aren't a separate type of attack but rather are ones identified by characteristics such as malicious strings or paths or known hostile IP addresses. They lack subtlety, but they can do serious damage if not blocked.Shell code
creates or takes control of a trusted application that can run any commands. The term comes from the operating system shells which let users or scripts run commands, but malware shells take many forms. Another term for shell is "backdoor." An attacker can launch a shell by breaking an account's security, tricking a user into installing malware, or taking advantage of a vulnerability. Malware shells are versatile, and some are persistent, continuing to steal information for weeks or months.SQL injection
relies on buggy code which communicates with a database. Relational databases get requests in the SQL language, which Web applications generate on the fly. A common trick is to manipulate form data with SQL commands and mismatched quotes. If a Web application fails to detect this trick, it may put the unauthorized command into the SQL stream, allowing theft or alteration of data.Other types of injection
target known weaknesses in software. Repositories such as the National Vulnerability Database
list known issues in published software where patches are available. They alert network owners to problems that need fixing, but criminals are equally aware of them. Keeping software up to date avoids this risk, but businesses can't always update their systems regularly. The small number in the list doesn't mean this attack is rare, but rather than the Web Application Firewall catches most vulnerability exploits by other methods and classifies them accordingly.