Supercharge Your Innovation With Domain-Expert AI Agents!

Ultra vires detection method and device

A detection method and permission technology, applied in the computer field, can solve the problems of inability to crawl all urls and difficult verification.

Pending Publication Date: 2020-10-13
BEIJING WODONG TIANJUN INFORMATION TECH CO LTD +1
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of this, the embodiment of the present invention provides an unauthorized detection method and device, which can at least solve the problems in the prior art that all urls cannot be crawled, and it is difficult to verify whether the url has an unauthorized vulnerability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ultra vires detection method and device
  • Ultra vires detection method and device
  • Ultra vires detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] Exemplary embodiments of the present invention are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present invention to facilitate understanding, and they should be regarded as exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

[0047] Words involved in the present invention are explained as follows:

[0048] White-box testing is also called structural testing or logic-driven testing. It is based on the internal structural testing procedures of the program. Through testing, it is tested whether the internal actions of the product are normally carried out in accordance with the provisions of the de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an ultra vires detection method and device, and relates to the technical field of computers. One specific embodiment of the ultra vires detection method comprises the followingsteps: presetting to access a resource positioning address in a preset linear table based on a first account, generating a first request and sending the first request to a server, so as to receive afirst message fed back by the server; generating a second request based on the second account access resource positioning address; obtaining a first cookie in the first request, replacing a second cookie in the second request with the first cookie, and sending the replaced second request to the server to receive a second message fed back by the server; and if the first message is the same as the second message, determining that the second account has an ultra vires behavior to the first account in the resource positioning address. According to the embodiment, on the basis of an account cookiereplacement mode, the response messages are compared and automatically verified so as to check whether an ultra vires behavior exists between accounts or not.

Description

technical field [0001] The invention relates to the technical field of computers, in particular to a method and device for detecting unauthorized access. Background technique [0002] There are two types of unauthorized access vulnerabilities in the field of security testing. One is horizontal unauthorized access, that is, two users with equal privileges can see each other’s sensitive data; the other is vertical unauthorized access, that is, users with low privileges can see Data of privileged users. [0003] The existing vulnerability detection process mainly relies on manually analyzing the URL (Uniform Resource Locator, Uniform Resource Locator) link of the Web page, analyzing its parameters (such as order number, user name), and guessing whether there is the possibility of exceeding authority. [0004] In the process of realizing the present invention, the inventor finds that there are at least the following problems in the prior art: [0005] By guessing whether it is...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 李一伟付勇勇
Owner BEIJING WODONG TIANJUN INFORMATION TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More