SY0-301 · Question #95
Which of the following application attacks is used to gain access to SEH?
The correct answer is B. Buffer overflow. A Structured Exception Handler (SEH) overwrite is a classic technique achieved through buffer overflow attacks. By overflowing a buffer, an attacker can corrupt the SEH chain and redirect program execution to shellcode.
Question
Which of the following application attacks is used to gain access to SEH?
Options
- ACookie stealing
- BBuffer overflow
- CDirectory traversal
- DXML injection
How the community answered
(37 responses)- A5% (2)
- B92% (34)
- D3% (1)
Why each option
A Structured Exception Handler (SEH) overwrite is a classic technique achieved through buffer overflow attacks. By overflowing a buffer, an attacker can corrupt the SEH chain and redirect program execution to shellcode.
Cookie stealing attacks target session tokens stored in browser cookies to hijack authenticated sessions, not memory structures like SEH.
A buffer overflow attack works by writing data beyond the bounds of an allocated buffer, which can overwrite adjacent memory structures including the SEH chain on Windows systems. When an exception is triggered, the corrupted SEH pointer redirects execution to attacker-controlled code. This technique, known as SEH-based buffer overflow exploitation, is a foundational attack in application security.
Directory traversal attacks manipulate file path input to access files outside the intended directory and do not interact with in-memory exception handling structures.
XML injection attacks manipulate XML parsers through malformed input and do not affect runtime memory structures such as the SEH chain.
Concept tested: Buffer overflow exploit targeting SEH chain
Source: https://owasp.org/www-community/attacks/Buffer_overflow_attack
Topics
Community Discussion
No community discussion yet for this question.