A web application is configured to target browsers and allow access to bank accounts to siphon money to a foreign account.
This is an example of which of the following attacks?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The scenario described in the question is an example of a type of web-based attack called Cross-site scripting (XSS). In this attack, an attacker injects malicious code into a web page that is viewed by unsuspecting users. The injected code can steal sensitive data, such as login credentials or bank account information, and send it to a third-party server controlled by the attacker.
In the given scenario, the web application is configured to target specific browsers, implying that the malicious code is designed to work on specific browser types or versions. This is a common technique used by attackers to maximize the effectiveness of their attacks.
SQL injection (Option A) is a different type of attack that targets vulnerabilities in web applications that use SQL databases. The attacker uses specially crafted input to inject SQL commands into the database, which can lead to unauthorized access to sensitive data.
Header manipulation (Option B) is another type of attack where an attacker modifies HTTP headers in a web request to exploit vulnerabilities in the web application. This can allow the attacker to bypass authentication or gain unauthorized access to the application.
Flash cookie exploitation (Option D) is a technique used to exploit vulnerabilities in Adobe Flash to steal sensitive information, such as login credentials or other user data.
In summary, the correct answer to the question is C. Cross-site scripting, which is a type of web-based attack that involves injecting malicious code into a web page to steal sensitive data.