NET代码注入,我们将看到在下面的两个例子。
NET code injection, as we will see in the following two examples.
动态代码注入。
本文主要介绍代码注入攻击的一种特殊类型:XPath盲注。
The focus of this article is a specific type of code injection attack: the Blind XPath injection.
请注意,在这方面上,代码注入不同于依赖关系注入。
Note that in this regard, code injection is different from dependency injection.
代码录入保护:开启这个功能将自动的防范任何的代码注入。
Enable protection against code injection: Having this enabled will automatically prevent any code injection.
这些预防方法中,多数也可以类似地应用于预防其他类型的代码注入攻击。
Not surprisingly most of these preventative methods are the same methods you can and should use to prevent other typical code injection attacks.
提供这些代码注入因素对整个食品的基本要素,该机构在蓬勃发展。
Providing these Code Factors infuses the essential elements of whole foods that the body thrives upon.
非常长的描述会引起PS3缓存溢出,导致允许代码注入栈并被执行。
Very long descriptors cause buffer overflows on the PS3, allowing code to be injected onto the stack and executed.
当用户能够把HTML代码注入到您的web页面中时,就是出现了xss漏洞。
An XSS vulnerability occurs when a user has the ability to inject HTML code into your Web pages.
Feschotte提议将少量病毒代码注入禽类的基因里,可能产生对同类病毒的抗体。
Feschotte suggests that it is likely having a bit of the virus's code integrated in a bird's genome might have conferred immune protection against similar viruses.
我们已经知道攻击者是如何将代码注入应用程序的,接下来再看看一些常见攻击所带来的影响。
Now that you know how attackers get their code into applications, look at the implications of some common attacks.
要防止XPath注入和其他形式的代码注入,应该检查所有从Web服务器传到后端服务的数据。
To protect against both XPath injection and other forms of code injection, you should check all data passed from your Web server to your backend services.
一种更常见的对Web应用程序的攻击和威胁是某种形式的代码注入,Wikipedia将其定义为。
One of the more common attacks or threats to Web applications is some form of code injection, which Wikipedia defines as.
当mashup中的某些部分是出于恶意目的编写的(或者被攻击了),它可以将恶意代码注入到应用程序中。
When some part of the mashup is written under malicious intent (or has been hacked), it can inject malicious code into the application.
代码注入的是有限的:指字段或雇主的祖先类型的不同的原来的方法中定义的方法,这是不可能的。
Code injection is limited: it is not possible to refer either to the fields or to the methods defined in ancestral types of the owner type of the original method.
SQL盲注攻击是一种为人熟知的代码注入攻击形式,但是也有很多其他形式,有些尚未得到很好的记载和了解。
Blind SQL injection attacks are a well know and recognized form of code injection attack, but there are many other forms, some not so well documented or understood.
AjaxChat还具有安全性,能够防止代码注入、SQL注入、跨站点脚本攻击、会话偷窃以及其他攻击。
Ajax Chat has security in mind to prevent code injections, SQL injections, cross-site scripting, session stealing, and other attacks.
通过使用IronPython脚本,开发者可以将代码注入到运行着的应用中以增加他们想要的任何特性。
With IronPython scripts, developers can inject code into running applications to add whatever features they see as missing.
总之,一个方面描述一段可重用的代码,您希望将可重用代码注入现有类中,而不接触这些类的原始程序码。
In summary, an aspect describes a reusable piece of code that you want to inject in existing classes without touching the source code of those classes.
例如,攻击者可能会通过堆栈溢出(stackcorruption)将代码注入进程,从而执行攻击者选定的代码。
For example, attackers could be trying to inject code into the process via stack corruption, resulting in the ability to execute code of the attacker's choice.
比特梵德检测并阻止试图改变计算机重要系统文件或注册表的行为,并对代码注入(DLL注入)攻击进行警告。
BitDefender detects and blocks attempts to change critical system files or registry entries and warns about attacks performed by code injection (DLL injection).
最恶劣的注入攻击形式也许是代码注入——将新代码置入正在运行的进程的内存空间,随后指示正在运行的进程执行这些代码。
Perhaps the most malicious form of injection attack is code injection—placing new code into the memory space of the running process and then directing the running process to execute it.
在这个方法中,我们可以在调用原方法之前或之后注入自己的代码。
In this method, custom code can be injected before or after invoking the original methods.
任何授权代码都可以在此注入。
实际上,横切关注点代码的注入,就是一种类型的模式。
In fact, the injection of code for crosscutting concerns is a pattern of sorts.
这意味着我们无法将该实体管理器注入调用代码。
This means we cannot inject the entity manager into calling code.
这种方式通过修改已经编译的EXE或DLL注入必要的代码段。
This involves modifying the compiled EXE or DLL to inject the necessary code fragments.
任何身份验证代码都可以在此注入。
EJB没有使用JNDI查找,而是通过注入代码定义一个资源引用。
Instead of using JNDI lookups, an EJB can define a resource reference by injecting code.
但是,使用参数化sQL会大大降低黑客将SQL注入您的代码的能力。
Using parameterized SQL, however, greatly reduces the hacker's ability to inject SQL into your code.
应用推荐