CN106789877A - A kind of validating vulnerability system based on sandbox - Google Patents
A kind of validating vulnerability system based on sandbox Download PDFInfo
- Publication number
- CN106789877A CN106789877A CN201611005006.3A CN201611005006A CN106789877A CN 106789877 A CN106789877 A CN 106789877A CN 201611005006 A CN201611005006 A CN 201611005006A CN 106789877 A CN106789877 A CN 106789877A
- Authority
- CN
- China
- Prior art keywords
- sandbox
- validating vulnerability
- module
- attack
- validating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to website vulnerability detection, it is desirable to provide a kind of validating vulnerability system based on sandbox.The validating vulnerability system that this kind is based on sandbox includes network communication module, validating vulnerability module, response memory module, browser kernel module, reappears for the leak to website.The present invention can preserve environment during validating vulnerability, and provide the page access that custom browser accesses success attack return, more friendly to website writer modification leak, it also avoid to the secondary attack of server and the attack to verifying client computer.
Description
Technical field
The present invention is more particularly to a kind of validating vulnerability system based on sandbox on website vulnerability detection field.
Background technology
The safety of website is a field being nowadays increasingly taken seriously after Internet high speed developments.Of today
The Request and corresponding leak of construction have only been recorded in website vulnerability scanning.This makes up to the website creator later stage
BUG is very unfriendly, also, to it is specific attack URL and to do once access checking visitor can be caused to be subjected to page extension horse attack
Hit, and server is subjected to secondary attack.
The content of the invention
It is a primary object of the present invention to overcome deficiency of the prior art, there is provided one kind is used for recording test environment, energy
Asked HTTPResponse is opened with particular browser, and cuts off the request actively given out a contract for a project in the page, to reach to checking
The system of the client protection of leak.In order to solve the above technical problems, solution of the invention is:
A kind of validating vulnerability system based on sandbox is provided, is reappeared for the leak to website, it is described based on sandbox
Validating vulnerability system include network communication module, validating vulnerability module, response memory module, browser kernel module;
The network communication module can process http request, and (using http protocol) sends HTTPRequest, gets
The HTTPResponse of webpage;
The validating vulnerability module can give the Website server for needing detection, send for detecting leak
HTTPRequest, and according to the HTTPResponse contents that server is returned come the leakage corresponding to judging the HTTPRequest
Hole whether there is;
The response memory module can will detect leak successful HTTPRequest and HTTPResponse, and original
HTTPResponse and HTTPRequset are stored in database, to reach attack context preservation, for late detection personnel's
Real-time playback, facilitates patching bugs;
The browser kernel module is used to that the successful content of pages of vulnerability detection to be presented, and can need what is sent to the page
Network request is cut off, and prevents the attack of net horse etc in the page.
In the present invention, the network communication module can send packet using http protocol, or call browser to draw
The interface held up realize capture network packet function.
In the present invention, the browser engine can be using in webkit, blink, Trident, Gecko or IE kernel
Any one realization.
In the present invention, it is described response memory module in database using mangoDB, mysql, sqlite,
Any one realization in sqlserver or hbase databases.
The application method of the validating vulnerability system based on sandbox is provided, one is processed using the validating vulnerability system based on sandbox
The individual page, concretely comprises the following steps:
1) it is input into an initial URL address;
2) various attack HTTP Requset requests are constructed according to the URL, and sends the request;
3) to step 2) in the packet that sends carry out corresponding HTTP Response and verify, matching success attack
Characteristic value;
4) database is stored in the response and request that match success attack;
5) page of success attack is opened with custom browser.
Compared with prior art, the beneficial effects of the invention are as follows:
The present invention can preserve environment during validating vulnerability, and provide the page that custom browser accesses success attack return
Interview is asked, more friendly to website writer modification leak, be it also avoid to the secondary attack of server and to checking visitor
The attack of family machine.
Brief description of the drawings
Fig. 1 is operating diagram of the invention.
Specific embodiment
Firstly the need of explanation, the validating vulnerability the present invention relates to be based on sandbox is computer technology in internet skill
A kind of application in art field.In implementation process of the invention, the application of multiple software function modules can be related to.Applicant recognizes
For such as after application documents, accurate understanding realization principle of the invention and goal of the invention is read over, with reference to existing known
In the case of technology, those skilled in the art can use the software programming technical ability of its grasp to realize the present invention completely.It is foregoing soft
Part functional module includes but is not limited to:Network communication module, validating vulnerability module etc., the category that all the present patent application files are referred to
This category, applicant will not enumerate.
The present invention is described in further detail with specific embodiment below in conjunction with the accompanying drawings:
A kind of validating vulnerability system based on sandbox as shown in Figure 1, including network communication module, validating vulnerability module,
Response memory module, browser kernel module.
The network communication module can process http request, and send HTTPRequest using http protocol, and get
The HTTPResponse of webpage;
Browser engine is used to receive a local content as input, loads the pin in the page and the Dynamic Execution page
This, browser engine can detect webpage and send network packet, and cut off the connection of the packet.Browser engine can be
Webkit, blink, Trident, Gecko etc., or the browser engine oneself realized.
Http request, ftp communications etc. can be processed oneself to realize network communication module in a program, thus can be
The all-network packet of checking leak is captured in this code.If oneself does not realize network communication module, it is also possible to by
Original network communication module inserts code, has reached the effect of energy packet capturing.
The validating vulnerability module sends the HTTPRequest for detecting leak can to the Website server for needing detection, and
The HTTPResponse contents returned according to server whether there is come the leak corresponding to judging the request of the Hole Detection.
The response memory module can will detect leak successful HTTPRequest and HTTPResponse and original
HTTPResponse and HTTPRequset are stored in database, to reach attack context preservation, for late detection personnel's
Real-time playback, facilitates patching bugs.
Database therein is using any in mangoDB, mysql, sqlite, sqlserver or hbase database
One kind is realized.
The browser kernel module is used to present to the successful content of pages of vulnerability detection, and the page can be needed to send
Network request cut off, prevent the attack of net horse etc in the page.
A page is processed using the validating vulnerability system for being based on sandbox, its idiographic flow is:
1st, an initial URL address is input into program.
2nd, program constructs various attack HTTP Requset requests according to the URL, and sends the request.
3rd, corresponding HTTP Response are carried out to the packet sent in 2 to verify, matches the feature of success attack
Value.
4th, database is stored in the response and request that match success attack.
5th, the page of success attack is opened with custom browser.
Finally it should be noted that listed above is only specific embodiment of the invention.It is clear that the invention is not restricted to
Above example, can also there is many variations.One of ordinary skill in the art can directly lead from present disclosure
The all deformations for going out or associating, are considered as protection scope of the present invention.
Claims (5)
1. a kind of validating vulnerability system based on sandbox, reappears, it is characterised in that described to be based on for the leak to website
The validating vulnerability system of sandbox includes network communication module, validating vulnerability module, response memory module, browser kernel module;
The network communication module can process http request, and send HTTPRequest, get webpage
HTTPResponse;
The validating vulnerability module can give the Website server for needing detection, send the HTTPRequest for detecting leak, and
The HTTPResponse contents returned according to server whether there is come the leak corresponding to judging the HTTPRequest;
The response memory module can will detect leak successful HTTPRequest and HTTPResponse, and original
HTTPResponse and HTTPRequset are stored in database, to reach attack context preservation, for late detection personnel's
Real-time playback, facilitates patching bugs;
The browser kernel module is used to that the successful content of pages of vulnerability detection, and the network that can be sent page needs to be presented
Request is cut off, and prevents the attack of net horse etc in the page.
2. a kind of validating vulnerability system based on sandbox according to claim 1, it is characterised in that the network service mould
Block can send packet using http protocol, or call the interface of browser engine to realize capturing the work(of network packet
Energy.
3. a kind of validating vulnerability system based on sandbox according to claim 2, it is characterised in that the browser engine
Can be using any one realization in webkit, blink, Trident, Gecko or IE kernel.
4. a kind of validating vulnerability system based on sandbox according to claim 1, it is characterised in that the response stores mould
Database in block is using any one reality in mangoDB, mysql, sqlite, sqlserver or hbase database
It is existing.
5. the application method of the validating vulnerability system of sandbox is based on described in claim 1, it is characterised in that used based on sandbox
Validating vulnerability system processes a page, concretely comprises the following steps:
1) it is input into an initial URL address;
2) various attack HTTP Requset requests are constructed according to the URL, and sends the request;
3) to step 2) in the packet that sends carry out corresponding HTTP Response and verify, match the feature of success attack
Value;
4) database is stored in the response and request that match success attack;
5) page of success attack is opened with custom browser.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611005006.3A CN106789877A (en) | 2016-11-15 | 2016-11-15 | A kind of validating vulnerability system based on sandbox |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611005006.3A CN106789877A (en) | 2016-11-15 | 2016-11-15 | A kind of validating vulnerability system based on sandbox |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106789877A true CN106789877A (en) | 2017-05-31 |
Family
ID=58968135
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611005006.3A Pending CN106789877A (en) | 2016-11-15 | 2016-11-15 | A kind of validating vulnerability system based on sandbox |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106789877A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107908959A (en) * | 2017-11-10 | 2018-04-13 | 北京知道创宇信息技术有限公司 | Site information detection method, device, electronic equipment and storage medium |
| CN108154035A (en) * | 2017-12-21 | 2018-06-12 | 杭州安恒信息技术有限公司 | Extensive website vulnerability scan method, device and electronic equipment |
| CN110348210A (en) * | 2018-04-08 | 2019-10-18 | 腾讯科技(深圳)有限公司 | Safety protecting method and device |
| CN113704669A (en) * | 2021-09-01 | 2021-11-26 | 稿定(厦门)科技有限公司 | Data processing method and device for webpage operation |
| CN113949579A (en) * | 2021-10-20 | 2022-01-18 | 安天科技集团股份有限公司 | Website attack defense method and device, computer equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102880830A (en) * | 2011-07-15 | 2013-01-16 | 华为软件技术有限公司 | Acquisition method and device of original test data |
| CN104200166A (en) * | 2014-08-05 | 2014-12-10 | 杭州安恒信息技术有限公司 | Script-based website vulnerability scanning method and system |
| CN105447385A (en) * | 2014-12-08 | 2016-03-30 | 哈尔滨安天科技股份有限公司 | Multilayer detection based application type database honey pot realization system and method |
-
2016
- 2016-11-15 CN CN201611005006.3A patent/CN106789877A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102880830A (en) * | 2011-07-15 | 2013-01-16 | 华为软件技术有限公司 | Acquisition method and device of original test data |
| CN104200166A (en) * | 2014-08-05 | 2014-12-10 | 杭州安恒信息技术有限公司 | Script-based website vulnerability scanning method and system |
| CN105447385A (en) * | 2014-12-08 | 2016-03-30 | 哈尔滨安天科技股份有限公司 | Multilayer detection based application type database honey pot realization system and method |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107908959A (en) * | 2017-11-10 | 2018-04-13 | 北京知道创宇信息技术有限公司 | Site information detection method, device, electronic equipment and storage medium |
| CN107908959B (en) * | 2017-11-10 | 2020-02-14 | 北京知道创宇信息技术股份有限公司 | Website information detection method and device, electronic equipment and storage medium |
| CN108154035A (en) * | 2017-12-21 | 2018-06-12 | 杭州安恒信息技术有限公司 | Extensive website vulnerability scan method, device and electronic equipment |
| CN108154035B (en) * | 2017-12-21 | 2021-01-26 | 杭州安恒信息技术股份有限公司 | Large-scale website vulnerability scanning method and device and electronic equipment |
| CN110348210A (en) * | 2018-04-08 | 2019-10-18 | 腾讯科技(深圳)有限公司 | Safety protecting method and device |
| CN113704669A (en) * | 2021-09-01 | 2021-11-26 | 稿定(厦门)科技有限公司 | Data processing method and device for webpage operation |
| CN113704669B (en) * | 2021-09-01 | 2022-10-14 | 稿定(厦门)科技有限公司 | Data processing method and device for webpage operation |
| CN113949579A (en) * | 2021-10-20 | 2022-01-18 | 安天科技集团股份有限公司 | Website attack defense method and device, computer equipment and storage medium |
| CN113949579B (en) * | 2021-10-20 | 2024-04-30 | 安天科技集团股份有限公司 | Website attack defense method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106789877A (en) | A kind of validating vulnerability system based on sandbox | |
| US10567407B2 (en) | Method and system for detecting malicious web addresses | |
| US8819819B1 (en) | Method and system for automatically obtaining webpage content in the presence of javascript | |
| CN104954372B (en) | A kind of evidence obtaining of fishing website and verification method and system | |
| CN102571846B (en) | Method and device for forwarding hyper text transport protocol (HTTP) request | |
| US10834105B2 (en) | Method and apparatus for identifying malicious website, and computer storage medium | |
| CN109768992B (en) | Webpage malicious scanning processing method and device, terminal device and readable storage medium | |
| CN111813701B (en) | HTTP-based interface testing method and device, computer equipment and storage medium | |
| CN103561036A (en) | Request intercepting method and device in white-list internet surfing environment | |
| CN102664872B (en) | For detection of with the method preventing server attack in computer network | |
| CN106446113A (en) | Mobile big data analysis method and device | |
| CN107347076A (en) | The detection method and device of SSRF leaks | |
| CN108667770A (en) | A kind of loophole test method, server and the system of website | |
| US10701087B2 (en) | Analysis apparatus, analysis method, and analysis program | |
| CN105635064A (en) | CSRF attack detection method and device | |
| CN113190839A (en) | Web attack protection method and system based on SQL injection | |
| CN105100065B (en) | Webshell attack detection methods, device and gateway based on cloud | |
| WO2018018699A1 (en) | Website scripting attack prevention method and device | |
| CN108322420A (en) | The detection method and device of backdoor file | |
| CN104660556A (en) | Cross site request forgery vulnerability detection method and device | |
| CN113141332B (en) | Command injection identification method, system, equipment and computer storage medium | |
| CN106612283B (en) | Method and device for identifying source of downloaded file | |
| Ham et al. | Big Data Preprocessing Mechanism for Analytics of Mobile Web Log. | |
| CN113032836B (en) | Data desensitization method and apparatus | |
| CN111859387A (en) | Automatic construction method for Android platform software vulnerability model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |