',
'SELECT * FROM users'
],
correctAnswer: 0,
explanation: 'The payload `admin\' OR \'1\'=\'1\'--` alters the SQL query to always evaluate to true (`OR 1=1`) and
comments out the rest of the query (`--`), effectively logging in as the first user (often admin).',
difficulty: 'medium'
},
{
question: 'How might an attacker bypass Multi-Factor Authentication (MFA) related to "Response Manipulation"?',
options: [
'By intercepting the server\'s response to the MFA code submission and modifying it from "success: false" to
"success: true".',
'By stealing the physical phone of the user.',
'By guessing the 6-digit code correctly on the first try.',
'By performing a standard SQL injection attack.'
],
correctAnswer: 0,
explanation: 'If the client-side code relies on the server\'s JSON response to decide whether to grant access, an
attacker can simply edit the response in a proxy like Burp Suite.',
difficulty: 'hard'
},
{
question: 'What makes a "Remember Me" token vulnerable to exploitation?',
options: [
'If the token is predictable (e.g., sequential numbers or simple encodings like Base64 of the username).',
'If the token is a random 128-bit string.',
'If the token is set with the HttpOnly flag.',
'If the token expires after 30 minutes.'
],
correctAnswer: 0,
explanation: 'Tokens must be cryptographically random. Predictable tokens (like `user123_timestamp`) allow attackers
to forge valid session tokens for any user.',
difficulty: 'medium'
},
{
question: 'Which vulnerability allows an attacker to reset a victim\'s password by manipulating the "Host" header?',
options: [
'Host Header Injection, causing the password reset link sent to the victim to point to the attacker\'s domain.',
'Cross-Site Scripting (XSS) on the login page.',
'SQL Injection in the email field.',
'Session Fixation.'
],
correctAnswer: 0,
explanation: 'If the application uses the `Host` header to construct the reset link in the email, an attacker can
inject their own domain. When the victim clicks the link, their token is sent to the attacker.',
difficulty: 'hard'
}
]
};
document.addEventListener('DOMContentLoaded', () => {
const waitForAuth = (timeoutMs = 3000) => new Promise((resolve) => {
const start = Date.now();
const check = () => {
if (window.AegisAuth) { resolve(true); return; }
if (Date.now() - start >= timeoutMs) { resolve(false); return; }
setTimeout(check, 50);
};
check();
});
const startQuiz = async () => {
const authReady = await waitForAuth();
if (!authReady) {
alert('Please sign in to take the quiz');
window.location.href = '/login.html';
return;
}
const authenticated = await window.AegisAuth.isAuthenticated();
if (!authenticated) {
alert('Please sign in to take the quiz');
window.location.href = '/login.html';
return;
}
new QuizEngine(quizData, {
passingScore: 70,
timeLimit: null,
shuffleQuestions: false,
shuffleAnswers: true,
showFeedback: true
});
};
startQuiz();
});