IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [reflection]

16 questions
9
votes
2 answers

Is it more secure to overwrite the value char[] in a String

I am talking about the Java implementation. Is it more secure to use reflection in order to access the internal Field value of type char[] inside a java.lang.String instance and overwrite the containing values like the following example? As an…
Serverfrog
  • 586
  • 7
  • 18
4
votes
1 answer

Where you can run shellcode inside an ordinary process, what is a stealthy way to leverage that to get offensive Powershell code running from it?

Right now, offensive use of Powershell is one the hottest topics in infosec. Powershell scripts are most often pitched as being appropriate for the "post-exploitation" phase of a penetration. This question follows somewhat along those lines, except…
mostlyinformed
  • 2,715
  • 16
  • 38
3
votes
1 answer

How do FIDO keys prevent MITM reflection attacks?

FIDO keys, used for 2 factor authentication are based on a challenge-response mechanism. Besides generating a common 1-time-key using diffie-hellman, or transferring all data over TLS, how can they prevent reflection attacks? Challenge: Alice -> Eve…
Bharel
  • 133
  • 5
3
votes
3 answers

NTLMv2 Reflection Attack

I am trying to figure out if NTLMv2 is vulnerable to a reflection attack. I cannot find a citation that clearly states NTLMv2 as being vulnerable. NTLMv1 is horribly insecure so there really is not point in even discussing the security of NTLMv1. No…
squarewav
  • 179
  • 1
  • 5
3
votes
2 answers

DoS Reflection attack using CharGen protocol

I'm researching DoS Reflection attacks w/ amplification, and Wikipedia says that one of the "worst" amplification services is the Character Generator Protocol. Frankly, I have never heard of this protocol before, which leads me to my question: Is it…
player
  • 33
  • 3
2
votes
1 answer

Why don't servers vulnerable to NTP and DNS reflection attacks get blacklisted immediately?

With these reflection attacks, the source IP should be the IP of the vulnerable server. So shouldn't nodes which see abnormal amounts of NTP data be able to add the source to a blacklist and therefore mitigate the attack?
chacham15
  • 123
  • 3
2
votes
2 answers

How to mitigate SIP Reflection Attacks?

SIP has a practical need to be widely available, but its services are prone to being spoofed as reflectors used in DDoS attacks. A freeswitch server I manage has seen heaps of registration requests on UDP (~300/second), each one generating a 401…
mgjk
  • 7,535
  • 2
  • 20
  • 34
2
votes
2 answers

Is this DNS reflection attack a DOS or DDOS attack?

I was asked this as a test question and I was wondering if I answered correctly. I was thinking this was a DOS attack because it came from one server not multiple. So can anyone tell me if this is correct or wrong? If you have 10 attackers and they…
Mike
  • 21
  • 2
2
votes
0 answers

What attack-methods for HTTP/L7-Attacks (Reflection and Co.) are you aware of

I know the following and would like to collect some more methods on how to attack websites and services via misused 3rd-party-applications: Wordpress PingBack/xmlrpc (seen a lot and wildly used) Joomla Googlemap-Reflection (seen sometimes) Using…
that guy from over there
  • 3,476
  • 17
  • 26
2
votes
2 answers

preventing reflection attack

I was reading the solution to the reflection attack and have some confusion as to how Alice would know Bob is a liar and isn't really Bob. 1. Alice initiates a connection to Bob 2. Bob challenges Alice by sending a nonce. B -> A: N 3. Alice responds…
Celeritas
  • 10,039
  • 22
  • 77
  • 144
1
vote
0 answers

How to use reflection attack in this simple protocol?

The following mutual authentication protocol has been designed to be resilient against reflection attacks. This is done by ensuring that the challenge from the initiator looks different from the challenge from the responder. Msg1 A → B : I’m Alice,R…
user3000770
  • 19
  • 1
1
vote
1 answer

Dyanamic class load for server side application

Is there a problem to use reflection (specifically class.forName) in server side application? My main thread about this is someone to inject a code dumping memory in JVM and adding commands in reference memory field, but this is unlike in server…
NotInCheck
  • 11
  • 2
1
vote
0 answers

Attack using Java reflection API java.lang.reflect.get* method

Is java code using java.lang.reflect.get* methods vulnerable to privilege escalation, if yes then how? Also is the below code vulnerable to privilege escalation attack? A a = new A(); Field[] field = b.getClass().getDeclaredFields(); for(Field f :…
niraj
  • 31
  • 3
1
vote
2 answers

Execute reflected XSS in URL

I am new to InfoSec and am trying to learn and try things for myself. I am exploring vulnerabilities in phpBB version 2.0.15. I have used OWASP ZAP to scan the site, and I have discovered I can work out that the postorder parameter is exploited…
Phauk
  • 11
  • 3
1
vote
1 answer

Is it feasible to use DNS query packets as a reflection tool in public WiFi environments?

It's common sense that DNS query packet can be used to establish convert channels. But in my experiment of DNS query reflection, where I send out DNS queries with spoofed source IP and MAC address to primary DNS server, the victim machines don't…
chenglong fu
  • 11
  • 3
1
2