This document discusses application layer attacks and how attackers target vulnerabilities in applications and operating systems. It describes common application attack techniques like privilege escalation, improper input handling, error handling, cross-site scripting, buffer overflows, SQL injections, and DLL injections. The document provides examples of each type of attack and how attackers are able to compromise systems or access unauthorized data by exploiting vulnerabilities at the application layer.

1. In this video we will learn
about the Application
Attacks & Application
Layer Attacks
Friendly Tip: Please take notes to better remember concepts
Core Cyber Security
Concepts

2. Application
Presentation
Session
Transport
Network
Data Link
Physical Layer
- Allows access to network resources
- To translate encrypt and compress data
- establish, manage and terminate sessions
- to provide reliable process-process message
delivery and error recovery
- to move packets from source to destination and
provide inter-networking
- to organize bits into frames and to provide hop-
hop delivery
- to transmit bits over a medium and to provide
mechanical/electrical specifications
OSI
Layers
In Secure Architecture Lecture we'll learn more about the OSI Model.
However In this
video we'll be
learning more
about the
Application
attacks &
Application
layer attacks .

3. Application Attacks :
" In Application Layer, softwares are used to target computers
and cause fault in their operating systems/ applications "
By attacking the application
Layer, Attacker carries out the
application attacks to take
advantage of the vulnerabilities
in the software or Operating
systems in the Target devices "

4. Application Attacks :
Usually Application attacks are carried out by taking advantage of
the following vulnerabilities present in Target device, such as
The web browser or any application or
Software that connected to a network
Target Operating System

5. Application attacks are carried out by the following techniques:
Application Attacks :
Privilege Escalation
Privilege escalation is the act of taking
advantage of a bug, a design flaw, or a
configuration error in an
application/OS to accquire higher
privileges inorder to gain
unauthorized access to restricted data

6. Application Attacks :
Improper Input Handling
If a hacker is able to upload & run files such as
an executable file, the hacker will be able to
compromise the application/OS. So It is
important to filter out files/commands that
can be uploaded/run by users to limit the risk
posed by Improper Input handling.
Application attacks are carried out by the following techniques:

7. Application Attacks :
Error Handling
When a certain computer task fails to run,
computers display an error message. It's
important to ensure that the message only
displays specific info & not reveal
unnecessary info which can be taken
advantage of by attackers.
Application attacks are carried out by the following techniques:

8. Application Layer Attacks :
Types of Application Layer Attacks:
Cross Site Scripting
Buffer Overflow
SQL Injections
DLL Injection & Driver Manipulation

9. Application Layer Attacks :
Cross Site Scripting Hacker injects client side web application
scripts to steal sensitive information.

10. Application Layer Attacks :
Overflow Attacks
In Buffer overflow attacks, the
memory allocated to the
application is intentionally flooded
with huge volumes of info to
overwhelm & crash the application .

11. To get the application to leak critical info
To run malicious code & take control of target device.
Such attacks are carried out to crash the application for for
two reasons:
in case of a successful overflow attack, the application
crashes & leaks info or allows the attacker to run malicious
code to take control of the target device.
Overflow Attacks
Application Layer Attacks :

12. SQL Injection
Application Layer Attacks :
SQL injection (SQLi) is a web
security vulnerability that
allows an attacker to
interfere with the queries
that an application makes to
its database.

13. SQL Injection
Application Layer Attacks :
It generally allows an
attacker to view data that
they are not normally able to
retrieve.
This might include data
belonging to other users, or
any other data that the
application itself is able to
access.

14. DLL Injection & Driver Manipulation
Application Layer Attacks :
What is a DLL ?
DLL is short for
Dynamic-link library.
It is Microsoft's
implementation of
the shared library
concept in Windows
Operating systems.

15. DLL Injection & Driver Manipulation
Application Layer Attacks :
Windows Operating system uses DLL files for communication
between the OS & the third party softwares/applications installed
on the computer.
DLL Injection is the process of
injecting malicious DLL files to take
control of the web application
running on the target device.

16. Application Layer Attacks :
DLL Injection & Driver Manipulation
Driver manipulation is an example of such attack. A software
driver is a type of software program that controls a hardware
device. It provides instructions to the hardware.
Tweaked software drivers
can be installed & used to
compromise and take
control of the target device.

17. Sources:
https://en.wikipedia.org/wiki/Privilege_escalation
https://blog.convisoappsec.com/wp-
content/uploads/2019/10/privilegios_Prancheta-1-
min.png
https://websitesecuritystore.com/wp-
content/uploads/2021/07/cross-site-scripting-
examples.svg
https://thesecmaster.com/what-is-a-buffer-overflow-
attack-and-how-to-prevent-
it/#3_Integer_Overflow_Attack

18. Sources:
https://portswigger.net/web-security/sql-injection
https://3.bp.blogspot.com/-
_EzcQboxFew/UKhnHtYx0GI/AAAAAAAAAxs/4HJsSaUMXn8/s1
600/2.jpg
https://en.wikipedia.org/wiki/Dynamic-link_library
https://kratikal.com/blog/wp-content/uploads/2020/06/how-
to-prevent-sql-injection-attack.png
https://www.bobology.com/public/What-is-a-Software-
Driver.cfm