Web exploitation
⏱ ~3-min readAceMark GuideWhat this topic is really about
Local File Inclusion (often combined with directory traversal using ../ sequences) lets an attacker read or include arbitrary files on the server, such as /etc/passwd. XSS runs script in the browser, open redirect abuses redirect URLs, and clickjacking overlays UI to trick clicks.
Different responses for known-good vs unknown usernames let an attacker harvest a list of valid users — a common precursor to password spraying or brute force. SQLi needs a different error pattern, command injection is unrelated, open redirect abuses redirect parameters.
See the mechanism
Different responses for known-good vs unknown usernames let an attacker harvest a list of valid users — a common precursor to password spraying or brute force. A diagram for this topic isn't available yet — the worked example below walks the same reasoning step by step.
An exam-style question, fully explained
A login page returns different error messages for valid vs invalid usernames. Which technique does this enable?
- Identify what the question tests: A login page returns different error messages for valid vs invalid usernames..
- Different responses for known-good vs unknown usernames let an attacker harvest a list of valid users — a common precursor to password spraying or brute force.
- SQLi needs a different error pattern, command injection is unrelated, open redirect abuses redirect parameters.
Traps the examiner sets
- Different responses for known-good vs unknown usernames let an attacker harvest a list of valid users — a common precursor to password spraying or brute force.
Test your recall
Answer each from memory — you'll see instantly whether you're right and why.
Run a focused 10-question mini-mock on Web exploitation and see it stick.
Practice more of this topic →