contestada

Consider the attack scenario given below:
Step 1: User browses a web page
Step 2: Web server replies with requested page and sets a cookie on the user’s browser
Step 3: Attacker steals cookie (Sniffing, XSS, phishing attack)
Step 4: Attacker orders for product using modified cookie
Step 5: Product is delivered to attacker’s address
Identify the web application attack.
Session fixation attack
Unvalidated redirects attack
Cookie poisoning attack
Denial-of-Service (DoS) attack

Respuesta :

cheathere

Answer:

Cookie Poisoning Attack

Explanation:

  • In this scenario, the attacker steals the cookie in the step 3 for malicious reasons.
  • Here, the attacker modifies the cookies on the web browser.
  • So, the attacker is poisoning the cookies and using it for online orders in this scenario.
  • As the attacker is poisoning the cookies on the browser this is called Cookie Poisoning Attack.
  • In Cookie Poisoning Attacks, the control of browser and the computer and the whole network can be compromised to the attacker.
  • To prevent the Cookie Poisoning Attack, the cookies have to be encrypted for the security reasons.

Otras preguntas