Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability detection method, test server and client

A test server and vulnerability detection technology, applied in electrical components, transmission systems, etc., can solve problems such as low versatility and detection vulnerabilities, and achieve the effect of strong versatility

Active Publication Date: 2018-11-13
TENCENT TECH (SHENZHEN) CO LTD
View PDF10 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, this detection method needs to know the intranet structure in advance to pre-construct resource files. For other intranet structures that cannot be controlled, specific intranet resources cannot be preset in advance, that is, vulnerabilities cannot be detected through the above method, and the versatility is low.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method, test server and client
  • Vulnerability detection method, test server and client
  • Vulnerability detection method, test server and client

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention.

[0042] The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims of the present invention and the above drawings are used to distinguish similar objects and not necessarily Describe a specific order or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the invention described herein are, for example, capable of practice in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having", as well as any variations thereof, are intended to cover a non-exclusive inclusion, for example, a process, method, syste...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a vulnerability detection method. The method is used for improving the vulnerability detection universality. The method provided by the embodiment of the invention comprises the steps that a test server receives a network request; the test server analyzes the network request to obtain target information; and if the target information comprises a detectionparameter, the test server determines that a vulnerability exists in a business interface corresponding to the detection parameter, wherein the detection parameter is generated by the client accordingto interface information of the business interface and is spliced to a common gateway interface (CGI) parameter corresponding to the business interface.

Description

technical field [0001] The invention relates to the field of computer applications, in particular to a loophole detection method, a test server and a client. Background technique [0002] Many website (web) applications provide the function of obtaining data from other servers. Using a user-specified Uniform Resource Locator (Uniform Resource Locator, URL), a web application can obtain images, download files, read file content, and so on. If this function is used maliciously, it can use the flawed web application as a proxy to attack remote and local servers. This form of attack is called Server-side Request Forgery (SSRF) attack. [0003] The SSRF vulnerability is a security hole constructed by the attacker to form a request initiated by the server. At present, most of the open web applications on the Internet run in the internal network boundary scenario, and the final network results are returned to the external network client users who request the connection through p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/14H04L63/1433
Inventor 张强胡珀郑兴王放郭晶范宇河唐文韬杨勇
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products