Ask Question

Consider the attack scenario given below:

Step 1: User browses a web page

Step 2: Web server replies with requested page and sets a cookie on the user's browser

Step 3: Attacker steals cookie (Sniffing, XSS, phishing attack)

Step 4: Attacker orders for product using modified cookie

Step 5: Product is delivered to attacker's address

Identify the web application attack.

Session fixation attack

Unvalidated redirects attack

Cookie poisoning attack

Denial-of-Service (DoS) attack

+4
Answers (1)
  1. 19 May, 00:20
    0
    Cookie Poisoning Attack

    Explanation:

    In this scenario, the attacker steals the cookie in the step 3 for malicious reasons. Here, the attacker modifies the cookies on the web browser. So, the attacker is poisoning the cookies and using it for online orders in this scenario. As the attacker is poisoning the cookies on the browser this is called Cookie Poisoning Attack. In Cookie Poisoning Attacks, the control of browser and the computer and the whole network can be compromised to the attacker. To prevent the Cookie Poisoning Attack, the cookies have to be encrypted for the security reasons.
Know the Answer?
Not Sure About the Answer?
Find an answer to your question 👍 “Consider the attack scenario given below: Step 1: User browses a web page Step 2: Web server replies with requested page and sets a cookie ...” in 📗 Computers & Technology if the answers seem to be not correct or there’s no answer. Try a smart search to find answers to similar questions.
Search for Other Answers