1
00:00:00,330 --> 00:00:03,110
No gains from this election, which we are going to start with.

2
00:00:03,690 --> 00:00:06,090
So we're using the index and business.

3
00:00:06,510 --> 00:00:11,580
So the most common flaw in the application is the injection floor, or we can say injection winnability.

4
00:00:11,910 --> 00:00:17,940
So interactive application takes input from the user and processes it and return the output to the client.

5
00:00:18,450 --> 00:00:24,360
When the application is vulnerable to an injection floor, it accept input from the user with improper

6
00:00:24,360 --> 00:00:30,840
or no validation and processes it and which simply results in the action that replication did not decide

7
00:00:30,840 --> 00:00:31,470
to perform.

8
00:00:32,670 --> 00:00:39,180
So the malicious input trickster application and forcing the underlying components to perform tasks

9
00:00:39,510 --> 00:00:42,240
that the application was not programmed for.

10
00:00:42,630 --> 00:00:48,090
So in other words, an injection floor allows the attacker to control the component of the application.

11
00:00:48,450 --> 00:00:55,230
So in this section we will discuss the method injection flows and cover all the topics like command

12
00:00:55,320 --> 00:01:01,440
action, identifying injection points to exploit the injection flaws, a skill flow attack potentially

13
00:01:01,440 --> 00:01:04,620
to the floor and different tools in the next to exploit escalate.

14
00:01:05,010 --> 00:01:05,630
OK, guys.

15
00:01:06,540 --> 00:01:12,090
So basically the injection floor is used to gain access to the underlying component to which the application

16
00:01:12,090 --> 00:01:14,610
is sending data to execute some tasks.

17
00:01:15,000 --> 00:01:19,720
So as you can see in the following table, which is presented in front of you.

18
00:01:20,190 --> 00:01:26,370
So what it is doing, it is so this table source, the most common component used by the application

19
00:01:26,700 --> 00:01:32,070
data, are often targeted by an injection attack when the input from the user is not sanitized by the

20
00:01:32,070 --> 00:01:32,690
application.

21
00:01:33,000 --> 00:01:34,200
So what operating system?

22
00:01:34,210 --> 00:01:42,000
Self-command action for relational database SQL injection for Web browser accessors attack for Al Barbarically

23
00:01:42,000 --> 00:01:45,460
it is alapana action and for example, is XPath injection.

24
00:01:45,870 --> 00:01:52,200
So in this particular section we are going to cover all the meta parts of this particular table.