Unlock instant, AI-driven research and patent intelligence for your innovation.

A sub-domain name hijacking vulnerability detection method, device and equipment

A detection method and domain name hijacking technology, applied in the field of network security, can solve the problems of labor and time consumption, economy, reputation loss, low efficiency, etc., to avoid missed detection, improve accuracy, and improve detection efficiency.

Active Publication Date: 2022-01-07
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] At present, the detection of hijacking vulnerabilities is still in the manual detection mode and natural discovery stage, and a website often has a large number of subdomain names, relying on manual detection one by one, consumes manpower and time, and the efficiency is low; when relying on natural discovery, it is also not timely Subdomains with hijacking vulnerabilities are detected, affecting user experience, and may even cause economic and reputation losses

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A sub-domain name hijacking vulnerability detection method, device and equipment
  • A sub-domain name hijacking vulnerability detection method, device and equipment
  • A sub-domain name hijacking vulnerability detection method, device and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055] Please refer to figure 1 , figure 1 It is an implementation flowchart of a sub-domain name hijacking vulnerability detection method in an embodiment of the present invention. The method can be applied to computing processing equipment (such as computers, processing chips), and the method includes the following steps:

[0056] S101. Obtain a set of subdomain names for hijacking vulnerabilities to be detected.

[0057] The set of subdomain names can be read from a pre-stored readable storage medium, or the set of subdomain names can be obtained by searching websites and web pages. The set of subdomain names may be subdomain names belonging to the same website, or subdomain names in different websites that need to detect hijacking vulnerabilities.

[0058] Wherein, the acquired sub-domain name set may be a search engine for the target website to obtain the sub-domain name set corresponding to the target website. The target website can be searched by searching engines su...

Embodiment 2

[0095] Corresponding to the above method embodiment, the embodiment of the present invention also provides a sub-domain name hijacking vulnerability detection device, the sub-domain name hijacking vulnerability detection device described below and the sub-domain name hijacking vulnerability detection method described above can refer to each other correspondingly.

[0096] see figure 2 As shown, the device includes the following modules:

[0097] The sub-domain name mining module 101 is used to obtain the set of sub-domain names to be detected for hijacking vulnerabilities;

[0098] The alias vulnerability detection module 102 is used to execute the alias record view command to obtain the alias record corresponding to each subdomain name in the subdomain name set, and use the alias to perform hijacking vulnerability detection to obtain the alias detection vulnerability set;

[0099] Web response vulnerability detection module 103, is used for carrying out web request to each ...

Embodiment 3

[0113] Corresponding to the above method embodiment, the embodiment of the present invention also provides a sub-domain name hijacking vulnerability detection device. The sub-domain name hijacking vulnerability detection device described below and the sub-domain name hijacking vulnerability detection method described above can be referred to in correspondence.

[0114] see image 3 As shown, the subdomain name hijacking vulnerability detection equipment includes:

[0115] memory D1 for storing computer programs;

[0116] The processor D2 is configured to implement the steps of the subdomain name hijacking vulnerability detection method in the above method embodiment when executing the computer program.

[0117] Specifically, please refer to Figure 4 , Figure 4 A specific structural diagram of a sub-domain name hijacking vulnerability detection device provided for this embodiment, the sub-domain name hijacking vulnerability detection device may have relatively large differ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a sub-domain name hijacking loophole detection method, which comprises the following steps: obtaining a sub-domain name set of hijacking loopholes to be detected; executing an alias record view command to obtain the alias records corresponding to each sub-domain name in the sub-domain name set, and using Perform hijacking vulnerability detection on aliases to obtain alias detection vulnerability collection; make web requests to each subdomain name in the subdomain name collection, and use the response packet to perform hijacking vulnerability detection to obtain a web response detection vulnerability collection; calculate alias detection vulnerability collection and web response detection vulnerability The intersection of the sets, and determine the intersection as the set of target subdomain names with hijacking vulnerabilities. This method can improve the detection efficiency of hijacking vulnerabilities. The invention also discloses a sub-domain name hijacking vulnerability detection device, equipment and a readable storage medium, which have corresponding technical effects.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a subdomain name hijacking vulnerability detection method, device, equipment and a readable storage medium. Background technique [0002] Subdomain Takeover (Subdomain Takeover) vulnerability is a domain name hijacking vulnerability. When the victim accesses this domain name, what he accesses is the content provided by the attacker, or he cannot access any content. Subdomain hijacking is the process of registering a non-existent domain name to gain control over another domain. The most common scenarios for this process are as follows: [0003] 1. A subdomain (eg, sub.example.com) uses an alias (CNAME) record for another domain (eg, sub.example.com CNAME anotherdomain.com). [0004] 2. At some point, anotherdomain.com expires and becomes available for anyone to register. [0005] 3. Since the CNAME record is not removed from the example.com DNS zone, anyone who...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06F21/57H04L67/02H04L61/00H04L101/32
CPCH04L63/1433H04L67/02H04L61/4511
Inventor 姚志华范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD