Time blind injection detection method, device and equipment and readable storage medium

Abstract

The invention discloses a time blind injection detection method, device and equipment and a readable storage medium, and the method comprises the steps: obtaining the access traffic of a to-be-detected service site in each time period in a preset historical duration, and obtaining the historical access duration of each URL according to the access traffic; determining the standard access duration of each URL according to the historical access duration of each URL; obtaining the current access flow of the to-be-detected service site, obtaining the access duration of the current URL according to the current access flow, and determining the standard access duration of the current URL from the standard access duration of each URL; whether the access duration of the current URL exceeds the corresponding standard access duration or not is judged, and if yes, time blind injection is determined and the blind injection is successful. According to the technical scheme disclosed by the invention, the standard access duration is obtained based on the historical real access condition of the service site to reduce deviation, so that the detection accuracy is improved when detection is carried out based on the standard access duration and the access duration of the current URL.

Description

technical field [0001] The present application relates to the technical field of blind injection detection, and more specifically, to a time blind injection detection method, device, equipment, and a readable storage medium. Background technique [0002] Blind injection means that in the process of SQL (Structured Query Language, structured query language) injection, after the SQL statement is selected, the selected data cannot be echoed to the front-end page. At this time, some methods need to be used to judge or try. This process Call it a blind injection. Among them, time blind injection is also called delayed blind injection, which is a method of SQL injection using time difference. [0003] At present, when performing time blind injection detection, it is usually implemented by using simulated data. Specifically, the blind injection is performed when the blind injection point is known. By sending a request with attack parameters and sending a normal request, two The a...

AI Technical Summary

Problems solved by technology

[0003] At present, when performing time blind injection detection, it is usually implemented by using simulated data. Specifically, the blind injection is performed when the blind injection point is known. By sending a request with attack parameters and sending a normal request, two The average duration corresponding to two kinds of requests, and the time difference is obtained according to the average duration corresponding to the two kinds of requests, so as to realize the detection according to the time difference. However, this method of using simulated data for detection will cause time blind detection due to deviation from the actual situation. is less accurate

Images