2. SQL Injection
SQL Injection is a techique for injecting SQL commands into user input such that these commands are directly executed by the database. This allows the attacker to perform malicious acts such deleting tables, dropping databases, stealing data and much more.
A key cause of SQL Injection attacks succeeding is that the application software that processes user input performs insufficient checks and validation on the input before passing it to the database for execution.computer science computer science computer science computer science computer science
A Java Example:
// The following is a parameter value with SQL injection String username = "joe'; delete from user where username like '%"; Connection con = ...; // create connection to database // When this statement is executed, all users are deleted from the database. con.createStatement().execute("update user set logged_in = 1 where username = '" + username + "'");
3. OS Command Injection
OS Command Injection arises when user-specified input is directly handed over to the operating system for exection by the application without proper vetting. Such an operation might be used by an application to use an existing command on the OS. When the application passes user input without properly validating it, it paves the way for an attacker to use clever constructs to execute malicious commands. These commands can be, for example, to delete files, steal data, alter permissions on files, and more.