Injection attacks refer to a broad class of attack vectors. In an injection attack, an attacker supplies untrusted input to a program. This input gets processed by an interpreter as part of a command or query. In turn, this alters the execution of that program.
What are Injection Attacks
Injections are among the oldest and most dangerous attacks aimed at web applications. They can lead to data theft, data loss, loss of data integrity, denial of service, as well as full system compromise. The primary reason for injection vulnerabilities is usually insufficient user input validation.
What makes injection vulnerabilities particularly scary is that the attack surface is enormous (especially for XSS and SQL Injection vulnerabilities). Furthermore, injection attacks are a very well understood vulnerability class. This means that there are many freely available and reliable tools that allow even inexperienced attackers to abuse these vulnerabilities automatically.
Types of Injection Attacks
Blind SQL Injection
Allows an attacker to use an error page returned by the database server to ask a series of True and False questions using SQL statements in order to gain total control of the database or execute commands on the system.
Blind XPath Injection
Allows an attacker who does not know the structure of an XML document to use methods that attempt to determine the structure of the document.
Alters the flow of an application by overwriting parts of memory.
Format String Attack
Alters the flow of an application by using string formatting library features to access other memory space. In this type of attack, data provided by users might be used as formatting string input for certain C/C++ functions.
Exploits web sites that construct LDAP (Lightweight Directory Access Protocol) statements from data provided by users.
In this type of attack, an attacker might modify LDAP statements using a local proxy in order to execute arbitrary commands (granting permissions to unauthorized queries) or modify the content of the LDAP tree.
Exploits web sites by injecting an operating system command through an HTTP request to the web application. In this type of attack, an attacker might upload malicious programs or obtain passwords.
Takes advantage of the SQL syntax to inject commands that can read or modify a database, or compromise the meaning of the original SQL query. In this type of attack, an attacker can spoof identity; expose, tamper, destroy, or make existing data unavailable; become the Administrator of the database server.
Allows an attacker to send code to a web application, which will later be executed locally by the web server. In this type of attack, an attacker exploits the failure of the web application to filter data provided by users before it inserts that data into a server-side interpreted HTML file.
Exploits web sites that allow an attacker to inject data into an application in order to execute XPath queries. (XPath is a query language that describes how to locate specific elements, such as attributes or processing instructions in an XML document.)
In this type of attack, the attacker might be able to bypass authentication or likewise access information without needing proper authorization.
Injection attacks refer to a broad class of attack vectors. They allow an attacker to supply untrusted input to a program. Hence, which gets processed by an interpreter as part of a command. Or likewise query which alters the course of execution of that program. Furthermore, injection attacks are among the oldest and most dangerous web application attacks. Hence, they can result in data theft, data loss, loss of data integrity, and denial of service. Also full system compromise.