Code Injection
As per Wikipedia: Code injection is the exploitation of a computer bug that is caused by processing invalid data. The injection is used by an attacker to introduce (or "inject") code into a vulnerable computer program and change the course of execution. The result of successful code injection can be disastrous, for example, by allowing computer viruses or computer worms to propagate.
Type of code
injection:
Cross-site
scripting (Follow the below link to learn) https://rahulprakash156.blogspot.com/2021/12/cross-site-scripting.html
SQL
injection
https://rahulprakash156.blogspot.com/2020/06/sql-injection-what-is-sql-injection-sql.html
LDAP
Injection
Carriage Return
– line Feed Injection
SMTP
Injection
Command
Injection
How to protect from code Injection
1. Use strong
coding technique for developing any application
2. Do proper
security testing of any application or website before using it.
3. Use
authorized website and secure application and website
4. Provide
minimum strict access as per requirement, for example if any user in office do
not need access of common internet access for his work we need to block that internet
access for him.
No comments:
Post a Comment