And the most popular injection attack methods.
以及最流行的注入攻击方法。
This method removes the potential for an SQL injection attack.
这种方法消除了SQL注入攻击的可能性。
In an SQL injection attack, a program creates an SQL command and sends it to an SQL interpreter.
在SQL注入攻击中,程序会创建一个SQL命令,并将其发送给SQL解释器。
In an SQL injection attack, Mallory finds a Web site that Alice has created to sell electronics.
在SQL注入攻击中,Mallory找到Alice创建来售电的一个Web站点。
The focus of this article is a specific type of code injection attack: the Blind XPath injection.
本文主要介绍代码注入攻击的一种特殊类型:XPath盲注。
The SQL injection attack shown in Figure 3 resulted in the display of user names and passwords from the Users table.
图3所示的SQLInjection攻击导致显示users表中的用户名和密码。
An emerging threat, first outlined by Amit Klein in a paper in 2004, is the blind XPath injection attack (see Resources).
最近开始出现的一种威胁(最初由AmitKlein于2004年在一篇论文中概述)是XPath盲注攻击(请参阅参考资料)。
Forever, many hackers attack means, such as phishing and SQL injection attacks, start from the identity authentication.
目前的很多黑客攻击手段,如钓鱼攻击、SQL注入攻击等各种网络攻击方式都是由身份认证开始的。
Like the SQL injection attack, you can often easily deal with the threat if you follow best practices to develop secure applications.
与SQL注入攻击类似,如果使用最佳实践开发安全的应用程序,通常可以轻松地处理该威胁。
ISR (Instruction Set Randomization) is a new, general approach for safeguarding systems against any type of code-injection attack.
指令表随机化(isr)技术是一种新型的保护系统免遭任何类型注入码攻击的通用方法。
The characteristics of SQL injection attacks is widespread, covert means, characteristics, methods and tools nonenumerative attack civilians.
而SQL注入攻击具有广泛存在、手段隐蔽、特征不可枚举、攻击手段及工具平民化的特征。
A connection string injection attack can occur when dynamic string concatenation is used to build connection strings that are based on user input.
当使用动态字符串串联根据用户输入生成连接字符串时,可能发生连接字符串注入式攻击。
Any application that queries a database using user-entered data, including Windows Forms applications is a potential target of an injection attack.
使用用户输入的数据查询数据库的任何应用程序(包括Windows窗体应用程序)都是Injection攻击的潜在目标。
While it's easy to point to one or two key measures for the prevention of the SQL injection attack, it's best to take a layered approach to the problem.
尽管采取一两项关键措施预防SQLInjection攻击是很容易的,但最好是对问题采用分层方法。
Blind SQL injection attacks are a well know and recognized form of code injection attack, but there are many other forms, some not so well documented or understood.
SQL盲注攻击是一种为人熟知的代码注入攻击形式,但是也有很多其他形式,有些尚未得到很好的记载和了解。
Perhaps the most malicious form of injection attack is code injection—placing new code into the memory space of the running process and then directing the running process to execute it.
最恶劣的注入攻击形式也许是代码注入——将新代码置入正在运行的进程的内存空间,随后指示正在运行的进程执行这些代码。
The basic idea behind a SQL injection attack is this: you create a Web page that allows the user to enter text into a textbox that will be used to execute a query against a database.
SQLInjection攻击的基本原理如下:您创建一个网页,允许用户向文本框中输入文本,用于对数据库执行查询。
This attack functions almost exactly like the blind SQL injection attack but, unlike SQL injection attacks, few people know about XPath injection attacks or take precautions against them.
这种攻击的运作跟SQL盲注攻击几乎完全相似,与SQL注入攻击不同的是,几乎没什么人了解XPath盲注攻击或对其进行预防。
Parameterized commands guard against a SQL injection attack by guaranteeing that values received from an external source are passed as values only, and not part of the SQL statement.
参数化的命令会借由保证从外部来源接收的值只以数值传递,而不以SQL陈述式传递,以防范SQL投射攻击。
Aiming at Advanced Encryption Standard (AES) implemented on a secret chip, this paper presents an optical fault injection attack method to get the secret information from microcontroller.
为获取芯片的秘密信息,针对其中的高级加密标准(aes)算法,提出一种光故障注入攻击方法。
In this article, the author explains the principle and process of SQL Injection Attack, and introduces a serial interrelated solution to prevent SQL Injection Attack from the aspect of code in detail.
介绍了SQL注入攻击原理,SQL注入攻击的过程,并从功能代码本身方面详细介绍了SQL注入攻击的防范措施。
In addition to the overflow exploits, SQL injection is one other type of attack that relies on developer oversight by not testing incoming data.
除了溢出的利用以外,SQL注入是另一类依赖于开发人员没测试输入数据的疏漏的攻击。
Newer modifications include Blind XPath injection, which reduces the knowledge required to mount the attack.
更新的修改中还包括暗藏xpath注入,它降低了安置攻击所需的知识。
In the malicious attack statement, two kinds of attacks, SQL injection and middleware channel multiplexing, are hard and heavy.
在恶意攻击语句中,SQL注入和中间件通道复用两种攻击是难中难,同时也是重中重。
Conclusion: Chuankezhi injection has a certain effect on acute attack of bronchial asthma in children without toxic or side effect, and can prevent the recurrence of asthma to some extent.
结论喘可治注射液治疗儿童支气管哮喘急性发作期疗效肯定,无毒副作用,并具有一定的预防哮喘复发的作用。
The main way: password loophole attack, SQL Server extended stored procedure attack, SQL Injection (SQL Injection), steals backup, etc.
主要手法有:口令漏洞攻击、SQLServer扩展存储过程攻击、SQL注入(SQLInjection)、窃取备份等。
Directory traversal is another injection-style attack, wherein a malicious user tricks filesystem code into reading and/or writing files that the Web server shouldn't have access to.
目录遍历是另一种注入类型的攻击,攻击者欺骗文件系统读或写服务器不允许操作的文件。
Directory traversal is another injection-style attack, wherein a malicious user tricks filesystem code into reading and/or writing files that the Web server shouldn't have access to.
目录遍历是另一种注入类型的攻击,攻击者欺骗文件系统读或写服务器不允许操作的文件。
应用推荐