恶意攻击者可以利用这一点,通过Internet对网络服务发动远程拒绝服务攻击。
A malicious attacker can make use of this behavior and launch a remote denial-of-service attack against a vulnerable network service over the Internet.
一个后门妥协系统的完整性,使更改的系统,允许它的使用的恶意攻击者的目的不明给用户。
Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.
而恶意的业务访问是恶意攻击者构建非正常的SQL语句,我们把它定义为破坏模态化的行为。
Malicious business access is a malicious attacker to build an abnormal SQL statement, which we define as the destruction of the behavior of the model.
恶意攻击者仍可以探查连接(请注意,缺省情况下密码摘要没有被加密)并回复整个UsernameToken,因此nonce和时间戳检查是缺一不可的。
A malicious attacker can still sniff the wire (note that password digest is not encrypted by default) and replay the entire UsernameToken, so nonce and timestamp checking are imperative.
如果攻击者可以在这些参数中嵌入恶意的命令,那么外部系统就可能以应用程序的名义执行这些命令。
If an attacker can embed malicious commands in these parameters, the external system may execute those commands on behalf of the... application.
让我们假设攻击者成功地将一个包含恶意脚本的页面填入到订阅成员使用的网站上。
Let us assume an attacker succeeded in filling a page containing malicious script to the Web site for the subscribed members.
在本方案中,当用户执行邮件消息中的恶意链接时,就会不知不觉地执行攻击者编写的脚本。
In this scenario, the user unknowingly executes scripts written by an attacker when they follow a malicious link in a mail message.
现在,攻击者需要找到某个地方来输入恶意脚本。
Now, an attacker would need to find somewhere to input a malicious script.
攻击者将其恶意输入注入到sql语句中,以修改查询语句的逻辑。
The attacker injects his malicious inputs to the SQL statement to change the query's logic.
于是浏览器会执行攻击者引入的恶意代码,数据将被传递到黑客的网站。
The malicious script introduced by the attacker is executed by the browser and the data is passed to the hacker's Web site.
当攻击者向用户提交的动态表单引入恶意脚本时,就会产生跨站点脚本(XSS)攻击。
When an attacker introduces a malicious script to a dynamic form submitted by the user, a cross-site scripting (XSS) attack then occurs.
当用户查看基于攻击者提供的内容而动态生成的页面时,他们会不知不觉地执行恶意脚本。
Users can unknowingly execute malicious scripts when viewing dynamically generated pages based on content provided by an attacker.
第二步是确定电脑黑客或攻击者可能恶意攻击的漏洞。
The second step is to identify vulnerabilities that a hacker or attacker could maliciously exploit.
词汇攻击者可用来描述恶意黑客。
The term attacker can be used to describe a malicious hacker.
攻击者可以通过设置PATH环境变量来改变saposcol寻找其他程序的位置,然后为saposcol创建一个恶意的“扩展”程序来运行。
An attacker could set the PATH environment variable to change where saposcol looked for other programs, and then create a malicious "expand" program for saposcol to run.
要利用这点,攻击者可以向这些库发送畸形的JSON对象,这样eval函数就会执行这些恶意代码。
To exploit this, attackers send malformed JSON objects to these libraries so the eval function executes their malicious code.
显示该页面时,恶意脚本就运行,它收集用户的cookie,并向攻击者的网站发送包含收集到的 cookie 的请求。
When the page is displayed, the malicious script runs, collects the users' cookies, and sends a request to the attacker's Web site with the cookies gathered.
攻击者可以将用户连接到攻击者选择的恶意服务器上。
An attacker can connect users to a malicious server of the attacker's choice.
通常攻击者会使用它想要运行的恶意代码来使缓冲区溢出,然后攻击者会更改返回值以指向它们已发送的恶意代码。
Often the attacker will overrun the buffer with the malicious code the attacker wants to run, and the attacker will then change the return value to point to the malicious code they've sent.
然而,研究人员往往可以研究语言和恶意软件程序的特点,获悉攻击者的国籍线索。
However, researchers can often learn clues about the attackers' country of origin by studying the language and other signs in the malicious software's programming.
由于攻击者通常是试图添加恶意的脚本,因些这种变化被称为“交叉站点脚本攻击” (XSS攻击)。
Since attackers are usually trying to add malicious scripts, this particular variation is called a "cross-site scripting attack" (XSS attack).
如果应用程序有xss漏洞,攻击者就可能会发送能被应用程序执行的恶意脚本,导致XSS侵入。
If the application has XSS holes, the attacker may send a malicious script that can still be executed by the application and lead to XSS intrusions.
我们很自然的就会想到攻击者以后会制作出更难侦测到的注入了恶意软件的幻灯片。
It's not far-fetched to imagine that in the future attackers could create even harder-to-detect malware-infused slideshows.
一个安全的认证协议能有效抵御恶意的攻击者对通信网进行的欺诈,保证通信网的安全运行。
A secure authentication protocol can resist the cheat of malicious attacker to communication network and guarantee the security of network.
恶意的攻击者可以通过这个账户任意地控制你的计算机。
Baleful aggressor can pass this account to control your computer arbitrarily.
大部分攻击者通过提供外部输入来越界写缓冲区外不应该受外部输入影响的内存位置来达到他们的恶意目的。
Most attackers attain their vicious goal by overwriting beyond buffers to the memory locations that should not be influenced by the input the attackers provide.
攻击者可以提交一个恶意的快捷方式文件到用户的可移动驱动器,和一个关联的恶意的二进制文件。
An attacker could present a removable drive to the user with a malicious shortcut file, and an associated malicious binary.
攻击者可以让其恶意软件或假冒网站得到检查SHA- 1哈希以验证的任何系统的信任。
An attacker can allow its malware or fake site to be checked for SHA-1 hashes to verify the trust of any system.
通常攻击者会把链接中的恶意内容编码成HEX(或其他编码方法),所以减少了用户点击时的怀疑。
Usually the attacker will encode the malicious portion of the link to the site in HEX (or other encoding methods) so the request is less suspicious looking to the user when clicked on.
如果字串未经验证且未逸出恶意的文字或字元,攻击者就可能得以存取伺服器上的机密资料或其他资源。
If the string is not validated and malicious text or characters not escaped, an attacker can potentially access sensitive data or other resources on the server.
应用推荐