Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
SYMLINKING – AN INSIDER ATTACK
Transcript of SYMLINKING – AN INSIDER ATTACK
If the endpoint file is an output, the consequence of the symlink attack is that it could be modified instead of the file at the intended location.
In different variations of a symlinking attack a hacker may be able to control the changes to a file, grant themselves advanced access, insert false information, expose sensitive information or corrupt or destroy vital system or application files.
A symlink is basically a special file that “points to” a hard link on a mounted file system. A symlinking attack occurs when a hacker positions the symlink in such a way that the user or application that access the endpoint thinks they’re accessing the right file when they’re really not.
Collaboration for Web Security
Modifications to the endpoint file could include appending, overwriting, corrupting, or even changing permissions.