Multiple Choice
Joe, an attacker, intends to transfer funds discreetly from a victim's account to his own. Which of the following URLs can he use to accomplish this attack?
A) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe'?&amount=200
B) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' &amount=200
C) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=True&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' ?&amount=200
D) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=True&creditaccount='AND 1=1 AND select username from testbank.custinfo where username like 'Joe' ?&amount=200
Correct Answer:
Verified
Correct Answer:
Verified
Q139: The following line was found in an
Q140: Given the following script: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1257/.jpg" alt="Given
Q141: A tester has determined that null sessions
Q142: A security assessor is attempting to craft
Q143: A senior employee received a suspicious email
Q145: A client is asking a penetration tester
Q146: Which of the following are MOST important
Q147: A penetration tester is reviewing a Zigbee
Q148: In which of the following scenarios would
Q149: Which of the following can be used