Hacking Web Applications

Correct Answer: Burp Suite

Burp Suite is the correct answer because it is specifically designed as a web proxy tool for intercepting, inspecting, and modifying HTTP/HTTPS traffic between a browser and server. Security professionals commonly use it to test client-side controls by intercepting requests, modifying parameters, and bypassing client-side validation. It includes features like an intercepting proxy, request repeater, and various tools for testing web application security. Nessus Scanner is primarily a vulnerability assessment tool, not designed specifically for HTTP interception. While it can identify vulnerabilities in web applications, it doesn't function as an intercepting proxy for modifying traffic in real-time. Metasploit Framework is an exploitation framework used for penetration testing. Its HTTP modules are designed for scanning and exploiting vulnerabilities, not primarily for intercepting and modifying traffic between browser and server. Wireshark is a network protocol analyzer that can capture and analyze traffic. While it can capture HTTP/HTTPS traffic with proper key exchange configuration, it is not designed as an intercepting proxy that allows easy modification of traffic. It's better suited for passive analysis rather than active interception and modification.

Correct Answer: Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is the correct answer. XSS is a vulnerability that allows attackers to inject malicious client-side scripts into web pages viewed by other users. When successful, these scripts can access cookies, session tokens, and other sensitive information retained by the browser and used with that site. This allows the attacker to steal session cookies and impersonate legitimate users. SQL Injection is incorrect because it targets database queries by inserting malicious SQL code, not for stealing cookies or session information from users' browsers. Cross-Site Request Forgery (CSRF) is incorrect because it tricks users into performing unwanted actions on a site where they're authenticated, rather than stealing their cookies or session information. Session Hijacking through Man-in-the-Middle attacks is incorrect as the primary technique. While this is a form of session hijacking, it involves intercepting communication between parties, not injecting code into web applications to steal cookies.

Correct Answer: SQL Injection

The scenario describes a classic SQL Injection vulnerability. When adding a semicolon followed by SQL commands to a valid parameter (username=test';SELECT * FROM users;), the application executes both commands. This indicates the application is not properly sanitizing input and is passing user-supplied data directly to a SQL interpreter.

SQL Injection occurs when user input is incorporated into SQL queries in an insecure way, allowing attackers to modify or expand the original query's logic. In this case, the semicolon terminates the original statement and allows execution of the attacker's arbitrary SQL command.

Cross-Site Scripting (XSS) involves injecting malicious scripts into web pages viewed by others, not database queries.

Parameter Manipulation is too general - while this is parameter manipulation, the specific vulnerability type is SQL Injection.

Command Injection with SQL execution capability is close but not the standard terminology. This describes a SQL Injection attack rather than a separate type of vulnerability.