CN107357736A - A kind of automated detection method for Tomcat security configurations - Google Patents
A kind of automated detection method for Tomcat security configurations Download PDFInfo
- Publication number
- CN107357736A CN107357736A CN201710630202.8A CN201710630202A CN107357736A CN 107357736 A CN107357736 A CN 107357736A CN 201710630202 A CN201710630202 A CN 201710630202A CN 107357736 A CN107357736 A CN 107357736A
- Authority
- CN
- China
- Prior art keywords
- tomcat
- security
- detection method
- catalogues
- security configurations
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3644—Software debugging by instrumenting at runtime
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Stored Programmes (AREA)
Abstract
The present invention discloses a kind of automated detection method for Tomcat security configurations, it is related to Web security fields, for Tomcat security configuration critical checkpoints, automatic detection program is write using Python, Tomcat configuration file parsings are carried out by automatic detection programming automation, system command performs and data analysis, while compatible Windows and Linux platform so that Tomcat security configurations item can carry out one-touch automatic detection.Instant invention overcomes manual detection efficiency is low, the incomplete defect of detection, the detection efficiency of Tomcat security configurations is improved, improves and uses the safety test efficiency of Tomcat software product and comprehensive.
Description
Technical field
The present invention relates to Web security fields, specifically a kind of automatic detection side for Tomcat security configurations
Method.
Background technology
Tomcat is the Web application servers of a free open source code, belongs to lightweight application server,
Middle-size and small-size system and concurrent users are commonly used under many occasions, are the head of exploitation and debugging JSP programs
Choosing.
With computer, the development and application of Internet technology, internet has goed deep into popular daily Working Life, network
Safety problem causes popular increasing concern.And Tomcat is as Web server popular at present, its security
All the more it is important.The problem of on Tomcat security configurations, except usually take in time the modes such as security patch, version updating it
Outside, it is extremely important for lifting Tomcat securities that some security configurations are carried out.
The content of the invention
Demand and weak point of the present invention for the development of current technology, there is provided it is a kind of for Tomcat security configurations from
Dynamicization detection method.
A kind of automated detection method for Tomcat security configurations of the present invention, solve above-mentioned technical problem and use
Technical scheme it is as follows:The automated detection method for Tomcat security configurations, it is crucial for Tomcat security configurations
Checkpoint, automatic detection program is write using Python, carrying out Tomcat by automatic detection programming automation matches somebody with somebody
Document analysis is put, system command performs and data analysis, while compatible Windows and Linux platform so that Tomcat matches somebody with somebody safely
One-touch automatic detection can be carried out by putting item;
Its specific steps of the automatic testing method include:
1)Tomcat installation path parameters are obtained, and obtain the OS Type that automatic detection program is currently run;
2)Tomcat versions are obtained by performing the version scripts under Tomcat installation directories in bin catalogues, and are output to knot
In fruit file;
3)User when detecting Tomcat operations by performing Windows/Linux local commands, and judge whether the user has
Administrator/root authorities, security risk is prompted in destination file if having;
4)Tomcat is detected by parsing the tomcat-users.xml configuration files under Tomcat installation directories in conf catalogues
Back-stage management page account enables situation;
5)Tomcat application journeys are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
The preface and table of contents records priority assignation situation;
6)Tomcat access days are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
Will record case.
Preferably, step 2), if Windows systems then using cmd/k call orders operation version.bat, if
Then version.sh is run for linux system using sh orders.
Preferably, step 3), then using tasklist/V if Windows systems | findstr " tomcat " is ordered
Tomcat operation users are detected, then check that local group membership whether there is administrators using net user orders,
If security risk is prompted in destination file in the presence of if;Ps-ef are then used if linux system | grep tomcat orders are examined
Tomcat operation users are surveyed, security risk is then prompted in destination file if root.
Preferably, step 4)If in tomcat-users.xml<tomcat-users>User labels roles under label
" manager-gui " item in property value be present, and be not annotated, then the username and password property values for obtaining this are defeated
Go out into destination file, and prompt security risk.
Preferably, step 5), obtain first in server.xml<Host>The value of the appBase attributes of label, Ran Houjian
The directory entry for writing and performing authority is looked under the path while exists, if being output in the presence of if in destination file and prompt safety wind
Danger.
Preferably, step 5), the appBase property values of acquisition are then checked under webapps catalogues if " webapps "
ROOT catalogues, manager catalogues, host-manager catalogues, if in the presence of and be not sky, will not be that empty directory entry title will be defeated
Go out into destination file and prompt security risk.
Preferably, step 6), first look in server.xml<Valve>The className property values of label are
Whether the item of " org.apache.catalina.valves.AccessLogValve " is annotated, if being annotated, in result text
Security risk is prompted in part;If not being annotated, its pattern property value content is checked, if %h, %t, %r, %s item is not present,
Item output will then be lacked in destination file and prompt security risk.
A kind of automated detection method for Tomcat security configurations of the present invention, has compared with prior art
Beneficial effect is:This method is directed to Tomcat security configuration critical checkpoints, and automation carries out Tomcat configuration file parsings, is
System order performs and data analysis, overcomes that manual detection efficiency is low, the incomplete defect of detection, improves Tomcat and matches somebody with somebody safely
The detection efficiency put, improve and use the safety test efficiency of Tomcat software product and comprehensive.
Brief description of the drawings
Accompanying drawing 1 is the implementing procedure figure for the automated detection method of Tomcat security configurations.
Embodiment
For the object, technical solutions and advantages of the present invention are more clearly understood, below in conjunction with specific embodiment, to this hair
A kind of bright automated detection method for Tomcat security configurations is further described.
Safety problem is configured for Tomcat, the present invention proposes a kind of automatic detection for Tomcat security configurations
Method, for Tomcat security configuration critical checkpoints, automatic detection program is write using Python, passes through automation
Detect programming automation carry out Tomcat configuration file parsings, system command perform and data analysis, while compatible Windows and
Linux platform so that Tomcat security configurations item can carry out one-touch automatic detection, avoid and detect incomplete ask
Topic, improve the detection efficiencies of Tomcat security configurations, improve using Tomcat software product safety test efficiency and
It is comprehensive.
Embodiment:1:
The automated detection method of Tomcat security configurations is directed to described in the present embodiment, its specific steps includes:
1)Tomcat installation path parameters are obtained, and obtain the OS Type that automatic detection program is currently run;
2)Tomcat versions are obtained by performing the version scripts under Tomcat installation directories in bin catalogues, and are output to knot
In fruit file;
3)User when detecting Tomcat operations by performing Windows/Linux local commands, and judge whether the user has
Administrator/root authorities, security risk is prompted in destination file if having;
4)Tomcat is detected by parsing the tomcat-users.xml configuration files under Tomcat installation directories in conf catalogues
Back-stage management page account enables situation;
5)Tomcat application journeys are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
The preface and table of contents records priority assignation situation;
6)Tomcat access days are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
Will record case.
Embodiment 2:
The automated detection method of Tomcat security configurations is directed to described in the present embodiment, on the basis of embodiment 1, its specific step
Suddenly include:
1)Tomcat installation path parameters are obtained, and obtain the OS Type that automatic detection program is currently run, can be with
Use platform.platform () method in platform modules;
2)Tomcat versions are obtained by performing the version scripts under Tomcat installation directories in bin catalogues, and are output to knot
In fruit file, local command performs the subprocess.Popen methods that subprocess modules can be used;
If Windows systems then using cmd/k call orders or other orders operation version.bat, if Linux
System is then using sh orders or other order operations version.sh;
3)User when detecting Tomcat operations by performing Windows/Linux local commands, and judge whether the user has
Administrator/root authorities, security risk is prompted in destination file if having;
Tasklist/V is then used if Windows systems | findstr " tomcat " is ordered or other order detections
Tomcat runs user, then checks that local group membership whether there is administrators using net user orders, if depositing
Security risk is then being prompted in destination file;
Ps-ef are then used if linux system | grep tomcat orders or other orders detection Tomcat operation users, if
Security risk is then prompted in destination file for root, otherwise check/etc/passwd in correspond to the 4th parameter of user's row and be
No is 0, is root user's groups if 0, then security risk is prompted in destination file;
4)By parsing the tomcat-users.xml configuration files under Tomcat installation directories in conf catalogues, Tomcat is detected
Back-stage management page account enables situation;
If in tomcat-users.xml<tomcat-users>Exist in user label roles property values under label
" manager-gui " item(The login account number of the back-stage management page), and be not annotated, then obtain the user name username of this
It is output to password password property values in destination file, and prompts security risk;
5)Tomcat application journeys are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
The preface and table of contents records priority assignation situation;
Obtain first in server.xml<Host>The value of the appBase attributes of label(Web application deployment path), then check
The directory entry for writing and performing authority under the path simultaneously be present, if being output in the presence of if in destination file and prompt safety wind
Danger;
6)The appBase property values obtained in step 5 are if " webapps "(That is default value), then check under webapps catalogues
ROOT catalogues, manager catalogues, host-manager catalogues, if in the presence of and be not sky, will be not empty directory entry title
It is output in destination file and prompts security risk;
7)By parsing the server.xml configuration files under Tomcat installation directories in conf catalogues, detection Tomcat accesses day
Will record case;
First look in server.xml<Valve>The className property values of label are
Whether the item of " org.apache.catalina.valves.AccessLogValve " is annotated, if being annotated(Non- record access
Daily record), then security risk is prompted in destination file;If not being annotated, its pattern property value content is checked, if not depositing
In %h(Record request source IP/hostname)、%t(Request time)、%r(Request message first trip:Requesting method+URL+HTTP is assisted
View)、%s(Response HTTP conditional codes)Xiang Ze will lack item output in destination file and prompt security risk.
The present embodiment is directed to the specific implementation process of the automated detection method of Tomcat security configurations, as shown in Figure 1:
1st, user inputs Tomcat installation paths, obtains Tomcat installation path parameters, and it is current to obtain automatic detection program
The OS Type of operation;
2nd, Tomcat versions are obtained by performing the version scripts under Tomcat installation directories in bin catalogues, and exports version
Number to destination file;
User when the 3rd, detecting Tomcat operations by performing Windows/Linux local commands, obtains Tomcat and performs user,
And judge to perform whether user has administrator/root authorities, output safety indicating risk is to destination file if having;
4th, by parsing the tomcat-users.xml configuration files under Tomcat installation directories in conf catalogues, can use
Xml.dom.minidom module correlation techniques, to detect whether Tomcat back-stage management page accounts enable;Exported if enabling
Username and password and security risk are prompted to destination file;
5th, by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues, Tomcat application journeys are obtained
There is the directory listing for writing and performing authority simultaneously in preface and table of contents record, prompted if the output listing in the presence of and if security risk to result text
Part;
6th, in step 5, if in the absence of having the catalogue of writing and performs authority simultaneously, Tomcat default applications are detected whether
It has been deleted that, export the application list if not deleting and security risk is prompted to destination file;
7th, by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues, detection Tomcat accesses day
Will record case;
Output safety indicating risk is to destination file if non-record access daily record;If have recorded access log, access is checked
Whether daily record opens %h, %t, %r, %s item then, and output safety indicating risk is to destination file if not opening.
Embodiment is only the specific case of the present invention, and scope of patent protection of the invention is including but not limited to above-mentioned
Embodiment, any person of an ordinary skill in the technical field that meet claims of the present invention and any is to it
The appropriate change or replacement done, it should all fall into the scope of patent protection of the present invention.
Claims (10)
1. a kind of automated detection method for Tomcat security configurations, it is characterised in that closed for Tomcat security configurations
Key checkpoint, automatic detection program is write using Python, Tomcat is carried out by automatic detection programming automation
Configuration file parses, and system command performs and data analysis, while compatible Windows and Linux platform so that Tomcat safety
Configuration item can carry out one-touch automatic detection;
Its specific steps includes:
1)Tomcat installation path parameters are obtained, and obtain the OS Type that automatic detection program is currently run;
2)Tomcat versions are obtained by performing the version scripts under Tomcat installation directories in bin catalogues, and are output to knot
In fruit file;
3)User when detecting Tomcat operations by performing Windows/Linux local commands, and judge whether the user has
Administrator/root authorities, security risk is prompted in destination file if having;
4)Tomcat is detected by parsing the tomcat-users.xml configuration files under Tomcat installation directories in conf catalogues
Back-stage management page account enables situation;
5)Tomcat application journeys are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
The preface and table of contents records priority assignation situation;
6)Tomcat access days are detected by parsing the server.xml configuration files under Tomcat installation directories in conf catalogues
Will record case.
2. a kind of automated detection method for Tomcat security configurations according to claim 1, it is characterised in that described
Step 1), using platform.platform () method in platform modules, obtain the automatic test program
The OS Type currently run.
3. a kind of automated detection method for Tomcat security configurations according to claim 1, it is characterised in that described
Step 2), when local command performs, use the subprocess.Popen methods of subprocess modules.
4. a kind of automated detection method for Tomcat security configurations according to claim 3, it is characterised in that described
Step 2), if Windows systems then using cmd/k call orders operation version.bat, then make if linux system
Version.sh is run with sh orders.
A kind of 5. automated detection method for Tomcat security configurations according to claim 4, it is characterised in that institute
State step 3), then use tasklist/V if Windows systems | findstr " tomcat " order detection Tomcat operations
User, then check that local group membership whether there is administrators using net user orders, if in the presence of if in result
Security risk is prompted in file.
A kind of 6. automated detection method for Tomcat security configurations according to claim 4, it is characterised in that institute
State step 3), then use ps-ef if linux system | grep tomcat orders detection Tomcat operation users, if root
Security risk is then prompted in destination file;Otherwise check/etc/passwd in whether correspond to the 4th parameter of user's row be 0,
It is root user's groups if 0, then security risk is prompted in destination file.
7. according to a kind of automated detection method for Tomcat security configurations of claim 5 or 6, it is characterised in that
The step 4)If in tomcat-users.xml<tomcat-users>Deposited in user label roles property values under label
In " manager-gui " item, and it is not annotated, then the username and password property values for obtaining this are output to result text
In part, and prompt security risk.
8. a kind of automated detection method for Tomcat security configurations according to claim 7, it is characterised in that described
Step 5), obtain first in server.xml<Host>The value of the appBase attributes of label, then checks under the path while deposits
The directory entry of authority is being write and is performing, if being output in the presence of if in destination file and prompt security risk.
A kind of 9. automated detection method for Tomcat security configurations according to claim 8, it is characterised in that institute
State step 5), the appBase property values of acquisition if " webapps ", then check ROOT catalogues under webapps catalogues,
Manager catalogues, host-manager catalogues, if in the presence of and be not sky, result will not be output to for empty directory entry title
In file and prompt security risk.
A kind of 10. automated detection method for Tomcat security configurations according to claim 9, it is characterised in that institute
State step 6), first look in server.xml<Valve>The className property values of label are
Whether the item of " org.apache.catalina.valves.AccessLogValve " is annotated, if being annotated, in result text
Security risk is prompted in part;If not being annotated, its pattern property value content is checked, if %h, %t, %r, %s item is not present,
Item output will then be lacked in destination file and prompt security risk.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710630202.8A CN107357736A (en) | 2017-07-28 | 2017-07-28 | A kind of automated detection method for Tomcat security configurations |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710630202.8A CN107357736A (en) | 2017-07-28 | 2017-07-28 | A kind of automated detection method for Tomcat security configurations |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107357736A true CN107357736A (en) | 2017-11-17 |
Family
ID=60286419
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710630202.8A Pending CN107357736A (en) | 2017-07-28 | 2017-07-28 | A kind of automated detection method for Tomcat security configurations |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107357736A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108769074A (en) * | 2018-07-05 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of web server method for testing security and system |
CN110727467A (en) * | 2019-10-22 | 2020-01-24 | 普元信息技术股份有限公司 | System and method for realizing server performance optimization processing under big data environment |
CN112733148A (en) * | 2021-01-12 | 2021-04-30 | 北京旋极安辰计算科技有限公司 | Java-based trusted policy automatic adaptation method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102118257A (en) * | 2009-12-31 | 2011-07-06 | 亿阳信通股份有限公司 | Method and device for remote monitoring maintenance |
CN105227630A (en) * | 2015-08-27 | 2016-01-06 | 浪潮电子信息产业股份有限公司 | A kind of based on APACHE, MOD_JK, TOMCAT load balancing implementation |
US20160342448A1 (en) * | 2012-06-07 | 2016-11-24 | Vmware, Inc. | Tracking changes that affect performance of deployed applications |
CN106506209A (en) * | 2016-11-03 | 2017-03-15 | 用友网络科技股份有限公司 | The management method and system of service |
-
2017
- 2017-07-28 CN CN201710630202.8A patent/CN107357736A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102118257A (en) * | 2009-12-31 | 2011-07-06 | 亿阳信通股份有限公司 | Method and device for remote monitoring maintenance |
US20160342448A1 (en) * | 2012-06-07 | 2016-11-24 | Vmware, Inc. | Tracking changes that affect performance of deployed applications |
CN105227630A (en) * | 2015-08-27 | 2016-01-06 | 浪潮电子信息产业股份有限公司 | A kind of based on APACHE, MOD_JK, TOMCAT load balancing implementation |
CN106506209A (en) * | 2016-11-03 | 2017-03-15 | 用友网络科技股份有限公司 | The management method and system of service |
Non-Patent Citations (1)
Title |
---|
通往圣殿的路: "Tomcat系统加固规范", 《HTTPS://BLOG.51CTO.COM/LEOMARS/1571506》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108769074A (en) * | 2018-07-05 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of web server method for testing security and system |
CN108769074B (en) * | 2018-07-05 | 2021-02-09 | 苏州浪潮智能科技有限公司 | Web server security testing method |
CN110727467A (en) * | 2019-10-22 | 2020-01-24 | 普元信息技术股份有限公司 | System and method for realizing server performance optimization processing under big data environment |
CN112733148A (en) * | 2021-01-12 | 2021-04-30 | 北京旋极安辰计算科技有限公司 | Java-based trusted policy automatic adaptation method |
CN112733148B (en) * | 2021-01-12 | 2021-10-01 | 北京旋极安辰计算科技有限公司 | Java-based trusted policy automatic adaptation method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103927484B (en) | Rogue program behavior catching method based on Qemu simulator | |
Bhatkar et al. | Dataflow anomaly detection | |
CN110321371A (en) | Daily record data method for detecting abnormality, device, terminal and medium | |
JP5572763B2 (en) | Website scanning apparatus and method | |
CN107357736A (en) | A kind of automated detection method for Tomcat security configurations | |
US20100122313A1 (en) | Method and system for restricting file access in a computer system | |
CN104144142B (en) | A kind of Web bug excavation methods and system | |
JPWO2018235252A1 (en) | Analyzing device, log analyzing method, and analyzing program | |
US8904350B2 (en) | Maintenance of a subroutine repository for an application under test based on subroutine usage information | |
KR100968126B1 (en) | System for Detecting Webshell and Method Thereof | |
CN106330599B (en) | Android application program network flow multithreading acquisition system and method | |
CN109190368B (en) | SQL injection detection device and SQL injection detection method | |
CN107590253A (en) | A kind of automated detection method for MySQL database configuration security | |
CN102045220A (en) | Wooden horse monitoring and auditing method and system thereof | |
CN104301304A (en) | Vulnerability detection system based on large ISP interconnection port and method thereof | |
CN111092910A (en) | Database security access method, device, equipment, system and readable storage medium | |
CN117336098A (en) | Network space data security monitoring and analyzing method | |
CN107480525A (en) | A kind of automated detection method of RabbitMQ security configurations | |
CN108334629A (en) | A kind of grid equipment state data acquisition system based on automated test frame | |
CN109194670A (en) | A kind of any file download leak detection method in website | |
Chaturvedi et al. | Improving attack detection in host-based IDS by learning properties of system call arguments | |
Yuan et al. | Research and implementation of security vulnerability detection in application system of WEB static source code analysis based on JAVA | |
CN109714199B (en) | Network traffic analysis and traceability system based on big data architecture | |
CN102137297A (en) | Data detection method based on digital set top box | |
CN112699373A (en) | Method and device for detecting SQL injection vulnerability in batch |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171117 |