Types of attacks I have learned
- Man in the middle attack
The attacker not only intercepts communications between two systems but also remains undetectable by passing on the communications/ packets they received from one side to the other side and vise versa. The attacker can eavesdrop conversations or alter the communication before forwarding it. There are many types of MITM attacks.
2. ARP Poisoning
ARP poisoning is a form of MITM attack. The attacker pretend to be the router by poisoning the host device’s ARP table (they send fake ARP replies that contains the incorrect mapping of IP address to MAC address every second or few seconds to fool the host into believing that they are the router.)
3. SSL Hijacking
It is again an MITM attack that involves the attacker hijacking secure SSL connections. This can be illustrated with the example of Lenovo and Superfish — essentially Lenovo installed a piece of malware/ spyware-adware that performs MITM attacks on their consumer grade computers. This ‘malware’ installs a self-signed root certificate on the computer in order to intercept HTTPS traffic and its purpose is to act like an adware. However, this essentially broke HTTPS and all websites became trusted websites according to this self-signed root certificate. This provided actual malicious attackers the opportunity to compromise the computers in any way they want.
4. XSS — Cross Site Scripting attack
XSS is the №1 vulnerability on the web today. It is a client-side code injection attack. After the malicious code is injected, when an user views the webpage, the code is executed which compromises the user.
Here is a real world example in which a social media site MySpace was affected — Greatest Moments in Hacking History: Samy Kamkar Takes Down Myspace — YouTube
5. SQL Injection
The attacker can type in specific commands into web forms which are connected to SQL database. The command will allow the attacker to steal or modify data.
6. XSRF — Cross Site Request Forgery
An attack that is possible when the hacker hijacks a legitimate user’s established/ authenticated session token and uses it to perform unauthorized actions such as transferring money to their own account without needing additional verification.
