Out-of-authority vulnerability automatic detection method, equipment and medium

An automatic detection and vulnerability technology, applied in the field of network security, can solve the problem of low efficiency of unauthorized vulnerability detection, and achieve the effects of reducing the number of packets sent, improving the success rate and improving efficiency.

Pending Publication Date: 2021-03-09
GUANGTONGTIANXIA NETWORK TECH CO LTD
View PDF1 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Embodiments of the present invention provide an automatic detection method, device and medium for unauthorized vulnerabilities, so as to at least solve the problem of low detection efficiency for unauthorized vulnerabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Out-of-authority vulnerability automatic detection method, equipment and medium
  • Out-of-authority vulnerability automatic detection method, equipment and medium
  • Out-of-authority vulnerability automatic detection method, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0059] Based on the above principles, this embodiment provides an automatic detection method for unauthorized vulnerabilities, figure 1 It is a flow chart of the automatic detection method for unauthorized loopholes of the present invention, such as figure 1 As shown, the automatic detection method for unauthorized vulnerabilities includes the following steps:

[0060] S101. Obtain an original request packet, an original response packet, and HTML data of the response packet of the web application.

[0061] The packet capture operation is performed through the proxy tool to intercept the data packets uploaded and received by the web application, so as to obtain the original request packet, original response packet and HTML code of the original response packet of the web application.

[0062] S102. Store the original request packet, the response packet, and the HTML data of the original response packet.

[0063] Because the rate of sending packets again after replacing paramet...

Embodiment 2

[0101] The difference between this embodiment and the foregoing embodiments is that obtaining the original request packet, the original response packet, and the HTML data of the original response packet of the Web application includes:

[0102] Passive packet capture by proxy tool to obtain the original request packet, original response packet and HTML data of the original response packet of the first account in the Web application, and obtain the original request packet, original response packet and all HTML data of the Web application. Describe the HTML data of the original response packet;

[0103] Automatically load the pre-configured JS script through the browser plug-in to obtain the page operation of the first account, call the selenium module to simulate the login of the second account, and execute the page operation of the first account synchronously, capture packets through the proxy tool, and obtain The request packet of the second account, the response packet of th...

Embodiment 3

[0114] image 3 It is a schematic structural diagram of an electronic device according to an embodiment of the present invention, such as image 3 As shown, an electronic device is provided, which can be a server, and its internal structure diagram can be as follows image 3 shown. The electronic equipment includes a processor, a memory, an input device, and an output device; wherein the number of processors in the electronic equipment can be one or more, image 3 Take a processor as an example; the processor, memory, input device and output device in the electronic device can be connected by bus or other means, image 3 Take connection via bus as an example.

[0115] Memory, as a computer-readable storage medium, can include high-speed random access memory, non-volatile memory, etc., and can be used to store operating systems, software programs, computer executable programs and databases, such as the unauthorized loophole in Embodiment 1 of the present invention The progr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an unauthorized vulnerability automatic detection method, electronic equipment and a computer storage medium, relates to the technical field of network security, and aims to solve the problem of low unauthorized vulnerability detection efficiency. The method comprises the following steps: acquiring an original request packet and an original response packet of a Web application and HTML data of the original response packet; storing the HTML data of the original request packet, the original response packet and the original response packet; reading the original request packet, identifying parameters in the original request packet and corresponding parameter values, and performing screening and filtering operation on the parameters in the original request packet to obtain user identification parameters in the original request packet; replacing the user identification parameters in the original request packet to obtain a constructed request packet; sending the constructed request packet, and receiving a new response packet; and reading the original response packet and the new response packet for comparison, and if the original response packet and the new responsepacket are inconsistent, judging that the Web application has an unauthorized vulnerability.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an automatic detection method, device and medium for unauthorized loopholes. Background technique [0002] With the outbreak of various high-risk vulnerabilities, network security issues are getting more and more attention. [0003] Privilege violation vulnerability is a common security vulnerability in web applications. It means that due to the negligence of programmers, a certain operation authority or account is not strictly restricted, resulting in normal operation authority for accounts that do not have operation authority. The security threat brought about is that the account data of the whole site can be controlled through one account, that is, an attacker can use a legitimate account to perform illegal operations on other account data with unauthorized vulnerabilities, such as querying, inserting, deleting, modifying, etc. database operations. The unauthorized ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57H04L29/06
CPCG06F21/577G06F2221/033H04L63/1433
Inventor 张惠凯赵俊单夏烨任新新
Owner GUANGTONGTIANXIA NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap