1_3_6 Section 1 – Attacks, Threats, and Vulnerabilities - 1.3 – Application Attacks - Request Forgeries

Questions and Answers

What type of content is typically loaded directly from a website's server when you visit a webpage?

Text

Which servers provide the videos when loading a webpage from a typical website?

YouTube servers

Where do the images and pictures on a webpage usually come from?

Instagram servers

Which component in the browser determines where to fetch the required information to build up a webpage?

HTML

What enables browsers to gather information from third-party sites without requiring login credentials?

Browser trust

Why might a victim often be unaware of their browser fetching information from third-party sites?

Data retrieval occurs in the background

What type of attack occurs because the web application is vulnerable?

Server side request forgery (SSRF)

How can developers prevent server side request forgery vulnerabilities?

By evaluating input to the server and output from the server

What was the result of the 2019 SSRF attack on the Capital One bank website?

Sensitive information such as social security numbers and bank account numbers were accessed

What service was misconfigured, leading to the SSRF attack on Capital One's website?

Web application firewall (WAF)

What type of cloud storage service did the attacker access using the SSRF attack?

Amazon S3

Why is it important to close SSRF vulnerabilities promptly?

To prevent attackers from gaining unauthorized access to services

What type of code is executed on the client side when you visit a website?

HTML and JavaScript

Which attack takes advantage of the trust a website has in a user's browser to perform actions on behalf of the user?

Cross Site Request Forgery (CSRF)

What is the purpose of anti-forgery techniques in web applications?

To prevent unauthorized actions using user credentials

What could an attacker potentially do in a successful Cross Site Request Forgery (CSRF) attack?

Transfer funds from the victim's account

Which type of attack does not require exploiting the trust between a website and a user's browser?

Server Side Request Forgery (SSRF)

What is one way that a Cross Site Request Forgery (CSRF) attack can be initiated?

Through a hyperlink in an email

In a Server Side Request Forgery (SSRF) attack, what does the attacker need to find to exploit the vulnerability?

A vulnerable web application on the server

What technique is usually used in web applications to prevent Cross Site Request Forgery (CSRF) attacks?

Cryptographic tokens

What behavior can an attacker achieve in a successful Server Side Request Forgery (SSRF) attack?

Accessing otherwise inaccessible services through the web server

What role does PHP primarily play in web development as mentioned in the text?

Executing code on the web server for back end processes

Where do the videos on a website typically come from?

The YouTube servers

What is responsible for determining where the browser fetches information from to build a webpage?

HTML content

Why might a victim be unaware of their browser fetching information from third-party sites?

The embedded nature of content retrieval

What kind of credentials are typically not required when loading information from third-party sites on a webpage?

Browser login credentials

Which party benefits from the trust a user's browser has in gathering information from third-party sites?

Third-party servers

What is significant about the requests made by a browser when loading content from YouTube and Instagram?

They do not involve user logins for access

What is the primary reason an attacker might use Server Side Request Forgery (SSRF) as described in the text?

To query the web server for additional functions

How does an attacker leverage Server Side Request Forgery (SSRF) to access a file storage device?

By intercepting communication between the web server and the device

In a successful SSRF attack, what critical information enabled the attacker to access Amazon's S3 buckets?

Security credentials of the WAF

What potential data breach was a direct result of the SSRF attack on Capital One's website in 2019?

Credit card applications from 2005 through 2019

How can developers mitigate the risk of SSRF vulnerabilities based on the information provided?

Using a properly configured Web Application Firewall (WAF)

Why is it challenging for victims to detect an SSRF attack through their web browser?

The attacks exploit trust between the website and server

What is a common abbreviation used for Cross Site Request Forgery?

CSSRF

In a Cross Site Request Forgery attack, what action does the attacker want the user to take?

Click on a specific hyperlink

What is the primary role of HTML and PHP code on the web server mentioned in the text?

Performing back end processes

Which type of attack requires the attacker to have the user's browser logged into a website?

Cross Site Request Forgery

What is one reason why an attacker would prefer Server Side Request Forgery over Cross Site Request Forgery?

Doesn't involve manipulating the client's browser

How can web application developers prevent Cross Site Request Forgery attacks as mentioned in the text?

Implementing cryptographic tokens

What is a characteristic of a Server Side Request Forgery (SSRF) attack that differentiates it from other attacks?

Involves sending requests directly to the server

HTML and JavaScript are often presented to which part of a website?

Client