Thursday, August 27, 2015

Exploration of Cyber-Attacks

Attack Definition:
Technique used by hackers to exploit the vulnerability (weakness/flaw in any application/device) is called an attack.

In subsequent posts, we would be exploring attacks to identify their root cause, exploitation and remediation methods.

Attack categories:
Serial No.
Attack Categories
1
Injection
2
Exploitation of authentication
3
Resource manipulation attack
4
Resource depletion attack
5
Abuse of functionality
6
Embedded malicious code execution
7
Protocol manipulation attack
8
Spoofing
9
Data structure attack
10
Path traversal attack

Classification of attacks based upon categories:
1)     INJECTION
SQL Injection
Blind SQL Injection
Static Code Injection
Dynamic Code Injection
Command Injection
LDAP Injection
Comment Injection
Special Character/Element Injection
Server-side Includes Injection
PHP Object Injection
Resource Injection
XPATH Injection
Blind XPATH Injection
Full Path Disclosure
Web Parameter Tampering
Parameter Delimiter
String Format Attack
Cross-site scripting (CSS)
Content Spoofing
Content Security Policy
Cross-Origin Resource Sharing (CORS) RequestPreflighScrutiny

2)     EXPLOITATION OF AUTHENTICATION
Account Lockout Attack
One-click Attack
Session Prediction
Session Hijacking Attack
Session Fixation Attack
Cross Side Request Forgery (CSRF)
Execution after Redirect



3)     RESOURCE MANIPULATION ATTACK
Comment Injection
Special Character/Element Injection
Path Traversal
Relative path Traversal
Repudiation Attack
Application Setting Manipulation
Forced Browsing
Single Encoding Attack
Double Encoding Attack
Malwares



4)     RESOURCE DEPLETION ATTACK
Asymmetric Resource Consumption
Cash Overflow
Denial of Service
Distributed Denial of Service



5)     ABUSE OF FUNCTIONALITY
Account Lockout Attack
Cache Poisoning
Cross-user Defacement
Path Traversal
Mobile code: Invoking Untrusted Mobile Code
Mobile code: Object Hijack
Mobile code:
Non-final Public Variable Manipulation



6)     EMBEDDED MALICIOUS CODE EXECUTION
Cross-Site Request Forgery (CSRF)
Logic/Time Bomb
Malwares

7)     PROTOCOL MANIPULATION ATTACK
HTTP Request Smuggling
HTTP Response Splitting
Encryption Protocol Interception
Traffic Flood



8)     SPOOFING
Cross Site Request Forgery (CSRF)
Cash Overflow
Denial of Service (DOS)
Distributed Denial of Service (DDOS)
Man-in-the-Middle (MIM)
Brute Force Attack


9)     DATA STRUCTURE ATTACK
Buffer Overflow
Attack
Overflow Binary Resource file
Buffer Overflow via Environment Variables

10)  PATH TRAVERSAL ATTACK
Full Path Disclosure
Relative Path Traversal


Source: OWASP (https://www.owasp.org)