Simulator-based android application server side Web vulnerability detection method

Abstract

The invention discloses a simulator-based android application server side Web vulnerability detection method, comprising the following steps of: starting a vulnerability detection agent module, starting an android simulator and configuring a network; composing an APK (Android Package) Monitor module, connecting the android simulator and monitoring a directory; installing files to batches of or single android application by virtue of a Python script; when the APK Monitor monitors an APK file in the directory, installing the file automatically by virtue of an ADB (Android Debug Bridge) command; capturing all requirements of an APP (application) for a server side by virtue of agency of the vulnerability detection agent module; performing, by the vulnerability detection agent module, vulnerability detection on the captured requirements; uninstalling the APP after completion of execution of the APK Monitor, and continuously monitoring an appointed directory; and outputting a detection result by the vulnerability detection agent module. By use of the method disclosed by the invention, Web vulnerabilities of an android APP server side can be detected fully automatically, and meanwhile batch detection is supported without manual intervention, and automatic detection of all APPs of a certain android APP market is supported to obtain an analysis statistical result.

Description

technical field [0001] The invention relates to the fields of simulated operation of Android applications, ADB command operations, vulnerability detection and the like by using an Android simulator, and in particular relates to a simulator-based Android application server Web vulnerability detection method. Background technique [0002] Different Android APPs provide different functions to promote the development of the mobile Internet and make our lives more convenient, but the widespread use of APPs and their own loopholes also pose a threat to our mobile life and privacy security. The APP replaces the website to realize the services that we obtain daily by accessing the web application in the way of the client. In fact, its backend also communicates with the server for data transmission. [0003] In the traditional security detection of APP server requests, most of them use static analysis to obtain the source code of APP through reverse APP, mainly including APP unpackin...

AI Technical Summary

Problems solved by technology

Traditional static detection needs to reverse the APP first to obtain the APP source code before proceeding to the next step, and most important APPs will reinforce and pack the APP, which leads to the fact that sometimes the APP cannot be reversed to obtain the source code, or the reverse is too difficult. High, if the source code cannot be obtained due to insufficient technology, etc., it is impossible to carry out the next step of detection

After successful reverse engineering, static code review and analysis is required to extract all requests to the server in the APP, which requires a lot of experience and effort, and is time-consuming and labor-intensive.

[0004] In addition, in many APPs, the URL requested by the server is spliced ​​through parameters. It is necessary to track the direction of the code to obtain the value of the corresponding parameter to complete the splicing of the URL, and even some parameters are based on actual conditions. The dynamic reading of the running environment cannot be obtained by tracking the code, which leads to the fact that the extracted request may be incomplete, resulting in a problem with the detection effect

Some APPs may contain some invalid URLs. In fact, these URLs are not requested by the APP. Traditional methods may also extract these server-side URLs, and cost detection resources to detect, resulting in a waste of detection resources.

Images