Malevolent
Use of code injection is typically viewed as a malevolent action, and it often is. Code injection techniques are popular in system hacking or cracking to gain information, Privilege escalation or unauthorized access to a system.
Code injection can be used malevolently to:
- Arbitrarily modify values in a database through a type of code injection called SQL injection. The impact of this can range from defacement of a web site to serious compromise of sensitive data.
- Install malware on a computer by exploiting code injection vulnerabilities in a web browser or its plugins when the user visits a malicious site.
- Install malware or execute malevolent code on a server, by PHP or ASP Injection.
- Privilege escalation to root permissions by exploiting Shell Injection vulnerabilities in a setuid root binary on UNIX.
- Privilege escalation to Local System permissions by exploiting Shell Injection vulnerabilities in a service on Windows.
- Stealing sessions/cookies from web browsers using HTML/Script Injection (Cross-site scripting).
Read more about this topic: Code Injection, Uses of Code Injection, Intentional Use
Famous quotes containing the word malevolent:
“Seeing my malevolent face in the mirror, my benevolent soul shrinks back.”
—Mason Cooley (b. 1927)