id

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario?

11 Comments / CEHv11 / By

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in …

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario? Read More »

session ID

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney’s account page without disclosing any information to the victim. When the target employee click on the link, all the sensitive payment details entered in a form are linked to Boney’s account. What is the attack performed by Boney in the above scenario?

Leave a Comment / CEHv11 / By

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID link the target employee to Boney ‘s account page without disclosing any information to the victim. When the target employee click on the link, all …

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney’s account page without disclosing any information to the victim. When the target employee click on the link, all the sensitive payment details entered in a form are linked to Boney’s account. What is the attack performed by Boney in the above scenario? Read More »

RST

Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed. What is the port scanning technique used by Sam to discovers open ports?

Leave a Comment / CEHv11 / By

Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed. What is the port scanning technique used by Sam to discovers open ports? Option 1 : IDLE/IPID header scan Option …

Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed. What is the port scanning technique used by Sam to discovers open ports? Read More »

LDAP

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services?

Leave a Comment / CEHv11 / By

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Option 1 : Zabasearch Option 2 : EarthExplorer Option 3 : Jxplorer Option 4 : ike-scan …

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Read More »