Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and Device for Vulnerability Detection of Application Program of Phonegap Framework

An application and vulnerability detection technology, applied in the field of information security, which can solve problems such as improper whitelist configuration

Active Publication Date: 2017-11-10
BEIJING KINGSOFT INTERNET SECURITY SOFTWARE CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, if used improperly, applications based on the PhoneGap framework are likely to have whitelist bypass vulnerabilities or improper whitelist configuration vulnerabilities. Hacking commands, such as downloading malware in the background, obtaining contact information, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and Device for Vulnerability Detection of Application Program of Phonegap Framework
  • Method and Device for Vulnerability Detection of Application Program of Phonegap Framework
  • Method and Device for Vulnerability Detection of Application Program of Phonegap Framework

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0056] See figure 1 , figure 1 It is a schematic flow chart of the vulnerability detection method of the application program of the PhoneGap framework provided by the embodiment of the present invention. In the embodiment of the present invention, the method includes:

[0057] S101: Obtain version information and whitelist configuration information of the PhoneGap framework on which the application program is based, wherein the whitelist configuration informa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the present invention discloses a vulnerability detection method for an application program of the PhoneGap framework, comprising: acquiring version information and whitelist configuration information of the PhoneGap framework on which the application program is based, wherein the whitelist configuration information includes that the application program has The URL of the access authority; according to the version information and the whitelist configuration information, determine the vulnerability type of the application program. The embodiment of the invention also discloses a vulnerability detection device for the application program of the PhoneGap framework. By adopting the embodiment of the present invention, it is possible to automatically detect whether there is a whitelist bypass vulnerability and / or a whitelist improper configuration vulnerability in the application program based on the PhoneGap framework.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and a device for detecting a vulnerability of an application program of a PhoneGap framework. Background technique [0002] PhoneGap is currently the only open source development framework that supports 7 platforms. APIs develop cross-platform applications. Developers can easily call API interfaces of different mobile platforms using common web technologies. Therefore, more and more web developers choose to use PhoneGap to develop mobile applications. However, if used improperly, applications based on the PhoneGap framework are likely to have whitelist bypass vulnerabilities or improper whitelist configuration vulnerabilities. Hacking commands, such as downloading malware in the background, obtaining contact information, etc. Therefore, it is particularly important to detect such vulnerabilities in applications based on the PhoneGap framework. Contents o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36G06F21/57
Inventor 刘文柱沈江波张楠徐鸣
Owner BEIJING KINGSOFT INTERNET SECURITY SOFTWARE CO LTD