Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability detection method, device and system

A vulnerability detection and vulnerability technology, applied in the field of information processing, can solve problems such as information leakage, and achieve the effect of solving information leakage and improving information security

Active Publication Date: 2019-08-27
ALIBABA GRP HLDG LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The embodiment of the present application provides a loophole detection method, device and system to at least solve the technical problem of information leakage caused by loopholes in files

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method, device and system
  • Vulnerability detection method, device and system
  • Vulnerability detection method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] According to the embodiment of the present application, a method embodiment of a vulnerability detection method is also provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and , although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0036] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, figure 1 It is a block diagram of the hardware structure of a computer terminal of a vulnerability detection method in the embodiment of the present application. Such as figure 1 As shown, the computer terminal 10 may include one or more (only one is shown in the figure) pro...

Embodiment 2

[0093] According to the embodiment of the present application, an embodiment of a device for implementing the above method embodiment is also provided, and the device provided in the above embodiment of the present application can run on a computer terminal.

[0094] Figure 4 is a schematic structural diagram of a vulnerability detection device according to an embodiment of the present application.

[0095] Such as Figure 4 As shown, the vulnerability detection device may include a first acquisition unit 402 and a detection unit 404 .

[0096] Wherein, the first acquiring unit 402 is configured to acquire the print log information outputted by the browser component after executing the running file, wherein, the browser component executes the running file that has a hyperlink with the running file to be executed. Detecting files, wherein the hyperlink between the file to be detected and the running file is pre-established, and the running file is the file pointed to by the ...

Embodiment 3

[0114] According to an embodiment of the present application, a vulnerability detection system is also provided, Figure 9 is a schematic structural diagram of a vulnerability detection system according to an embodiment of the present application.

[0115] Such as Figure 10 As shown, the system includes: a vulnerability detection device 1002 and a browser component 1004 .

[0116] Wherein, the vulnerability detection device 1002 is used to acquire the print log information output by the browser component after executing the running file; the browser component 1004 is used to execute the The file to be detected, wherein, the hyperlink between the file to be detected and the running file is pre-established, and the running file is the file pointed to by the pre-acquired file domain link; the vulnerability detection device 1002 is further configured to determine whether there is a loophole in the file to be detected according to the print log information.

[0117]Optionally, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a loophole detection method, device and system, wherein, the method comprises the steps of obtaining the printed log information after the browser sub unit executing the working file, wherein, the browser sub unit through executing the working file, executing the pending to be detected files having hyperlink with the working file, wherein, the hyperlink of the pending to be detected files and the working file being prebuilt, the working file being a file pointed by the preobtained file domain link; according to printed log information determining whether the pending to be detected files existing loopholes or not. The invention solves the technical problem of information leakage caused by loopholes in the files.

Description

technical field [0001] The present application relates to the field of information processing, in particular, to a vulnerability detection method, device and system. Background technique [0002] Browser same-origin policy is the most important security mechanism for browsers. Same-origin generally refers to the same protocol, domain name and port. It was first proposed by Netscape in 1995, and current mainstream browsers follow this policy. The browser component on Android is a Webview Activity component, so Webview Activity also needs to follow this same-origin policy. [0003] However, in October 2013, the industry discovered that the FireFox Android version had the following security issues: When an application (app) has a Webview same-origin policy bypass vulnerability, the Webview Activity component may cause leakage of sensitive information such as cookies of the vulnerable application , In addition, hackers can use this vulnerability to obtain all files of FireFox. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06F21/57
Inventor 李天祥
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products