Memory Injections, Buffer overflows, Race conditions, SQL injections

Question 1

What does malware do?

Answer 1

Runs its own process ( in memory) & Injects itself in a legit process.

Question 2

Injecting malware can lead to-

Answer 2

Adding code into memory.
Having same rights & permissions.
Can perform a privilege escalation.

Question 3

DLL (Dynamic Link Library) Injection

Answer 3

Attackers insert malicious code into a running process.

Question 4

Buffer overflow attack

Answer 4

An attacker writes more than what is expected into a particular area of memory.
Can cause system/app to crash.

Question 5

Bound checking

Answer 5

Looking to see if anyone is writing additional info into that memory

Question 6

Race condition

Answer 6

Two events happen nearly the same time with an app, and the app doesn’t take into account that these two conditions may be operating simultaneously

Question 7

Code injection

Answer 7

Attacks that inject code into an application.

Question 8

SQL injection

Answer 8

-Malicious SQL code injected into an app, allowing the attacker to view or modify a database.
-Often be executed in a web browser.

Question 9

What are some methods to prevent SQL injection?

Answer 9

-Least privilege access
-Regular security audits
-Input validation, sanitize user input.