Which attack embeds malicious JavaScript that captures session tokens in the background?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack embeds malicious JavaScript that captures session tokens in the background?

Explanation:
The scenario tests how in-browser code can steal session tokens by running inside the victim’s browser to exfiltrate data. When JavaScript is embedded or injected into a webpage, it can read tokens stored in cookies or browser storage (if those tokens aren’t protected with HttpOnly) and quietly send them to an attacker. This is the classic behavior of malicious JavaScript code: it executes in the page context and captures sensitive data in the background without the user realizing. A Trojan is a broader term for malware that might enable such abuses, but the question focuses on the method of token theft via browser-executed code, which is best described by malicious JavaScript codes. CSRF relies on using an existing token to perform actions on behalf of the user rather than stealing the token itself. A Man-in-the-Browser attack can also capture data but typically involves a compromised browser environment delivered by malware, whereas the prompt emphasizes the embedded JavaScript running in the page to harvest tokens. To reduce this risk, use HttpOnly cookies, proper input validation, and content security policies to limit and monitor script execution.

The scenario tests how in-browser code can steal session tokens by running inside the victim’s browser to exfiltrate data. When JavaScript is embedded or injected into a webpage, it can read tokens stored in cookies or browser storage (if those tokens aren’t protected with HttpOnly) and quietly send them to an attacker. This is the classic behavior of malicious JavaScript code: it executes in the page context and captures sensitive data in the background without the user realizing.

A Trojan is a broader term for malware that might enable such abuses, but the question focuses on the method of token theft via browser-executed code, which is best described by malicious JavaScript codes. CSRF relies on using an existing token to perform actions on behalf of the user rather than stealing the token itself. A Man-in-the-Browser attack can also capture data but typically involves a compromised browser environment delivered by malware, whereas the prompt emphasizes the embedded JavaScript running in the page to harvest tokens. To reduce this risk, use HttpOnly cookies, proper input validation, and content security policies to limit and monitor script execution.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy