Unlock instant, AI-driven research and patent intelligence for your innovation.

Nginx server vulnerability detection method and device

A vulnerability detection and server technology, applied in the field of server detection, can solve the problem of inaccurate nginx server vulnerabilities

Inactive Publication Date: 2016-01-27
TENCENT TECH (SHENZHEN) CO LTD
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Embodiments of the present invention provide a method and device for detecting vulnerabilities of nginx servers, so as to solve the technical problem of inaccurate detection of vulnerabilities of nginx servers in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Nginx server vulnerability detection method and device
  • Nginx server vulnerability detection method and device
  • Nginx server vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] According to the embodiment of the present invention, an embodiment of the vulnerability detection method that can be used to implement the nginx server of the present application can be provided. It should be noted that the steps shown in the flow chart of the accompanying drawing can be executed in a group of computers such as instructions and, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0053] According to an embodiment of the present invention, a vulnerability detection method of an nginx server is provided, such as figure 1 As shown, the method includes the following steps:

[0054] Step S102, sending an access request of the first network address to the nginx server, and obtaining the first content type returned by the nginx server in response to the access request of the first network address.

[0055] Send the access request of the f...

Embodiment 2

[0112] According to an embodiment of the present invention, a device for implementing nginx server vulnerability detection is also provided. The vulnerability detection method in the embodiment of the present invention can be implemented by the vulnerability detection device provided in the embodiment of the present invention, and the vulnerability detection device in the embodiment of the present invention can also be used to execute the vulnerability detection method provided in the embodiment of the present invention.

[0113] Such as figure 2 As shown, the device includes: a first request unit 20 , a second request unit 40 , a first judgment unit 60 and a determination unit 80 .

[0114] The first request unit 20 is configured to send an access request of the first network address to the nginx server, and obtain the first content type returned by the nginx server in response to the access request of the first network address.

[0115] Send the access request of the first...

Embodiment 3

[0162]According to an embodiment of the present invention, a system is also provided, and the system includes a terminal 100 and an nginx server 300 . Figure 4 It is a sequence diagram of interaction between a terminal and an nginx server according to an embodiment of the present invention.

[0163] As shown in the figure, the terminal 100 sends an access request of the first network address to the nginx server 300, and acquires the first content type returned by the nginx server 300. Afterwards, the terminal 100 sends an access request of the second network address to the nginx server 300, and acquires the second content type returned by the nginx server 300.

[0164] After obtaining the first content type and the second content type, it is judged whether the first content type and the second content type are the same, if the first content type and the second content type are different, then it is determined that the nginx server 300 has a loophole.

[0165] The terminal 10...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a nginx server vulnerability detection method and device. The method comprises the steps that an access request for a first network address is transmitted to a nginx server, and a first content type returned by the nginx server for responding to the access request for the first network address is obtained; and an access request for a second network address is transmitted to the nginx server and a second content type returned by the nginx server for responding to the access request for the second network address is obtained, and a situation that the nginx server has vulnerabilities is determined if the first content type and the second content type are different through judgment. With application of the nginx server vulnerability detection method and device, the problem of inaccuracy of nginx server vulnerability detection in the prior art can be solved so that an effect of enhancing accuracy of nginx server vulnerability detection can be achieved.

Description

technical field [0001] The invention relates to the field of server detection, in particular to a vulnerability detection method and device for an nginx server. Background technique [0002] The prior art utilizes white-box testing to detect the configuration file of the nginx server, if there is a vulnerability feature in the detection configuration file, if there is a vulnerability feature, then it is considered that the nginx server has a vulnerability. However, the use of white-box testing may detect wrong configuration files, resulting in missed or false detections, resulting in inaccurate detection of vulnerabilities in the nginx server. [0003] For the problem of inaccurate detection of nginx server vulnerabilities in the prior art, no effective solution has been proposed yet. Contents of the invention [0004] Embodiments of the present invention provide a method and device for detecting vulnerabilities of nginx servers to solve the technical problem of inaccurat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L29/06
Inventor 刘鹏翁家才黄富兴罗嘉飞何双宁许鑫城董昭郑兴张海清马杰彭贵春
Owner TENCENT TECH (SHENZHEN) CO LTD