Check patentability & draft patents in minutes with Patsnap Eureka AI!

XXE vulnerability detection method and system based on HTTP connection platform

A technology for connecting platforms and detection methods, applied in the field of network security, can solve problems such as low accuracy, non-compliance, and no page echoes, and achieve the effect of improving accuracy and efficiency and reducing the possibility of errors

Pending Publication Date: 2022-03-08
湖北天融信网络安全技术有限公司 +3
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the related technologies mentioned above, the inventor found that after some XXE vulnerabilities are successfully triggered, there is no echo on the page, and it is impossible to judge whether a high vulnerability exists by detecting the "reaction" of the HTTP response; and the code constructed by the traditional XXE vulnerability detection, Generally have the same file content or format, which may not match in the real environment, so the traditional XXE vulnerability detection method has great limitations and low accuracy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • XXE vulnerability detection method and system based on HTTP connection platform
  • XXE vulnerability detection method and system based on HTTP connection platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055]This specific embodiment is only an explanation of the application, and it is not a limitation of the application. Those skilled in the art can make modifications without creative contribution to this embodiment as required after reading this description, but as long as they are within the scope of the claims of the application are protected by patent law.

[0056] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an XXE vulnerability detection method and system based on an HTTP connection platform, and belongs to the technical field of network security, the XXE vulnerability detection method based on the HTTP connection platform comprises the following steps: obtaining injection information and sending the injection information to a target server, so that the target server accesses the HTTP connection platform; accessing an HTTP connection platform according to an HTTP protocol, and obtaining request information from the HTTP connection platform; and detecting the request information to obtain a detection result, and proving that the XXE vulnerability exists according to the detection result. The XXE vulnerability detection method and device have the effect of improving the accuracy of XXE vulnerability detection.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method and system for detecting XXE vulnerabilities based on an HTTP connection platform. Background technique [0002] With the development of the network, many WEB-based applications are favored by people for their powerful functions and practicability; many open source WEB frameworks are used by developers and applied to WEB application products; Yes, there are more and more vulnerabilities in these open source frameworks and WEB, which in turn makes attacks on WEB servers and WEB application vulnerabilities account for an increasing proportion of various attack events. [0003] Among them, XXE vulnerability is a kind of WEB vulnerability, which refers to the injection of XML external entities; while the traditional XXE vulnerability detection is that the scanning engine uses crawlers to find the possible injection points of vulnerabilities in the page to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L67/02G06F16/955
CPCH04L63/10H04L63/1433H04L67/02G06F16/9566
Inventor 杜嘉鹏
Owner 湖北天融信网络安全技术有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com