CN105227338B - The recognition methods of web station system information and device - Google Patents
The recognition methods of web station system information and device Download PDFInfo
- Publication number
- CN105227338B CN105227338B CN201410291371.XA CN201410291371A CN105227338B CN 105227338 B CN105227338 B CN 105227338B CN 201410291371 A CN201410291371 A CN 201410291371A CN 105227338 B CN105227338 B CN 105227338B
- Authority
- CN
- China
- Prior art keywords
- website
- special
- vulnerability scanning
- loophole
- content management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000007726 management method Methods 0.000 claims description 88
- 238000002347 injection Methods 0.000 claims description 20
- 239000007924 injection Substances 0.000 claims description 20
- 235000013399 edible fruits Nutrition 0.000 claims description 4
- 230000008859 change Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 238000001914 filtration Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of recognition methods of web station system information and devices, wherein method includes:Website vulnerability scanning is carried out to targeted website;Obtain targeted website in the relevant website vulnerability scanning result of web station system information;According to the web station system information for identifying targeted website with the relevant website vulnerability scanning result of web station system information.According to the program, it can accurately learn the information and web page frame information of the web site contents system such as CMS copyrights of system, it is influenced without page identification information or directory web site, file are changed or deleted by user, can recognize that the web station system information of existing method None- identified.
Description
Technical field
The present invention relates to Internet technical fields, and in particular to a kind of recognition methods of web station system information and device.
Background technology
With the abundant and development of network application, many websites tend not to follow up rapidly bulk information derivative and business mould
The change of formula, it is often necessary to many times, man power and material be spent to handle information update and maintenance work.Therefore, now
Most of website is built with CMS (Content Management System) and web application frameworks.CMS and web application frameworks can be to add
The speed of fast Website development and the cost for reducing exploitation.
Certain operation systems need to obtain CMS copyright informations or framework type, for example, site information collection system etc..With
For CMS copyright informations, existing copyright acquisition methods are obtained generally by the copyright in program, for example, using
The website of Discuz systems includes " powered by Discuz in title or the page!", include using the website of dedecms
“powered by dedecms!" etc. copyrights.However the CMS copyright informations of website are often removed or change, then it is this
Mode cannot be applicable in many cases.
Alternatively, being judged by specific directories/files title, for example, the use of the website of wordpress including wp-
Login.php files, however, this can equally be changed and lead to not identify.
Invention content
In view of the above problems, it is proposed that the present invention overcoming the above problem in order to provide one kind or solves at least partly
State recognition methods and the device of the web station system information of problem.
According to an aspect of the invention, there is provided a kind of recognition methods of web station system information, including:To targeted website
Carry out website vulnerability scanning;Obtain targeted website in the relevant website vulnerability scanning result of web station system information;According to net
The web station system information of system information of standing relevant website vulnerability scanning result identification targeted website.
According to another aspect of the present invention, a kind of identification device of web station system information is provided, including:Scan module,
Suitable for carrying out website vulnerability scanning to targeted website;Leak analysis module is suitable for obtaining in targeted website and web station system information
Relevant website vulnerability scanning result;Identification module is suitable for basis and the relevant website vulnerability scanning result of web station system information
Identify the web station system information of targeted website.
The recognition methods of web station system information according to the present invention and device carry out website vulnerability scanning to targeted website;
Obtain targeted website in the relevant website vulnerability scanning result of web station system information;According to the relevant net of web station system information
Vulnerability scanning result of standing identifies the web station system information of targeted website.According to the program, the CMS versions of system can be accurately learnt
Power etc. web site contents system information and web page frame information, without by user change or delete page identification information or
The influence of directory web site, file can recognize that the web station system information of existing method None- identified.
Above description is only the general introduction of technical solution of the present invention, in order to better understand the technical means of the present invention,
And can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, below the special specific implementation mode for lifting the present invention.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are common for this field
Technical staff will become clear.Attached drawing only for the purpose of illustrating preferred embodiments, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows the flow chart of the recognition methods of web station system information according to an embodiment of the invention;
Fig. 2 shows the flow charts of the recognition methods of web station system information in accordance with another embodiment of the present invention;
Fig. 3 shows the flow chart of the recognition methods of web station system information in accordance with another embodiment of the present invention;
Fig. 4 shows the flow chart of the recognition methods of web station system information in accordance with another embodiment of the present invention;
Fig. 5 shows the flow chart of the recognition methods of web station system information in accordance with another embodiment of the present invention;
Fig. 6 shows the structure diagram of the identification device of web station system information according to an embodiment of the invention;
Fig. 7 shows the structure diagram of the identification device of web station system information in accordance with another embodiment of the present invention.
Specific implementation mode
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
Fig. 1 shows the flow chart of the recognition methods of web station system information according to an embodiment of the invention, such as Fig. 1 institutes
Show, method includes the following steps:
Step S110 carries out website vulnerability scanning to targeted website.
The loophole of website is varied, such as:SQL injection loophole, cross site scripting loophole, weak passwurd loophole, http header
Loophole, struts2 remote commands execution loophole etc. are tracked, for the scan method and scanning rule of different web sites loophole type
Also different.
Vulnerability scanning rule is generally divided into general vulnerability scanning rule and special vulnerability scanning rule, general vulnerability scanning rule
All types of websites can be then directed to and carry out vulnerability scanning, and special vulnerability scanning rule is only suitable for for the loophole to match
Type carries out vulnerability scanning.Include generally at least partly scanning of the page under website to the scanning of website.
Step S120, obtain targeted website in the relevant website vulnerability scanning result of web station system information.
Web station system information includes Web Content Management System information and/or website frame information.
Web Content Management System (CMS) includes Discuz, PHPCMS, TurboCMS etc. common tool of building a station.
Website frame includes the web application frameworks of website, such as struts, struts2 frame, thinkphp frames etc..
Specifically, the information of Web Content Management System, such as copyright information to be identified, obtains in targeted website and corresponds to net
It stands the special vulnerability scanning result of Content Management System;To identify website frame information, then obtains and correspond to net in targeted website
It stands the special vulnerability scanning result of frame.
Step S130, according to the website system for identifying targeted website with the relevant website vulnerability scanning result of web station system information
System information.
For example, for Web Content Management System information, if having got Discuz injection loopholes in step S120, know
Other Web Content Management System is Discuz;For website frame information, if the special loophole obtained in step S120 is
Struts2 orders execute loophole, and identification website frame is struts2 frames.
According to the method that the above embodiment of the present invention provides, website vulnerability scanning is carried out to targeted website;Obtain target network
In standing with the relevant website vulnerability scanning result of web station system information;It is scanned according to the relevant website vulnerability of web station system information
As a result the web station system information of targeted website is identified.According to the program, can accurately learn in the websites such as the CMS copyrights of system
The information and web page frame information of appearance system, without changed or delete by user page identification information or directory web site,
The influence of file can recognize that the web station system information of existing method None- identified.
Fig. 2 shows the flow charts of the recognition methods of web station system information according to an embodiment of the invention, such as Fig. 2 institutes
Show, method includes the following steps:
Step S210 carries out targeted website using the special vulnerability scanning rule of corresponding Web Content Management System special
Vulnerability scanning.
Website vulnerability includes general loophole and special loophole.Special loophole is to be only applicable to a kind of web content management system
The loophole of system;General loophole is the loophole suitable for all types system, therefore cannot be used for identification web station system information.
Specifically, general loophole may include SQL injection, XSS loopholes, sensitive information leakage etc., these loopholes exist
In each Web site management system.
Special loophole may include:The special injection loophole of corresponding specific website Content Management System, specific command execute
Loophole and special XSS loopholes, for example, Discuz_qq interconnection plug-in unit XSS loopholes, the convenience-for-people phone plug SQL injections of Discuz
Loophole etc..
Usually, the vulnerability scanning of website is carried out by vulnerability database.The content preserved in vulnerability database includes:Loophole title,
For example, SQL injection loophole;Loophole endangers, such as website is hacked;Loophole solution, for example, it is desired to number input by user
According to stringent filtering of progress etc.;Scanning rule whether there is for scanning loophole.
In the embodiment of the present invention, targeted website is scanned using special vulnerability database and scanning rule, according to scanning
The type of the special loophole gone out obtains the information of Web Content Management System.
Specifically, use the special vulnerability database of different web sites Content Management System to targeted website successively according to certain sequence
It is scanned, is sequentially determined according to the utilization rate of common Content Management System.For example, using Discuz vulnerability databases to net first
It stands and the affiliated page is scanned.Specifically, each link for including to website according to scanning rule in Discuz vulnerability databases
Carry out vulnerability scanning.When obtaining scanning result, can select to stop scanning;If the end of scan do not obtain yet as a result, if make again
It is scanned with other special vulnerability databases.
Alternatively, website and the affiliated page are scanned using multiple special vulnerability databases simultaneously, after obtaining scanning result, knot
Beam scanning process.
Step S220 records the special loophole for one or more Web Content Management Systems that special vulnerability scanning obtains.
Step S230, according to the special vulnerability scanning result identification web content management system of corresponding Web Content Management System
System information.
Specifically, it is held if the special loophole of Web Content Management System is Discuz injection loopholes and/or Discuz orders
Row loophole and/or the special XSS loopholes of Discuz then identify that Web Content Management System is Discuz systems;
If the special loophole of Web Content Management System, which is PHPCMS injection loopholes and/or PHPCMS orders, executes loophole
And/or the special XSS loopholes of PHPCMS, then identify that Web Content Management System is PHPCMS systems.
System and other special loophole type are managed for other contents such as TurboCMS, such as sensitive information loophole, if
Count defect loophole etc., can identical mode identify Content Management System, no longer repeat one by one herein.
According to the method that the above embodiment of the present invention provides, using the special vulnerability scanning of corresponding Web Content Management System
Rule carries out special vulnerability scanning to targeted website, and Web Content Management System information is identified according to scanning result.For big portion
The website divided and common Content Management System, can rapidly identify the contents management informations such as copyright information, without by people
To change the influence of site information.
Fig. 3 shows the flow chart of the recognition methods of web station system information according to an embodiment of the invention, such as Fig. 3 institutes
Show, method includes the following steps:
Step S310 carries out comprehensive vulnerability scanning to whole loopholes of targeted website.
Vulnerability scanning is carried out to website using general vulnerability database and universal scan rule.
Step S320 searches the special leakage of corresponding Web Content Management System in the scanning result of comprehensive vulnerability scanning
Hole.
Whole scanning results is obtained after the end of scan, and corresponding Web Content Management System is searched in scanning result
Special loophole.
Step S330, according to the special vulnerability scanning result identification web content management system of corresponding Web Content Management System
System information.
The step is similar with step S230 in a upper embodiment, is not repeated to describe herein.
It is searched in scanning result using general vulnerability scanning rule according to the method that the above embodiment of the present invention provides
The special loophole of corresponding Web Content Management System.Compared with a upper embodiment, less web site contents pipe is applied for some
Reason system has higher recognition efficiency.
Fig. 4 shows the flow chart of the recognition methods of web station system information according to an embodiment of the invention, such as Fig. 4 institutes
Show, method includes the following steps:
Step S410 carries out special loophole to targeted website using the special vulnerability scanning rule of corresponding website frame and sweeps
It retouches.
In the embodiment of the present invention, targeted website is swept using the special vulnerability database and scanning rule of various website frames
It retouches, according to the type for the special loophole that scanning obtains, obtains the information of website frame.
Specifically, the special vulnerability database of different web sites frame can be used to carry out targeted website successively according to certain sequence
Scanning.Usually, include at least partly scanning of the page under website to the scanning of website.For example, being leaked first using struts2
Cave depot is scanned website and the affiliated page.Specifically, include to website according to scanning rule in struts2 vulnerability databases
Each link carries out vulnerability scanning.When obtaining scanning result, can select to stop scanning;If the end of scan does not obtain knot yet
Fruit then reuses other special vulnerability databases, for example, the special vulnerability database of thinkphp frames is scanned.
Alternatively, website and the affiliated page are scanned using multiple special vulnerability databases simultaneously, when obtaining scanning result,
Terminate scanning process.
Website frame includes:Struts, struts2 frame, thinkphp frames.The special loophole of website frame includes:
The specific command of website frame executes loophole, for example, the order of struts2 executes loophole.
Step S420 records the special loophole for one or more website frames that special vulnerability scanning obtains.
Step S430 identifies website frame information according to the special vulnerability scanning result of corresponding website frame.
For example, in the scanning result of step S420 records, there are struts2 orders to execute loophole, then identifies that website frame is
Struts2 frames.
For other web page frames such as thinkphp and the special loophole of other web page frames, such as design defect, all
It can identify, no longer repeat one by one herein in an identical manner.
Fig. 5 shows the flow chart of the recognition methods of web station system information in accordance with another embodiment of the present invention, such as Fig. 5
Shown, method includes the following steps:
Step S510 carries out comprehensive vulnerability scanning to whole loopholes of targeted website.
Step S520 searches the special loophole of corresponding website frame in the scanning result of comprehensive vulnerability scanning.
Step S530 identifies website frame information according to the special vulnerability scanning result of corresponding website frame.
According to the method that the above embodiment of the present invention provides, website is identified according to the special vulnerability scanning result of website frame
Frame information.For most website, can quickly and accurately identify the contents management informations such as copyright information, without by
The influence of artificial modification site information.
Fig. 6 shows the structure diagram of the identification device of web station system information according to an embodiment of the invention, such as Fig. 6
Shown, device includes:
Scan module 610 is suitable for carrying out website vulnerability scanning to targeted website.
Leak analysis module 620 is suitable for obtaining in targeted website and being tied with the relevant website vulnerability scanning of web station system information
Fruit.
Wherein, web station system information includes Web Content Management System information and/or website frame information.
Leak analysis module 620 is particularly adapted to:Obtain the special loophole that Web Content Management System is corresponded in targeted website
The special vulnerability scanning result of website frame is corresponded in scanning result and/or acquisition targeted website.
Identification module 630 is suitable for identifying targeted website according to the relevant website vulnerability scanning result of web station system information
Web station system information.
Identification module 630 is particularly adapted to:Net is identified according to the special vulnerability scanning result of corresponding Web Content Management System
Content Management System information of standing and/or website frame information is identified according to the special vulnerability scanning result of corresponding website frame.
Fig. 7 shows the structure diagram of the identification device of web station system information in accordance with another embodiment of the present invention, such as
Shown in Fig. 7, device includes:
Scan module 710 is suitable for carrying out website vulnerability scanning to targeted website.
Scan module 710 further comprises:Dedicated scan unit 7101 is suitable for using corresponding Web Content Management System
Special vulnerability scanning rule carries out special vulnerability scanning to targeted website, obtains special vulnerability scanning result;And/or suitable for adopting
Special vulnerability scanning is carried out to targeted website with the special vulnerability scanning rule of corresponding website frame;And
Universal scan unit 7102 is suitable for carrying out comprehensive loophole to whole loopholes of targeted website using universal scan rule
Scanning.
Wherein, Web Content Management System (CMS) includes Discuz, PHPCMS, TurboCMS etc. common tool of building a station.
The special loophole of Web Content Management System includes:The special injection loophole of Web Content Management System, special life
It enables and executes loophole, special XSS loopholes etc..
Website frame is the web application frameworks of website, such as struts, struts2 frame, thinkphp frames etc., net
Stand frame dedicated scan loophole include order execute loophole.
Leak analysis module 720 is suitable for obtaining in targeted website and being tied with the relevant website vulnerability scanning of web station system information
Fruit.
Leak analysis module 720 further comprises:Recording unit 7201 is obtained suitable for record dedicated scan unit 7101
The special loophole of one or more Web Content Management Systems;And/or one or more that record dedicated scan unit 7101 obtains
The special loophole of item website frame;
Searching unit 7202 is suitable for searching corresponding web content management system in the scanning result of universal scan unit 7102
The special loophole of system;And/or the special loophole of corresponding website frame is searched in the scanning result of universal scan unit 7102.
Identification module 730 is suitable for identifying targeted website according to the relevant website vulnerability scanning result of web station system information
Web station system information.
Identification module 730 is particularly adapted to:Net is identified according to the special vulnerability scanning result of corresponding Web Content Management System
Content Management System information of standing and/or website frame information is identified according to the special vulnerability scanning result of corresponding website frame.
Identification module 730 is further adapted for:If the special loophole of Web Content Management System be Discuz injection loopholes and/
Or Discuz orders execute loophole and/or the special XSS loopholes of Discuz, then identify that Web Content Management System is Discuz systems
System;If the special loophole of Web Content Management System be PHPCMS injection loopholes and/or PHPCMS orders execution loophole and/or
The special XSS loopholes of PHPCMS then identify that Web Content Management System is PHPCMS systems.
Identification module 730 is further adapted for:If special loophole, which is struts2 orders, executes loophole, website frame is identified
For struts2 frames.
According to the device that the above embodiment of the present invention provides, scan module carries out website vulnerability scanning to targeted website;Leakage
Hole analysis module obtain in targeted website with the relevant vulnerability scanning result of website frame information;Identification module according to website frame
The website frame information of frame information relevant website vulnerability scanning result identification targeted website.It, can be accurately according to the program
It learns website frame information, without being influenced by user's modification information, can recognize that the net of existing method None- identified
It stands frame information.
The embodiment of the present invention also discloses:
B11, the device according to claim B10, wherein the scan module is particularly adapted to:Using corresponding website
The special vulnerability scanning rule of Content Management System carries out special vulnerability scanning to the targeted website;And/or
Special vulnerability scanning is carried out to the targeted website using the special vulnerability scanning rule of corresponding website frame;
The leak analysis module is particularly adapted to:Record one or more web site contents that special vulnerability scanning obtains
The special loophole of management system;And/or record the special loophole for one or more website frames that special vulnerability scanning obtains.
B12, the device according to claim B10, wherein the scan module is particularly adapted to:Using universal scan
Rule carries out comprehensive vulnerability scanning to whole loopholes of the targeted website;
The leak analysis module is particularly adapted to:It is searched in the scanning result of comprehensive vulnerability scanning in corresponding website
The special loophole of content management system;And/or the special of corresponding website frame is searched in the scanning result of comprehensive vulnerability scanning
Use loophole.
B13, the device according to claim B11 or B12, wherein the special leakage of the Web Content Management System
Hole includes:The special injection loophole of Web Content Management System, specific command execute loophole, one in special XSS loopholes or
It is multinomial;
Website frame includes struts2 frames.
B14, the device according to claim B13, wherein the Web Content Management System includes Discuz systems
And/or PHPCMS systems;
The identification module is further adapted for:If the special loophole of the Web Content Management System is Discuz injection leakages
Hole and/or Discuz orders execute loophole and/or the special XSS loopholes of Discuz, then identify that the Web Content Management System is
Discuz systems;
If the special loophole of the Web Content Management System, which is PHPCMS injection loopholes and/or PHPCMS orders, executes leakage
Hole and/or the special XSS loopholes of PHPCMS then identify that the Web Content Management System is PHPCMS systems;
The website frame includes struts2 frames;
The identification module is further adapted for:If the special loophole is struts2 orders execution loophole, described in identification
Website frame is struts2 frames.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with teaching based on this.As described above, it constructs required by this kind of system
Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that can utilize various
Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention
Example can be put into practice without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of each inventive aspect,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:It is i.e. required to protect
Shield the present invention claims the more features of feature than being expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific implementation mode are expressly incorporated in the specific implementation mode, wherein each claim itself
All as a separate embodiment of the present invention.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in the one or more equipment different from the embodiment.It can be the module or list in embodiment
Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit requires, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
One of meaning mode can use in any combination.
The all parts embodiment of the present invention can be with hardware realization, or to run on one or more processors
Software module realize, or realized with combination thereof.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) realize the identification device of web station system information according to the ... of the embodiment of the present invention
In some or all components some or all functions.The present invention is also implemented as described herein for executing
Some or all equipment or program of device (for example, computer program and computer program product) of method.In this way
Realization the present invention program can may be stored on the computer-readable medium, or can with one or more signal shape
Formula.Such signal can be downloaded from internet website and be obtained, and either be provided on carrier signal or with any other shape
Formula provides.
It should be noted that the present invention will be described rather than limits the invention for above-described embodiment, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference mark between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be by the same hardware branch
To embody.The use of word first, second, and third does not indicate that any sequence.These words can be explained and be run after fame
Claim.
Claims (14)
1. a kind of recognition methods of web station system information comprising:
Website vulnerability scanning is carried out to targeted website;
Obtain in the targeted website with the relevant website vulnerability scanning result of web station system information;
Identify that the web station system of the targeted website is believed with the relevant website vulnerability scanning result of web station system information according to described
Breath.
2. according to the method described in claim 1, wherein, the web station system information includes Web Content Management System information
And/or website frame information.
3. according to the method described in claim 2, wherein, it is described obtain it is relevant with web station system information in the targeted website
Website vulnerability scanning result is specially:Obtain the special vulnerability scanning knot that Web Content Management System is corresponded in the targeted website
The special vulnerability scanning result of website frame is corresponded in fruit and/or the acquisition targeted website;
The website system of the targeted website is identified described in the basis with the relevant website vulnerability scanning result of web station system information
System information be specially:Web content management system is identified according to the special vulnerability scanning result of the corresponding Web Content Management System
Information of uniting and/or the website frame information is identified according to the special vulnerability scanning result of the corresponding website frame.
It is described vulnerability scanning is carried out to targeted website to be specially 4. according to the method described in claim 3, wherein:Using correspondence
The special vulnerability scanning rule of Web Content Management System carries out special vulnerability scanning to the targeted website;And/or using pair
The special vulnerability scanning rule of website frame is answered to carry out special vulnerability scanning to the targeted website;
The special vulnerability scanning result that Web Content Management System is corresponded in the acquisition targeted website is specially:Record special leakage
The special loophole for one or more Web Content Management Systems that hole is scanned;And/or the acquisition target network
The special vulnerability scanning result that website frame is corresponded in standing is specially:Record one or more websites that special vulnerability scanning obtains
The special loophole of frame.
It is described vulnerability scanning is carried out to targeted website to be specially 5. according to the method described in claim 3, wherein:Using general
Scanning rule carries out comprehensive vulnerability scanning to whole loopholes of the targeted website;
The special vulnerability scanning result that Web Content Management System is corresponded in the acquisition targeted website is specially:Described comprehensive
The special loophole of corresponding Web Content Management System is searched in the scanning result of vulnerability scanning;And/or the acquisition target
The special vulnerability scanning result that website frame is corresponded in website is specially:It is searched in the scanning result of comprehensive vulnerability scanning
The special loophole of corresponding website frame.
6. method according to claim 4 or 5, wherein the special loophole of the Web Content Management System includes:Website
The special injection loophole of Content Management System, specific command executes loophole, one or more in special XSS loopholes;
The special loophole of the website frame includes:The specific command of website frame executes loophole.
7. according to the method described in claim 6, wherein, the Web Content Management System include Discuz systems and/or
PHPCMS systems;
It is described that Web Content Management System letter is identified according to the special vulnerability scanning result of the corresponding Web Content Management System
Breath further comprises:If the special loophole of the Web Content Management System is Discuz injection loopholes and/or Discuz orders
Loophole and/or the special XSS loopholes of Discuz are executed, then identifies that the Web Content Management System is Discuz systems;
If the special loophole of the Web Content Management System, which is PHPCMS injection loopholes and/or PHPCMS orders, executes loophole
And/or the special XSS loopholes of PHPCMS, then identify that the Web Content Management System is PHPCMS systems;
The website frame includes struts2 frames;
It is described to identify that website frame information further comprises according to the special vulnerability scanning result of the corresponding website frame:If institute
It is that struts2 orders execute loophole to state special loophole, then identifies that the website frame is struts2 frames.
8. a kind of identification device of web station system information comprising:
Scan module is suitable for carrying out website vulnerability scanning to targeted website;
Leak analysis module is suitable for obtaining in the targeted website and the relevant website vulnerability scanning result of web station system information;
Identification module is suitable for identifying the targeted website with the relevant website vulnerability scanning result of web station system information according to described
Web station system information.
9. device according to claim 8, wherein the web station system information includes Web Content Management System information
And/or website frame information.
10. device according to claim 9, wherein the leak analysis module is particularly adapted to:Obtain the targeted website
Website frame is corresponded in the special vulnerability scanning result of middle corresponding Web Content Management System and/or the acquisition targeted website
Special vulnerability scanning result;
The identification module is particularly adapted to:Net is identified according to the special vulnerability scanning result of the corresponding Web Content Management System
Content Management System information of standing and/or the website frame is identified according to the special vulnerability scanning result of the corresponding website frame
Information.
11. device according to claim 10, wherein the scan module is particularly adapted to:Using corresponding web site contents pipe
The special vulnerability scanning rule of reason system carries out special vulnerability scanning to the targeted website;And/or
Special vulnerability scanning is carried out to the targeted website using the special vulnerability scanning rule of corresponding website frame;
The leak analysis module is particularly adapted to:Record one or more web content managements that special vulnerability scanning obtains
The special loophole of system;And/or record the special loophole for one or more website frames that special vulnerability scanning obtains.
12. device according to claim 10, wherein the scan module is particularly adapted to:It is right using universal scan rule
Whole loopholes of the targeted website carry out comprehensive vulnerability scanning;
The leak analysis module is particularly adapted to:Corresponding web site contents pipe is searched in the scanning result of comprehensive vulnerability scanning
The special loophole of reason system;And/or the special leakage of corresponding website frame is searched in the scanning result of comprehensive vulnerability scanning
Hole.
13. device according to claim 11 or 12, wherein the special loophole of the Web Content Management System includes:
The special injection loophole of Web Content Management System, specific command executes loophole, one or more in special XSS loopholes;
Website frame includes struts2 frames.
14. device according to claim 13, wherein the Web Content Management System include Discuz systems and/or
PHPCMS systems;
The identification module is further adapted for:If the special loophole of the Web Content Management System is Discuz injection loopholes
And/or Discuz orders execute loophole and/or the special XSS loopholes of Discuz, then identify that the Web Content Management System is
Discuz systems;
If the special loophole of the Web Content Management System, which is PHPCMS injection loopholes and/or PHPCMS orders, executes loophole
And/or the special XSS loopholes of PHPCMS, then identify that the Web Content Management System is PHPCMS systems;
The website frame includes struts2 frames;
The identification module is further adapted for:If the special loophole, which is struts2 orders, executes loophole, the website is identified
Frame is struts2 frames.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410291371.XA CN105227338B (en) | 2014-06-25 | 2014-06-25 | The recognition methods of web station system information and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410291371.XA CN105227338B (en) | 2014-06-25 | 2014-06-25 | The recognition methods of web station system information and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105227338A CN105227338A (en) | 2016-01-06 |
| CN105227338B true CN105227338B (en) | 2018-07-17 |
Family
ID=54996052
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410291371.XA Active CN105227338B (en) | 2014-06-25 | 2014-06-25 | The recognition methods of web station system information and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105227338B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111008405A (en) * | 2019-12-06 | 2020-04-14 | 杭州安恒信息技术股份有限公司 | Website fingerprint identification method based on file Hash |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101635730A (en) * | 2009-08-28 | 2010-01-27 | 深圳市永达电子股份有限公司 | Method and system for safe management of internal network information of small and medium-sized enterprises |
| CN102624717A (en) * | 2012-03-02 | 2012-08-01 | 深信服网络科技(深圳)有限公司 | Security policy automatic generation method and security policy automatic generation device based on leak scanning |
| CN103632100A (en) * | 2013-11-08 | 2014-03-12 | 北京奇虎科技有限公司 | Method and device for detecting website bugs |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8626825B2 (en) * | 2009-09-07 | 2014-01-07 | Oracle International Corporation | Facilitating a service application to operate with different service frameworks in application servers |
-
2014
- 2014-06-25 CN CN201410291371.XA patent/CN105227338B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101635730A (en) * | 2009-08-28 | 2010-01-27 | 深圳市永达电子股份有限公司 | Method and system for safe management of internal network information of small and medium-sized enterprises |
| CN102624717A (en) * | 2012-03-02 | 2012-08-01 | 深信服网络科技(深圳)有限公司 | Security policy automatic generation method and security policy automatic generation device based on leak scanning |
| CN103632100A (en) * | 2013-11-08 | 2014-03-12 | 北京奇虎科技有限公司 | Method and device for detecting website bugs |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105227338A (en) | 2016-01-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103632100B (en) | A kind of website vulnerability detection method and device | |
| Li et al. | ATOM: Automatic maintenance of GUI test scripts for evolving mobile applications | |
| CN105095067A (en) | User interface element object identification and automatic test method and apparatus | |
| US20140310053A1 (en) | Method and systems for providing business process suggestions and recommendations utilizing a business process modeler | |
| Leotta et al. | Reducing web test cases aging by means of robust XPath locators | |
| CN104932980B (en) | Software automatic testing method and device | |
| CN103092999A (en) | Webpage crawling cycle adjusting method and device | |
| US10152405B2 (en) | Application testing system and method | |
| CN105868096A (en) | Methods and apparatuses used for displaying web page test result in browser and device | |
| Ricca et al. | Three open problems in the context of e2e web testing and a vision: Neonate | |
| CN107340954A (en) | A kind of information extracting method and device | |
| CN110795085A (en) | Mobile application visual editing method and tool | |
| CN104462985A (en) | Detecting method and device of bat loopholes | |
| CN106598991A (en) | Web crawler system capable of realizing website interaction and automatic form extraction by conversational mode | |
| CN108574669A (en) | User behavior tree constructing method and device | |
| CN104025089B (en) | The method and system creeped based on situation | |
| US10719482B2 (en) | Data comparison | |
| US11119899B2 (en) | Determining potential test actions | |
| US20160217203A1 (en) | Systems, Methods, and Apparatuses for Creating, Linking and Discovering Business Navigation Maps for Analyzing Data | |
| CN108461127B (en) | Medical data relation image acquisition method and device, terminal equipment and storage medium | |
| CN105227338B (en) | The recognition methods of web station system information and device | |
| CN104699843B (en) | The method and device of product comparative information is provided in Search Results | |
| US20170308379A1 (en) | Evaluating documentation coverage | |
| CN103838865B (en) | For excavating the method and device of ageing kind of subpage | |
| CN105279134B (en) | A kind of device and application server of dynamic configuration mobile application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20161128 Address after: 100016 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3 Applicant after: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant before: Qizhi software (Beijing) Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100016 15, 17 floor 1701-26, 3 building, 10 Jiuxianqiao Road, Chaoyang District, Beijing. Patentee before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201229 Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee after: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee before: Qianxin Technology Group Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee before: Qianxin Technology Group Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |