Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

SYMLINKING – AN INSIDER ATTACK

No description
by

Kim Gatdula

on 25 March 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of SYMLINKING – AN INSIDER ATTACK

SYMLINKING – AN INSIDER ATTACK
If the endpoint file is an output, the consequence of the symlink attack is that it could be modified instead of the file at the intended location.
In different variations of a symlinking attack a hacker may be able to control the changes to a file, grant themselves advanced access, insert false information, expose sensitive information or corrupt or destroy vital system or application files.
A symlink is basically a special file that “points to” a hard link on a mounted file system. A symlinking attack occurs when a hacker positions the symlink in such a way that the user or application that access the endpoint thinks they’re accessing the right file when they’re really not.
Collaboration for Web Security
Modifications to the endpoint file could include appending, overwriting, corrupting, or even changing permissions.
Full transcript