Multiple Choice
Joe, an attacker, intends to transfer funds discreetly from a victim's account to his own. Which of the following URLs can he use to accomplish this attack?
A) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe'?&amount=200
B) 1=1 AND select username from testbank.custinfo where username like 'Joe' &amount=200
C) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=True&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' ?&amount=200
D) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=True&creditaccount='AND
Correct Answer:
Verified
Correct Answer:
Verified
Q3: A software development team recently migrated to
Q4: A penetration tester is checking a script
Q5: Which of the following commands will allow
Q6: A client has voiced concern about the
Q7: A company planned for and secured the
Q9: At the information gathering stage, a penetration
Q10: Which of the following is an example
Q11: A penetration tester wants to check manually
Q12: An assessor begins an internal security test
Q13: A penetration tester reviews the scan results