Joe, an attacker, intends to transfer funds discreetly from a victim's account to his own. Which of the following URLs can he use to accomplish this attack?
A) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe'?&amount=200
B) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=False&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' &amount=200
C) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=True&creditaccount='OR 1=1 AND select username from testbank.custinfo where username like 'Joe' ?&amount=200
D) https://testbank.com/BankingApp/ACH.aspx?CustID=435345&accountType=F&action-ACHTransfer&senderID=654846¬ify=True&creditaccount='AND 1=1 AND select username from testbank.custinfo where username like 'Joe' ?&amount=200
Correct Answer:
Verified
Q61: A penetration tester has been asked to
Q62: During an internal penetration test, several multicast
Q63: A tester has determined that null sessions
Q64: A penetration tester runs the following from
Q65: A consultant is performing a social engineering
Q67: After establishing a shell on a target
Q68: During a penetration test, a tester runs
Q69: Given the following: http://example.com/download.php?id-.../.../.../etc/passwd Which of the
Q70: A tester intends to run the following
Q71: Joe, a penetration tester, has received basic
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents