CN107704758A - A kind of SQL injection leak detection method and detection means - Google Patents

A kind of SQL injection leak detection method and detection means Download PDF

Info

Publication number
CN107704758A
CN107704758A CN201710742057.2A CN201710742057A CN107704758A CN 107704758 A CN107704758 A CN 107704758A CN 201710742057 A CN201710742057 A CN 201710742057A CN 107704758 A CN107704758 A CN 107704758A
Authority
CN
China
Prior art keywords
inquiry
response
string
web server
sql injection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710742057.2A
Other languages
Chinese (zh)
Inventor
陈栋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201710742057.2A priority Critical patent/CN107704758A/en
Publication of CN107704758A publication Critical patent/CN107704758A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • G06F16/90335Query processing
    • G06F16/90344Query processing by using string matching techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Debugging And Monitoring (AREA)

Abstract

This application discloses a kind of SQL injection leak detection method and detection means, detection method to include:Being sent to Web server includes the first inquiry request of the first inquiry string and checking parameter;Receive the first inquiry response of Web server;The second inquiry request of the checking parameter included in the second inquiry string and the first inquiry response is sent to Web server;Receive the second inquiry response that Web server returns;Wherein:One of first inquiry string and the second inquiry string are normal queries character strings, and another is SQL injection Hole Detection character string;Response data in the first inquiry response and the second inquiry response judges that Web is applied and whether there is SQL injection leak.When carrying out injection loophole detection, can be by extracting the checking parameter in inquiry response, and checking parameter is added in subsequent query request, to break through the verification comparison process of Web server end setting, realize the SQL injection Hole Detection around the Web applications for setting calibration technology.

Description

A kind of SQL injection leak detection method and detection means
Technical field
The application is related to Web application safety monitoring technologies field, more particularly to a kind of SQL injection leak detection method and inspection Survey device.
Background technology
Illegal data query is performed, it is necessary to Web to avoid the application program that user uses from constructing dynamic SQL statement Using progress SQL injection leak test.Due to needing to carry out substantial amounts of SQL statement test, to reduce cost of labor, SQL injection Leak test is detected using automatic detection instrument mass, and whether automatic decision to detect sentence accordingly leaky.
When having used the Web applications of AntiCSRFToken calibration technologies to carry out injection loophole test some, penetration testing Engineer can be found that SQL injection leak in manual inspection;And when using automatic detection tool detection, looked into using same Asking character string can not but find the problem of injection loophole, or even prompting test parameter can not inject (for example, it may be possible to which POST can be prompted parameter username does not seem to be injectable).Found by inquiring about html source code, this There is a checking parameter that is hiding, being generated at random by Web server in the data that class Web applications return.Client is again When submitting data to web server, whether checking parameter is the ginseng generated last time in the inquiry request that Web server verification is submitted Numerical value;If checking parameter is correct, corresponding inquiry request is handled by Web server;If checking parameter is incorrect, phase The inquiry request answered is not handled by Web server, i.e., is tested without injection loophole.
The content of the invention
This application provides a kind of SQL injection leak detection method and detection means, to solve to set the Web of calibration technology The problem of being automatically injected leak test of application.
The embodiment of the present invention provides a kind of SQL injection leak detection method, comprises the following steps:
The first inquiry request is sent to Web server;First inquiry request includes the first inquiry string, and Checking parameter of the Web server in preceding inquiry response;It is described preceding inquiry response be before first inquiry request Inquiry response corresponding to inquiry request;
Receive the first inquiry response that the inquiry request of web server response first returns;
The second inquiry request is sent to Web server;Second inquiry request includes the second inquiry string, Yi Jisuo State the checking parameter in the first inquiry response;
Receive the second inquiry response that the inquiry request of web server response second returns;
Wherein:One of first inquiry string and second inquiry string are normal queries character strings, another For SQL injection Hole Detection character string corresponding with the normal queries character string;
Response data in first inquiry response and second inquiry response judges whether Web server has There is the injection loophole of the corresponding leak inquiry string.
Optionally, the leak inquiry string includes the blind note character string based on boolean, time-based blind note character String and/or heap inquiry injection character string.
Optionally, methods described is created based on Scrapy frameworks.
The embodiment of the present invention provides a kind of SQL injection Hole Detection device, including:
Sending module, for sending the first inquiry request and the second inquiry request to Web server;
Receiving module, the first inquiry response returned for receiving the first inquiry request described in web server response, with And receive the second inquiry response that the second inquiry request described in web server response returns;
Extraction module, for extracting checking parameter of the Web server in preceding inquiry response, and, extraction described first Checking parameter in inquiry response;Described mutually should be in preceding inquiry is looked into corresponding to the inquiry request before first inquiry request Ask response;
Wherein:First inquiry request includes the verification in the first inquiry string, and the inquiry response preceding again Parameter;Second inquiry request includes the checking parameter in the second inquiry string, and first inquiry response;It is described One of first inquiry string and second inquiry string are normal queries character strings, another to be and the normal queries word SQL injection Hole Detection character string corresponding to symbol string;
Leak judge module, sentence for the response data in first inquiry response and second inquiry response Disconnected Web, which is applied, whether there is SQL injection.
Optionally, the leak inquiry string includes the blind note character string based on boolean, time-based blind note character String and/or heap inquiry injection character string.
Optionally, described device is the device created based on Scrapy frameworks.
Using injection loophole detection method provided in an embodiment of the present invention and detection means, injection loophole detection is being carried out When, it can be added to by extracting the checking parameter in inquiry response, and by checking parameter in subsequent query request, to break through The verification comparison process that Web server end is set, realize the SQL injection leak inspection around the Web applications for setting calibration technology Survey.
Brief description of the drawings
To be illustrated more clearly that background technology or technical scheme, below to prior art or embodiment The accompanying drawing of middle combined use is briefly described;It should be evident that the accompanying drawing side of being only for below in conjunction with embodiment Just understand the embodiment of the present invention, for those of ordinary skill in the art, on the premise of not paying creative work, may be used also To obtain other accompanying drawings according to these accompanying drawings;
Fig. 1 is the SQL injection leak detection method flow chart that embodiment provides;
Fig. 2 is the SQL injection Hole Detection schematic device that embodiment provides.
Wherein:11- sending modules, 12- receiving modules, 13- extraction modules, 14- leak judge modules.
Embodiment
The embodiment of the present invention provides a kind of SQL injection leak detection method, can bypass the AntiCSRF verification skills used The verification scheme set in the Web server of art, realize that the automation of injection loophole test is carried out.
In order that those skilled in the art more fully understand the technical scheme in the present invention, below in conjunction with of the invention real The accompanying drawing in example is applied, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described implementation Example only part of the embodiment of the present invention, rather than whole embodiments.It is common based on the embodiment in the present invention, this area The every other embodiment that technical staff is obtained under the premise of creative work is not made, should all belong to protection of the present invention Scope.
Fig. 1 is the SQL injection leak detection method flow chart that embodiment provides.As shown in figure 1, what the present embodiment provided SQL injection leak detection method comprises the following steps.
It should be noted that the injection loophole detection method that the present embodiment provides is deployed in and is communicatively coupled with Web server, HTTP (HTTP, Hyper Text Transfer can be sent to Web server by application program Protocol) inquiry request and can receive Web server return HTTP texts client in;Client in practical application End is not limited to the computer using wire communication or PDA, smart mobile phone and other this areas using radio communication Communication terminal known to technical staff.
S101:The first inquiry request is sent to Web server.
First inquiry request includes the first inquiry string, and school of the Web server in preceding inquiry request is corresponding Test parameter.
In order to facilitate whole querying method is understood, how generation mechanism, client first to checking parameter identify verification Parameter is tested introduction.
In practical application, after client sends inquiry request to Web server, when Web server states request before responding, While returning to inquiry response data (HTTP texts) to client, Web server can generate a checking parameter at random, and will Checking parameter is with specific character mark and sets hiding attribute accordingly;Meanwhile Web server can store checking parameter, with The inquiry request sent next time for verifying client.
And after inquiry response reaches client, client can identify the character mark of response, and extract character mark Corresponding checking parameter, in case follow-up use.In practical application, can according to data in the inquiry response that Web server issues, The character mark of detection is provided for for client;It can also may be set according to the custom of those skilled in the art, selection For the character mark section of checking parameter.If for example, using marks of the Token as checking parameter in Web server, ooze The mark of checking parameter to be extracted is first arranged to " Token " by saturating engineer at client before testing;Permeate engineer " Token ", " TK ", the character mark such as " checking parameter " can be set in client, and using these marks successively and Web service The response data of device compares, and extracts the checking parameter under corresponding character mark.
In the present embodiment, before complete injection loophole test is carried out once, i.e., before first time inquiry request is sent, visitor Warp-wise Web server sends inquiry request at family end;Server is based on aforementioned request and also returns formerly inquiry sound to client Should, first inquiry response includes being used for the checking parameter being added in the first inquiry request.
After Web server receives the first inquiry request, in the checking parameter and the first inquiry request using itself storage Checking parameter be compared, corresponding inquiry operation is completed after comparison passes through, and generate respective operations first inquiry ring Answer, the first inquiry response is back to client;Meanwhile Web server generates new checking parameter and added in the first inquiry In response.
S102:Receive the first inquiry response that the inquiry request of web server response first returns.
After client receives the first inquiry response, corresponding field in the first inquiry response is extracted, is specifically included correspondingly The corresponding data of first inquiry string and newest checking parameter.
In the present embodiment, the first inquiry string is normal queries character string, thus with the first inquiry string be with just Normal response data corresponding to normal inquiry string.
Such as normal queries character string for submit character string ' admin ', it is assumed that the query statement that web server uses for Select*form users where username=' admin ' (character string);The data that Web server returns are return pair The True Data of ' admin ' that answers, such as ' 1 '.
S103:The second inquiry request is sent to Web server.
Second inquiry request includes the checking parameter in SQL injection Hole Detection character string and the first inquiry response.This In embodiment, SQL injection Hole Detection character string is Hole Detection character string corresponding with the first inquiry string, such as can be with For ' admin ' and ' 1 '=' 2.
Web server after the second inquiry request is received determines that the second inquiry request can be performed by checking parameter In SQL injection Hole Detection character string.Assuming that the query statement that web server uses is select*from users Where username=(character string);And because it is false that character string, which is ' admin ' and ' 1 '=' 2, Query Result is Sky, now Web server not returning result.And in the present embodiment, Web server returns the second of corresponding second inquiry request Inquiry response.
S104:Receive the second inquiry response that the inquiry request of web server response second returns;
After client receives the second inquiry response, the response data in the second inquiry response is extracted, that is, foregoing look into Ask result.
S105:Response data in the first inquiry response and the second inquiry response judges that Web is applied and whether there is SQL Injection loophole.
In the aforementioned embodiment, the inquiry string in the first inquiry request is normal queries character string, and the second inquiry please It is Hole Detection character string to seek middle inquiry string.In other embodiments, in the first inquiry request and the second inquiry request Inquiry string can also be exchanged.
In foregoing query process, leak inquiry string can include the blind note character string based on boolean, based on the time Blind note character string and heap inquiry injection character string.
In addition, the method in the present embodiment can be used and created based on Scrapy frameworks.Scrapy is one to crawl Website data, the application framework for extracting structure data and writing.Using the respective class in the framework, it can rapidly establish and adopt With the program of preceding method, the automatic inquiry of SQL injection leak is realized.
Except providing foregoing SQL injection leak detection method, the embodiment of the present invention also provides one kind and realizes foregoing SQL injection The detection means of leak.
Fig. 2 is the SQL injection Hole Detection schematic device that embodiment provides.As shown in Fig. 2 the dress that the present embodiment provides Put including sending module 11, receiving module 12, extraction module 13 and leak judge module 14.
Sending module 11 is used to send the first inquiry request and the second inquiry request to Web server;
Receiving module 12 is used to receive the first inquiry response that the first inquiry request described in web server response returns, with And receive the second inquiry response that the second inquiry request described in web server response returns;
Extraction module 13 is used to extract checking parameter of the Web server in preceding inquiry response, and, extraction described first Checking parameter in inquiry response;Described mutually should be in preceding inquiry is looked into corresponding to the inquiry request before first inquiry request Ask response;
Wherein:First inquiry request includes the verification in the first inquiry string, and the inquiry response preceding again Parameter;Second inquiry request includes the checking parameter in the second inquiry string, and first inquiry response;It is described One of first inquiry string and second inquiry string are normal queries character strings, another to be and the positive production inquiry word SQL injection Hole Detection character string corresponding to symbol string;
Leak judge module 14 is used for the response data in first inquiry response and second inquiry response Judge that Web is applied and whether there is SQL injection leak.
Corresponding with preceding method, in the device that the present embodiment provides, leak inquiry string is included based on the blind of boolean Note character string, time-based blind note character string and heap inquiry string.
Equally corresponding with preceding method, the described device in the present embodiment is the device created based on Scrapy frameworks.
The SQL injection leak detection method in the embodiment of the present invention and detection means are described in detail above.This Part is set forth using specific embodiment to the principle and embodiment of the present invention, and the explanation of above example is only intended to Help to understand core concept of the invention, without departing from the principles of the present invention, those of ordinary skill in the art are not having The every other embodiment obtained under the premise of creative work is made, belongs to the scope of protection of the invention.

Claims (6)

1. a kind of SQL injection leak detection method, it is characterised in that comprise the following steps:
The first inquiry request is sent to Web server;First inquiry request includes the first inquiry string, and Web clothes Checking parameter of the business device in preceding inquiry response;It is described to be asked in preceding inquiry response for the inquiry before first inquiry request Seek corresponding inquiry response;
Receive the first inquiry response that the inquiry request of web server response first returns;
The second inquiry request is sent to Web server;Second inquiry request includes the second inquiry string, and described Checking parameter in one inquiry response;
Receive the second inquiry response that the inquiry request of web server response second returns;
Wherein:One of first inquiry string and second inquiry string are normal queries character strings, it is another be with SQL injection Hole Detection character string corresponding to the normal queries character string;
Response data in first inquiry response and second inquiry response judges that Web is applied and whether there is SQL Injection loophole.
2. SQL injection leak detection method according to claim 1, it is characterised in that:
The leak inquiry string includes the blind note character string based on boolean, time-based blind note character string and/or heap and looked into Ask injection character string.
3. SQL injection leak detection method according to claim 1, it is characterised in that:
Methods described is created based on Scrapy frameworks.
A kind of 4. SQL injection Hole Detection device, it is characterised in that including:
Sending module, for sending the first inquiry request and the second inquiry request to Web server;
Receiving module, the first inquiry response returned for receiving the first inquiry request described in web server response, and, connect Receive the second inquiry response that the second inquiry request described in web server response returns;
Extraction module, for extracting checking parameter of the Web server in preceding inquiry response, and, extraction first inquiry Checking parameter in response;Described mutually should be in preceding inquiry inquires about sound corresponding to the inquiry request before first inquiry request Should;
Wherein:First inquiry request includes the checking parameter in the first inquiry string, and the inquiry response preceding again; Second inquiry request includes the checking parameter in the second inquiry string, and first inquiry response;Described first One of inquiry string and second inquiry string are normal queries character strings, another to be and the normal queries character string Corresponding SQL injection Hole Detection character string;
Leak judge module, judge for the response data in first inquiry response and second inquiry response Web, which is applied, whether there is SQL injection leak.
5. SQL injection Hole Detection device according to claim 4, it is characterised in that:
The leak inquiry string includes the blind note character string based on boolean, time-based blind note character string and/or heap and looked into Ask injection character string.
6. SQL injection Hole Detection device according to claim 4, it is characterised in that:
Described device is the device created based on Scrapy frameworks.
CN201710742057.2A 2017-08-25 2017-08-25 A kind of SQL injection leak detection method and detection means Pending CN107704758A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710742057.2A CN107704758A (en) 2017-08-25 2017-08-25 A kind of SQL injection leak detection method and detection means

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710742057.2A CN107704758A (en) 2017-08-25 2017-08-25 A kind of SQL injection leak detection method and detection means

Publications (1)

Publication Number Publication Date
CN107704758A true CN107704758A (en) 2018-02-16

Family

ID=61169816

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710742057.2A Pending CN107704758A (en) 2017-08-25 2017-08-25 A kind of SQL injection leak detection method and detection means

Country Status (1)

Country Link
CN (1) CN107704758A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109150842A (en) * 2018-07-25 2019-01-04 平安科技(深圳)有限公司 A kind of injection loophole detection method and device
CN109246113A (en) * 2018-09-21 2019-01-18 郑州云海信息技术有限公司 A kind of the SQL injection leak detection method and device of REST API
WO2020019515A1 (en) * 2018-07-25 2020-01-30 平安科技(深圳)有限公司 Injection vulnerability detection method and device
CN111600885A (en) * 2020-05-15 2020-08-28 北京铭图天成信息技术有限公司 SQL injection vulnerability detection method and device, equipment and storage medium
CN111680301A (en) * 2020-06-05 2020-09-18 深圳前海微众银行股份有限公司 Vulnerability detection method and device
CN111770079A (en) * 2020-06-24 2020-10-13 绿盟科技集团股份有限公司 Method and device for detecting vulnerability injection of web framework
CN112699373A (en) * 2020-12-24 2021-04-23 山东鲁能软件技术有限公司 Method and device for detecting SQL injection vulnerability in batch
CN113254942A (en) * 2021-05-24 2021-08-13 浙江网商银行股份有限公司 Data processing method, system and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102799830A (en) * 2012-08-06 2012-11-28 厦门市美亚柏科信息股份有限公司 Improved SQL (Structured Query Language) injection flaw detection method
CN103530564A (en) * 2013-09-24 2014-01-22 国家电网公司 Method and system for testing and verifying SQL injection vulnerability
CN104811303A (en) * 2014-01-24 2015-07-29 北京中传数广技术有限公司 Two-way authentication method, two-way authentication device and two-way authentication system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102799830A (en) * 2012-08-06 2012-11-28 厦门市美亚柏科信息股份有限公司 Improved SQL (Structured Query Language) injection flaw detection method
CN103530564A (en) * 2013-09-24 2014-01-22 国家电网公司 Method and system for testing and verifying SQL injection vulnerability
CN104811303A (en) * 2014-01-24 2015-07-29 北京中传数广技术有限公司 Two-way authentication method, two-way authentication device and two-way authentication system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109150842A (en) * 2018-07-25 2019-01-04 平安科技(深圳)有限公司 A kind of injection loophole detection method and device
WO2020019515A1 (en) * 2018-07-25 2020-01-30 平安科技(深圳)有限公司 Injection vulnerability detection method and device
WO2020019514A1 (en) * 2018-07-25 2020-01-30 平安科技(深圳)有限公司 Injection vulnerability detection method and apparatus
CN109150842B (en) * 2018-07-25 2021-07-09 平安科技(深圳)有限公司 Injection vulnerability detection method and device
CN109246113A (en) * 2018-09-21 2019-01-18 郑州云海信息技术有限公司 A kind of the SQL injection leak detection method and device of REST API
CN109246113B (en) * 2018-09-21 2021-08-10 郑州云海信息技术有限公司 REST API SQL injection vulnerability detection method and device
CN111600885A (en) * 2020-05-15 2020-08-28 北京铭图天成信息技术有限公司 SQL injection vulnerability detection method and device, equipment and storage medium
CN111680301A (en) * 2020-06-05 2020-09-18 深圳前海微众银行股份有限公司 Vulnerability detection method and device
CN111770079A (en) * 2020-06-24 2020-10-13 绿盟科技集团股份有限公司 Method and device for detecting vulnerability injection of web framework
CN111770079B (en) * 2020-06-24 2022-09-02 绿盟科技集团股份有限公司 Method and device for detecting vulnerability injection of web framework
CN112699373A (en) * 2020-12-24 2021-04-23 山东鲁能软件技术有限公司 Method and device for detecting SQL injection vulnerability in batch
CN113254942A (en) * 2021-05-24 2021-08-13 浙江网商银行股份有限公司 Data processing method, system and device

Similar Documents

Publication Publication Date Title
CN107704758A (en) A kind of SQL injection leak detection method and detection means
CN104580117A (en) Authentication method, device and system
CN102143016B (en) Website automation test method and system
CN104462981A (en) Detecting method and device for vulnerabilities
CN106131047A (en) Account login method and relevant device, account login system
CN105407074A (en) Authentication method, apparatus and system
CN103248525A (en) Method and device of configuring network resources
CN102831345A (en) Injection point extracting method in SQL (Structured Query Language) injection vulnerability detection
CN105260318A (en) Automatic testing method and device based on web pages
CN106874768A (en) The method and device of penetration testing
CN107026832A (en) Account logon method, equipment and server
CN105827438A (en) Method for setting APN automatically
CN104158802A (en) Platform authorization method, platform service side, application client side and system
CN102664925B (en) A kind of method of displaying searching result and device
CN105205757A (en) Android-based elective system
CN108769063A (en) A kind of method and device of automatic detection WebLogic known bugs
CN103812906B (en) Website recommendation method and device and communication system
CN108959939A (en) A kind of system permission open method, device, system and storage medium
CN106209757A (en) Automatically detection and convenient login method, device and the system of filling entry field
CN105138454A (en) Automatic testing method for B/S architecture security software
CN106547658A (en) A kind of automated testing method and device
CN102946396B (en) User agent's device, host web server and user authen method
CN103530209A (en) Automated testing method for code keyboard
CN106789869A (en) Flow based on Basic certifications acts on behalf of leak detection method and system
CN103001934A (en) Terminal application login method and terminal application login system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180216

RJ01 Rejection of invention patent application after publication