Get this book -> Problems on Array: For Interviews and Competitive Programming
Reading time: 10 minutes
Heap Spraying Attack is a type of cyber attack in which the attacker uses the ability to write the series of bytes in the memory for the running program at various places in the heap. The main aim of the attack is to ensure that the bytes can be accessed later as the vector of the separate attack.
Procedure For The Attack
- The attacker further exploits the vulnerability by using the scripting support. For this, he makes the Extended Instruction Pointer (EIP) to directly point the predetermined location.
- The attacker thus can further run the malicious code and perform the malicious activity.
Mitigations For The Attack
Running the web browsers with the least privileges makes it much harder for the hackers to gain the admin access, which helps in mitigating this attack. Also, update the web browsers regularly to patch up the known bugs.
What language can attacker exploit in this attack?
What should be done to mitigate the attack?
Update the firewall time to time
Use multi-factor authentication
Use Honeypot to stop the attack
Update the application time to time