Question

In: Computer Science

Could someone show me two different ways a hacker can get into a program by exploiting...

Could someone show me two different ways a hacker can get into a program by exploiting weaknesses in code? Also, could you show me examples that shows the potential vulnerability. Could you show me the website where you got those examples. Thank you.

Solutions

Expert Solution

Note: If you like my efforts then please do upvote this answer. I really need it. I hope you will like my answer because I am sharing my personal experience as well.

-----------------------------------------------------------------------------------------

There are multiple ways a hacker can get into a program. I am explaining two of them and the third one is my experience.

  1. SQL Injection attacks: SQL stands for Structured Query Language. It is used to interact with the database. Like we can update the data, retrieve the data or even delete the data. Now the first step of doing all of these is Login. You need to have a login ID and password to access the database. An SQL injection attack places SQL into a web form in an attempt to get the application to run it. For example, instead of typing plain text into a username or password field, a hacker may type in ‘ OR 1=1. As you can see that 1=1 which is true and the sole purpose of the login is to check if the user exists in the database or not. This can allow a hacker to gain access to a restricted section of a website. After gaining the access hacker can do anything with the data. But now a days it is really difficult to fool the system with such attack.
  2. Cross Site Scripting (XSS):
    Cross Site Scripting is a serious vulnerability which is usually used for website hacking. It is one of the more difficult vulnerabilities to deal with. Many XSS attacks use malicious scripts embedded in hyperlinks. When the user clicks on the hyperlinks, the sensitive information may be compromised, hijack a web session or take over a user account.

My experience: I personally love hacking(whiteHat). WhiteHat means finding the vulnerabilities/loop holes in a software and then aware the company about it. When I was in my college I was checking out an OTT platform. At OTT platform we can watch shows but it's a paid service. I was not a OTT platform user but I still got the access to watch all the shows without even paying even a single penny. What I did is that, I signed in as a normal user and at the time of paying the money for OTT subscription I filled the wrong Credit card details. Soon after I received an e-mail saying that your payment is under process but when I opened the OTT app, I was able to access all the shows. This was a major bug in that OTT platform. I enjoyed the free shows for one years without even paying anything.

I hope you like the answer. Please upvote it.

WebsiteLink: I cannot directly paste the link here. Just google "Website Hacking - The Most Common Techniques And Methods". Open the first link and that's it.


Related Solutions

What kind of information can a hacker get from a good packet sniffer program? How could...
What kind of information can a hacker get from a good packet sniffer program? How could packet sniffing be used in a good way or positive benefits?
Can someone show me the steps of how to solve this? A program needs to access...
Can someone show me the steps of how to solve this? A program needs to access the following pages: 1, 2, 3, 4, 2, 1, 3, 2, 1, 4, 2, 3 There are 3 initially empty frames, how many page faults will there be respectively, if we use First-in-First-out, and Farthest-in-Future page replacement algorithms? A) 7 and 7 B) 7 and 6 --  Correct Answer   C) 6 and 6 D) 6 and 5
Hello, I was wondering if someone could show me the process as to how to answer...
Hello, I was wondering if someone could show me the process as to how to answer this question. The answers were posted by the teacher assistant however I do not actually know how to solve the question: The production function of a firm is given as ? =K 1/2, L1/2 , capital is 200. The rental rate for both labor and capital is 5 and 20. There are total 20 firms that produce the same good. A. Write down the...
Can someone do this in Excel and show me the formulas as well. The management of...
Can someone do this in Excel and show me the formulas as well. The management of Tri-County Air Taxi, Inc., is considering the replacement of an old machine used in its helicopter repair facility. It is fully depreciated but it can be used by the corporation through 20x5. If management decides to replace the old machine, James Transportation Company has offered to purchase it for $69,000 on the replacement date. The old machine would have no salvage value in 20x5....
can someone explain to me how to get equity from a real estate investement?
can someone explain to me how to get equity from a real estate investement?
I have the answers listed I just want to know if someone could show me the...
I have the answers listed I just want to know if someone could show me the work step by step! Q1. A ball of mass 60 g is dropped from a height of 3.4 m. It lands on the top of a frictionless ramp at height 1.8 m. The ramp is tilted at an angle of 20 degrees. (a) What is the velocity of the ball at the top of the ramp? Answer: 5.6 m/s (b) At the bottom of...
Could someone show me how I could create a linear regression model without any intercepts using...
Could someone show me how I could create a linear regression model without any intercepts using Matrix operations. The following points are: (x1, x2, y): (2, 3, 15), (4, 5, 23), (1, 2, 8), and (3, 5, 21).
Can someone show me how to do a test for lack of fit for the following...
Can someone show me how to do a test for lack of fit for the following data? Please show all work for an up vote. Thanks. y x4 x7 x9 29.5 1.5 4 0 27.9 1.175 3 0 25.9 1.232 3 0 29.9 1.121 3 0 29.9 0.988 3 0 30.9 1.24 3 1 28.9 1.501 3 0 35.9 1.225 3 0 31.5 1.552 3 0 31 0.975 2 0 30.9 1.121 3 0 30 1.02 2 1 36.9 1.664...
Can someone explain to me the program step by step next to each statement in the...
Can someone explain to me the program step by step next to each statement in the program by using comment \\ and do the program using the basic c++ cuz down program looked messy advance? a. Request a five-letter string value from the console. b. If the input string is not a five-letter word, print that the word is not a five-letter word. c. If the input string is a five-letter word,determine if the word is or is not a...
Can someone explain to me whether we can compare the NPVs of Projects with different life...
Can someone explain to me whether we can compare the NPVs of Projects with different life times and Investment amounts? I know it has to do with the reinvestment assumption of cash flows but don´t really understand the sense behind it. Can someone please make this clear to me (best by using NPV calculations and tables for 2 different Projects with different Investment amounts) Thanks a lot
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT