Unlock instant, AI-driven research and patent intelligence for your innovation.

Test method for realizing automobile user data unauthorized based on fidder

A technology of user data and testing methods, which is applied in the directions of electronic digital data processing, software testing/debugging, error detection/correction, etc., can solve the problems of cumbersome operation steps, large human resources, consumption, etc., and achieve high detection efficiency and simple operation steps Simple and save human resources

Pending Publication Date: 2021-11-02
的卢技术有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above solutions require a lot of repetitive work by testers, so they rely heavily on the subjective experience of security testers, resulting in a large consumption of human resources. Conduct large-scale unauthorized vulnerability detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Test method for realizing automobile user data unauthorized based on fidder
  • Test method for realizing automobile user data unauthorized based on fidder
  • Test method for realizing automobile user data unauthorized based on fidder

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The technical solutions of the present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0029] A kind of testing method based on fidder of the present invention to realize automobile user data overreach, comprises the following steps:

[0030] Download the packet capture tool fidder and install it on the local computer. After the download is complete, open the tool and filter the session URL for the packet capture tool to capture the required interface data.

[0031] refer to figure 1 , for horizontal data unauthorized testing: open the car user web system, and open the pages between different car users that need to be tested, use fidder to grab the interface of the relevant car user A, and then string it into the field information of another car user B, If the collusion is successful, it means that there is a horizontal overreach, otherwise it does not exist.

[0032] Compared with the single interface test m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a test method for realizing automobile user data unauthorized based on fidder, and provides corresponding test methods respectively by dividing user data unauthorized into transverse data unauthorized, longitudinal data unauthorized and URL unauthorized and researching and analyzing different data unauthorized, simply and efficiently finishing a user data unauthorized test at one time by utilizing a free packet capturing tool fidder. In the testing process of actual software testing personnel, related testing tasks can be efficiently completed by utilizing the method and the tool, the operation steps are simple, the detection efficiency is high, manpower resources are saved, and large-scale detection work of the unauthorized vulnerabilities can be realized.

Description

technical field [0001] The invention belongs to the technical field of computer data security, and in particular relates to a test method based on fidder to realize data overreach of automobile users. Background technique [0002] In the process of business system development, it is often necessary to ensure that users operate their own data information; but because the server side trusts too much in the data operation requests made by the client's business application program, it ignores the judgment of its operation authority. An attacker can use a legitimate account to perform illegal operations on other account data that has a vulnerability of unauthorized access. [0003] To deal with the problem of unauthorized vulnerabilities, those skilled in the art have developed some unauthorized vulnerability scanning tools, such as BurpSuite and the like. Users use these software to capture packets, then modify the Request parameters, and compare the feedback results to determi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36G06F21/57
CPCG06F11/3696G06F21/577
Inventor 齐杰
Owner 的卢技术有限公司