Which injection technique compromises the logic of an XML application or service?

The correct answer is XML injection, which directly targets the logical structure and data processing of XML applications or services. This technique involves injecting malicious XML content into a service that processes XML data. When an application improperly validates or sanitizes user input, an attacker can manipulate the XML data being processed. This manipulation can alter the intended logic, execute unauthorized commands, or cause the application to behave in unforeseen ways.

For example, through XML injection, an attacker might craft XML that disrupts data structures, enabling them to access restricted information, alter configurations, or perform other unauthorized actions on the application. By compromising the logic of the application, the attacker could effectively undermine the integrity and security of the data being handled.

The other options, while related to injection techniques, target different types of data or systems. SQL and DLL injection focus on SQL databases and dynamic link libraries, respectively, whereas LDAP injection targets LDAP directory services. Zero-day attacks refer to exploits that target vulnerabilities that are not yet known or patched, making them distinct from the specific compromise of XML application logic seen in XML injection.