CN110300119A - A kind of method and electronic equipment of validating vulnerability - Google Patents
A kind of method and electronic equipment of validating vulnerability Download PDFInfo
- Publication number
- CN110300119A CN110300119A CN201910616324.0A CN201910616324A CN110300119A CN 110300119 A CN110300119 A CN 110300119A CN 201910616324 A CN201910616324 A CN 201910616324A CN 110300119 A CN110300119 A CN 110300119A
- Authority
- CN
- China
- Prior art keywords
- loophole
- range
- long
- local
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Abstract
The present invention provides a kind of method of validating vulnerability and electronic equipments, can not verify in the prior art to the local loophole hidden in destination host for solving the problems, such as.It include: to obtain long-range loophole serial number;Long-range loophole serial number is available, and local validating vulnerability mark is not true, between the length of the payload of the length long-range loophole corresponding with long-range loophole serial number of the vulnerability exploit program of determining local loophole relationship;The length of the vulnerability exploit program of local loophole is less than the length of the payload of long-range loophole, and loophole counter is less than current local loophole number, and local loophole counter is selected to add the one corresponding target local loophole of value;The vulnerability exploit program of target local loophole is stored in the payload of long-range loophole;The vulnerability exploit program of long-range loophole is sent, the target local loophole being stored in the payload of long-range loophole is verified in long-range validating vulnerability success;The success of target local validating vulnerability, sends target local validating vulnerability successful information.
Description
Technical field
The present invention relates to field of computer technology more particularly to the methods and electronic equipment of a kind of validating vulnerability.
Background technique
With the development of internet technology, it brings great convenience to the life of user, but due in cyberspace
Various loopholes emerge one after another, and user's assets, which are highly prone to threat, important materials and secret information, in loophole attack process can also meet with
It is encroached on, specifically, loophole attack is divided into long-range loophole attack according to attack path and local loophole attacks two kinds of forms,
In, long-range loophole attack is commonly used in the long-range attack of hacker, for example, buffer-overflow vulnerability can make hacker remotely obtain mesh
The system permission for marking host, steals all data in destination host;Local loophole is commonly used in the power during Trojan attack
Limit is promoted, for example, hacker delivers document class wooden horse using office software loophole, user can be implanted into wooden horse after running document, in turn
Long-term control destination host.Therefore, it is necessary to the computer networks to user to carry out long-range validating vulnerability and local validating vulnerability, right
Loophole carries out patch, reduces loophole attack, protects the assets and information security of user.
In the prior art, security firm can only verify the long-range loophole of destination host by vulnerability scanners, nothing
Method verifies the local loophole hidden in destination host.
In conclusion how to carry out verifying to local loophole is current problem to be solved.
Summary of the invention
In view of this, the present invention provides a kind of method of validating vulnerability and electronic equipment, for solving in the prior art
The problem of how local loophole being verified.
First aspect according to an embodiment of the present invention provides a kind of method of validating vulnerability, comprising: obtains long-range leakage
Hole serial number;It is available in response to the long-range loophole serial number, determine local validating vulnerability mark;In response to the local validating vulnerability
Mark be not it is true, determine the long-range leakage corresponding with the long-range loophole serial number of the length of the vulnerability exploit program of the local loophole
Relationship between the length of the payload in hole;It is remote less than described in response to the length of the vulnerability exploit program of the local loophole
The length of the payload of the corresponding long-range loophole of journey loophole serial number determines that local loophole counter is and current local loophole
Relationship between number;It is less than current local loophole number in response to the loophole counter, selects the local loophole counter
Add the one corresponding target local loophole of value;The vulnerability exploit program of target local loophole is stored in the long-range loophole
Payload;The vulnerability exploit program of the long-range loophole is sent, the long-range loophole is verified;It is tested in response to the long-range loophole
It demonstrate,proves successfully, verifies the target local loophole being stored in the payload of the long-range loophole;It is local in response to the target
Validating vulnerability success, sends the target local validating vulnerability successful information.
In one embodiment, before the long-range loophole serial number of acquisition, this method further include: in response to the long-range leakage
Hole exists, and determines at least one described long-range loophole;According to the length of the payload of at least one long-range loophole
It is ranked up, determines the collating sequence and corresponding serial number of at least one long-range loophole.
In one embodiment, described available in response to the long-range loophole serial number, determine local validating vulnerability mark, tool
Body can be used described in including: in response to the long-range loophole serial number, determine the local loophole;It is not obtained in response to the local loophole
It takes into, determines the local validating vulnerability mark.
In one embodiment, described available in response to the long-range loophole serial number, it, should after determining the local loophole
Method further include: obtain and complete in response to the local loophole, determine that the local validating vulnerability is completed.
In one embodiment, described available in response to the long-range loophole serial number, determine local validating vulnerability mark it
Afterwards, this method further include: be in response to the local validating vulnerability mark it is true, send the vulnerability exploit journey of the long-range loophole
Sequence verifies the long-range loophole.
In one embodiment, the length of the vulnerability exploit program of the local loophole is corresponding with the long-range loophole serial number
Long-range loophole payload length between relationship after, this method further include: in response to the leakage of the local loophole
Hole is greater than or equal to the length of the payload of the corresponding long-range loophole of the long-range loophole serial number using the length of program, raw
At the path of the vulnerability exploit program of the local loophole.
In one embodiment, the selection local loophole counter adds the one corresponding target local loophole of value,
Specifically include: the selection local loophole counter add one value it is corresponding can port detection target local loophole;Alternatively, choosing
Select the target local loophole that the local loophole counter adds the corresponding path for having generated the vulnerability exploit program of one value.
In one embodiment, the vulnerability exploit program for sending the long-range loophole, verify the long-range loophole it
Afterwards, this method further include: fail in response to the long-range validating vulnerability, obtain long-range loophole serial number.
The second aspect according to an embodiment of the present invention provides a kind of device of validating vulnerability, comprising: acquiring unit,
For obtaining long-range loophole serial number;Judging unit, for available in response to the long-range loophole serial number, determining local validating vulnerability
Whether mark is true;The judging unit is also used to, and is not very, to determine the local in response to the local validating vulnerability mark
Between the length of the payload of the length of the vulnerability exploit program of loophole long-range loophole corresponding with the long-range loophole serial number
Relationship;The judging unit is also used to, long-range less than described in response to the length of the vulnerability exploit program of the local loophole
The length of the payload of the corresponding long-range loophole of loophole serial number, determine local loophole counter and current local loophole number it
Between relationship;Processing unit selects described floor drain for being less than current local loophole number in response to the loophole counter
Hole counter adds the one corresponding target local loophole of value;The processing unit is also used to the loophole of target local loophole
The payload of the long-range loophole is stored in using program;Authentication unit, for sending the vulnerability exploit journey of the long-range loophole
Sequence verifies the long-range loophole;The authentication unit is also used to, and in response to the long-range validating vulnerability success, is verified described remote
The target local loophole being stored in the payload of journey loophole;The authentication unit is also used to, in response to the target sheet
Ground loophole is proved to be successful, and sends the target local validating vulnerability successful information.
In one embodiment, device further include: determination unit is determined for existing in response to the long-range loophole
At least one described long-range loophole;Sequencing unit, the length of the payload at least one long-range loophole according to
Degree is ranked up, and determines the collating sequence and corresponding serial number of at least one long-range loophole.
In one embodiment, the judging unit is specifically used for: it is described available in response to the long-range loophole serial number, really
The fixed local loophole;Completion has not been obtained in response to the local loophole, determines the local validating vulnerability mark.
In one embodiment, the determination unit is also used to, and is obtained and is completed in response to the local loophole, described in determination
Local validating vulnerability is completed.
In one embodiment, the authentication unit is also used to: being true, transmission in response to the local validating vulnerability mark
The vulnerability exploit program of the long-range loophole verifies the long-range loophole.
In one embodiment, the processing unit is also used to, in response to the vulnerability exploit program of the local loophole
Length is greater than or equal to the length of the payload of the corresponding long-range loophole of the long-range loophole serial number, generates described floor drain
The path of the vulnerability exploit program in hole.
In one embodiment, the processing unit is specifically used for: the selection local loophole counter adds one value pair
Answer can port detection target local loophole;Alternatively, the selection local loophole counter adds one value is corresponding to generate
The target local loophole in the path of the vulnerability exploit program.
In one embodiment, the authentication unit is specifically used for failing in response to the long-range validating vulnerability, passes through institute
It states acquiring unit and obtains long-range loophole serial number.
In terms of third according to an embodiment of the present invention, a kind of electronic equipment, including memory and processor, institute are provided
State memory for store one or more computer program instructions, wherein the one or more computer program instructions quilt
The processor is executed to realize the method as described in first aspect or any possibility of first aspect.
4th aspect according to an embodiment of the present invention, provides a kind of computer readable storage medium, thereon storage meter
Calculation machine program instruction, which is characterized in that the computer program instructions are realized when being executed by processor such as first aspect or the
On the one hand method described in any possibility.
The beneficial effect of the embodiment of the present invention includes: to obtain long-range loophole serial number first, then in response to the long-range leakage
Hole serial number is available, determines local validating vulnerability mark, be not then in response to the local validating vulnerability mark it is true, determine described in
The length of the payload of the length of the vulnerability exploit program of local loophole long-range loophole corresponding with the long-range loophole serial number
Between relationship;Then it is corresponding to be less than the long-range loophole serial number for the length in response to the vulnerability exploit program of the local loophole
Long-range loophole payload length, determine the relationship between local loophole counter and current local loophole number;After
And it is less than current local loophole number in response to the loophole counter, select the local loophole counter to add one value corresponding
Target local loophole;Then the vulnerability exploit program of target local loophole is stored in effective load of the long-range loophole
Lotus;Then the vulnerability exploit program of the long-range loophole is sent, the long-range loophole is verified;Then in response to the long-range loophole
It is proved to be successful, verifies the target local loophole being stored in the payload of the long-range loophole;Finally in response to the mesh
Sample loophole be proved to be successful, send the target local validating vulnerability successful information.It can be to this floor drain according to the above method
Hole is verified, and solves the problems, such as in the prior art not verifying local loophole.
Detailed description of the invention
By referring to the drawings to the description of the embodiment of the present invention, the above and other purposes of the present invention, feature and
Advantage will be apparent from, in the accompanying drawings:
Fig. 1 is a kind of method flow diagram of validating vulnerability provided in an embodiment of the present invention;
Fig. 2 is the method flow diagram of another validating vulnerability provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic device of validating vulnerability provided in an embodiment of the present invention;
Fig. 4 is a kind of electronic equipment structural schematic diagram provided in an embodiment of the present invention.
Specific embodiment
Below based on embodiment, present invention is described, but the present invention is not restricted to these embodiments.Under
Text is detailed to describe some specific detail sections in datail description of the invention.Do not have for a person skilled in the art
The application can also be understood completely in the description of these detail sections.In addition, it should be understood by one skilled in the art that mentioning herein
The attached drawing of confession is provided to the purpose of explanation.
Unless the context clearly requires otherwise, "include", "comprise" otherwise throughout the specification and claims etc. are similar
Word should be construed as the meaning for including rather than exclusive or exhaustive meaning;That is, be " including but not limited to " contains
Justice.
In the description of the present invention, it is to be understood that, term " first ", " second " etc. are used for description purposes only, without
It can be interpreted as indication or suggestion relative importance.In addition, in the description of the present invention, unless otherwise indicated, the meaning of " multiple "
It is two or more.
Fig. 1 is a kind of method flow diagram of validating vulnerability of the embodiment of the present invention, as shown in Figure 1, the method for validating vulnerability
Include:
Step S100, long-range loophole serial number is obtained.
Optionally, before the long-range loophole serial number of acquisition, exist in response to the long-range loophole, determine at least one
The long-range loophole;It is ranked up according to the length of the payload of at least one long-range loophole, determination is described extremely
The collating sequence and corresponding serial number of a few long-range loophole.
Specifically, assume to determine there are 8 long-range loopholes, the length of each remotely payload of loophole is respectively 200,
201,300,302,351,154,311,280, according to the length of payload to above-mentioned 8 long-range loopholes according to from long to short
Sequence is ranked up, and the sequence after determining sequence is 351,311,302,300,280,201,200,154, true according to above-mentioned sequence
The serial number of fixed 8 loopholes, shown in table 1 specific as follows:
Table 1
Long-range loophole serial number | The length of payload |
1 | 351 |
2 | 311 |
3 | 302 |
4 | 300 |
5 | 280 |
6 | 201 |
7 | 200 |
8 | 154 |
Wherein, the length of the payload is only schematical example, and concrete condition is determines according to actual conditions.
In the embodiment of the present invention, when selecting long-range loophole, the longest long-range loophole of length of payload is first selected, i.e.,
The corresponding long-range loophole of serial number 1 is selected, carry is carried out to local loophole using the corresponding long-range loophole of serial number 1, then carries out mesh
The local validating vulnerability of host is marked, but the corresponding long-range loophole of serial number 1 possibly can not be verified after the local loophole carry to whole
Success, and then need that next long-range loophole, such as the corresponding long-range loophole of serial number 2 is selected to carry out carry to local loophole, so
The local validating vulnerability of destination host is carried out afterwards, and so on, until all local validating vulnerabilities are completed.The embodiment of the present invention
It is that the long-range loophole serial number got is illustrated with the corresponding long-range loophole of serial number 1.
Step S101, available in response to the long-range loophole serial number, determine local validating vulnerability mark.
Specifically, it is described available in response to the long-range loophole serial number, determine whether the local loophole obtains completion;It rings
Completion has not been obtained in local loophole described in Ying Yu, determines the local validating vulnerability mark.
After determining that the corresponding long-range loophole of serial number 1 that gets is available, however, it is determined that local loophole does not obtain completion, then after
It is continuous to determine whether local validating vulnerability mark is true, however, it is determined that local loophole, which obtains, to be completed, then verifies completion.Wherein, if it is described
Local validating vulnerability mark is very, to illustrate the local validating vulnerability success, if the local validating vulnerability mark is not very, to say
The bright local validating vulnerability failure, needs to verify again.
It step S102, is not very, to determine the vulnerability exploit of the local loophole in response to the local validating vulnerability mark
Relationship between the length of the payload of the length of program long-range loophole corresponding with the long-range loophole serial number.
Specifically, needing to sentence since the local validating vulnerability mark is not really to illustrate that the loophole is verified
Break the local loophole vulnerability exploit program length long-range loophole corresponding with the long-range loophole serial number payload
Length between relationship, for example, the payload of the corresponding long-range loophole of serial number 1 be 351, when the vulnerability exploit of local loophole
When the length of program is 350, less than the length of the payload of the long-range loophole, therefore the vulnerability exploit of the local loophole
Program can directly be mounted to the long-range loophole;If the length of the vulnerability exploit program of the local loophole is greater than or equal to
The length of the payload of the corresponding long-range loophole of the long-range loophole serial number generates the vulnerability exploit program of the local loophole
Path.For example, it is assumed that the length of the vulnerability exploit program of the local loophole is 500, and the corresponding long-range loophole of serial number 1
Payload is 351, and the vulnerability exploit program of the local loophole can not be mounted to the long-range loophole, therefore, described in generation
The path of the vulnerability exploit program of the local loophole is mounted to described long-range by the path of the vulnerability exploit program of local loophole
Loophole.
Step S103, it is less than the long-range loophole serial number pair in response to the length of the vulnerability exploit program of the local loophole
The length of the payload for the long-range loophole answered determines the relationship between local loophole counter and current local loophole number.
Specifically, the current value of the local loophole counter is the local loophole for having verified that completion.
Step S104, it is less than current local loophole number in response to the loophole counter, selects the local loophole meter
Number device adds the one corresponding target local loophole of value.
Specifically, the selection local loophole counter adds the one corresponding target local loophole of value to specifically include two
Kind situation:
Situation one, the selection local loophole counter add one value it is corresponding can port detection target local loophole.
Specifically, the vulnerability exploit program that the situation that above situation one corresponds to is local loophole can be directly mounted to remotely
Then loophole is verified local loophole, side of the vulnerability exploit program (Exploit) by port identification service is properly termed as
Formula.
Situation two, the selection local loophole counter add the corresponding road for having generated the vulnerability exploit program of one value
The target local loophole of diameter.
Specifically, the vulnerability exploit program that the situation that above situation two corresponds to is local loophole first generates the local loophole
Vulnerability exploit program path, then the path of the vulnerability exploit program of the local loophole is mounted to long-range loophole, finally
Local loophole is verified, the side that full dose carries the vulnerability exploit program Exploit traversal verifying of local loophole is properly termed as
Formula.
Step S105, the vulnerability exploit program of target local loophole is stored in the payload of the long-range loophole.
Step S106, the vulnerability exploit program of the long-range loophole is sent, the long-range loophole is verified.
Step S107, it in response to the long-range validating vulnerability success, verifies and is stored in the payload of the long-range loophole
Target local loophole.
Optionally, fail in response to the long-range validating vulnerability, obtain long-range loophole serial number.For example, continuing to obtain serial number 2
Corresponding long-range loophole continues to verify.
Step S108, in response to the success of target local validating vulnerability, the success of target local validating vulnerability is sent
Information.
Below by a complete embodiment, a kind of method for validating vulnerability that the present invention mentions completely is said
It is bright, specific as shown in Figure 2:
Step S200, judge that long-range loophole whether there is.
Step S201, exist in response to the long-range loophole, according to effective load of at least one long-range loophole
The length of lotus is ranked up.
Step S202, long-range loophole serial number is obtained.
Step S203, available in response to the long-range loophole serial number, judge whether the local loophole obtains completion, if not
It obtains and completes, execute step S2041, completed if obtaining, execute step S2042.
Step S2041, judge the local validating vulnerability mark whether be it is true, if true, then follow the steps S2051, if
It is not very, to then follow the steps S2052.
Step S2042, it determines that the local validating vulnerability is completed, terminates.
Step S2051, judge whether the length of the vulnerability exploit program of the local loophole is less than the long-range loophole sequence
The length of the payload of number corresponding long-range loophole thens follow the steps S2061 if being less than, if more than or be equal to, then execute
Step S2062.
Step S2052, the vulnerability exploit program of the long-range loophole is sent, the long-range loophole is verified.
Step S2061, judge whether local loophole counter is less than current local loophole number and executes step if being less than
Rapid S207.
Step S2062, the path for generating the vulnerability exploit program of the local loophole, then executes step S2061 judgement
Whether local loophole counter is less than current local loophole number.
Step S207, the local loophole counter is selected to add the one corresponding target local loophole of value.
Step S208, the vulnerability exploit program of target local loophole is stored in the payload of the long-range loophole,
Later, step S2052 is executed.
Step S209, in response to the success of long-range validating vulnerability described in the step S2052, verification result is exported.
Step S210, the target local loophole being stored in the payload of the long-range loophole is verified, in response to institute
The success of target local validating vulnerability is stated, step S209 is executed, failure is tested in response to target local loophole, executes step
S202。
Step S211, after testing successfully in response to target local loophole, judge whether local loophole counter is equal to
Current local loophole number is arranged target local validating vulnerability and is identified as very if being equal to, and then executes step S202.
Fig. 3 is a kind of schematic device of validating vulnerability provided in an embodiment of the present invention.As shown in figure 3, the present embodiment
Validating vulnerability device includes: acquiring unit 31, for obtaining long-range loophole serial number;Judging unit 32, in response to described remote
Journey loophole serial number is available, determines local validating vulnerability mark;The judging unit 32 is also used to, and is tested in response to the local loophole
Card mark is not very, to determine that the length of the vulnerability exploit program of the local loophole is corresponding with the long-range loophole serial number long-range
Relationship between the length of the payload of loophole;The judging unit 32 is also used to, in response to the loophole of the local loophole
It is less than the length of the payload of the corresponding long-range loophole of the long-range loophole serial number using the length of program, determines local loophole
Relationship between counter and current local loophole number;Processing unit 33 is worked as being less than in response to the loophole counter
Preceding local loophole number selects the local loophole counter to add the one corresponding target local loophole of value;The processing unit
33 are also used to for the vulnerability exploit program of target local loophole being stored in the payload of the long-range loophole;Authentication unit
34, for sending the vulnerability exploit program of the long-range loophole, verify the long-range loophole;The authentication unit 34 is also used to,
In response to the long-range validating vulnerability success, described this floor drain of target being stored in the payload of the long-range loophole is verified
Hole;The authentication unit 34 is also used to, and in response to the success of target local validating vulnerability, is sent target local loophole and is tested
Demonstrate,prove successful information.
In one embodiment, the device further include: determination unit 35, for existing in response to the long-range loophole, really
At least one fixed described long-range loophole;Sequencing unit 36, for the payload according at least one long-range loophole
Length be ranked up, determine the collating sequence and corresponding serial number of at least one long-range loophole.
In one embodiment, the judging unit 32 is specifically used for: it is described available in response to the long-range loophole serial number,
Determine the local loophole;Completion has not been obtained in response to the local loophole, determines the local validating vulnerability mark.
In one embodiment, the determination unit 35 is also used to, and is obtained and is completed in response to the local loophole, determines institute
Local validating vulnerability is stated to complete.
In one embodiment, the authentication unit 34 is also used to: being true, hair in response to the local validating vulnerability mark
The vulnerability exploit program of the long-range loophole is sent, the long-range loophole is verified.
In one embodiment, the processing unit 33 is also used to, in response to the vulnerability exploit program of the local loophole
Length be greater than or equal to the corresponding long-range loophole of the long-range loophole serial number payload length, generate the local
The path of the vulnerability exploit program of loophole.
In one embodiment, the processing unit 33 is specifically used for: the selection local loophole counter adds one value
It is corresponding can port detection target local loophole;Alternatively, the selection local loophole counter adds one value is corresponding to give birth to
At the target local loophole in the path of the vulnerability exploit program.
In one embodiment, the authentication unit 34 is specifically used for failing in response to the long-range validating vulnerability, passes through
The acquiring unit obtains long-range loophole serial number.
Fig. 4 is the schematic diagram of the electronic equipment of the embodiment of the present invention.Electronic equipment shown in Fig. 4 is general data transfer dress
It sets comprising general computer hardware structure includes at least processor 41 and memory 42.Processor 41 and memory 42
It is connected by bus 43.Memory 42 is suitable for the instruction or program that storage processor 41 can be performed.Processor 41 can be independence
Microprocessor, be also possible to one or more microprocessor set.Processor 41 is deposited by executing memory 42 as a result,
The instruction of storage is realized thereby executing the method flow of embodiment present invention as described above for the processing of data and for other
The control of device.Bus 43 links together above-mentioned multiple components, while said modules are connected to 44 He of display controller
Display device and input/output (I/O) device 45.Input/output (I/O) device 45 can be mouse, keyboard, modulation /demodulation
Device, network interface, touch-control input device, body-sensing input unit, printer and other devices well known in the art.Typically,
Input/output device 45 is connected by input/output (I/O) controller 46 with system.
As skilled in the art will be aware of, the various aspects of the embodiment of the present invention may be implemented as system, side
Method or computer program product.Therefore, the various aspects of the embodiment of the present invention can take following form: complete hardware embodiment party
Formula, complete software embodiment (including firmware, resident software, microcode etc.) can usually be referred to as " electricity herein
The embodiment that software aspects are combined with hardware aspect on road ", " module " or " system ".In addition, the embodiment of the present invention
Various aspects can take following form: the computer program product realized in one or more computer-readable medium, meter
Calculation machine readable medium has the computer readable program code realized on it.
It can use any combination of one or more computer-readable mediums.Computer-readable medium can be computer
Readable signal medium or computer readable storage medium.Computer readable storage medium can be such as (but not limited to) electronics,
Magnetic, optical, electromagnetism, infrared or semiconductor system, device or any suitable combination above-mentioned.Meter
The more specific example (exhaustive to enumerate) of calculation machine readable storage medium storing program for executing will include the following terms: with one or more electric wire
Electrical connection, hard disk, random access memory (RAM), read-only memory (ROM), erasable is compiled portable computer diskette
Journey read-only memory (EPROM or flash memory), optical fiber, portable optic disk read-only storage (CD-ROM), light storage device,
Magnetic memory apparatus or any suitable combination above-mentioned.In the context of the embodiment of the present invention, computer readable storage medium
It can be that can include or store the program used by instruction execution system, device or combine instruction execution system, set
Any tangible medium for the program that standby or device uses.
Computer-readable signal media may include the data-signal propagated, and the data-signal of the propagation has wherein
The computer readable program code realized such as a part in a base band or as carrier wave.The signal of such propagation can use
Any form in diversified forms, including but not limited to: electromagnetism, optical or its any combination appropriate.It is computer-readable
Signal media can be following any computer-readable medium: not be computer readable storage medium, and can be to by instructing
Program that is that execution system, device use or combining instruction execution system, device to use is communicated, is propagated
Or transmission.
Including but not limited to wireless, wired, fiber optic cables, RF etc. or above-mentioned any appropriately combined any can be used
Suitable medium transmits the program code realized on a computer-readable medium.
Computer program code for executing the operation for being directed to various aspects of the embodiment of the present invention can be with one or more
Any combination of programming language is write, the programming language include: object-oriented programming language such as Java, Smalltalk,
C++ etc.;And conventional process programming language such as " C " programming language or similar programming language.Program code can be used as independence
Software package fully on the user computer, partly executes on the user computer;Partly on the user computer and portion
Ground is divided to execute on the remote computer;Or it fully executes on a remote computer or server.In the latter case, may be used
Remote computer to be calculated by any type of network connection including local area network (LAN) or wide area network (WAN) to user
Machine, or (such as internet by using ISP) can be attached with outer computer.
It is above-mentioned according to the method for the embodiment of the present invention, the flow chart legend of equipment (system) and computer program product and/
Or block diagram describes the various aspects of the embodiment of the present invention.It will be appreciated that each of flow chart legend and/or block diagram piece with
And the combination of the block in flow chart legend and/or block diagram can be realized by computer program instructions.These computer programs refer to
The processor that can be provided to general purpose computer, special purpose computer or other programmable data processing devices is enabled, to generate machine
Device, so that (executing via computer or the processor of other programmable data processing devices) instruction creates for realizing process
The device for the function action specified in figure and/or block diagram or block.
These computer program instructions can also be stored in can instruct computer, other programmable data processing devices
Or in the computer-readable medium that runs in a specific way of other devices, so that the instruction stored in computer-readable medium produces
Raw includes the product for realizing the instruction for the function action specified in flowchart and or block diagram block or block.
Computer program instructions can also be loaded on computer, other programmable data processing devices or other devices
On so that executed on computer, other programmable devices or other devices it is a series of can operating procedure come generate computer reality
Existing process, so that the instruction executed on computer or other programmable devices is provided for realizing in flow chart and/or frame
The process for the function action specified in segment or block.
The above description is only a preferred embodiment of the present invention, is not intended to restrict the invention, for those skilled in the art
For, the invention can have various changes and changes.All any modifications made within the spirit and principles of the present invention are equal
Replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (10)
1. a kind of method of validating vulnerability characterized by comprising
Obtain long-range loophole serial number;
It is available in response to the long-range loophole serial number, determine local validating vulnerability mark;
It is not length and the institute of the vulnerability exploit program for really determining the local loophole in response to the local validating vulnerability mark
State the relationship between the length of the payload of the corresponding long-range loophole of long-range loophole serial number;
It is less than the corresponding long-range loophole of the long-range loophole serial number in response to the length of the vulnerability exploit program of the local loophole
Payload length, determine the relationship between local loophole counter and current local loophole number;
It is less than current local loophole number in response to the loophole counter, the local loophole counter is selected to add one value pair
The target local loophole answered;
The vulnerability exploit program of target local loophole is stored in the payload of the long-range loophole;
The vulnerability exploit program of the long-range loophole is sent, the long-range loophole is verified;
In response to the long-range validating vulnerability success, it is local to verify the target being stored in the payload of the long-range loophole
Loophole;
In response to the success of target local validating vulnerability, the target local validating vulnerability successful information is sent.
2. the method as described in claim 1, which is characterized in that before the long-range loophole serial number of acquisition, this method further include:
Exist in response to the long-range loophole, determines at least one described long-range loophole;
It is ranked up, is determined described described at least one according to the length of the payload of at least one long-range loophole
The collating sequence and corresponding serial number of long-range loophole.
3. the method as described in claim 1, which is characterized in that it is described available in response to the long-range loophole serial number, determine this
Ground loophole proof mark, specifically includes:
It is described available in response to the long-range loophole serial number, determine the local loophole;
Completion has not been obtained in response to the local loophole, determines the local validating vulnerability mark.
4. method as claimed in claim 3, which is characterized in that it is described available in response to the long-range loophole serial number, determine institute
After stating local loophole, this method further include:
It obtains and completes in response to the local loophole, determine that the local validating vulnerability is completed.
5. the method as described in claim 1, which is characterized in that it is described available in response to the long-range loophole serial number, determine this
After ground loophole proof mark, this method further include:
It is true, the vulnerability exploit program of the transmission long-range loophole in response to the local validating vulnerability mark, verifies described remote
Journey loophole.
6. the method as described in claim 1, which is characterized in that determine the length of the vulnerability exploit program of the local loophole with
After relationship between the length of the payload of the corresponding long-range loophole of the long-range loophole serial number, this method further include:
In response to the length of the vulnerability exploit program of the local loophole, to be greater than or equal to the long-range loophole serial number corresponding
The length of the payload of long-range loophole generates the path of the vulnerability exploit program of the local loophole.
7. the method as described in claim 1, which is characterized in that the selection local loophole counter adds one value corresponding
Target local loophole, specifically include:
Select the local loophole counter add one value it is corresponding can port detection target local loophole;Alternatively,
The local loophole counter is selected to add the target sheet in the corresponding path for having generated the vulnerability exploit program of one value
Ground loophole.
8. the method as described in claim 1, which is characterized in that the vulnerability exploit program for sending the long-range loophole is tested
After demonstrate,proving the long-range loophole, this method further include:
Fail in response to the long-range validating vulnerability, obtains long-range loophole serial number.
9. a kind of electronic equipment, including memory and processor, which is characterized in that the memory is for storing one or more
Computer program instructions, wherein one or more computer program instructions are executed by the processor to realize such as right
It is required that method described in any one of 1-8.
10. a kind of computer readable storage medium, stores computer program instructions thereon, which is characterized in that the computer journey
The method according to claim 1 is realized in sequence instruction when being executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910616324.0A CN110300119B (en) | 2019-07-09 | 2019-07-09 | Vulnerability verification method and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910616324.0A CN110300119B (en) | 2019-07-09 | 2019-07-09 | Vulnerability verification method and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110300119A true CN110300119A (en) | 2019-10-01 |
CN110300119B CN110300119B (en) | 2021-09-14 |
Family
ID=68030763
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910616324.0A Active CN110300119B (en) | 2019-07-09 | 2019-07-09 | Vulnerability verification method and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110300119B (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7664845B2 (en) * | 2002-01-15 | 2010-02-16 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8572748B2 (en) * | 2011-02-16 | 2013-10-29 | International Business Machines Corporation | Label-based taint analysis |
CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
CN104732144A (en) * | 2015-04-01 | 2015-06-24 | 河海大学 | Pseudo-protocol-based remote code injecting loophole detecting method |
CN105429955A (en) * | 2015-10-30 | 2016-03-23 | 西安四叶草信息技术有限公司 | Remote vulnerability detection method |
CN107392027A (en) * | 2017-07-13 | 2017-11-24 | 福建中金在线信息科技有限公司 | A kind of website vulnerability method of testing, test system, electronic equipment and storage medium |
CN107437029A (en) * | 2017-08-23 | 2017-12-05 | 北京奇虎科技有限公司 | Leak restorative procedure, leak prosthetic device and server |
CN108256322A (en) * | 2018-01-26 | 2018-07-06 | 平安科技(深圳)有限公司 | Safety detecting method, device, computer equipment and storage medium |
CN109325351A (en) * | 2018-08-23 | 2019-02-12 | 中通服咨询设计研究院有限公司 | A kind of security breaches automatic Verification systems based on many survey platforms |
-
2019
- 2019-07-09 CN CN201910616324.0A patent/CN110300119B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7664845B2 (en) * | 2002-01-15 | 2010-02-16 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US8572748B2 (en) * | 2011-02-16 | 2013-10-29 | International Business Machines Corporation | Label-based taint analysis |
CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
CN104732144A (en) * | 2015-04-01 | 2015-06-24 | 河海大学 | Pseudo-protocol-based remote code injecting loophole detecting method |
CN105429955A (en) * | 2015-10-30 | 2016-03-23 | 西安四叶草信息技术有限公司 | Remote vulnerability detection method |
CN107392027A (en) * | 2017-07-13 | 2017-11-24 | 福建中金在线信息科技有限公司 | A kind of website vulnerability method of testing, test system, electronic equipment and storage medium |
CN107437029A (en) * | 2017-08-23 | 2017-12-05 | 北京奇虎科技有限公司 | Leak restorative procedure, leak prosthetic device and server |
CN108256322A (en) * | 2018-01-26 | 2018-07-06 | 平安科技(深圳)有限公司 | Safety detecting method, device, computer equipment and storage medium |
CN109325351A (en) * | 2018-08-23 | 2019-02-12 | 中通服咨询设计研究院有限公司 | A kind of security breaches automatic Verification systems based on many survey platforms |
Non-Patent Citations (2)
Title |
---|
PETER CHAPMAN ET AL: "Automated Black-Box Detection of Side-Channel Vulnerabilities in Web Applications", 《IN 18TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY》 * |
万志远: "web应用程序漏洞检测关键技术研究", 《万方》 * |
Also Published As
Publication number | Publication date |
---|---|
CN110300119B (en) | 2021-09-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6371790B2 (en) | System and method for determining modified web pages | |
US9430640B2 (en) | Cloud-assisted method and service for application security verification | |
CN108960830B (en) | Intelligent contract deployment method, device, equipment and storage medium | |
CN106557697B (en) | System and method for generating a set of disinfection records | |
JP5786513B2 (en) | System, method and storage medium for testing software modules | |
BR112012004151B1 (en) | method and device to check dynamic password | |
US10057254B2 (en) | Mobile terminal for providing one time password and operating method thereof | |
CN107423333A (en) | A kind of real name identification method and device | |
WO2013109330A2 (en) | System and methods for analyzing and modifying passwords | |
CN108055258A (en) | A kind of identity data management method, system and computer readable storage medium | |
EP3270319B1 (en) | Method and apparatus for generating dynamic security module | |
Smith et al. | Validating a high-performance, programmable secure coprocessor | |
CN105141429A (en) | User verifying method, user verifying device and server | |
CN106326737A (en) | System and method for detecting harmful files executable on a virtual stack machine | |
CN110084044A (en) | For the horizontal method and relevant device that loophole is tested automatically of going beyond one's commission | |
JP2007047884A (en) | Information processing system | |
CN106330448A (en) | User legality verification method and system, and devices | |
CN106603545A (en) | Verification method based on interaction operation, server, terminal equipment and system | |
CN104375935B (en) | The test method and device of SQL injection attack | |
CN104239795B (en) | The scan method and device of file | |
CN107612915A (en) | The method and apparatus of the anti-password cracking of double secure forms based on checking code conversion | |
CN110300119A (en) | A kind of method and electronic equipment of validating vulnerability | |
CN103377335A (en) | Pass-pattern authentication for computer-based security | |
CN109190358B (en) | Site password generation method and system and password manager | |
CN103812822B (en) | A kind of safety certifying method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |