No edit summary |
No edit summary |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 13: | Line 13: | ||
* [[Malicious]] actions can be performed on a [[site]] through an [[SQL injection vulnerability]]. |
* [[Malicious]] actions can be performed on a [[site]] through an [[SQL injection vulnerability]]. |
||
− | [[ |
+ | [[Cross-site scripting vulnerability|Cross-site scripting]] and [[SQL injection vulnerability|SQL injection]] are propagated through two different primary [[vector]]s. In one [[vector]], [[malicious content]] is [[inject]]ed into [[data]] [[store]]d on a legitimate [[web server]], which a victim is exposed to. In the other [[vector]], [[malicious content]] is [[embed]]ded into a [[URL]] that the [[user]] [[visit]]s when he or she [[click]]s on a [[link]]. This is commonly a [[URL]] that includes components that will be displayed on [[screen]] or used as part of a [[database query]], such as an argument to a [[search function]]. |
+ | |||
+ | == Source == |
||
+ | |||
+ | * [[The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond]], at 17-18. |
||
== See also == |
== See also == |
||
* [[Code injection]] |
* [[Code injection]] |
||
+ | * [[Data injection]] |
||
[[Category:Cybercrime]] |
[[Category:Cybercrime]] |
||
[[Category:Definition]] |
[[Category:Definition]] |
Revision as of 03:31, 1 December 2014
Definition
Content injection attack refers to inserting malicious content into a legitimate site.
Overview
In addition to deceptive actions such as redirecting to other sites, malicious content can install crimeware on a user’s computer through a web browser vulnerability or by social engineering, such as asking a user to download and install anti-virus software that actually contains crimeware.
There are three primary classes of content injection attacks, each of which has many possible variations:
- Hackers can compromise a server through a security vulnerability and replace or augment the legitimate content with malicious content.
- Crimeware can be inserted into a site through a cross-site scripting vulnerability.
- Malicious actions can be performed on a site through an SQL injection vulnerability.
Cross-site scripting and SQL injection are propagated through two different primary vectors. In one vector, malicious content is injected into data stored on a legitimate web server, which a victim is exposed to. In the other vector, malicious content is embedded into a URL that the user visits when he or she clicks on a link. This is commonly a URL that includes components that will be displayed on screen or used as part of a database query, such as an argument to a search function.