerableFunction?

To copy the contents of input into buffer

What is the size of the fixed-size character array buffer?

16 characters

What happens when the input string is longer than 16 characters?

The buffer overflows

What is the impact of a successful buffer overflow attack?

The attacker gains control of the process with elevated privileges

What type of information should an application avoid revealing to an attacker during error handling?

Configuration or platform details

What is the primary reason for testing user input in a program?

To ensure the data is valid and expected by the receiving process

What type of attack involves submitting input that is too large to be stored in a variable assigned by the application?

Overflow-type attack

What is a common characteristic of most application attacks?

They pass invalid or maliciously constructed data to the vulnerable process

What is a common indication of an unsuccessful buffer overflow attack?

Unexplained crashes or error messages

What is the primary goal of a buffer overflow attack?

To gain control of the system

What is a potential consequence of an unhandled exception in a web application?

An error page may reveal the type and configuration of a database server

What is a stack overflow?

A type of buffer overflow attack

What is the primary goal of good programming practice when it comes to input handling?

To ensure the input is valid and expected by the receiving process

What is the cause of a buffer overflow vulnerability?

A programming error when a process attempts to store data beyond the limits of a fixed-sized buffer

What is the role of a buffer in a program?

To store expected data

What is the term for a condition where more input is placed into a buffer than its capacity?

Buffer overrun

What is the function of the PUSH instruction?

To add data to the stack

What happens to the stack frame when a program function finishes executing?

It is unwound and ESP and EBP point back to the caller function's stack frame

What is the purpose of the EBP register?

To keep track of the stack frame of the currently executing function

What is the data structure of the stack?

Last-in, first-out

What is the purpose of the POP instruction?

To remove data from the stack