Answers can be found at http://mdsec.net/wahh.
- A network device provides a web-based interface for performing device configuration. Why is this kind of functionality often vulnerable to OS command injection attacks?
- You are testing the following URL:
Changing the value of the country parameter to foo results in this error message:
Could not open file: D:\app\default\home\logs\foo.log (invalid file).
What steps could you take to attack the application?
- You are testing an AJAX application that sends data in XML format within POST requests. What kind of vulnerability might enable you to read arbitrary files from the server's filesystem? What prerequisites must be in place for your attack to succeed?
- You make the following request to an application that is running on the ASP.NET platform:
POST /home.aspx?p=urlparam1&p=urlparam2 HTTP/1.1
The application executes the following code:
String param = Request.Params[“p”];
What value does the param variable have?
- Is HPP a prerequisite for HPI, or vice versa?
- An application contains a function that proxies requests to external domains and returns the responses from those requests. To prevent server-side redirection attacks from retrieving protected resources on the application's own web server, the application blocks requests targeting localhost or 127.0.0.1. ...