CN114547590A - Code detection method, device and non-transitory computer readable storage medium - Google Patents
Code detection method, device and non-transitory computer readable storage medium Download PDFInfo
- Publication number
- CN114547590A CN114547590A CN202011337274.1A CN202011337274A CN114547590A CN 114547590 A CN114547590 A CN 114547590A CN 202011337274 A CN202011337274 A CN 202011337274A CN 114547590 A CN114547590 A CN 114547590A
- Authority
- CN
- China
- Prior art keywords
- parameter
- code
- connection
- password
- hard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The disclosure provides a code detection method, a code detection device and a non-transitory computer readable storage medium, and relates to the technical field of computers. The code detection method comprises the following steps: identifying functions and parameters in the code; searching connection parameters for calling network functions and definition parameters of the connection parameters from the parameters, wherein the functions comprise the network functions; searching a parameter processing function which processes the defined parameter into a connection parameter from the function, wherein the function comprises the parameter processing function; judging whether the connection parameter is a hard coded password or not according to the parameter processing function and the definition parameter; in the case where the connection parameter is a hard-coded password, a detection report for detecting the hard-coded password in the code is output. The method and the device can more accurately and efficiently detect the hard coded password in the code.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a code detection method and apparatus, and a non-transitory computer-readable storage medium.
Background
And encrypting the password by adopting a hard coding mode in the program to obtain the hard coded password.
Hard coded encryption means that a person with code authority can view the hard coded password and can also view the hard coded password by decompiling the code. Once the vulnerability of the hard-coded encryption is exploited, it causes security problems that are difficult to correct.
Disclosure of Invention
The technical problem solved by the present disclosure is how to more accurately and efficiently detect the hard coded password in the code.
According to an aspect of the present disclosure, there is provided a code detection method including: identifying functions and parameters in the code; searching connection parameters for calling network functions and definition parameters of the connection parameters from the parameters, wherein the functions comprise the network functions; searching a parameter processing function which processes the defined parameter into a connection parameter from the function, wherein the function comprises the parameter processing function; judging whether the connection parameter is a hard coded password or not according to the parameter processing function and the definition parameter; in the case where the connection parameter is a hard-coded password, a detection report for detecting the hard-coded password in the code is output.
In some embodiments, outputting a detection report that detects a hard-coded password in the code comprises: judging whether the codes are confused; if the code is not confused, outputting a connection parameter and reporting that a hard coded password is detected in the code; if the code is confused, the code is matched by using the password keyword, the parameter matched with the password keyword in the code is output, and the detection of the hard coded password in the code is reported.
In some embodiments, determining whether the connection parameter is a hard-coded password according to the parameter processing function and the definition parameter includes: if the defined parameter is different from the connection parameter after the processing of the parameter processing function, the connection parameter is not a hard coded password; if the defined parameter is the same as the connection parameter after the processing of the parameter processing function, or the parameter processing function is not found, the connection parameter is a hard coded password.
In some embodiments, the code detection method further comprises: under the condition that the connection parameter is not a hard coded password, judging whether the parameter processing function utilizes the encryption parameter to process the defined parameter into the connection parameter or not; if the parameter processing function processes the defined parameter into a connection parameter by using the encryption parameter, reporting that a strong processing password is detected in the code; if the parameter handling function does not handle the defined parameter as a connection parameter using the encrypted parameter, it reports that a weakly processed password is detected in the code.
In some embodiments, the code detection method further comprises: determining the file type of the file; preloading codes in the file under the condition that the file type is a non-binary file; and under the condition that the file type is a binary file, performing reverse processing on the file, and preloading codes in the file after the reverse processing.
According to another aspect of the present disclosure, there is provided a code detecting apparatus including: a code identification module configured to identify functions and parameters in a code; the parameter searching module is configured to search the connection parameters for calling the network function and the definition parameters of the connection parameters from the parameters, wherein the function comprises the network function; a function search module configured to search a parameter processing function that processes the defined parameter as the connection parameter from among functions, the functions including the parameter processing function; the hard coding judgment module is configured to judge whether the connection parameter is a hard coding password according to the parameter processing function and the definition parameter; a report output module configured to output a detection report for detecting the hard-coded password in the code, in case that the connection parameter is the hard-coded password.
In some embodiments, the report output module is configured to: judging whether the codes are confused; if the code is not confused, outputting a connection parameter and reporting that a hard coded password is detected in the code; if the code is confused, the code is matched by using the password keyword, the parameter matched with the password keyword in the code is output, and the detection of the hard coded password in the code is reported.
In some embodiments, the hard-coded determination module is configured to: if the defined parameter is different from the connection parameter after the processing of the parameter processing function, the connection parameter is not a hard coded password; if the defined parameter is the same as the connection parameter after the processing of the parameter processing function, or the parameter processing function is not found, the connection parameter is a hard coded password.
In some embodiments, the code detection apparatus further comprises a function determination module configured to: under the condition that the connection parameter is not a hard coded password, judging whether the parameter processing function utilizes the encryption parameter to process the defined parameter into the connection parameter or not; the report output module is further configured to: if the parameter processing function processes the defined parameter into a connection parameter by using the encryption parameter, reporting that a strong processing password is detected in the code; if the parameter handling function does not handle the defined parameter as a connection parameter using the encrypted parameter, it reports that a weakly processed password is detected in the code.
In some embodiments, the code detection apparatus further comprises a code preloading module configured to: determining the file type of the file; preloading codes in the file under the condition that the file type is a non-binary file; and under the condition that the file type is a binary file, performing reverse processing on the file, and preloading codes in the file after the reverse processing.
According to still another aspect of the present disclosure, there is provided still another code detecting apparatus including: a memory; and a processor coupled to the memory, the processor configured to perform the aforementioned code detection method based on instructions stored in the memory.
According to yet another aspect of the present disclosure, a non-transitory computer-readable storage medium is provided, wherein the non-transitory computer-readable storage medium stores computer instructions that, when executed by a processor, implement the aforementioned code detection method.
The method and the device can more accurately and efficiently detect the hard coded password in the code.
Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or technical solutions in the related art, the drawings required to be used in the description of the embodiments or the related art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and for those skilled in the art, other drawings may be obtained according to the drawings without inventive exercise.
Fig. 1 illustrates a flow diagram of a code detection method of some embodiments of the present disclosure.
FIG. 2 illustrates a flow diagram of some embodiments for outputting a detection report for detecting a hard-coded password in a code.
Fig. 3 shows a schematic structural diagram of a code detection apparatus according to some embodiments of the present disclosure.
Fig. 4 is a schematic structural diagram of a code detection apparatus according to other embodiments of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
The inventor researches and discovers that if a code is searched for a password keyword (such as password, pass, pwd, jdbc and the like) to detect whether a hard coded password exists in the code, the detection accuracy is low and the detection efficiency is low, and a worker needs to perform manual secondary confirmation. The reason for low detection accuracy rate is mainly divided into two aspects, on one hand, a named field which is the same as a password keyword may exist in a code, but the field is not a password actually; on the other hand, the code may directly use the password without using the password keyword to represent the password. The reason for the low detection efficiency is that character matching is required among all codes when searching for a password keyword. In view of the above, the present invention provides a code detection method, which can detect a hard coded password in a code more accurately and efficiently.
Some embodiments of the disclosed code detection method are described below in conjunction with fig. 1.
Fig. 1 illustrates a flow diagram of a code detection method of some embodiments of the present disclosure. As shown in fig. 1, the code detection method includes steps S101 to S109. The steps S101 to S104 are preparation stages, and the steps S105 to S109 are detection stages.
(preparatory stage)
In step S101, the file type of the file is determined.
The file types of the file include a binary type and a non-binary type. The file type of the file may be determined from a file name suffix of the file, e.g., the file with a file name suffix of.bin is a binary file. The file type of the file may also be determined from the magic number of the file, e.g., the first four bytes of the file output by the linux command line are 7f45, and the file is a binary file.
In the case where the file type is a non-binary file, step S102 is executed. In step S102, the code in the file is preloaded.
When the file type is a binary file, step S103 to step S104 are executed. In step S103, the file is subjected to reverse processing, for example, by using a reverse tool such as IDA (Interactive disassembly program) software. In step S104, the code in the reverse processed file is preloaded.
(detection stage)
In step S105, functions and parameters in the code are identified.
After identifying functions and parameters in the code, the code may be abstracted into a syntax tree.
In step S106, the connection parameters calling the network function and the definition parameters of the connection parameters are searched for from the parameters.
The functions in the code include network functions. For example, when a socket connection is established in the code, a function in a socket library is called, and the function in the socket library belongs to a network function. Then, by detecting a connection call to the network function, or by detecting a keyword such as "connect" in the code, the connection parameter calling the network function can be found. Let the connection parameter be b, and the definition parameter of the connection parameter b be a. It will be understood by those skilled in the art that the actual number of connection parameters may be plural, and for ease of describing the technical solution, the explanation herein is made from the perspective of a single connection parameter.
In step S107, a parameter processing function that processes the definition parameter as the connection parameter is searched for from the functions.
Those skilled in the art will appreciate that the functions in the code include parametric processing functions.
In step S108, it is determined whether the connection parameter is a hard coded password according to the parameter processing function and the definition parameter.
If the defined parameter is different from the connection parameter after the processing of the parameter processing function, the connection parameter is not a hard coded password; if the defined parameter is the same as the connection parameter after the processing of the parameter processing function, or the parameter processing function is not found, the connection parameter is a hard coded password.
In the case where the connection parameter is a hard-coded password, step S109 is executed. In step S109, a detection report that the hard-coded password is detected in the code is output.
The above embodiments are applicable to white box testing as well as grey box testing scenarios. After the codes are preloaded, the hard coded passwords in the codes can be detected more accurately and efficiently by identifying, searching and judging functions and parameters in the codes, and the problems that the false alarm rate is high, the missing report rate is high, the detection efficiency is low and workers are required to perform manual secondary confirmation when the hard coded passwords are detected in the traditional code detection method are solved.
In some embodiments, the code detection method further includes steps S110 to S112.
In the case where the connection parameter is not a hard-coded password, step S110 is performed. In step S110, it is determined whether the parameter processing function processes the defined parameter as the connection parameter using the encryption parameter.
If the parameter processing function processes the defined parameter as the connection parameter by using the encryption parameter, step S111 is performed. In step S111, the detection of a strong processing password in the code is reported.
In the case where the parameter processing function processes the definition parameter into the connection parameter by using the encryption parameter, the connection parameter cannot be obtained by performing a simple processing operation on the definition parameter, and it is determined that the strong processing password exists in the code at this time.
If the parameter processing function does not process the defined parameter into the connection parameter by using the encrypted parameter, step S112 is performed. In step S112, the detection of the weak processing password in the code is reported.
In the case where the parameter processing function does not process the definition parameter as the connection parameter using the encryption parameter, the connection parameter can be obtained by performing a simple processing operation on the definition parameter, at which time it is determined that the weakly processed password exists in the code.
The embodiments can not only accurately and efficiently detect the hard coded password in the code, but also detect the weak processing password and the strong processing password in the code.
Some embodiments of outputting a detection report for detecting a hard-coded password in a code are described below in conjunction with fig. 2.
FIG. 2 illustrates a flow diagram of some embodiments for outputting a detection report for detecting a hard-coded password in a code. As shown in fig. 2, the method includes steps S2091 to S2094.
In step S2091, it is determined whether the code is obfuscated.
In obfuscated codes, the parameters and functions are in forms that are not readable, such as "C", "D", etc.
If the code is not obfuscated, go to step S2092. In step S2092, the connection parameter is output and the detection of the hard-coded password in the code is reported.
If the code is obfuscated, go to step S2093. In step S2093, the code is matched using a cryptographic key (e.g., password, pass, pwd, jdbc, etc.), parameters in the code matching the cryptographic key are output, and detection of a hard-coded password in the code is reported. Those skilled in the art will appreciate that if no parameter matching the key of the password is present in the code, indicating that the password is difficult to detect from the code, the security of the code is high.
If a hard-coded password exists in the code, the embodiment can detect the hard-coded password from the code and output a detection report for detecting the hard-coded password in the code, regardless of whether the code is obfuscated or not.
Some embodiments of the disclosed code detection apparatus are described below in conjunction with fig. 3.
Fig. 3 shows a schematic structural diagram of a code detection apparatus according to some embodiments of the present disclosure. As shown in fig. 3, the code detection apparatus 30 includes: a code identification module 301 configured to identify functions and parameters in a code; a parameter searching module 302 configured to search the parameters for a connection parameter calling a network function and a definition parameter of the connection parameter, wherein the function includes the network function; a function search module 303 configured to search a parameter processing function that processes the defined parameter into the connection parameter from the functions, the function including the parameter processing function; a hard code determining module 304 configured to determine whether the connection parameter is a hard code password according to the parameter processing function and the definition parameter; a report output module 305 configured to output a detection report for detecting the hard-coded password in the code, in case that the connection parameter is the hard-coded password.
In some embodiments, the code detection apparatus 30 further comprises a code preloading module 300 configured to: determining the file type of the file; preloading codes in the file under the condition that the file type is a non-binary file; and under the condition that the file type is a binary file, performing reverse processing on the file, and preloading codes in the file after the reverse processing.
In some embodiments, the hard-coded determination module 304 is configured to: if the defined parameter is different from the connection parameter after the processing of the parameter processing function, the connection parameter is not a hard coded password; if the defined parameter is the same as the connection parameter after the processing of the parameter processing function, or the parameter processing function is not found, the connection parameter is a hard coded password.
The above embodiments are applicable to white box testing as well as grey box testing scenarios. After the codes are preloaded, the hard coded passwords in the codes can be detected more accurately and efficiently by identifying, searching and judging functions and parameters in the codes, and the problems that the false alarm rate is high, the missing report rate is high, the detection efficiency is low and workers are required to perform manual secondary confirmation when the hard coded passwords are detected in the traditional code detection method are solved.
In some embodiments, the report output module 305 is configured to: judging whether the codes are confused; if the code is not confused, outputting a connection parameter and reporting that a hard coded password is detected in the code; if the code is confused, the code is matched by using the password keyword, the parameter matched with the password keyword in the code is output, and the detection of the hard coded password in the code is reported.
If a hard-coded password exists in the code, the embodiment can detect the hard-coded password from the code and output a detection report for detecting the hard-coded password in the code, regardless of whether the code is obfuscated or not.
In some embodiments, the code detection apparatus 30 further includes a function determination module 306 configured to: under the condition that the connection parameter is not a hard coded password, judging whether the parameter processing function utilizes the encryption parameter to process the defined parameter into the connection parameter or not; the report output module 305 is further configured to: if the parameter processing function processes the defined parameter into a connection parameter by using the encryption parameter, reporting that a strong processing password is detected in the code; if the parameter handling function does not handle the defined parameter as a connection parameter using the encrypted parameter, it reports that a weakly processed password is detected in the code.
The embodiment can accurately and efficiently detect the hard coded password in the code, and can also detect the weak processing password and the strong processing password in the code.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described apparatus embodiments are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or may not be executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
Further embodiments of the disclosed code detection apparatus are described below in conjunction with fig. 4.
Fig. 4 is a schematic structural diagram of a code detection apparatus according to further embodiments of the present disclosure. As shown in fig. 4, the code detection apparatus 40 includes: a memory 410 and a processor 420 coupled to the memory 410, the processor 420 being configured to perform the code detection method of any of the foregoing embodiments based on instructions stored in the memory 410.
The code detecting apparatus 40 may further include an input-output interface 430, a network interface 440, a storage interface 450, and the like. These interfaces 430, 440, 450 and the connection between the memory 410 and the processor 420 may be, for example, via a bus 460. The input/output interface 430 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 440 provides a connection interface for various networking devices. The storage interface 450 provides a connection interface for external storage devices such as an SD card and a usb disk.
The present disclosure also includes a non-transitory computer-readable storage medium having stored thereon computer instructions that, when executed by a processor, implement a code detection method in any of the foregoing embodiments.
The aforementioned integrated units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the application described herein may be used. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
Claims (12)
1. A code detection method, comprising:
identifying functions and parameters in the code;
searching connection parameters for calling the network function and definition parameters of the connection parameters from the parameters, wherein the function comprises the network function;
searching a parameter processing function for processing the definition parameter into the connection parameter from the functions, wherein the functions comprise the parameter processing function;
judging whether the connection parameter is a hard coded password or not according to the parameter processing function and the definition parameter;
and in the case that the connection parameter is a hard-coded password, outputting a detection report for detecting the hard-coded password in the code.
2. The code detection method of claim 1, wherein said outputting a detection report that detects a hard-coded password in the code comprises:
judging whether the code is confused;
if the code is not obfuscated, outputting the connection parameters and reporting that a hard-coded password is detected in the code;
and if the codes are confused, matching the codes by using the password keywords, outputting parameters matched with the password keywords in the codes, and reporting that the hard coded passwords are detected in the codes.
3. The code detection method of claim 1, wherein the determining whether the connection parameter is a hard-coded password according to the parameter processing function and the definition parameter comprises:
if the defined parameter is different from the connection parameter after the processing of the parameter processing function, the connection parameter is not a hard coded password;
if the defined parameter is the same as the connection parameter after the processing of the parameter processing function, or the parameter processing function is not found, the connection parameter is a hard coded password.
4. The code detection method of claim 1, further comprising:
under the condition that the connection parameter is not a hard coded password, judging whether the parameter processing function processes the definition parameter into the connection parameter by using an encryption parameter or not;
reporting that a strong processing password is detected in the code if the parameter processing function processes the defined parameter into the connection parameter by using an encryption parameter;
reporting that a weakly processed password is detected in the code if the parameter processing function does not process the defined parameter into the connection parameter using an encrypted parameter.
5. The code detection method of claim 1, further comprising:
determining the file type of the file;
preloading the code in the file if the file type is a non-binary file;
and under the condition that the file type is a binary file, performing reverse processing on the file, and preloading the code in the file after the reverse processing.
6. A code detection apparatus comprising:
a code identification module configured to identify functions and parameters in a code;
a parameter searching module configured to search the parameters for connection parameters calling the network function and definition parameters of the connection parameters, wherein the function comprises the network function;
a function search module configured to search, from the functions, parameter processing functions that process the defined parameters into the connection parameters, the functions including the parameter processing functions;
the hard coding judgment module is configured to judge whether the connection parameter is a hard coding password according to the parameter processing function and the definition parameter;
a report output module configured to output a detection report for detecting a hard-coded password in the code, in case the connection parameter is a hard-coded password.
7. The code detection apparatus of claim 6, wherein the report output module is configured to:
judging whether the code is confused;
if the code is not obfuscated, outputting the connection parameters and reporting that a hard-coded password is detected in the code;
and if the codes are confused, matching the codes by using the password keywords, outputting parameters matched with the password keywords in the codes, and reporting that the hard coded passwords are detected in the codes.
8. The code detection apparatus of claim 6, wherein the hard-coded decision module is configured to:
if the defined parameter is different from the connection parameter after the processing of the parameter processing function, the connection parameter is not a hard coded password;
if the defined parameter is the same as the connection parameter after the processing of the parameter processing function, or the parameter processing function is not found, the connection parameter is a hard coded password.
9. The code detection apparatus of claim 6, further comprising a function determination module configured to: under the condition that the connection parameter is not a hard coded password, judging whether the parameter processing function processes the definition parameter into the connection parameter by using an encryption parameter or not;
the report output module is further configured to: reporting that a strong processing password is detected in the code if the parameter processing function processes the defined parameter into the connection parameter by using an encryption parameter; reporting that a weakly processed password is detected in the code if the parameter processing function does not process the defined parameter into the connection parameter using an encrypted parameter.
10. The code detection apparatus of claim 6, further comprising a code preloading module configured to:
determining the file type of the file;
preloading the code in the file if the file type is a non-binary file;
and under the condition that the file type is a binary file, performing reverse processing on the file, and preloading the code in the file after the reverse processing.
11. A code detection apparatus comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the code detection method of any of claims 1 to 5 based on instructions stored in the memory.
12. A non-transitory computer-readable storage medium, wherein the non-transitory computer-readable storage medium stores computer instructions that, when executed by a processor, implement the code detection method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011337274.1A CN114547590A (en) | 2020-11-25 | 2020-11-25 | Code detection method, device and non-transitory computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011337274.1A CN114547590A (en) | 2020-11-25 | 2020-11-25 | Code detection method, device and non-transitory computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114547590A true CN114547590A (en) | 2022-05-27 |
Family
ID=81659858
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011337274.1A Pending CN114547590A (en) | 2020-11-25 | 2020-11-25 | Code detection method, device and non-transitory computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114547590A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116346509A (en) * | 2023-06-01 | 2023-06-27 | 北京比瓴科技有限公司 | Hard coding certificate detection method, system, equipment and readable storage medium |
-
2020
- 2020-11-25 CN CN202011337274.1A patent/CN114547590A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116346509A (en) * | 2023-06-01 | 2023-06-27 | 北京比瓴科技有限公司 | Hard coding certificate detection method, system, equipment and readable storage medium |
| CN116346509B (en) * | 2023-06-01 | 2023-08-15 | 北京比瓴科技有限公司 | Hard coding certificate detection method, system, equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Costin et al. | A {Large-scale} analysis of the security of embedded firmwares | |
| EP2609506B1 (en) | Mining source code for violations of programming rules | |
| Mercaldo et al. | Hey malware, i can find you! | |
| CN112039900B (en) | Network security risk detection method, system, computer device and storage medium | |
| CN110866258A (en) | Method for quickly positioning bug, electronic device and storage medium | |
| CN111813845A (en) | ETL task-based incremental data extraction method, device, equipment and medium | |
| CN112632560A (en) | Web vulnerability confirmation method and device | |
| CN110442582B (en) | Scene detection method, device, equipment and medium | |
| CN114547590A (en) | Code detection method, device and non-transitory computer readable storage medium | |
| CN108509796B (en) | Method for detecting risk and server | |
| CN112529543A (en) | Method, device and equipment for verifying mutual exclusion relationship of workflow and storage medium | |
| US10931693B2 (en) | Computation apparatus and method for identifying attacks on a technical system on the basis of events of an event sequence | |
| CN108763053B (en) | Method for generating buried point name and terminal equipment | |
| CN111752819B (en) | Abnormality monitoring method, device, system, equipment and storage medium | |
| KR102590081B1 (en) | Security compliance automation method | |
| CN108471411B (en) | Key processing method and device | |
| CN115310087A (en) | Website backdoor detection method and system based on abstract syntax tree | |
| US20190156024A1 (en) | Method and apparatus for automatically classifying malignant code on basis of malignant behavior information | |
| CN115659346A (en) | Function testing method and device for multi-party secure computing platform | |
| JP6541903B2 (en) | Attack / abnormality detection device, attack / abnormality detection method, and attack / abnormality detection program | |
| US10599845B2 (en) | Malicious code deactivating apparatus and method of operating the same | |
| CN113055396B (en) | Cross-terminal traceability analysis method, device, system and storage medium | |
| CN113518118B (en) | Information processing method and system based on Internet of things security service | |
| KR101865238B1 (en) | Device for deactivating malicious code and method for operating the same | |
| CN114254317B (en) | Software processing method and device based on software genes and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |