Читать книгу Cybersecurity For Dummies - Joseph Steinberg - Страница 85

Injection attacks are attacks in which a system is expecting some sort of input from a user, but instead of submitting such input, an attacker submits malicious material such as code, which the receiving system then either executes or distributes to others to execute. Even though proper coding of applications can, at least in theory, prevent most forms of injection attacks, the reality is that many (if not most) systems remain vulnerable to such attacks, and as a result, injection attacks are an extremely commonly used tool within hacker arsenals.