An attacker sets up a fraudulent website that perfectly mimics a company's webmail service and sends an email to an employee, tricking her into entering her username and password. The attacker successfully captures these credentials. Which of the following attacks can the adversary now directly perform using the captured username and password?
The correct answer is credential replay. A credential replay attack occurs when an attacker captures valid credentials (like a username and password) and reuses, or "replays," them to gain unauthorized access to a system. The phishing attack described in the scenario is a common method for obtaining credentials for this purpose. Session hijacking involves stealing an active session token, not static credentials. Cross-site scripting (XSS) is an injection attack that targets other users of a vulnerable website. DNS poisoning is an attack that can redirect users to a malicious site but is not the attack performed with the stolen credentials.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a credential replay attack?
Open an interactive chat with Bash
What is phishing and how can it lead to credential theft?
Open an interactive chat with Bash
What security measures can protect against credential replay attacks?