Free Access to ECCouncil.312-50v12.v2024-07-08.q287 with Valid Practice Test (Page 20)

Question 91

Study the following log extract and identify the attack.

A.Hexcode Attack
B.Multiple Domain Traversal Attack
C.Unicode Directory Traversal Attack
D.Cross Site Scripting

Question 92

In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses.
What is the tool used by Hailey for gathering a list of words from the target website?

A.CeWL
B.Psiphon
C.Shadowsocks
D.Orbot

Question 93

An ethical hacker is hired to evaluate the defenses of an organization's database system which is known to employ a signature-based IDS. The hacker knows that some SQL Injection evasion techniques may allow him to bypass the system's signatures. During the operation, he successfully retrieved a list of usernames from the database without triggering an alarm by employing an advanced evasion technique. Which of the following could he have used?

A.Utilizing the char encoding function to convert hexadecimal and decimal values into characters that pass-through SQL engine parsing
B.Using the URL encoding method to replace characters with their ASCII codes in hexadecimal form
C.Implementing sophisticated matches such as "OR 'john' = john" in place of classical matches like "OR
1-1"
D.Manipulating white spaces in SQL queries to bypass signature detection

Correct Answer: D

The hacker could have used the technique of manipulating white spaces in SQL queries to bypass signature detection. This technique involves inserting, removing, or replacing white spaces in SQL queries with other characters or symbols that are either ignored or interpreted as white spaces by the SQL engine, but not by the signature-based IDS. This way, the hacker can alter the appearance of the query and evade the pattern matching of the IDS, while preserving the functionality and logic of the query. For example, the hacker could replace the space character with a tab character, a newline character, a comment symbol, or a URL-encoded value, such as %2012.
The other options are not correct for the following reasons:
* A. Utilizing the char encoding function to convert hexadecimal and decimal values into characters that pass-through SQL engine parsing: This option is not feasible because the char encoding function is not supported by all SQL engines, and it may not be able to convert all hexadecimal and decimal values into valid characters. Moreover, the char encoding function may not be able to bypass the signature detection of the IDS, as it may still match the keywords or syntax of the SQL query3.
* B. Using the URL encoding method to replace characters with their ASCII codes in hexadecimal form:
This option is not effective because the URL encoding method is not applicable to SQL queries, as it is
* designed for encoding special characters in URLs. The URL encoding method may not be able to replace all characters with their ASCII codes, and it may not be able to preserve the functionality and logic of the SQL query. Furthermore, the URL encoding method may not be able to evade the signature detection of the IDS, as it may still match the keywords or syntax of the SQL query4.
* C. Implementing sophisticated matches such as "OR 'john' = john" in place of classical matches like
"OR 1-1": This option is not advanced because it is a common and basic SQL injection technique that does not involve any evasion or obfuscation. This technique involves injecting a logical expression that is always true, such as "OR 'john' = john" or "OR 1-1", to bypass the authentication or authorization checks of the SQL query. However, this technique may not be able to bypass the signature detection of the IDS, as it may easily match the keywords or syntax of the SQL query.
References:
* 1: SQL Injection Evasion Detection - F5
* 2: Mastering SQL Injection with SQLmap: A Comprehensive Evasion Techniques Cheatsheet
* 3: SQL Injection Prevention - OWASP Cheat Sheet Series
* 4: URL Encoding - W3Schools
* : SQL Injection - OWASP Foundation

Question 94

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

A.DNSSEC
B.Resource records
C.Resource transfer
D.Zone transfer

Question 95

Mason, a professional hacker, targets an organization and spreads Emotet malware through malicious script. After infecting the victim's device. Mason further used Emotet to spread the infection across local networks and beyond to compromise as many machines as possible. In this process, he used a tool, which is a self-extracting RAR file, to retrieve information related to network resources such as writable share drives. What is the tool employed by Mason in the above scenario?

A.NetPass.exe
B.Outlook scraper
C.WebBrowserPassView
D.Credential enumerator

Question 91

Question 92

Question 93

Question 94

Question 95

Download PDF File