The SecOps Group CAP Actual Free Exam Questions & Community Discussion
Null Byte Injection is an active exploitation technique used to bypass sanity-checking filters in web applications by adding a URL-encoded null byte character to the user-supplied data. Which of the following is a URL-encoded representation of a null byte?
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
An application's forget password functionality is described below:
The user enters their email address and receives a message on the web page:
"If the email exists, we will email you a link to reset the password"
The user also receives an email saying:
"Please use the link below to create a new password:"
(Note that the developer has included a one-time random token with the 'userId' parameter in the link). So, the link seems like:
https://example.com/reset_password?userId=5298&token=70e7803e-bf53-45e1-8a3f-fb15da7de3a0 Will this mechanism prevent an attacker from resetting arbitrary users' passwords?
The user enters their email address and receives a message on the web page:
"If the email exists, we will email you a link to reset the password"
The user also receives an email saying:
"Please use the link below to create a new password:"
(Note that the developer has included a one-time random token with the 'userId' parameter in the link). So, the link seems like:
https://example.com/reset_password?userId=5298&token=70e7803e-bf53-45e1-8a3f-fb15da7de3a0 Will this mechanism prevent an attacker from resetting arbitrary users' passwords?
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
In the context of the Race Condition vulnerability, which of the following statements is true?
Correct Answer: D
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Which of the following is a common attack in the context of SAML security?
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
The application is vulnerable to Cross-Site Scripting. Which of the following exploitation is NOT possible at all?
Correct Answer: C
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
The following request is vulnerable to Cross-Site Request Forgery vulnerability.
POST /changepassword HTTP/2Host: example.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) rv:107.0) Gecko/20100101 Firefox/107.0 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec- Fetch-Site: same-origin Cookie: JSESSIONID=38RC5ECV10785B53AF19816E92E2E50 Content-Length: 95 new_password=lov3MyPiano23&confirm_password=lov3MyPiano23
POST /changepassword HTTP/2Host: example.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) rv:107.0) Gecko/20100101 Firefox/107.0 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec- Fetch-Site: same-origin Cookie: JSESSIONID=38RC5ECV10785B53AF19816E92E2E50 Content-Length: 95 new_password=lov3MyPiano23&confirm_password=lov3MyPiano23
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
0
0
0
10