nerdexam
CompTIA

SY0-301 · Question #95

Which of the following application attacks is used to gain access to SEH?

The correct answer is B. Buffer overflow. A Structured Exception Handler (SEH) overwrite is a classic technique achieved through buffer overflow attacks. By overflowing a buffer, an attacker can corrupt the SEH chain and redirect program execution to shellcode.

Threats, vulnerabilities, and mitigations

Question

Which of the following application attacks is used to gain access to SEH?

Options

  • ACookie stealing
  • BBuffer overflow
  • CDirectory traversal
  • DXML injection

How the community answered

(37 responses)
  • A
    5% (2)
  • B
    92% (34)
  • D
    3% (1)

Why each option

A Structured Exception Handler (SEH) overwrite is a classic technique achieved through buffer overflow attacks. By overflowing a buffer, an attacker can corrupt the SEH chain and redirect program execution to shellcode.

ACookie stealing

Cookie stealing attacks target session tokens stored in browser cookies to hijack authenticated sessions, not memory structures like SEH.

BBuffer overflowCorrect

A buffer overflow attack works by writing data beyond the bounds of an allocated buffer, which can overwrite adjacent memory structures including the SEH chain on Windows systems. When an exception is triggered, the corrupted SEH pointer redirects execution to attacker-controlled code. This technique, known as SEH-based buffer overflow exploitation, is a foundational attack in application security.

CDirectory traversal

Directory traversal attacks manipulate file path input to access files outside the intended directory and do not interact with in-memory exception handling structures.

DXML injection

XML injection attacks manipulate XML parsers through malformed input and do not affect runtime memory structures such as the SEH chain.

Concept tested: Buffer overflow exploit targeting SEH chain

Source: https://owasp.org/www-community/attacks/Buffer_overflow_attack

Topics

#buffer overflow#SEH#application exploit#memory corruption

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice