312-50V12 Question #7: Real Exam Question with Answer & Explanation

Question

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney's account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boney's account. What is the attack performed by Boney in the above scenario?

Options

• AForbidden attack
• BCRIME attack
• CSession donation attack
• DSession fixation attack

Explanation

This question tests knowledge of session-based web attacks, specifically how an attacker can manipulate session handling to capture victim data into their own account.

Common mistakes.

• A. A forbidden attack exploits weaknesses in CBC-mode encryption using a known IV to forge authentication tokens, which is unrelated to session ID sharing or account linking.
• B. The CRIME (Compression Ratio Info-leak Made Easy) attack exploits TLS/SSL data compression to recover session cookies by analyzing compressed ciphertext size, which is not related to sharing a session ID with a victim via a link.
• D. Session fixation involves the attacker forcing a victim to use a specific session ID so that once the victim authenticates, the attacker can hijack that now-authenticated session - the key difference is the attacker gains access to the victim's authenticated account, whereas in session donation the victim is linked to the attacker's account.

Concept tested. Session donation attack vs session fixation distinction

Reference. https://owasp.org/www-community/attacks/Session_fixation

No community discussion yet for this question.