Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and device for detecting vulnerable files

A vulnerability and file technology, applied in the field of network security, can solve problems such as comprehensive consideration, false positives, and missed negatives, and achieve the effects of improving accuracy and reliability, wide coverage, and improving accuracy

Active Publication Date: 2021-07-27
XIAN SECLOVER INFORMATION TECH CO LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The traditional file containment vulnerability detection cannot comprehensively consider the specific situation of the detected target, and cannot accurately detect whether the target has the vulnerability, and there are various false negatives and false positives.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for detecting vulnerable files
  • A method and device for detecting vulnerable files
  • A method and device for detecting vulnerable files

Examples

Experimental program
Comparison scheme
Effect test

example 3

[0064] Example three, if the test environment is under the ASPX environment, claim that if the target test file is an ASPX test file, then use the Base64 decoding function to analyze the target AHP test file;

[0065] Example 4. If the test environment is an AHP environment, and the target test file is called a JSP or JSPX test file, then the Base64 decoding function is used to parse the target JSP or JSPX test file.

[0066] The method and corresponding device for detecting vulnerable files disclosed in this embodiment, by constructing the payload of multi-type files, and constructing complex character strings (such as MD5) that do not exist in the original page and target payload Payload in the detection of parsing and execution operations Compared with related technologies, the accuracy, reliability and precision of vulnerability file detection are improved.

[0067] In an optional embodiment, the vulnerability file detection method disclosed in this embodiment realizes the...

example 1

[0070] Example 1: Perform file inclusion vulnerability detection on the remote end (such as the server side)

[0071] Step 1: Get the target test and determine the target test environment. According to the target test environment PHP test environment, AHP test environment, ASPX test environment, JSPX test environment, etc., set the corresponding target test files, which are PHP test files, AHP test files, ASPX test files, and JSPX test files.

[0072] Step 2: Generate a target load according to the target file and target environment. Specifically, construct the detection payload Payload that includes the test file set according to the test environment in the first step.

[0073] Step 3: Send the target payload to the server, and analyze the target file in the server. The specific parsing rules are according to the preset parsing rules corresponding to the target test files set in each different test environment generated in the first step.

[0074] In the fourth step, the s...

example 2

[0112] Example 2: Execute file inclusion vulnerability detection locally on the terminal:

[0113] Step 1: Get the target test and determine the target test environment. According to the target test environment PHP test environment, AHP test environment, ASPX test environment, JSPX test environment, etc., set the corresponding target test files, which are PHP test files, AHP test files, ASPX test files, and JSPX test files.

[0114] Step 2: Generate a target load according to the target file and target environment. Specifically, construct the detection payload Payload that includes the test file set according to the test environment in the first step.

[0115] Step 3: Upload the target load to the processor of the terminal, and analyze the target file in the processor. The specific parsing rules are according to the preset parsing rules corresponding to the target test files set in each different test environment generated in the first step.

[0116] Step 4: The terminal ju...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The disclosure relates to the technical field of network security, and specifically provides a method and device for detecting a vulnerability file. The vulnerability detection method includes: obtaining a target file, the target file being a file to be tested; determining the test environment of the target file; according to The test environment of the target file and the target file generate a target load; wherein the target load is used to instruct the execution of a corresponding instruction; when the target file is executed, it is determined that there is a loophole in calling the target file. The content of the invention disclosed in the present disclosure can at least reduce the problems of loopholes and false positives in the detection of loophole files in related technologies, and improve the accuracy of detection of loophole files.

Description

technical field [0001] The present disclosure relates to the technical field of network security, and in particular to a method and device for detecting vulnerability files. Background technique [0002] Today, with the rapid development of information technology, network security technology is also constantly updated. Lawbreakers use various network security technologies to take advantage of loopholes to carry out illegal activities, and files containing loopholes are an important point of use. Files containing vulnerabilities can be very harmful, but today's detection techniques are not perfect. The traditional file containment vulnerability detection cannot fully consider the specific situation of the detected target, and cannot accurately detect whether the target has the vulnerability, and there are various false negatives and false positives. Contents of the invention [0003] Embodiments of the present disclosure provide a method and device for detecting vulnerabl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F11/36G06F21/57
CPCG06F11/3664G06F21/577H04L63/1433
Inventor 李鹏轩赵培源朱利军
Owner XIAN SECLOVER INFORMATION TECH CO LTD