In the screenshot below, an attacker is attempting to exploit which vulnerability?

The SecOps Group CAP Full Course Access

The SecOps Group CAP View All Questions

The SecOps Group CAP Question Answer

POST /dashboard HTTP/1.1

Host: example.com

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) rv:107.0) Gecko/20100101 Firefox/107.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8

Accept-Language: en-GB,en;q=0.5

Accept-Encoding: gzip, deflate

Upgrade-Insecure-Requests: 1

Sec-Fetch-Dest: document

Sec-Fetch-Mode: navigate

Sec-Fetch-Site: none

Sec-Fetch-User: ?1

Cookie: JSESSIONID=7576572ce164646de967c759643d53031

Te: trailers

Connection: keep-alive

Content-Type: application/x-www-form-urlencoded

Content-Length: 81

xml_foo=]>&example;

]>&example;

&example;

Project Meeting

1200

changed example

Path Traversal Attack

Server Side Template Injection

XML Bomb Attack

XML External Entity Attack

Explanation:

The request is a POST to /dashboard with a payload containing XML data, specifically an xml_foo parameter with a declaration and an XML entity (). Let’s analyze the vulnerability:

The payload defines an XML External Entity (XXE) with , which instructs the XML parser to fetch the contents of /etc/passwd (a sensitive system file) and include it in the &example; reference. The XML then includes &example;, which would expand to the contents of /etc/passwd if the parser processes the entity.

This is a classicXML External Entity (XXE) Attack, where an attacker exploits an XML parser’s ability to process external entities to access unauthorized resources (e.g., local files, internal network services) or cause denial-of-service. If the application’s XML parser is misconfigured to allow external entity resolution, this attack can disclose sensitive data like /etc/passwd.

Option A ("Path Traversal Attack"): Incorrect. Path Traversal involves manipulating file paths (e.g., ../../etc/passwd) to access unauthorized files. While the attack aims to access /etc/passwd, it does so via XML entity resolution, not path traversal.

Option B ("Server Side Template Injection"): Incorrect. SSTI (Server-Side Template Injection) involves injecting template expressions (e.g., {{7*7}}) into a server-side template engine. The payload here is XML, not a template expression, and targets XML parsing, not a template engine.

Option C ("XML Bomb Attack"): Incorrect. An XML Bomb (or Billion Laughs attack) involves recursive entity expansion to cause denial-of-service (e.g., ), leading to exponential growth in memory usage. This payload defines a single external entity to fetch a file, not a recursive expansion, so it’s not an XML Bomb.

Option D ("XML External Entity Attack"): Correct, as the payload exploits XXE by defining an external entity to access /etc/passwd.

The correct answer is D, aligning with the CAP syllabus under "XML External Entity (XXE) Attacks" and "OWASP Top 10 (A04:2021 - Insecure Design)."References: SecOps Group CAP Documents - "XXE Vulnerabilities," "XML Parsing Security," and "OWASP XXE Prevention Cheat Sheet" sections.

CAP PDF/Engine

Printable Format
Value of Money
100% Pass Assurance
Verified Answers
Researched by Industry Experts
Based on Real Exams Scenarios
100% Real Questions

Get 65% Discount on All Products, Use Coupon: "ac4s65"

If the end-user input is not validated or sanitized, an application created using which of...

Salt is a cryptographically secure random string that is added to a password before it...

Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

In the screenshot below, an attacker is attempting to exploit which vulnerability?

The Answer Is:

Explanation:

Quick Links