Question

A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security engineer takes screenshots of how data was compromised in the application. Given the information below from the screenshot.

2019-11-21 13:11:45 POST https://company.com/store <-- 200 text/plain 2.02 kB 0.99 .Request... ..**Response** ..... Detail... : Status: 200 Content-Types: text/plain Content-Length: 2022 Date: Sun, 21 Nov 2019 18:11:45 GMT ......RAW... Method: POST Protocol: HTTP/2.0 RemoteAddr: v10.10.45.00:443 RequestURI: "/store" "product":[ { "item": "745" "name": "Deluxe Pencil Case" "price": "0.10" "discount": "0.10" } }

Which of the following tools was MOST likely used to exploit the application?

A. The engineer captured the data with a protocol analyzer, and then utilized Python to edit the data

B. The engineer queried the server and edited the data using an HTTP proxy interceptor

C. The engineer used a cross-site script sent via curl to edit the data

D. The engineer captured the HTTP headers, and then replaced the JSON data with a banner-grabbing tool

PLEASE EXPLAIN THE CORRECT ANSWER OPTION CHOICE AND REASONING ALONG WITH REASONING WHY OTHER OPTIONS ARE NOT CORRECT FOR A THUMBS UP, THANKS...

Answer 1

Solution

Answer

B. The engineer queried the server and edited the data using an HTTP proxy interceptor

Explanation

HTTP proxy interceptor is a network tool that is used to analyze the traffic and edit or modify the traffic and in some situation inject traffic into the normal session created between a client & server

Hence the option B is the correct answer

---

all the best