Injection & Buffer Overflow Attacks

Part 3 – 2: Terms and Definitions for Injection & Buffer Overflow Attacks

Code injection attacks allow attackers to create a script that can be entered into any input field. The attacker can use this code to manipulate the backend vulnerable system to initiate additional malware to activate or run. Common type of injection attack is an SQL injection. An attacker can rely on a vulnerability to provide a script input to the database and in return see the output of all the username and passwords to a system. An injection attack can be used all types of software, devices, and programming languages. An injection attacks are common of those of websites with a database. The attacker is able to provide malicious input to a web application to inject it. The application processes the input code, which then causes the backend application to process differently. For example, it may reveal information that should not be revealed, give the user permissions that the user should never have, or run harmful code on the server or on the client. The only way to prevent injection attacks is by preventing ways an end-user may manipulate the input field. Most web applications provide extra security that allows you to configure what exactly can be inputted into your database and reject all else.

Buffer Overflow attacks provide attackers with a way to overwrite the memory of an application. Such an attack can cause leaking of username and passwords or other sensitive data in plain text when the attacker initiates the overflow script. The use of a buffer overflow attack would require knowledge of the buffer memory layout. Knowing the memory layout allows the attacker to manipulate the code in memory or procedures to initiate a payload attack. The payload is essentially where the actual malware is stored so that it is ready to execute when the command occurs.