From the course: SSCP Cert Prep: 7 Systems and Application Security
Join today to access over 23,100 courses taught by industry experts.
Code execution attacks
From the course: SSCP Cert Prep: 7 Systems and Application Security
Code execution attacks
- [Instructor] Code execution attacks are a special class of attack where the attacker exploits a vulnerability in the system that allows them to run commands on that system. There are many different ways that an attacker might gain this foothold on a system, but it's normally through some resource that the target system exposes to the world. For example, a public facing web server must expose ports 80 and, or 443 to the world. And those ports provide access to the web server, such as Apache or Microsoft IIS. If an attacker learns of a code execution vulnerability in that web server software, the attacker may exploit that vulnerability on an unpatched server and use it to execute whatever commands they desire on the system. This condition where an attacker runs commands of his or her choice is known as arbitrary code execution. When it takes place from a remote system, it's also known as remote code execution. Attackers…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
OWASP Top Ten5m 37s
-
(Locked)
Application security4m 18s
-
(Locked)
Preventing SQL injection4m 22s
-
(Locked)
Understanding cross-site scripting3m 14s
-
(Locked)
Request forgery4m 6s
-
(Locked)
Defending against directory traversal3m 21s
-
(Locked)
Overflow attacks3m 20s
-
(Locked)
Explaining cookies and attachments4m 23s
-
(Locked)
Session hijacking4m 48s
-
(Locked)
Code execution attacks2m 44s
-
(Locked)
-
-
-
-
-
-
-