Join Kevin Skoglund for an in-depth discussion in this video Remote system execution, part of Foundations of Programming: Web Security.
- View Offline
- All of the attacks covered in this chapter are bad news.…But there is one attack that is worse than all the others.…Remote System Execution.…Remote System Execution is when a hacker…is able to remotely run operating system commands…on a web server.…It can be used to do anything on your computer…than the operating system can do.…That means add files, delete files, modify files,…change access privileges,…change passwords to get to the server,…change the IP address, absolutely anything.…
It is the most powerful hack that someone can do.…It's also typically the hardest hack to achieve.…The wall between what's running on the operating system…and the web server, is pretty hard to penetrate on its own.…That is, unless you make it easy.…Most programming languages do not allow casual access…to the underlying operating system.…It is protected,…and things that you do in the programming language…do not have a way of penetrating through…to the operating system.…But, most programming languages also offer special commands…
This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.
- Why security matters
- What is a hacker?
- How to write a security policy
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
- Passwords and encryption
- Secure credit card payments
Skill Level Beginner
1. Security Overview
2. General Security Principles
3. Filtering Input, Controlling Output
4. The Most Common Attacks
5. Encryption and User Authentication
6. Other Areas of Concern
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.