- Home
- ECCouncil
- Certified Ethical Hacker Exam (CEH v11)
- ECCouncil.312-50v11.v2023-03-29.q123
- Question 5
Valid 312-50v11 Dumps shared by ExamDiscuss.com for Helping Passing 312-50v11 Exam! ExamDiscuss.com now offer the newest 312-50v11 exam dumps, the ExamDiscuss.com 312-50v11 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 312-50v11 dumps with Test Engine here:
Access 312-50v11 Dumps Premium Version
(525 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 5/123
Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/feed.php?url:externaIsile.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server. What is the type of attack Jason performed In the above scenario?
Correct Answer: B
Explanation
Server-side request forgery (also called SSRF) is a net security vulnerability that allows an assaulter to induce the server-side application to make http requests to associate arbitrary domain of the attacker's choosing.
In typical SSRF examples, the attacker might cause the server to make a connection back to itself, or to other web-based services among the organization's infrastructure, or to external third-party systems.
Another type of trust relationship that often arises with server-side request forgery is where the application server is able to interact with different back-end systems that aren't directly reachable by users. These systems typically have non-routable private informatics addresses. Since the back-end systems normally ordinarily protected by the topology, they typically have a weaker security posture. In several cases, internal back-end systems contain sensitive functionality that may be accessed while not authentication by anyone who is able to act with the systems.
In the preceding example, suppose there's an body interface at the back-end url https://192.168.0.68/admin.
Here, an attacker will exploit the SSRF vulnerability to access the executive interface by submitting the following request:
POST /product/stock HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 118
stockApi=http://192.168.0.68/admin
Server-side request forgery (also called SSRF) is a net security vulnerability that allows an assaulter to induce the server-side application to make http requests to associate arbitrary domain of the attacker's choosing.
In typical SSRF examples, the attacker might cause the server to make a connection back to itself, or to other web-based services among the organization's infrastructure, or to external third-party systems.
Another type of trust relationship that often arises with server-side request forgery is where the application server is able to interact with different back-end systems that aren't directly reachable by users. These systems typically have non-routable private informatics addresses. Since the back-end systems normally ordinarily protected by the topology, they typically have a weaker security posture. In several cases, internal back-end systems contain sensitive functionality that may be accessed while not authentication by anyone who is able to act with the systems.
In the preceding example, suppose there's an body interface at the back-end url https://192.168.0.68/admin.
Here, an attacker will exploit the SSRF vulnerability to access the executive interface by submitting the following request:
POST /product/stock HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 118
stockApi=http://192.168.0.68/admin
- Question List (123q)
- Question 1: Which wireless security protocol replaces the personal pre-s...
- Question 2: An organization is performing a vulnerability assessment for...
- Question 3: Garry is a network administrator in an organization. He uses...
- Question 4: Take a look at the following attack on a Web Server using ob...
- Question 5: Jason, an attacker, targeted an organization to perform an a...
- Question 6: You are programming a buffer overflow exploit and you want t...
- Question 7: jane, an ethical hacker. Is testing a target organization's ...
- Question 8: Susan, a software developer, wants her web API to update oth...
- Question 9: You just set up a security system in your network. In what k...
- Question 10: This wireless security protocol allows 192-bit minimum-stren...
- Question 11: Heather's company has decided to use a new customer relation...
- Question 12: What is the role of test automation in security testing?...
- Question 13: Which ios jailbreaking technique patches the kernel during t...
- Question 14: To hide the file on a Linux system, you have to start the fi...
- Question 15: Gerard, a disgruntled ex-employee of Sunglass IT Solutions, ...
- Question 16: Nathan is testing some of his network devices. Nathan is usi...
- Question 17: What useful information is gathered during a successful Simp...
- Question 18: Scenario: Joe turns on his home computer to access personal ...
- Question 19: What is the common name for a vulnerability disclosure progr...
- Question 20: Which of the following tools can be used to perform a zone t...
- Question 21: Alice, a professional hacker, targeted an organization's clo...
- Question 22: Samuel a security administrator, is assessing the configurat...
- Question 23: While performing online banking using a Web browser, a user ...
- Question 24: You are tasked to perform a penetration test. While you are ...
- Question 25: If you want to only scan fewer ports than the default scan u...
- Question 26: Identify the UDP port that Network Time Protocol (NTP) uses ...
- Question 27: Ethical hacker jane Smith is attempting to perform an SQL in...
- Question 28: Elliot is in the process of exploiting a web application tha...
- Question 29: Wilson, a professional hacker, targets an organization for f...
- Question 30: Dorian Is sending a digitally signed email to Polly, with wh...
- Question 31: A technician is resolving an issue where a computer is unabl...
- Question 32: Johnson, an attacker, performed online research for the cont...
- Question 33: Peter extracts the SIDs list from Windows 2000 Server machin...
- Question 34: Internet Protocol Security IPsec is actually a suite pf prot...
- Question 35: What is the file that determines the basic configuration (sp...
- Question 36: Which among the following is the best example of the hacking...
- Question 37: What is the purpose of DNS AAAA record?...
- Question 38: George is a security professional working for iTech Solution...
- Question 39: _________ is a set of extensions to DNS that provide the ori...
- Question 40: Which of the following is a command line packet analyzer sim...
- Question 41: What firewall evasion scanning technique make use of a zombi...
- Question 42: To determine if a software program properly handles a wide r...
- Question 43: An attacker identified that a user and an access point are b...
- Question 44: Mr. Omkar performed tool-based vulnerability assessment and ...
- Question 45: An attacker changes the profile information of a particular ...
- Question 46: Which command can be used to show the current TCP/IP connect...
- Question 47: You have successfully comprised a server having an IP addres...
- Question 48: Study the snort rule given below and interpret the rule. ale...
- Question 49: Joe works as an IT administrator in an organization and has ...
- Question 50: which of the following information security controls creates...
- Question 51: Harris is attempting to identify the OS running on his targe...
- Question 52: An attacker can employ many methods to perform social engine...
- Question 53: Which of the following is considered an exploit framework an...
- Question 54: Hackers often raise the trust level of a phishing message by...
- Question 55: What is the following command used for? net use \targetipc$ ...
- Question 56: Techno Security Inc. recently hired John as a penetration te...
- Question 57: What is the following command used for? sqlmap.py-u ,,http:/...
- Question 58: An attacker decided to crack the passwords used by industria...
- Question 59: Josh has finished scanning a network and has discovered mult...
- Question 60: A penetration tester is performing the footprinting process ...
- Question 61: What is the main security service a cryptographic hash provi...
- Question 62: An unauthorized individual enters a building following an em...
- Question 63: Null sessions are un-authenticated connections (not using a ...
- Question 64: An attacker changes the profile information of a particular ...
- Question 65: The company ABC recently contracts a new accountant. The acc...
- Question 66: Internet Protocol Security IPsec is actually a suite pf prot...
- Question 67: Some clients of TPNQM SA were redirected to a malicious site...
- Question 68: Heather's company has decided to use a new customer relation...
- Question 69: A large company intends to use Blackberry for corporate mobi...
- Question 70: infecting a system with malware and using phishing to gain c...
- Question 71: Boney, a professional hacker, targets an organization for fi...
- Question 72: Attacker Steve targeted an organization's network with the a...
- Question 73: There have been concerns in your network that the wireless n...
- Question 74: John, a professional hacker, performs a network attack on a ...
- Question 75: If you send a TCP ACK segment to a known closed port on a fi...
- Question 76: Bella, a security professional working at an it firm, finds ...
- Question 77: A penetration tester is conducting a port scan on a specific...
- Question 78: Email is transmitted across the Internet using the Simple Ma...
- Question 79: By performing a penetration test, you gained access under a ...
- Question 80: You went to great lengths to install all the necessary techn...
- Question 81: Bob is doing a password assessment for one of his clients. B...
- Question 82: Roma is a member of a security team. She was tasked with pro...
- Question 83: Kate dropped her phone and subsequently encountered an issue...
- Question 84: what are common files on a web server that can be misconfigu...
- Question 85: Fred is the network administrator for his company. Fred is t...
- Question 86: What is the algorithm used by LM for Windows2000 SAM?...
- Question 87: After an audit, the auditors Inform you that there is a crit...
- Question 88: Suppose that you test an application for the SQL injection v...
- Question 89: John, a professional hacker, decided to use DNS to perform d...
- Question 90: Sam is working as a system administrator In an organization....
- Question 91: In an internal security audit, the white hat hacker gains co...
- Question 92: You are a penetration tester and are about to perform a scan...
- Question 93: While testing a web application in development, you notice t...
- Question 94: To invisibly maintain access to a machine, an attacker utili...
- Question 95: An organization decided to harden its security against web-a...
- Question 96: A user on your Windows 2000 network has discovered that he c...
- Question 97: Bob is going to perform an active session hijack against Bro...
- Question 98: Calvin, a software developer, uses a feature that helps him ...
- Question 99: While browsing his Facebook feed, Matt sees a picture one of...
- Question 100: Bill is a network administrator. He wants to eliminate unenc...
- Question 101: Stella, a professional hacker, performs an attack on web ser...
- Question 102: What would you enter if you wanted to perform a stealth scan...
- Question 103: Becky has been hired by a client from Dubai to perform a pen...
- Question 104: Wilson, a professional hacker, targets an organization for f...
- Question 105: Which of the following is an extremely common IDS evasion te...
- Question 106: Robin, a professional hacker, targeted an organization's net...
- Question 107: Firewalls are the software or hardware systems that are able...
- Question 108: What ports should be blocked on the firewall to prevent NetB...
- Question 109: There have been concerns in your network that the wireless n...
- Question 110: You want to analyze packets on your wireless network. Which ...
- Question 111: The tools which receive event logs from servers, network equ...
- Question 112: Which of the following antennas is commonly used in communic...
- Question 113: John is investigating web-application firewall logs and obse...
- Question 114: Kevin, an encryption specialist, implemented a technique tha...
- Question 115: Which Nmap option would you use if you were not concerned ab...
- Question 116: To create a botnet. the attacker can use several techniques ...
- Question 117: infecting a system with malware and using phishing to gain c...
- Question 118: Robin, a professional hacker, targeted an organization's net...
- Question 119: When a security analyst prepares for the formal security ass...
- Question 120: Which of the following is the BEST way to defend against net...
- Question 121: if you send a TCP ACK segment to a known closed port on a fi...
- Question 122: During the process of encryption and decryption, what keys a...
- Question 123: One of your team members has asked you to analyze the follow...
