OSCP Web Application Attacks

Question 1

Which SQL injection technique retrieves data by asking the database true/false questions when no output is directly visible?

Accepted Answer

Boolean-based blind injection

Answer

Union-based injection

Answer

Error-based injection

Answer

Time-based blind injection

Question 2

What does the SLEEP() function in a SQL injection payload help an attacker determine?

Accepted Answer

Whether the injection point exists via time delay

Answer

The database version

Answer

The table names in the database

Answer

The number of columns in a query

Question 3

Which tool is commonly used in OSCP labs to automate SQL injection discovery and exploitation?

Accepted Answer

SQLmap

Answer

Nikto

Answer

Hydra

Answer

Gobuster

Question 4

In a Local File Inclusion (LFI) vulnerability, which of the following payloads is used to traverse directories and read /etc/passwd?

Accepted Answer

../../../etc/passwd

Answer

SELECT /etc/passwd

Answer

<?php include('/etc/passwd'); ?>

Answer

;cat /etc/passwd

Question 5

Which HTTP method is most commonly exploited to upload a malicious web shell to a vulnerable web server?

Accepted Answer

PUT

Answer

GET

Answer

DELETE

Answer

OPTIONS

Question 6

What is the primary goal of directory brute-forcing with a tool like Gobuster during a web application assessment?

Accepted Answer

Discover hidden directories and files not linked on the site

Answer

Crack authentication passwords

Answer

Enumerate open ports on the target

Answer

Perform SQL injection automatically

Question 7

Which Burp Suite feature allows an attacker to intercept and modify HTTP requests between a browser and a web server?

Accepted Answer

Proxy

Answer

Scanner

Answer

Repeater

Answer

Intruder