Code injection

Code injection is a technique to introduce arbitrary code into a running computer process.

This is often a Computer hacking or Cracking technique to gain information or unauthorised access to a system.

= Example =

A web page has two fields to allow users to enter a Username and a Password. The code behind the page will generate a SQL query to check the Password against the list of Usernames: SELECT UserList.Username FROM UserList WHERE UserList.Username = Username AND UserList.Password = Password

If this query returns more than one row, then access is granted. However, if the malicious user enters a valid Username and injects some valid code ( OR 1=1 } in the Password field, then the resulting query will look like this: SELECT UserList.Username FROM UserList WHERE UserList.Username = Username AND UserList.Password = Password OR 1=1

In the example above, Password is assumed to be blank or some innocuous string. 1=1 will always be true and many rows will be returned, thereby allowing access. The final inverted comma will be ignored by the SQL parser. The technique may be refined to allow multiple statements to run, or even to load up and run external programs.

=See also=

*AspectC_plus_plus *Debugging *mobile code *monitoring *SQL injection

=External links=

*Article [http://www.codeproject.com/threads/winspy.asp Three Ways to Inject Your Code into Another Process] by Robert Kuster *Article [http://codebreakers-journal.com/viewarticle.phpid=36 Unpacking by Code Injection] by Eduardo Labir *Article [http://www.technicalinfo.net/papers/CSS.html HTML Code Injection and Cross-site scripting - Understanding the cause and effect of CSS (XSS) Vulnerabilities] by Gunter Ollmann *[http://citeseer.ist.psu.edu/cisq=code+injection Citations from CiteSeer] *[http://www.acunetix.com/ Scan for code injection vulnerabilities]