CN107145784B - Vulnerability scanning method and device and computer readable medium - Google Patents
Vulnerability scanning method and device and computer readable medium Download PDFInfo
- Publication number
- CN107145784B CN107145784B CN201710308720.8A CN201710308720A CN107145784B CN 107145784 B CN107145784 B CN 107145784B CN 201710308720 A CN201710308720 A CN 201710308720A CN 107145784 B CN107145784 B CN 107145784B
- Authority
- CN
- China
- Prior art keywords
- vulnerability scanning
- plug
- interface
- plugin
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention provides a vulnerability scanning method, a vulnerability scanning device and a computer readable medium, relates to the field of information processing, and aims to solve the problems of low scanning efficiency and poor precision of the existing universal scanning mode. The method comprises the following steps: acquiring basic parameter information of the vulnerability scanning plug-in through a specified interface; according to the basic parameter information, determining a vulnerability scanning plug-in corresponding to the basic parameter information according to an input mode corresponding to the specified interface; storing the vulnerability scanning plug-in a vulnerability scanning plug-in database; and carrying out vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database. The embodiment of the invention is suitable for the vulnerability scanning process.
Description
[ technical field ] A method for producing a semiconductor device
The present invention relates to the field of information processing, and in particular, to a vulnerability scanning method, device, and computer readable medium.
[ background ] A method for producing a semiconductor device
Many application services will be found to have 0day vulnerabilities, e.g., sql (database) injection, xss (cross site scripting attack) vulnerabilities, upload vulnerabilities. Because these vulnerabilities are often hidden and bring great security risks to software and network systems, some scanning methods need to be equipped for scanning.
The current common vulnerability scanning method is to obtain vulnerability scanning plug-ins corresponding to each application service respectively by a manual compiling mode aiming at different application services, and then manually operate the existing vulnerability scanning plug-ins to scan. However, more or less, there are some differences between various programs and software, and the vulnerabilities are different. Therefore, a large amount of manual operations are required to complete vulnerability scanning plug-ins for different application service vulnerabilities, and the operation efficiency is low.
[ summary of the invention ]
In view of this, embodiments of the present invention provide a vulnerability scanning method, apparatus, and computer readable medium, which can avoid human participation to a certain extent and improve vulnerability scanning efficiency.
In one aspect, an embodiment of the present invention provides a vulnerability scanning method, where the method includes:
acquiring basic parameter information of the vulnerability scanning plug-in through a specified interface;
according to the basic parameter information, determining a vulnerability scanning plug-in corresponding to the basic parameter information according to an input mode corresponding to the specified interface;
storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and carrying out vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database.
As to the above-mentioned aspect and any possible implementation manner, further providing an implementation manner, when the specified interface is a plug-in compiling interface, the determining, according to the basic parameter information and according to an entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information includes:
and inputting the basic parameter information into a specified template of the plug-in compiling interface to generate the vulnerability scanning plug-in.
As for the above-mentioned aspect and any possible implementation manner, further providing an implementation manner, when the specified interface is a plug-in unloading interface, the determining, according to the basic parameter information and according to an entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information includes:
and extracting the vulnerability scanning plug-in from the basic parameter information.
As to the above-mentioned aspect and any possible implementation manner, further providing an implementation manner, when the specified interface is a plug-in conversion interface, the determining, according to the basic parameter information and according to an entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information includes:
extracting an original vulnerability scanning plug-in from the basic parameter information;
adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format.
As with the above-described aspects and any possible implementations, there is further provided an implementation, where the method further includes:
according to the basic parameter information and an input mode corresponding to the specified interface, determining identification information corresponding to the vulnerability scanning plug-in;
and storing the identification information in a vulnerability scanning plug-in database.
As to the above-described aspects and any possible implementation manner, there is further provided an implementation manner, where performing vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database includes:
acquiring identification information corresponding to an object to be scanned;
searching a corresponding vulnerability scanning plug-in from a vulnerability scanning plug-in database according to identification information corresponding to an object to be scanned;
and calling the scanning plug-in to carry out vulnerability scanning on the object to be scanned when the corresponding vulnerability scanning plug-in is found.
The above-described aspects and any possible implementations further provide an implementation, and the method further includes:
collecting vulnerability scanning codes input by a user;
receiving an operation instruction input by a user;
in response to the execution instruction, executing the vulnerability scanning code;
and outputting the operation result.
The above-described aspects and any possible implementations further provide an implementation in which the identification information includes at least one or more of a specified keyword, MD5 information, a keyword specifying a URL, a TAG pattern specifying a URL, and a specified directory file.
The above-described aspects and any possible implementations further provide an implementation in which the basic parameter information includes one or more of fingerprint name information, authentication entry information, a matching response value, and client information.
In a second aspect, an embodiment of the present invention further provides a vulnerability scanning apparatus, where the apparatus includes:
the first acquisition unit is used for acquiring basic parameter information of the vulnerability scanning plug-in through a specified interface;
the determining unit is used for determining the vulnerability scanning plug-in corresponding to the basic parameter information according to the basic parameter information and the input mode corresponding to the specified interface;
the storage unit is used for storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and the scanning unit is used for carrying out vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database.
The above-mentioned aspect and any possible implementation manner further provide an implementation manner, where the determining unit is configured to, when the specified interface is a plug-in compiling interface, enter the basic parameter information into a specified template of the plug-in compiling interface, and generate the vulnerability scanning plug-in.
The above-mentioned aspect and any possible implementation further provides an implementation, where the determining unit is configured to:
and when the specified interface is a plug-in unloading interface, extracting the vulnerability scanning plug-in from the basic parameter information.
The above-mentioned aspect and any possible implementation further provides an implementation, where the determining unit is configured to:
when the specified interface is a plug-in conversion interface, extracting an original vulnerability scanning plug-in from the basic parameter information; adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format.
The above-mentioned aspect and any possible implementation manner further provide an implementation manner, where the determining unit is further configured to determine, according to the basic parameter information and according to an entry manner corresponding to the specified interface, identification information corresponding to the vulnerability scanning plug-in;
the storage unit is further used for storing the identification information in a vulnerability scanning plug-in database.
The above-described aspects and any possible implementations further provide an implementation, where the scanning unit includes:
the acquisition subunit is used for acquiring identification information corresponding to the object to be scanned;
the searching subunit is used for searching the corresponding vulnerability scanning plug-in from the vulnerability scanning plug-in database according to the identification information corresponding to the object to be scanned;
and the calling subunit is used for calling the scanning plug-in to carry out vulnerability scanning on the object to be scanned when the corresponding vulnerability scanning plug-in is found.
The above-described aspects and any possible implementations further provide an implementation, where the apparatus further includes:
the second acquisition unit is used for acquiring vulnerability scanning codes input by a user;
the receiving unit is used for receiving an operation instruction input by a user;
the operation unit is used for responding to the operation instruction and operating the vulnerability scanning code;
and the output unit is used for outputting the operation result.
The above-described aspects and any possible implementations further provide an implementation in which the identification information includes at least one or more of a specified keyword, MD5 information, a keyword specifying a URL, a TAG pattern specifying a URL, and a specified directory file.
The above-described aspects and any possible implementations further provide an implementation in which the basic parameter information includes one or more of fingerprint name information, authentication entry information, a matching response value, and client information.
An embodiment of the present invention further provides a computer-readable medium, including: computer-executable instructions which, when executed, perform the following steps;
acquiring basic parameter information of the vulnerability scanning plug-in through a specified interface;
according to the basic parameter information, determining a vulnerability scanning plug-in corresponding to the basic parameter information according to an input mode corresponding to the specified interface;
storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and scanning the vulnerability based on the vulnerability scanning plugin stored in the vulnerability scanning plugin database.
As to the above aspect and any possible implementation manner, there is further provided an implementation manner, where when the specified interface is a plug-in compiling interface, the step of determining, according to the basic parameter information and according to an entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information may specifically be performed as follows:
and inputting the basic parameter information into a specified template of the plug-in compiling interface to generate the vulnerability scanning plug-in.
As to the above aspect and any possible implementation manner, there is further provided an implementation manner, where when the specified interface is a plug-in unloading interface, the determining, according to the basic parameter information and according to an entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information may specifically perform the following steps:
and extracting the vulnerability scanning plug-in from the basic parameter information.
As to the above-mentioned aspect and any possible implementation manner, there is further provided an implementation manner, when the specified interface is a plug-in conversion interface, the determining, according to the basic parameter information and according to the entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information may specifically execute the following steps:
extracting an original vulnerability scanning plug-in from the basic parameter information;
adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format.
The above-described aspects and any possible implementations further provide an implementation where the computer-executable instructions, when executed, may further perform steps comprising:
according to the basic parameter information and an input mode corresponding to the specified interface, determining identification information corresponding to the vulnerability scanning plug-in;
and storing the identification information in a vulnerability scanning plug-in database.
As to the above-mentioned aspects and any possible implementation manner, there is further provided an implementation manner, where the performing vulnerability scanning based on the vulnerability scanning plugin stored in the vulnerability scanning plugin database may specifically be performed as the following steps:
acquiring identification information corresponding to an object to be scanned;
searching a corresponding vulnerability scanning plug-in from a vulnerability scanning plug-in database according to identification information corresponding to an object to be scanned;
and calling the scanning plug-in to carry out vulnerability scanning on the object to be scanned when the corresponding vulnerability scanning plug-in is found.
The above-described aspects and any possible implementation further provide an implementation, and when executed, the computer-executable instructions may further perform steps comprising:
collecting vulnerability scanning codes input by a user;
receiving an operation instruction input by a user;
in response to the execution instruction, executing the vulnerability scanning code;
and outputting the operation result.
The above-described aspects and any possible implementations further provide an implementation in which the identification information includes at least one or more of a specified keyword, MD5 information, a keyword specifying a URL, a TAG pattern specifying a URL, and a specified directory file.
The above-described aspects and any possible implementations further provide an implementation in which the basic parameter information includes one or more of fingerprint name information, authentication entry information, a matching response value, and client information.
Compared with the prior art, the method, the device and the computer readable medium for scanning the vulnerabilities provided by the embodiment of the invention can directly call the existing vulnerability scanning plug-ins in the data to scan in the vulnerability scanning process, thereby avoiding human participation and improving the vulnerability scanning efficiency.
[ description of the drawings ]
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a block diagram of a vulnerability scanning system according to an embodiment of the present invention;
fig. 2 is a flowchart of a vulnerability scanning method provided in an embodiment of the present invention;
fig. 3 is a flowchart of another vulnerability scanning method provided in the embodiment of the present invention;
FIG. 4 is a schematic diagram of a submission interface of a vulnerability scanning plugin according to an embodiment of the present invention;
fig. 5 is a flowchart of another vulnerability scanning method provided in the embodiment of the present invention;
FIG. 6 is a schematic diagram of a submission interface of another vulnerability scanning plug-in provided in an embodiment of the present invention;
fig. 7 is a flowchart of another vulnerability scanning method provided in the embodiment of the present invention;
fig. 8 is a flowchart of another vulnerability scanning method provided in the embodiment of the present invention;
fig. 9 is a flowchart of another vulnerability scanning method provided in the embodiment of the present invention;
fig. 10 is a block diagram illustrating a vulnerability scanning apparatus according to an embodiment of the present invention;
fig. 11 is a block diagram illustrating another vulnerability scanning apparatus according to an embodiment of the present invention;
fig. 12 is a block diagram of another vulnerability scanning apparatus according to an embodiment of the present invention.
[ detailed description ] A
For better understanding of the technical solutions of the present invention, the following detailed descriptions of the embodiments of the present invention are provided with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be understood that the term "and/or" as used herein is merely one type of association that describes an associated object, meaning that three relationships may exist, e.g., a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter associated objects are in an "or" relationship.
The embodiment of the invention provides a vulnerability scanning method which is applicable to a vulnerability scanning system shown in figure 1. The vulnerability scanner can be various interactive systems or built network platforms based on B/S or C/S architecture and the like. In the vulnerability scanning process, calling an existing plugin in a local or external vulnerability scanning plugin database by a vulnerability scanner to initiate an access or resource acquisition request and the like for an object to be scanned; the request is transmitted to the object to be scanned via the network transmission equipment; the object to be scanned processes the network request after receiving the network request and returns a processing result; the processing result is transmitted to the bug scanner through the network transmission equipment; then, the vulnerability scanner discriminates the processing result to determine whether a vulnerability exists.
In order to reduce labor cost in the vulnerability scanning plug-in compiling process and improve vulnerability scanning efficiency, the embodiment of the invention purposefully introduces the concept of the vulnerability scanning plug-in database into a vulnerability scanning flow and a corresponding system so as to compile and store various vulnerability scanning plug-ins.
In combination with a newly introduced vulnerability scanning plug-in database, an embodiment of the present invention provides a specific implementation method for vulnerability scanning, where the method flow is shown in fig. 2 and includes:
101. and acquiring basic parameter information of the vulnerability scanning plug-in through a specified interface.
The designated interface is a data acquisition interface of the vulnerability scanning plug-in database, such as an API and the like, and can be used for receiving information related to the vulnerability scanning plug-in.
The basic parameter information mentioned here may generally include fingerprint name information, authentication entry information, matching response values, and client information, or source code or code packages of a specific vulnerability scanning plug-in.
The fingerprint name information is the specific attributes of the application service and the operating system, for example, the fingerprint name information of the application service may include a service port, a service name, a version, a provider, and the like; the fingerprint information of the operating system may include a version of the system, a kernel version, and the like.
The verification entry information is a service request port with a bug or a port which can accept a scanning request during bug scanning, and may include a specified IP address or URL.
The matching response value is an abnormal value or a normal value obtained after the specified service processes the scanning service.
The client information refers to various attribute information corresponding to the client enjoying the service, such as an account number, user description information, and the like.
The source code or code package of the vulnerability scanning plugin refers to program code that can be directly invoked.
Of course, the embodiment of the present invention does not limit the information submitted by the vulnerability provider to only these information, and may further submit the introduction information about the vulnerability and the extension information such as the personal description information of the provider, which are convenient for other people to view.
102. And determining the vulnerability scanning plug-in corresponding to the basic parameter information according to the basic parameter information and the entry mode corresponding to the specified interface.
In the embodiment of the invention, the designated interface can be divided into a plug-in compiling interface, a plug-in unloading interface and a plug-in conversion interface according to different forms of the received data. The plug-in compiling interface is used for receiving parameter information which can be used for generating the vulnerability scanning plug-in, and the vulnerability scanning plug-in database can compile a new vulnerability scanning plug-in through the information received by the interface. The plug-in unloading interface is used for receiving a finished product of the vulnerability scanning plug-in, a plug-in provider can directly upload the vulnerability scanning plug-in which meets the conditions of the format, the language environment and the like required by the vulnerability scanning plug-in database through the interface, and the plug-in conversion interface is used for receiving the vulnerability scanning plug-in which does not meet the conditions of the format, the language environment and the like required by the vulnerability scanning plug-in database, so that the plug-ins can run, and the formats of data parameters and output parameters of the plug-ins need to be adjusted. Since the three types of interfaces require different input parameter formats and the like, the corresponding input modes are also different, which will be described in detail later.
103. And storing the vulnerability scanning plug-in a vulnerability scanning plug-in database.
104. And scanning the vulnerability based on the vulnerability scanning plugin stored in the vulnerability scanning plugin database.
In addition, in order to avoid the purposes of repeated storage, storage space saving and the like, in the process of storing the bug scanning plug-in the bug scanning plug-in database, the newly stored bug scanning plug-in can be selected to be subjected to duplication checking judgment. The process of the duplication checking judgment can be realized through code comparison or identification information comparison, and when the codes are the same or the identification information is the same, a newly-entered bug scanning plug-in can be selected to be abandoned to be stored or a newly-stored bug scanning plug-in can be used for replacing an existing plug-in. Of course, two plug-ins may be stored directly, and when called by the user, both plug-ins are provided to the user at the same time and the user is allowed to make a selection.
Compared with the prior art, the vulnerability scanning method provided by the embodiment of the invention has the advantages that the existing vulnerability scanning plug-ins in the data can be directly called for scanning in the vulnerability scanning process, so that the human participation is avoided, and the vulnerability scanning efficiency is improved.
Based on the foregoing process, in order to facilitate database storage and subsequent search, identification information of each vulnerability scanning plug-in is determined according to the collected basic parameter information, where the identification information generally refers to unique information corresponding to each object to be scanned, such as a specified keyword, MD5 (Message Digest Algorithm, fifth edition) information, a keyword specifying a URL, a TAG (TAG) pattern specifying a URL (Uniform resource Locator), and a specified directory file. The specific acquisition mode is as follows: according to the basic parameter information and an input mode corresponding to the specified interface, determining identification information corresponding to the vulnerability scanning plug-in; and storing the identification information in a vulnerability scanning plug-in database.
In the embodiment of the present invention, in the process of establishing the vulnerability scanning plugin database, in order to facilitate a vulnerability provider to submit a vulnerability scanning plugin to the database, the following three plugin submitting methods are provided, which correspond to the plugin compiling interface, the plugin unloading interface and the plugin converting interface. The method comprises the following specific steps:
in the submission method based on the plug-in compiling interface, the vulnerability provider can complete vulnerability submission only by submitting a plurality of items of basic parameter information related to vulnerability and vulnerability detection, and the corresponding plug-ins can be automatically compiled by the vulnerability scanner or the database. Therefore, the aforementioned step 102 can be specifically executed as the following process a102, which can be referred to as content shown in fig. 3, including:
and A102, inputting the basic parameter information into a specified template of the plug-in compiling interface to generate the vulnerability scanning plug-in.
In combination with the contents shown in table 1 below, the embodiment of the present invention provides a possible combination of parameter information, where the combination includes basic parameter information and extended parameter information.
TABLE 1 parameter information combinations
In combination with the content in table 1 above, in order to facilitate vulnerability provider submission and background collection, the embodiment of the present invention provides a submission interface as shown in fig. 4. In order to conveniently embody the interface effect, each table entry uses a letter abbreviation. Moreover, not all the columns shown in fig. 4 need to be filled by the vulnerability provider, but the basic parameter information is generally a mandatory item.
The specified template of the plug-in compiling interface is self-defined and can be set according to a machine language supported by the bug scanner or a code generation rule provided by a compiling language, such as a currently common Java language. As shown in the following code segment example stored in JSON format, the specified generation rule is a preset code calling logic, and the preset codes are assigned through the collected basic parameter information as shown in fig. 4. Of course, the embodiments of the present invention do not limit the aforementioned specific generation rule.
Example code segment:
{
“vul_url”:“faq.phpaction=groupermission%gids[99]=`&gids[100][0]->”,
“author”:“Map”,
“title”:“Discuz 7.x faq.php SQL Injection”,
“match_content”:“MySQL Query Error”,
“platform”:“all”,
“publish_date”:“2014-09-22”,
“detail_url”:“http://www.wooyun.org/bugs/wooyun-2014-066095”
}
the above code is an implementable example, and is used for performing vulnerability scanning on an address corresponding to the designated "detail _ url" according to respective assignments of "vuljurl", "author", "title", "match _ content", "platform", "publish _ date", and "detail _ url".
In this submission mode, the identification information may be directly expressed by using the contents of the entries in table 1. For example, a specified keyword in APPname, vuljurl, etc., although the identification information may be generated by the vulnerability scanning and spawning inspection database itself.
In addition to the simple plug-in submitting mode, the method for submitting the plug-ins is free, namely the plug-in unloading interface-based submitting method is provided, in the method, vulnerability providers can compile vulnerability scanning plug-ins according to the needs of the vulnerability scanning plug-ins, and at the moment, the vulnerability scanning plug-in database is stored in a specified mode. The aforementioned step 102 can be specifically executed as the following process B102, which can refer to the content shown in fig. 5, including:
and B102, extracting the vulnerability scanning plug-in from the basic parameter information.
Different from the submission method based on the plug-in compiling interface, the basic parameter information in the method generally comprises the source code, the code packet and the corresponding identification information of the vulnerability scanning plug-in, and other parameter information can not be provided. In the method, the submitted source code and code packet of the vulnerability scanning plug-in are compiled according to the public requirement of a vulnerability scanner or a vulnerability scanning plug-in database, or come from a third-party platform and other open-source vulnerability scanning plug-ins. The vulnerability scanning plug-in has the characteristics that a vulnerability scanner or a vulnerability scanning plug-in database can know the function class used in the source code of the vulnerability scanner or the vulnerability scanning plug-in database, and the vulnerability scanning plug-in is convenient to directly call. The contents of fig. 6 illustrate a code submission interface. In this interface, the vulnerability provider can upload directly from the compiled original code.
Further, in order to unify the code submission format and facilitate subsequent calling, a code format description may be attached to the code submission interface.
For example:
1. the class name needs to be the same as the filled title and cannot be blank and Chinese.
2. The function name of the class must be detect _ vul, and the parameters include self, root _ url (a fingerprint root directory entry passed by the fingerprint identification module) and manual _ headers (a custom dictionary format request header passed when the task is submitted).
3. There must be a return True and a return False.
In the submission mode, the identification information is generally directly provided by the vulnerability provider, and can also be automatically generated by a vulnerability scanning and production inspection database.
In addition to the two plug-in submission modes, the method is also provided, namely a plug-in conversion interface-based submission method, and the method is used for receiving the vulnerability detection plug-in without opening the source, and can be understood that the vulnerability scanner or vulnerability scanning plug-in database cannot acquire the internal code of the vulnerability detection plug-in. The codes are generally packaged plug-ins, and only the input parameter requirements and the output parameter formats are disclosed, so that for the plug-ins, certain format conversion is generally required in the embodiment of the invention to realize the calling of the plug-ins. The aforementioned step 102 can be specifically executed as the following processes C1021 and C1022, and reference can be made to the content shown in fig. 7, including:
and C1021, extracting the original vulnerability scanning plug-in from the basic parameter information.
And C1022, adding a first function and/or a second function to the original vulnerability scanning plug-in to obtain the vulnerability scanning plug-in corresponding to the basic parameter information.
The first function is used for converting the input parameters with the first format into the input parameters of the original vulnerability scanning plug-in, and the second function is used for converting the output parameters of the original vulnerability scanning plug-in into the output parameters with the second format. The first format and the second format are self-defined formats of the vulnerability scanning plug-in database, and can be configured according to actual needs.
The following code segments realize that corresponding calling functions and result deriving functions are added to the plug-ins to realize calling and result output of the functions as one possible implementation mode of format conversion.
In the code segment, the corresponding plug-in function is started by providing input parameters appname (identification information of an object to be scanned) and root _ url (verification entry information) for the function which is not open source, and meanwhile, a judgment result is output by a result return function.
In the submission mode, the identification information is generally submitted by the vulnerability provider, and can also be automatically generated by the vulnerability scanning and production inspection database.
In combination with the vulnerability scanning plug-in database constructed by the foregoing method, the embodiment of the present invention provides a specific implementation method as shown in fig. 8 for the implementation of step 104, including:
1041. and acquiring identification information corresponding to the object to be scanned.
The object to be scanned refers to a service vulnerability to be determined, the expression mode of the identification information of the object to be scanned is consistent with the expression mode of the vulnerability scanning plug-in, specific limitations can refer to the foregoing description, and details are not repeated here.
1042. And searching a corresponding vulnerability scanning plug-in from a vulnerability scanning plug-in database according to the identification information corresponding to the object to be scanned.
Because each plug-in and corresponding identification information can be stored when the vulnerability scanning plug-in is input into the vulnerability scanning plug-in database, the corresponding vulnerability scanning plug-in can be found by searching the identification information.
If only each vulnerability scanning plug-in exists in the vulnerability scanning plug-in database, some matching rules can be set to search the relevant vulnerability scanning plug-ins through the identification information. The matching rule may be a keyword match, etc.
1043. And calling the scanning plug-in to carry out vulnerability scanning on the object to be scanned when the corresponding vulnerability scanning plug-in is found.
In addition, in order to facilitate the vulnerability provider to ensure the reliability of the uploaded code, in a possible implementation manner of the embodiment of the present invention, an online test flow is provided for the vulnerability provider, so as to facilitate the vulnerability test of the vulnerability provider. As shown in fig. 9, the process includes:
201. and collecting vulnerability scanning codes input by a user.
In order to facilitate the operation of the user, the vulnerability scanner or the vulnerability scanning plug-in database can provide an operation interface for the user, and a corresponding input field is provided in the operation interface. The user can enter the vulnerability scanning code in the corresponding input field and modify the vulnerability scanning code.
202. And receiving an operation instruction input by a user.
The execution instruction may be a computer code instruction consisting of characters or an operation on a specified operation control.
203. And responding to the running instruction, and running the vulnerability scanning code.
204. And outputting an operation result.
In addition, in order to facilitate the viewing of other users or users, the output results obtained by the above method flows can be displayed according to a designated manner, for example, an external interactive interface display through a database, or a pop-up prompt box display, etc.
An embodiment of the present invention further provides a vulnerability scanning apparatus, which can be used to implement the foregoing methods, and the composition of the vulnerability scanning apparatus is shown in fig. 10, where the apparatus includes:
and the first acquisition unit 31 is used for acquiring basic parameter information of the vulnerability scanning plug-in through the specified interface.
And the determining unit 32 is configured to determine, according to the basic parameter information and according to an entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information.
And the storage unit 33 is used for storing the vulnerability scanning plug-in a vulnerability scanning plug-in database.
And the scanning unit 34 is configured to perform vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database.
Optionally, the determining unit 32 is configured to, when the specified interface is a plug-in compiling interface, enter the basic parameter information into a specified template of the plug-in compiling interface, and generate the vulnerability scanning plug-in.
Optionally, the determining unit 32 is configured to, when the specified interface is a plug-in unloading interface, extract the vulnerability scanning plug-in from the basic parameter information.
Optionally, the determining unit 32 is configured to extract an original vulnerability scanning plug-in from the basic parameter information when the specified interface is a plug-in conversion interface. Adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format.
Optionally, the determining unit 32 is further configured to determine, according to the basic parameter information and according to an entry manner corresponding to the specified interface, identification information corresponding to the vulnerability scanning plugin.
The storage unit 33 is further configured to store the identification information in a vulnerability scanning plug-in database.
Optionally, as shown in fig. 11, the scanning unit 34 includes:
the obtaining subunit 341 is configured to obtain identification information corresponding to the object to be scanned.
The searching subunit 342 is configured to search, according to the identification information corresponding to the object to be scanned, a corresponding vulnerability scanning plug-in from the vulnerability scanning plug-in database.
The invoking subunit 343 is configured to, when the corresponding vulnerability scanning plug-in is found, invoke the scanning plug-in to perform vulnerability scanning on the object to be scanned.
Optionally, as shown in fig. 12, the apparatus further includes:
and the second acquisition unit 35 is configured to acquire a vulnerability scanning code entered by a user.
The receiving unit 36 is configured to receive an operation instruction input by a user.
And the execution unit 37 is used for responding to the execution instruction and executing the vulnerability scanning code.
And an output unit 38 for outputting the operation result.
Optionally, the identification information includes at least one or more of a specified keyword, MD5 information, a keyword specifying a URL, a TAG pattern specifying a URL, and a specified directory file.
Optionally, the basic parameter information includes one or more of fingerprint name information, authentication entry information, a matching response value, and client information.
Compared with the prior art, the vulnerability scanning device provided by the embodiment of the invention has the advantages that the existing vulnerability scanning plug-ins in the data can be directly called for scanning in the vulnerability scanning process by arranging the database which can cover various available vulnerability scanning plug-ins and simultaneously configuring the corresponding identification information for convenient calling, so that the method avoids the human participation and improves the vulnerability scanning efficiency.
An embodiment of the present invention further provides a computer-readable medium, including: computer-executable instructions which, when executed, perform the following steps;
acquiring basic parameter information of the vulnerability scanning plug-in through a specified interface;
according to the basic parameter information, determining a vulnerability scanning plug-in corresponding to the basic parameter information according to an input mode corresponding to the specified interface;
storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and scanning the vulnerability based on the vulnerability scanning plugin stored in the vulnerability scanning plugin database.
Optionally, when the specified interface is a plug-in compiling interface, the step of determining, according to the basic parameter information and according to the entry manner corresponding to the specified interface, a vulnerability scanning plug-in corresponding to the basic parameter information may be specifically executed as the following step:
and inputting the basic parameter information into a specified template of the plug-in compiling interface to generate the vulnerability scanning plug-in.
Optionally, when the designated interface is a plug-in unloading interface, the determining, according to the basic parameter information and according to the entry manner corresponding to the designated interface, the bug scanning plug-in corresponding to the basic parameter information may specifically perform the following steps:
and extracting the vulnerability scanning plug-in from the basic parameter information.
Optionally, when the designated interface is a plug-in conversion interface, determining, according to the basic parameter information and according to an entry manner corresponding to the designated interface, that the vulnerability scanning plug-in corresponding to the basic parameter information can be specifically executed as the following steps:
extracting an original vulnerability scanning plug-in from the basic parameter information;
adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format.
Optionally, when executed, the computer-executable instructions may further perform steps comprising:
according to the basic parameter information and an input mode corresponding to the specified interface, determining identification information corresponding to the vulnerability scanning plug-in;
and storing the identification information in a vulnerability scanning plug-in database.
Optionally, the vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database may specifically be performed as the following steps:
acquiring identification information corresponding to an object to be scanned;
searching a corresponding vulnerability scanning plug-in from a vulnerability scanning plug-in database according to identification information corresponding to an object to be scanned;
and calling the scanning plug-in to carry out vulnerability scanning on the object to be scanned when the corresponding vulnerability scanning plug-in is found.
Optionally, when executed, the computer-executable instructions may further perform steps comprising:
collecting vulnerability scanning codes input by a user;
receiving an operation instruction input by a user;
in response to the execution instruction, executing the vulnerability scanning code;
and outputting the operation result.
Optionally, the identification information includes at least one or more of a specified keyword, MD5 information, a keyword specifying a URL, a TAG pattern specifying a URL, and a specified directory file.
Optionally, the basic parameter information includes one or more of fingerprint name information, authentication entry information, a matching response value, and client information.
Compared with the prior art, the method provided by the embodiment of the invention can directly call the existing vulnerability scanning plug-in the data to scan in the vulnerability scanning process, thereby avoiding human participation and improving the vulnerability scanning efficiency.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer-readable storage medium. The software functional unit is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) or a Processor (Processor) to execute some steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (9)
1. A method of vulnerability scanning, the method comprising:
acquiring basic parameter information of a vulnerability scanning plugin through a specified interface, wherein the specified interface comprises a plugin compiling interface, a plugin unloading interface and a plugin converting interface;
responding to the fact that the specified interface is a plug-in compiling interface, inputting the basic parameter information into a specified template of the plug-in compiling interface, and generating the vulnerability scanning plug-in;
in response to the fact that the designated interface is a plug-in unloading interface, extracting the vulnerability scanning plug-in from the basic parameter information;
in response to the fact that the designated interface is a plug-in conversion interface, extracting an original vulnerability scanning plug-in from the basic parameter information; adding a first function and/or a second function in the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format;
storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and carrying out vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database.
2. The method of claim 1, further comprising:
according to the basic parameter information and an input mode corresponding to the specified interface, determining identification information corresponding to the vulnerability scanning plug-in;
and storing the identification information in a vulnerability scanning plug-in database.
3. The method of claim 2, wherein the conducting vulnerability scanning based on vulnerability scanning plug-ins stored in the vulnerability scanning plug-in database comprises:
acquiring identification information corresponding to an object to be scanned;
searching a corresponding vulnerability scanning plug-in from a vulnerability scanning plug-in database according to identification information corresponding to an object to be scanned;
and calling the scanning plug-in to carry out vulnerability scanning on the object to be scanned when the corresponding vulnerability scanning plug-in is found.
4. The method of claim 3, further comprising:
collecting vulnerability scanning codes input by a user;
receiving an operation instruction input by a user;
in response to the execution instruction, executing the vulnerability scanning code;
and outputting the operation result.
5. The method of claim 4, wherein the identification information comprises at least one or more of a specified keyword, MD5 information, a keyword specifying a URL, a TAG pattern specifying a URL, and a specified directory file.
6. The method of claim 5, wherein the basic parameter information comprises one or more of fingerprint name information, authentication entry information, a match response value, and client information.
7. An apparatus for vulnerability scanning, the apparatus comprising:
the vulnerability scanning plugin acquisition system comprises a first acquisition unit, a second acquisition unit and a vulnerability scanning plugin acquisition unit, wherein the first acquisition unit is used for acquiring basic parameter information of a vulnerability scanning plugin through a designated interface, and the designated interface comprises a plugin compiling interface, a plugin unloading interface and a plugin converting interface;
the determining unit is used for responding to the fact that the specified interface is a plug-in compiling interface, inputting the basic parameter information into a specified template of the plug-in compiling interface, and generating the vulnerability scanning plug-in; in response to the fact that the designated interface is a plug-in unloading interface, extracting the vulnerability scanning plug-in from the basic parameter information; in response to the fact that the designated interface is a plug-in conversion interface, extracting an original vulnerability scanning plug-in from the basic parameter information; adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format;
the storage unit is used for storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and the scanning unit is used for carrying out vulnerability scanning based on the vulnerability scanning plug-in stored in the vulnerability scanning plug-in database.
8. The apparatus according to claim 7, wherein the determining unit is further configured to determine, according to the basic parameter information and according to an entry manner corresponding to the specified interface, identification information corresponding to the vulnerability scanning plug-in;
the storage unit is further used for storing the identification information in a vulnerability scanning plug-in database.
9. A computer-readable medium, comprising: computer-executable instructions which, when executed, perform the following steps;
acquiring basic parameter information of a vulnerability scanning plug-in through a specified interface, wherein the specified interface comprises a plug-in compiling interface, a plug-in unloading interface and a plug-in converting interface;
responding to the fact that the specified interface is a plug-in compiling interface, inputting the basic parameter information into a specified template of the plug-in compiling interface, and generating the vulnerability scanning plug-in;
in response to the fact that the designated interface is a plug-in unloading interface, extracting the vulnerability scanning plug-in from the basic parameter information;
responding to the fact that the designated interface is a plug-in conversion interface, and extracting an original vulnerability scanning plug-in from the basic parameter information; adding a first function and/or a second function to the original vulnerability scanning plugin to obtain the vulnerability scanning plugin corresponding to the basic parameter information, wherein the first function is used for converting input parameters with a first format into the input parameters of the original vulnerability scanning plugin, and the second function is used for converting output parameters of the original vulnerability scanning plugin into output parameters with a second format;
storing the vulnerability scanning plug-in a vulnerability scanning plug-in database;
and scanning the vulnerability based on the vulnerability scanning plugin stored in the vulnerability scanning plugin database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710308720.8A CN107145784B (en) | 2017-05-04 | 2017-05-04 | Vulnerability scanning method and device and computer readable medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710308720.8A CN107145784B (en) | 2017-05-04 | 2017-05-04 | Vulnerability scanning method and device and computer readable medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107145784A CN107145784A (en) | 2017-09-08 |
| CN107145784B true CN107145784B (en) | 2023-04-04 |
Family
ID=59774300
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710308720.8A Active CN107145784B (en) | 2017-05-04 | 2017-05-04 | Vulnerability scanning method and device and computer readable medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107145784B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107967429A (en) * | 2017-12-07 | 2018-04-27 | 国云科技股份有限公司 | A kind of cloud platform loophole grasping means suitable for more time formats |
| CN108537042A (en) * | 2018-04-04 | 2018-09-14 | 上海有云信息技术有限公司 | Self-defined plug-in unit generation method, device, equipment and storage medium |
| CN110597724B (en) * | 2019-09-18 | 2023-07-18 | 彩讯科技股份有限公司 | Calling method and device of application security test component, server and storage medium |
| CN110971599A (en) * | 2019-11-29 | 2020-04-07 | 杭州迪普科技股份有限公司 | Vulnerability scanning method and device |
| CN111125690B (en) * | 2019-11-29 | 2023-01-06 | 苏州浪潮智能科技有限公司 | Method and device for reinforcing host and storage medium |
| CN111309311B (en) * | 2020-03-04 | 2023-04-25 | 杭州安恒信息技术股份有限公司 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
| CN111723380B (en) * | 2020-06-22 | 2022-12-16 | 深圳前海微众银行股份有限公司 | Method and device for detecting component vulnerability |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network invading detection system with two-level decision structure and its alarm optimization method |
| CN102710642A (en) * | 2012-06-01 | 2012-10-03 | 北京神州绿盟信息安全科技股份有限公司 | Method and device for scanning system bug |
| CN102779252A (en) * | 2012-06-29 | 2012-11-14 | 北京神州绿盟信息安全科技股份有限公司 | Vulnerability scanner and plug-in scheduling method thereof |
| CN103929429A (en) * | 2014-04-24 | 2014-07-16 | 北京邮电大学 | Network vulnerability scanning system and method based on RESTful Web service |
| CN104144148A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Vulnerability scanning method and server and risk assessment system |
| CN105279078A (en) * | 2014-06-24 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Method and device for detecting security hole |
| CN106095458A (en) * | 2016-06-20 | 2016-11-09 | 腾讯科技(深圳)有限公司 | The management method of plug-in unit and device in a kind of application program |
| CN114254328A (en) * | 2021-12-21 | 2022-03-29 | 广州链安科技有限公司 | Automatic intelligent embedded firmware analysis and vulnerability discovery method |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100817799B1 (en) * | 2006-10-13 | 2008-03-31 | 한국정보보호진흥원 | System and method for network vulnerability analysis using the multiple heterogeneous scanners |
| CN102156827B (en) * | 2011-01-14 | 2013-01-30 | 无锡市同威科技有限公司 | Remote bug high-speed scanning host computer and method based on field programmable gate array (FPGA) |
| US8789190B2 (en) * | 2011-12-23 | 2014-07-22 | Mcafee, Inc. | System and method for scanning for computer vulnerabilities in a network environment |
| CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
| US9619655B2 (en) * | 2014-09-12 | 2017-04-11 | Salesforce.Com, Inc. | Cloud-based security profiling, threat analysis and intelligence |
| CN105610776A (en) * | 2015-09-24 | 2016-05-25 | 中科信息安全共性技术国家工程研究中心有限公司 | Cloud calculating IaaS layer high risk safety loophole detection method and system thereof |
| CN105516131B (en) * | 2015-12-04 | 2019-03-26 | 珠海豹趣科技有限公司 | A kind of method, apparatus and electronic equipment scanning loophole |
-
2017
- 2017-05-04 CN CN201710308720.8A patent/CN107145784B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network invading detection system with two-level decision structure and its alarm optimization method |
| CN102710642A (en) * | 2012-06-01 | 2012-10-03 | 北京神州绿盟信息安全科技股份有限公司 | Method and device for scanning system bug |
| CN102779252A (en) * | 2012-06-29 | 2012-11-14 | 北京神州绿盟信息安全科技股份有限公司 | Vulnerability scanner and plug-in scheduling method thereof |
| CN104144148A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Vulnerability scanning method and server and risk assessment system |
| CN103929429A (en) * | 2014-04-24 | 2014-07-16 | 北京邮电大学 | Network vulnerability scanning system and method based on RESTful Web service |
| CN105279078A (en) * | 2014-06-24 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Method and device for detecting security hole |
| CN106095458A (en) * | 2016-06-20 | 2016-11-09 | 腾讯科技(深圳)有限公司 | The management method of plug-in unit and device in a kind of application program |
| CN114254328A (en) * | 2021-12-21 | 2022-03-29 | 广州链安科技有限公司 | Automatic intelligent embedded firmware analysis and vulnerability discovery method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107145784A (en) | 2017-09-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107145784B (en) | Vulnerability scanning method and device and computer readable medium | |
| CN109885311B (en) | Application program generation method and device | |
| CN110275831B (en) | Mock data verification method and device of protocol interface | |
| CN109582395B (en) | Applet running method and device, electronic equipment and storage medium | |
| CN108090351B (en) | Method and apparatus for processing request message | |
| CN106406844B (en) | Method and device for realizing public number menu of communication interaction platform | |
| CN111625782B (en) | Access authority control method and device for source code, computer equipment and storage medium | |
| CN105550206B (en) | The edition control method and device of structured query sentence | |
| CN111143087A (en) | Interface calling method and device, storage medium and server | |
| CN109376069B (en) | Method and device for generating test report | |
| CN111061464B (en) | Analysis code generation method, device, equipment and storage medium | |
| US20140150099A1 (en) | Method and device for detecting malicious code on web pages | |
| US20190050376A1 (en) | Automatic value formatting based on intrinsic structural semantics | |
| JP2017534097A (en) | Two-dimensional code analysis method and apparatus, computer-readable storage medium, computer program product, and terminal device | |
| CN110704816B (en) | Interface cracking recognition method, device, equipment and storage medium | |
| US8676791B2 (en) | Apparatus and methods for providing assistance in detecting mistranslation | |
| CN109343983B (en) | Information interaction method, device, equipment and storage medium between function modules | |
| CN112579461A (en) | Assertion processing method, system and storage medium | |
| CN115599386A (en) | Code generation method, device, equipment and storage medium | |
| CN108540521A (en) | A kind of method of synchronizing information, terminal device and server | |
| CN116361793A (en) | Code detection method, device, electronic equipment and storage medium | |
| CN113032836B (en) | Data desensitization method and apparatus | |
| CN114745681A (en) | Rich media information display method and device and computer storage medium | |
| CN111488286B (en) | Method and device for independently developing Android modules | |
| CN111104328B (en) | Use case generation method and device, computer equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |