Halloween Quiz A

The rules are simple. This is a TRUE or FALSE quiz, where TRUE = TREAT and FALSE = TRICK.

Good luck…

Question 1

The encoded character sequence ../ is often used to exploit path traversal vulnerabilities.

Correct!

Opps, Wrong!

TRUE - ../ is used to traverse up the directory tree escaping the directory the developer intended the application to read files from, and potentially allow the attacker to reach sensitive files which they can use to their advantage.

Question 2

SSRF stands for "Server Side Request Forgery"?

Correct!

Opps, Wrong!

TRUE - Server side request forgery is an attack that triggers the server side application to interact with internal (or external) network sources. Attacks vectors such as this are often found when the user has the ability to supply a URL as part of the request. A successful attacker can leverage this vulnerability to gain access to sensitive data, perform unauthorized modifications or in some situation execute remote code.

Question 3

The error message "Unclosed quotation mark after the character string" may indicate a Cross Site Scripting vulnerability.

Correct!

Opps, Wrong!

FALSE - This error message usually indicates SQL Injection vulnerability.

Question 4

Base64 encoded data is securely encrypted and cannot be read by an attacker who intercepts the data.

Correct!

Opps, Wrong!

FALSE - Base64 encoded data is encoded to an ASCII character set so that it can pass through environments where non-ASCII characters would cause issues. Base64 is NOT encryption, it is therefore trivial for anyone to decode the data.

Question 5

A Web Application Firewall (WAF) will not protect me from all Web Application vulnerabilities.

Correct!

Opps, Wrong!

TRUE - A WAF is an excellent defensive measure. However a WAF cannot defend against some types of vulnerability where a legitimate request and a malicious request cannot be distinguished, for example an IDOR vulnerability may only require a number to be changed in a request parameter. Additionally it may be possible to bypass the WAF's detection by using novel encoding or splitting the payload between multiple parameters.

Nice try, but it might be time to check out our security blog!

Looks like someone knows a few things...

Those were some frightfully good answers!