攻击者可以利用这一点来“骗过”数据验证来攻击程序。
Attackers can use this fact to "slip through" data validators to attack programs.
这种“帮助”也可以帮助攻击者创建用于误导程序的数据。
This "help" can also aid an attacker to create data to mislead the program.
它们正在攻击您的程序-您准备好了吗?
这样攻击者就可以提供一个程序可以找到的“bin”程序。
The attacker would then provide a "bin" program that the program could find.
通过这种方式,如果该程序被攻击者利用,其访问权限显然是最小的。
That way, if the program is exploited in some way, its access is explicitly minimized.
请记住,内部应用程序始终可以利用“外部的”攻击方法进行攻击。
Keep in mind that internal applications can always take advantage of "external" methods of attack.
攻击活动包括列出每个应用程序中的模块。
The attack activity can include listing of modules within each application.
这样可以让攻击者控制内部数据,甚至控制整个程序。
That will let the attacker control internal data and possibly take over the program.
如果攻击者通过应用程序显示一组HTML,这有可能就会带来麻烦。
If the attacker has the application display a set of HTML, trouble may creep in.
这次攻击的目标是一个非常受欢迎的商业应用程序引擎。
The target of this attack is a very popular commercial application engine.
找一个认识的安全高手,请他攻击您的应用程序。
Find the smartest security whiz you know, and ask him to break into your application.
它的使用是否使附近的应用程序或主机变得更易受攻击?
Does its use make nearby applications or hosts more vulnerable?
保护您自己和您的应用程序免受XSS攻击是非常重要的。
Protecting yourself and your application from XSS is important.
如今病毒被用来攻击特定的人、公司或程序。
Todays viruses are being written to attack a specific person, company or program.
图三、特殊应用程序及攻击规则设定。
Fig. 3: Set up rules for special application software and attacks.
图三、特殊应用程序及攻击规则设定。
Fig. 3: Set up rules for special application software and attacks.
应用推荐