CN104573486A - Vulnerability detection method and device - Google Patents
Vulnerability detection method and device Download PDFInfo
- Publication number
- CN104573486A CN104573486A CN201310486303.4A CN201310486303A CN104573486A CN 104573486 A CN104573486 A CN 104573486A CN 201310486303 A CN201310486303 A CN 201310486303A CN 104573486 A CN104573486 A CN 104573486A
- Authority
- CN
- China
- Prior art keywords
- list
- page
- detected
- character string
- cookie
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a vulnerability detection method. The vulnerability detection method includes visiting a webpage to be detected, in the non-Cookie manner to acquire a first form; visiting the webpage to be detected, in the Cookie manner to acquire a second form; judging whether or not the first form and the second form are the same, if not, according to the second form, detecting whether or not a vulnerability occurs to the webpage to be detected. In this way, detection efficiency is improved. A vulnerability detection device is further provided.
Description
Technical field
The present invention relates to computer security technique field, particularly relate to a kind of leak detection method and device.
Background technology
All may there are some leaks in existing a lot of website, such as, CSRF(Cross-site requestforgery, forge across station request) be a kind of malicious exploitation to website, it makes hacker can pretend to be the identity of validated user, make validated user trigger as financial payment in unwitting situation, deliver the risky operation such as microblogging, and directly can cause worm, endanger huge.
Inventor finds at least there is following technical matters in prior art:
Traditional leak detection method is only supported simply to capture the form information that the page is submitted to, then modifies these data to determine whether there is leak by user artificially, inefficiency.
Summary of the invention
Based on this, be necessary for above-mentioned technical matters, a kind of leak detection method and the device that can improve detection efficiency are provided.
A kind of leak detection method, described method comprises:
Access the page to be detected in the mode not with Cookie, obtain the first list;
Access the described page to be detected in the mode of carrying Cookie, obtain the second list;
Judge that whether described first list is identical with the second list, if not identical, then detect the described page to be detected according to described second list and whether there is leak.
A kind of Hole Detection device, described device comprises:
First page access modules, for accessing the page to be detected in the mode not with Cookie, obtains the first list;
Second page access module, for accessing the described page to be detected in the mode of carrying Cookie, obtains the second list;
Whether list judge module is identical with the second list for judging described first list;
Hole Detection module, if not identical with the second list for described first list, then detect the described page to be detected according to described second list and whether there is leak.
Above-mentioned leak detection method and device, by carrying Cookie and not accessing the page to be detected with the mode that Cookie two kinds is different, obtain two lists, i.e. the first list and the second list, judge that whether the first list is identical with the second list further, if not identical, then detect the page to be detected according to the second list again and whether there is leak.Because the second list is the list that the mode of carrying Cookie accesses that the page to be detected obtains, content in this second list can be used in detecting the page and whether there is leak, and automatically conduct interviews according to two kinds of different modes when accessing the page to be detected, therefore, it is possible to automatically detect whether the page to be detected exists leak, relative to conventional art, detection efficiency can be improved.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of leak detection method in an embodiment;
Fig. 2 is the schematic flow sheet of leak detection method in another embodiment;
Fig. 3 is the schematic flow sheet of leak detection method in another embodiment;
Fig. 4 is the structured flowchart of Hole Detection device in an embodiment;
Fig. 5 is the structured flowchart of Hole Detection module in an embodiment;
Fig. 6 is the structured flowchart of Hole Detection module in another embodiment;
Fig. 7 is the module map of the computer system realizing the embodiment of the present invention.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
Unless context separately has the description of specific distinct, the element in the present invention and assembly, the form that quantity both can be single exists, and form that also can be multiple exists, and the present invention does not limit this.Although the step in the present invention arranges with label, and be not used in and limit the precedence of step, the order of step or the execution of certain step need based on other steps unless expressly stated, otherwise the relative rank of step is adjustable.Be appreciated that term "and/or" used herein relates to and contains the one or more any and all possible combination in the Listed Items be associated.
As shown in Figure 1, in one embodiment, provide a kind of leak detection method, the method be applied to run various browser terminal in be illustrated, these terminals include but not limited to desk-top computer, smart mobile phone, personal digital assistant, panel computer and laptop portable computer etc., and the method comprises:
Step 102, accesses the page to be detected in the mode not with Cookie, obtains the first list.
Step 104, accesses the described page to be detected in the mode of carrying Cookie, obtains the second list.
Concrete, store a large amount of network address to be detected in a database, these pages corresponding to network address to be detected are the page to be detected.Terminal can run various browser, by the browser access page to be detected.Accessing the page to be detected in the mode not with Cookie to be when accessing the page to be detected, not carrying the information in Cookie, then obtain not comprising the information obtained from Cookie in the html document that server returns; And be with the mode access detection page carrying Cookie and carry information in Cookie when accessing the page to be detected, such as obtain the log-on message in Cookie, the page to be detected is logged according to this log-on message, then obtain can comprising the information obtained from Cookie, as the log-on message of user in the html document that server returns.Terminal accesses the page to be detected by these two kinds of modes, obtains the HTML(HTML (Hypertext Markup Language) that server returns) document, thus list content can be extracted from the html document returned.
Step 106, judges that whether the first list is identical with the second list, if so, then terminates, otherwise enter step 108.
Step 108, detects the page to be detected according to the second list and whether there is leak.
In step 106, by detecting, whether the first list and the character string in the second list be identical judges that whether the first list is identical with the second list, if identical, then illustrate to there is not leak, directly terminates.If not identical, because the second list is the list that the mode of carrying Cookie accesses that the page to be detected obtains, namely also the second list make use of the list that Cookie obtains, content in this second list can be used in detecting the page and whether there is leak, preferably, can be used for detecting in the page whether there is CSRF leak.In the present embodiment, owing to automatically conducting interviews according to two kinds of different modes when accessing the page to be detected, therefore, it is possible to automatically detect whether the page to be detected exists leak, relative to conventional art, detection efficiency can be improved.
In one embodiment, as shown in Figure 2, provide a kind of leak detection method, comprising:
Step 202, accesses the page to be detected in the mode not with Cookie, obtains the first list, and accesses the described page to be detected in the mode of carrying Cookie, obtains the second list.
In one embodiment, the page to be detected is accessed in the mode not with Cookie, obtain the first list, comprise: access the page to be detected in the mode not with Cookie and obtain the first html document, extract the content between the form tags (</form>) in the first html document, obtain the first list.The described page to be detected is accessed in the mode of carrying Cookie, obtain the second list to comprise: obtain the log-on message in Cookie, log in the page to be detected according to log-on message and obtain the second html document, extract the content between the form tags in the second html document, obtain the second list.
Step 204, judges that whether the first list is identical with the second list, if so, then terminates, otherwise enter step 206.
As mentioned above, can detect the first list whether identical with the character string in the second list, if identical, then the first list is identical with the second list.
Step 206, judges whether there is default susceptibility character string in the second list, if there is no, then terminate, otherwise enter step 208.
Step 208, detects that the page to be detected exists leak.
Susceptibility character string can be the character string be set in advance in white list, and this character string identification goes out the second list may exist susceptibility, there is the susceptibility character string comprised in the page of leak in a large number obtain by adding up.In one embodiment, to detect CSRF leak, the susceptibility character string in white list comprises at least one in the character string representing and preserve, revise and submit to.
In the present embodiment, when judgement first list and the second list are not identical, then detect in the second list the susceptibility character string whether existed in white list, if there is no, illustrate that this page to be detected unlikely exists leak, directly terminate.If existed, then illustrate that this page to be detected probably exists leak, output detections result, this testing result comprises leak printed words and corresponding network address.
Because the second list make use of Cookie to access the page to be detected and the list obtained, susceptibility character string whether is there is by the content detected in the second list, effectively can detect whether the page to be detected exists leak, whole process automatically performs when accessing the page to be detected, detection efficiency can be improved, the accuracy detected can be ensured again, thus reduce rate of false alarm.
In another embodiment, as shown in Figure 3, provide a kind of leak detection method, comprising:
Step 302, accesses the page to be detected in the mode not with Cookie, obtains the first list, and the mode of carrying Cookie accesses the described page to be detected, obtains the second list.
Described above about the process how obtaining the first list and the second list, then repeat no more at this.
Step 304, judges that whether the first list is identical with the second list, if so, then terminates, otherwise enter step 306.
Step 306, judges whether there are verification printed words in the second list, if existed, then terminates, otherwise enters step 308.
Verification printed words are the character string of the mark verification pre-set.In one embodiment, to detect CSRF leak, verification printed words include but not limited to the printed words such as token, g_tk and sid, obtain by adding up a large amount of pages.Exist verification printed words the page to be detected then think have may be greatly CSRF defence, when in the second list exist verification printed words, then directly terminate, namely judge that the page to be detected does not exist CSRF leak.Like this, the accuracy of detection can be improved, reduce rate of false alarm further.
Step 308, judges whether there is default non-sensibility character string in the second list, if existed, then terminates, otherwise enters step 310.
Non-sensibility character string can be the character string be set in advance in blacklist, and this character string identification goes out the second list and there is not susceptibility, obtains by adding up a large amount of non-sensibility character strings comprised in the page of CSRF leak that do not exist.In one embodiment, to detect CSRF leak, the non-sensibility character string in blacklist comprises at least one in the character string representing search and login.
In the present embodiment, by first detecting in the second list whether there is non-sensibility character string, when there is non-sensibility character string, illustrate that this page to be detected has and may not there is susceptibility greatly, then directly terminate, namely judge that the page to be detected does not exist leak, like this, rate of false alarm can be reduced further.
Step 310, judges whether there is default susceptibility character string in the second list, if existed, then enters step 312, otherwise terminates.
Step 312, detects that the page to be detected exists leak.
In the present embodiment, when judgement first list and the second list are not identical, then detect in the second list and whether there are verification printed words, when there are not verification printed words in the second list, detect in the second list whether there is non-sensibility character string further again, when there is not non-sensibility character string in the second list, detect in the second list whether there is susceptibility character string further again, now, if there is susceptibility character string in the second list, then illustrate that this page to be detected probably exists leak, output detections result.To detect CSRF leak, this testing result comprises CSRF leak printed words and corresponding network address.Such as, the testing result of output is:
csrf_leak:http://event.t.qq.com:80/asyn/submit.php
Represent that the network address of this correspondence exists CSRF leak.
In the present embodiment, owing to having filtered out the situation that greatly may not there is leak before judging whether there is susceptibility character string in the second list, and whole process automatically performs when accessing the page to be detected, therefore both detection efficiency is improved, the accuracy of detection can be improved again, thus reduce rate of false alarm.
As shown in Figure 4, in one embodiment, provide a kind of Hole Detection device, comprising:
First page access modules 402, for accessing the page to be detected in the mode not with Cookie, obtains the first list.
Second page access module 404, for accessing the described page to be detected in the mode of carrying Cookie, obtains the second list.
List judge module 406, for judging that whether the first list is identical with the second list.
Hole Detection module 408, if not identical with the second list for the first list, then detect the page to be detected according to the second list and whether there is leak.
In one embodiment, first page access modules 402 obtains the first html document for accessing the page to be detected in the mode not with Cookie, extract the content between the form tags (</form>) in the first html document, obtain the first list.Second page access module 404, for obtaining the log-on message in Cookie, logs in the page to be detected according to log-on message and obtains the second html document, extract the content between the form tags in the second html document, obtain the second list.
Concrete, whether list judge module 406 can detect the first list identical with the character string in the second list, if identical, then the first list is identical with the second list.
In one embodiment, as shown in Figure 5, Hole Detection module 408 comprises:
Whether responsive character detection module 418, existing default susceptibility character string for judging, if there is no, then detecting that the page to be detected exists leak in the second list.
Susceptibility character string can be the character string be set in advance in white list, and this character string identification goes out the second list may exist susceptibility, there is the susceptibility character string comprised in the page of leak in a large number obtain by adding up.In one embodiment, to detect CSRF leak, the susceptibility character string in white list comprises at least one in the character string representing and preserve, revise and submit to.
In another embodiment, as shown in Figure 6, Hole Detection module 408, except comprising responsive character detection module 418, also comprises:
Verification printed words detection module 428, for judging whether there are verification printed words in the second list, if there is no, then notifies non-sensibility character machining module 438 judges whether there is default non-sensibility character string in the second list.
Verification printed words are the character string of the mark verification pre-set.In one embodiment, to detect CSRF leak, verification printed words include but not limited to the printed words such as token, g_tk and sid, obtain by adding up a large amount of pages.In the present embodiment, verification printed words detection module 428 is for when the first list and the second list are not identical, judge whether there are verification printed words in the second list, exist verification printed words the page to be detected then think have may be greatly CSRF defence, when there are verification printed words in the second list, then verify printed words detection module 428 and judge that the page to be detected does not exist CSRF leak.
Whether non-sensitive character machining module 438, exist default non-sensibility character string for judging in the second list, if there is no, then notify that responsive character detection module 418 judges whether to there is default susceptibility character string in the second list.
Non-sensibility character string can be the character string be set in advance in blacklist, and this character string identification goes out the second list and there is not susceptibility, obtains by adding up a large amount of non-sensibility character strings comprised in the page of leak that do not exist.In one embodiment, to detect CSRF leak, the non-sensibility character string in blacklist comprises at least one in the character string representing search and login.
In the present embodiment, when responsive character detection module 418 for not existing default non-sensibility character string in the second list, then judging in the second list, whether to there is default susceptibility character string, if existed, then detecting the page to be detected and there is leak.
In the present embodiment, responsive character detection module 418 is for detecting in the second list there are not verification printed words at detection module 428 of checking character, and non-sensibility character machining module 438 the second coin detected but in when there is not non-sensibility character string, judge whether there is susceptibility character string in the second list again, if existed, then output detections result, these testing result leak printed words and corresponding network address.
Fig. 7 is the module map of a computer system 1000 that can realize the embodiment of the present invention.This computer system 1000 is an example being applicable to computer environment of the present invention, can not think to propose any restriction to usable range of the present invention.Computer system 1000 can not be interpreted as the combination needing the one or more parts depending on or have in illustrated exemplary computer system 1000.
Computer system 1000 shown in Fig. 7 is the examples being suitable for computer system of the present invention.Other framework with different sub-systems configuration also can use.
As shown in Figure 7, computer system 1000 comprises processor 1010, storer 1020 and system bus 1022.The various system components comprising storer 1020 and processor 1010 are connected on system bus 1022.Processor 1010 is the hardware being used for being performed by arithmetic sum logical operation basic in computer system computer program instructions.Storer 1020 be one for storing the physical equipment of calculation procedure or data (such as, program state information) temporarily or permanently.System bus 1020 can be any one in the bus structure of following several types, comprises memory bus or memory controller, peripheral bus and local bus.Processor 1010 and storer 1020 can carry out data communication by system bus 1022.Wherein storer 1020 comprises ROM (read-only memory) (ROM) or flash memory (all not shown in figure), and random-access memory (ram), and RAM typically refers to the primary memory being loaded with operating system and application program.
Computer system 1000 also comprises display interface 1030(such as, Graphics Processing Unit), display device 1040(such as, liquid crystal display), audio interface 1050(such as, sound card) and audio frequency apparatus 1060(such as, loudspeaker).Display device 1040 and audio frequency apparatus 1060 are the media devices for experiencing content of multimedia.
Computer system 1000 generally comprises a memory device 1070.Memory device 1070 can be selected from multiple computer-readable medium, and computer-readable medium refers to any available medium can accessed by computer system 1000, that comprise movement and fixing two media.Such as, computer-readable medium includes but not limited to, flash memory (miniature SD card), CD-ROM, digital versatile disc (DVD) or other optical disc storage, tape cassete, tape, disk storage or other magnetic storage apparatus, or can be used for storing information needed and other medium any can accessed by computer system 1000.
Computer system 1000 also comprises input media 1080 and input interface 1090(such as, I/O controller).User can pass through input media 1080, and as the touch panel equipment in keyboard, mouse, display device 1040, input instruction and information are in computer system 1000.Input media 1080 is normally connected on system bus 1022 by input interface 1090, but also can be connected by other interface or bus structure, as USB (universal serial bus) (USB).
Computer system 1000 can be carried out logic with one or more network equipment in a network environment and is connected.The network equipment can be PC, server, router, smart phone, panel computer or other common network node.Computer system 1000 is connected with the network equipment by Local Area Network interface 1100 or mobile comm unit 1110.Local Area Network refers in limited area, such as family, school, computer laboratory or use the office building of the network media, the computer network of interconnected composition.WiFi and twisted-pair feeder wiring Ethernet are two kinds of technology of the most frequently used structure LAN (Local Area Network).WiFi is a kind of technology that can make computer system 1000 swapping data or be connected to wireless network by radiowave.Mobile comm unit 1110 can be answered by radio communication diagram while movement and call in a wide geographic area.Except call, mobile comm unit 1110 is also supported in the 2G providing mobile data service, carries out internet access in 3G or 4G cellular communication system.
As described in detail, be applicable to the assigned operation that computer system 1000 of the present invention can perform leak detection method above.The form of the software instruction that computer system 1000 is operated in computer-readable medium by processor 1010 performs these operations.These software instructions can be read into storer 1020 from memory device 1070 or by lan interfaces 1100 from another equipment.The software instruction be stored in storer 1020 makes processor 1010 perform above-mentioned leak detection method.In addition, also the present invention can be realized equally by hardware circuit or hardware circuit in conjunction with software instruction.Therefore, the combination that the present invention is not limited to any specific hardware circuit and software is realized.
The above embodiment only have expressed several embodiment of the present invention, and it describes comparatively concrete and detailed, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be as the criterion with claims.
Claims (10)
1. a leak detection method, described method comprises:
Access the page to be detected in the mode not with Cookie, obtain the first list;
Access the described page to be detected in the mode of carrying Cookie, obtain the second list;
Judge that whether described first list is identical with the second list, if not identical, then detect the described page to be detected according to described second list and whether there is leak.
2. method according to claim 1, is characterized in that, whether described exist leak according to the described page to be detected of the second list detection, comprising:
Judge whether there is default susceptibility character string in described second list, if existed, then detect that the described page to be detected exists leak.
3. method according to claim 2, is characterized in that, described judge whether to exist in the second list the step of the character string in default white list before, also comprise:
Judge whether there is default non-sensibility character string in described second list, if there is no, then enter the described step judging whether to exist in the second list default susceptibility character string.
4. method according to claim 3, is characterized in that, described judge whether to exist in the second list the step of default non-sensibility character string before, also comprise:
Judge whether there are verification printed words in described second list, if there is no, then enter the described step judging whether to exist in the second list default non-sensibility character string.
5. method according to claim 1, it is characterized in that, describedly access the page to be detected in the mode not with Cookie, the step obtaining the first list comprises: access the page to be detected in the mode not with Cookie and obtain the first html document, extract the content between the form tags in described first html document, obtain the first list;
Describedly access the page to be detected in the mode of carrying Cookie, the step obtaining the second list comprises: obtain the log-on message in Cookie, log in the described page to be detected according to described log-on message and obtain the second html document, extract the content between the form tags in described second html document, obtain the second list.
6. a Hole Detection device, is characterized in that, described device comprises:
First page access modules, for accessing the page to be detected in the mode not with Cookie, obtains the first list;
Second page access module, for accessing the described page to be detected in the mode of carrying Cookie, obtains the second list;
Whether list judge module is identical with the second list for judging described first list;
Hole Detection module, if not identical with the second list for described first list, then detect the described page to be detected according to described second list and whether there is leak.
7. device according to claim 6, is characterized in that, described Hole Detection module comprises:
Responsive character detection module, for judging whether there is default susceptibility character string in described second list, if existed, then detects that the described page to be detected exists leak.
8. device according to claim 7, is characterized in that, described Hole Detection module also comprises:
Whether non-sensitive character machining module, exist default non-sensibility character string for judging in the second list, if there is no, then notify that described responsive character detection module judges whether there is default susceptibility character string in described second list.
9. device according to claim 8, is characterized in that, described Hole Detection module also comprises:
Verification printed words detection module, for judging whether there are verification printed words in described second list, if there is no, then notifies that described non-sensitive character machining module judges whether there is default non-sensibility character string in described second list.
10. device according to claim 6, it is characterized in that, described first page access modules is used for accessing the page to be detected in the mode not with Cookie and obtains the first html document, extracts the content between the form tags in described first html document, obtains the first list;
Described second page access module, for obtaining the log-on message in Cookie, logs in the described page to be detected according to described log-on message and obtains the second html document, extract the content between the form tags in described second html document, obtain the second list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310486303.4A CN104573486B (en) | 2013-10-16 | 2013-10-16 | leak detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310486303.4A CN104573486B (en) | 2013-10-16 | 2013-10-16 | leak detection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104573486A true CN104573486A (en) | 2015-04-29 |
| CN104573486B CN104573486B (en) | 2018-09-28 |
Family
ID=53089526
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310486303.4A Active CN104573486B (en) | 2013-10-16 | 2013-10-16 | leak detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104573486B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104753730A (en) * | 2013-12-30 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Vulnerability detection method and device |
| CN107294919A (en) * | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | A kind of detection method and device of horizontal authority leak |
| CN108197467A (en) * | 2018-01-11 | 2018-06-22 | 郑州云海信息技术有限公司 | A kind of automated detection method and system of CSRF loopholes |
| CN110113366A (en) * | 2019-06-24 | 2019-08-09 | 深圳前海微众银行股份有限公司 | A kind of detection method and device of CSRF loophole |
| CN110995684A (en) * | 2019-11-26 | 2020-04-10 | 西安四叶草信息技术有限公司 | Vulnerability detection method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1558605A (en) * | 2004-01-19 | 2004-12-29 | 上海交通大学 | Method for realizing loophole scanning |
| CN101540734A (en) * | 2008-03-21 | 2009-09-23 | 阿里巴巴集团控股有限公司 | Method, system and device for accessing Cookie by crossing domain names |
| CN101668045A (en) * | 2009-09-29 | 2010-03-10 | 成都市华为赛门铁克科技有限公司 | Information processing method and information processing server |
| CN101751530A (en) * | 2009-12-29 | 2010-06-23 | 成都市华为赛门铁克科技有限公司 | Method for detecting loophole aggressive behavior and device |
| CN101902495A (en) * | 2009-12-17 | 2010-12-01 | 亿赞普(北京)科技有限公司 | Homepage pushing method capable of penetrating through private network, gateway and proxy |
| CN102594796A (en) * | 2011-12-27 | 2012-07-18 | 中兴通讯股份有限公司 | Terminal device and user information synchronization method |
| CN103679018A (en) * | 2012-09-06 | 2014-03-26 | 百度在线网络技术(北京)有限公司 | Method and device for detecting CSRF loophole |
-
2013
- 2013-10-16 CN CN201310486303.4A patent/CN104573486B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1558605A (en) * | 2004-01-19 | 2004-12-29 | 上海交通大学 | Method for realizing loophole scanning |
| CN101540734A (en) * | 2008-03-21 | 2009-09-23 | 阿里巴巴集团控股有限公司 | Method, system and device for accessing Cookie by crossing domain names |
| US20100198911A1 (en) * | 2008-03-21 | 2010-08-05 | Alibaba Group Holding Limited | Web Access Using Cross-Domain Cookies |
| CN101668045A (en) * | 2009-09-29 | 2010-03-10 | 成都市华为赛门铁克科技有限公司 | Information processing method and information processing server |
| CN101902495A (en) * | 2009-12-17 | 2010-12-01 | 亿赞普(北京)科技有限公司 | Homepage pushing method capable of penetrating through private network, gateway and proxy |
| CN101751530A (en) * | 2009-12-29 | 2010-06-23 | 成都市华为赛门铁克科技有限公司 | Method for detecting loophole aggressive behavior and device |
| CN102594796A (en) * | 2011-12-27 | 2012-07-18 | 中兴通讯股份有限公司 | Terminal device and user information synchronization method |
| CN103679018A (en) * | 2012-09-06 | 2014-03-26 | 百度在线网络技术(北京)有限公司 | Method and device for detecting CSRF loophole |
Non-Patent Citations (2)
| Title |
|---|
| 朱远文 等: ""基于Cookie的安全防护技术研究 "", 《信息网络安全》 * |
| 王强 等: ""基于渗透测试的跨站脚本漏洞检测方法研究 "", 《计算机技术与发展 》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104753730A (en) * | 2013-12-30 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Vulnerability detection method and device |
| CN104753730B (en) * | 2013-12-30 | 2019-01-08 | 腾讯科技(深圳)有限公司 | A kind of method and device of Hole Detection |
| CN107294919A (en) * | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | A kind of detection method and device of horizontal authority leak |
| CN108197467A (en) * | 2018-01-11 | 2018-06-22 | 郑州云海信息技术有限公司 | A kind of automated detection method and system of CSRF loopholes |
| CN110113366A (en) * | 2019-06-24 | 2019-08-09 | 深圳前海微众银行股份有限公司 | A kind of detection method and device of CSRF loophole |
| CN110113366B (en) * | 2019-06-24 | 2022-12-27 | 深圳前海微众银行股份有限公司 | CSRF vulnerability detection method and device, computing device and storage medium |
| CN110995684A (en) * | 2019-11-26 | 2020-04-10 | 西安四叶草信息技术有限公司 | Vulnerability detection method and device |
| CN110995684B (en) * | 2019-11-26 | 2022-06-28 | 西安四叶草信息技术有限公司 | Vulnerability detection method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104573486B (en) | 2018-09-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10484424B2 (en) | Method and system for security protection of account information | |
| CN104685510B (en) | Recognition application whether be rogue program method, system and storage medium | |
| US10333972B2 (en) | Method and apparatus for detecting hidden content of web page | |
| US10740411B2 (en) | Determining repeat website users via browser uniqueness tracking | |
| KR102355973B1 (en) | Apparatus and method for detecting smishing message | |
| CN112738102B (en) | Asset identification method, device, equipment and storage medium | |
| JP2014510353A (en) | Risk detection processing method and apparatus for website address | |
| CN104866770B (en) | Sensitive data scanning method and system | |
| CN104125258A (en) | Page Jump method, terminal, server and system | |
| US8407766B1 (en) | Method and apparatus for monitoring sensitive data on a computer network | |
| CN111711617A (en) | Method and device for detecting web crawler, electronic equipment and storage medium | |
| CN104573486B (en) | leak detection method and device | |
| CN114095567B (en) | Data access request processing method and device, computer equipment and medium | |
| US20190222587A1 (en) | System and method for detection of attacks in a computer network using deception elements | |
| CN109672658B (en) | JSON hijacking vulnerability detection method, device, equipment and storage medium | |
| CN103973635A (en) | Page access control method, and related device and system | |
| CN104580108A (en) | Information prompting method and system as well as server | |
| CN104980404A (en) | Method and system for protecting account information security | |
| CN104834588A (en) | Permanent residence cross site script vulnerability detection method and apparatus | |
| CN114157568B (en) | Browser secure access method, device, equipment and storage medium | |
| CN113472798B (en) | Method, device, equipment and medium for backtracking and analyzing network data packet | |
| CN113362173A (en) | Anti-duplication mechanism verification method, anti-duplication mechanism verification system, electronic equipment and storage medium | |
| WO2017016458A1 (en) | Application internal page processing method and device | |
| CN102801740A (en) | Trojan horse virus prevention method and equipment | |
| CN110875919B (en) | Network threat detection method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |