nerdexam
Exams312-50V12Questions#235
EC-CouncilEC-Council

312-50V12 · Question #235

312-50V12 Question #235: Real Exam Question with Answer & Explanation

The correct answer is C: Utilize an HTML-encoded XSS payload to trigger a buffer overflow attack, forcing the server to. This question tests understanding of XSS attack strategies when HTTPOnly cookies are in place and input sanitization can be bypassed via HTML encoding. The question is notably flawed, as the marked correct answer (C) is technically incoherent.

Submitted by the_admin· Mar 4, 2026Web Application Hacking

Question

As part of a penetration testing team, you've discovered a web application vulnerable to Cross- Site Scripting (XSS). The application sanitizes inputs against standard XSS payloads but fails to filter out HTML-encoded characters. On further analysis, you've noticed that the web application uses cookies to track session IDs. You decide to exploit the XSS vulnerability to steal users' session cookies. However, the application implements HTTPOnly cookies, complicating your original plan. Which of the following would be the most viable strategy for a successful attack?

Options

  • ABuild an XSS payload using HTML encoding and use it to exploit the server-side code, potentially
  • BDevelop a browser exploit to bypass the HTTPOnly restriction, then use a HTML-encoded XSS
  • CUtilize an HTML-encoded XSS payload to trigger a buffer overflow attack, forcing the server to
  • DCreate a sophisticated XSS payload that leverages HTML encoding to bypass the input

Explanation

This question tests understanding of XSS attack strategies when HTTPOnly cookies are in place and input sanitization can be bypassed via HTML encoding. The question is notably flawed, as the marked correct answer (C) is technically incoherent.

Common mistakes.

  • A. Exploiting server-side code via XSS is not a direct attack vector, as XSS is a client-side vulnerability that executes in the browser rather than against server-side logic.
  • B. Developing a custom browser exploit to bypass HTTPOnly is an extremely complex, resource-intensive approach that is not a practical or standard penetration testing strategy for XSS engagements.
  • D. While technically the most accurate and viable real-world strategy - using HTML-encoded payloads to bypass input sanitization - this answer is incorrectly marked wrong in the provided answer key, despite being the most legitimate penetration testing technique described.

Concept tested. XSS exploitation techniques bypassing HTTPOnly and input sanitization

Reference. https://owasp.org/www-community/attacks/xss/

Topics

#XSS exploitation#HTML encoding bypass#Buffer overflow#Session hijacking

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V12 PracticeBrowse All 312-50V12 Questions