Question

a video-game developer as received reports of players who are cheating. all game players each have five capabilities that are ranked on a scale of 1 to 10 points, with 10 total points available for balance. players can move these points between capabilities at any time. the programming logic is as follows:

o a player asks to move points from one capability to another.

o the source capability must have enough points to allow the move.

o the destination capability must not exceed 10 after the move.

o the move from source capability to destination capability is then completed.

the time stamps of the game logs show each step of the transfer process takes about 900ms. however, the time stamps of the cheating players show capability transfers at the exact same time. the cheating players have 10 points in multiple capabilities. which of the following is MOST likely being exploited to allow these capability transfers?

A. TOC/TOU

B. CSRF

C. Memory leak

D. XSS.

E. SQL injection

F. Integer overflow

Answer 1

TOC/TOU:
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state.

TOCTOU Abbrevation - Time of Check To Time Of Use

Here in this case, check of points that gamer has caoability to send the points to allow other move.

------------------------------------

CSRF attack principle:

It's like the client must have a website and generate cookie credentials stored in the browser
When cookie is not cleared, the client tabs a page to visit other websites

Here in this case, the gamer wants to send the point to other move, and before that gamer must be created for move. Otherwise, points will be added to other gamer.

--------------------------------------
Memory leak

Memory leak, is not related to the given logic as memory is within gamer itself.

--------------------------------------

Cross site scripting (XSS)

There are two types of XSS. 1) Stored. 2) Reflected.

Stored Xss known as Persistent XSS. Example is SQLInjecton

Reflected XSS is known as malicious script off of a web application. It's like the link is activated once the link is closed on.

This is applicable for the given logic the multiple capabilties of cheating in 10 points

-----------------------------------------

SQL Injection

It's possible to execute malicious SQL statement. It controls a data base server behind the web application. Attackers can use SQL Injection to bypass application secuirty measures.
Ex: Credentials to find the users in database
May be duplicate database with duplicate credentials

There's possible in update of points

---------------------------------------------

Integer Overflow

Integer overflow is the condition related to arithmetic operation such as multiplication or addition etc.

This can be done when a change in point from one stage to other stage.

Ex: Sending capability transfers can be done but with high processing time as the integer length is more.