CN108154034B - Vulnerability analysis method and device based on WordPress - Google Patents
Vulnerability analysis method and device based on WordPress Download PDFInfo
- Publication number
- CN108154034B CN108154034B CN201711394336.0A CN201711394336A CN108154034B CN 108154034 B CN108154034 B CN 108154034B CN 201711394336 A CN201711394336 A CN 201711394336A CN 108154034 B CN108154034 B CN 108154034B
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- information
- wordpress
- target
- analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Abstract
The invention provides a method and a device for vulnerability analysis based on WordPress, and relates to the field of vulnerability detection. The vulnerability analysis method based on WordPress is applied to a server side and comprises the steps of obtaining target vulnerability information of WordPress on a public platform; calling an API (application program interface) of WordPress, and acquiring data information of a plurality of components, templates and plug-ins according to the utilization rate; performing correlation analysis on the target vulnerability information and the plurality of data information to obtain a vulnerability analysis result of each target vulnerability information; and generating a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information, and pushing the vulnerability analysis report to a pre-configured user terminal. The method and the device for vulnerability analysis based on WordPress can comprehensively collect vulnerability information about WordPress in the Internet and can remind a user to update patches or update versions so as to repair vulnerabilities.
Description
Technical Field
The invention relates to the field of vulnerability detection, in particular to a vulnerability analysis method and device based on WordPress.
Background
WordPress is a content management system for keeping the loading capacity for a long time at home and abroad, and has billions of users who independently use, however, because of different levels of developers, the loophole of WordPress is frequent. At present, most of large public vulnerability publishing platforms at home and abroad are comprehensive vulnerability publishing platforms, and the concerned targets are hardware equipment vulnerabilities, application server vulnerabilities, various large operating system vulnerabilities and Web application program vulnerabilities on the Internet. The content is relatively numerous and complicated, the specificity is not possessed, and the comprehensive loophole information collection work aiming at WordPress cannot be carried out.
Therefore, how to provide an effective scheme to implement comprehensive vulnerability analysis on the vulnerability of WordPress is a major issue to be solved at present.
Disclosure of Invention
In view of the above, an object of the embodiments of the present invention is to provide a method and an apparatus for vulnerability analysis based on WordPress, so as to improve the above problems.
In a first aspect, the vulnerability analysis method based on WordPress provided in the embodiments of the present invention is applied to a server, and the method includes:
obtaining target vulnerability information of the WordPress on a public platform;
calling the API interface of the WordPress, and acquiring data information of a plurality of components, templates and plug-ins according to the utilization rate;
performing correlation analysis on the target vulnerability information and the plurality of data information to obtain vulnerability analysis results of each target vulnerability information;
and generating a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information, and pushing the vulnerability analysis report to a pre-configured user terminal.
Optionally, the obtaining target vulnerability information of the WordPress on the public platform includes:
crawling content information associated with the WordPress on the public platform;
and screening the content information through the keywords to obtain target vulnerability information.
Optionally, the filtering the content information by the keyword to obtain target vulnerability information includes:
and screening the content information by taking at least one of a vulnerability name, a vulnerability type, a CVE (content security association) number, a vulnerability number, a version number, an object name and a vulnerability verification code as a keyword to obtain the target vulnerability information.
Optionally, the data information includes a vulnerability type, a vulnerability influence range and an influence object, and the associating analysis is performed on the target vulnerability information and the plurality of data information to obtain a vulnerability analysis result of each target vulnerability information, including:
and performing correlation analysis on the target vulnerability information and corresponding data information in the plurality of data information to obtain vulnerability types, vulnerability influence ranges, influence objects and hazard degrees corresponding to each target vulnerability information.
Optionally, the obtaining target vulnerability information of the WordPress on the public platform includes:
and obtaining the target vulnerability information of the WordPress on the public platform at preset time intervals.
In a second aspect, an embodiment of the present invention provides a WordPress-based vulnerability analysis apparatus, which is applied to a server, where the WordPress-based vulnerability analysis apparatus includes:
the first acquisition module is used for acquiring target vulnerability information of the WordPress on the public platform;
the second acquisition module is used for calling the API interface of the WordPress and acquiring data information of a plurality of components, templates and plug-ins according to the utilization rate;
the analysis module is used for performing correlation analysis on the target vulnerability information and the plurality of data information to obtain a vulnerability analysis result of each target vulnerability information;
the generating module is used for generating a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information;
and the sending module is used for pushing the vulnerability analysis report to a pre-configured user terminal.
Optionally, the first obtaining module includes:
the crawling submodule is used for crawling content information related to the WordPress on the public platform;
and the screening submodule is used for screening the content information through the keywords to obtain target vulnerability information.
Optionally, the screening submodule is configured to screen the content information to obtain the target vulnerability information, with at least one of a vulnerability name, a vulnerability type, a CVE number, a vulnerability number, a version number, an object name, and a vulnerability verification code as a keyword.
Optionally, the data information includes a vulnerability type, a vulnerability influence range and an influence object, and the analysis module is configured to perform association analysis on the target vulnerability information and a plurality of data information corresponding to the data information to obtain the vulnerability type, vulnerability influence range, influence object and hazard level corresponding to each target vulnerability information.
Optionally, the first obtaining module is configured to obtain target vulnerability information of the WordPress on the public platform at predetermined time intervals.
Compared with the prior art, the method and the device for vulnerability analysis based on WordPress have the following beneficial effects:
the vulnerability analysis method and device based on WordPress comprehensively collect vulnerability information about WordPress in the Internet, perform correlation analysis by combining data information of components, templates and plug-ins with the prior use rate released by the WordPress official, finally form a vulnerability analysis report and send the report to a configured user terminal, and remind a user of updating patches or updating versions in time so as to repair vulnerabilities.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a schematic diagram illustrating interaction between a server and a user terminal according to a preferred embodiment of the present invention.
Fig. 2 is a block diagram of a server according to a preferred embodiment of the present invention.
Fig. 3 is a flowchart of a WordPress-based vulnerability analysis method according to a preferred embodiment of the present invention.
Fig. 4 is a flowchart of the substeps of step S101 in fig. 3.
Fig. 5 is a functional block diagram of a bug analysis device based on WordPress according to a preferred embodiment of the present invention.
Fig. 6 is a functional block diagram of a first obtaining module according to a preferred embodiment of the present invention.
Icon: 100-a server; 110-a WordPress based vulnerability analysis device; 111-a first acquisition module; 1111-crawl sub-module; 1113-screening submodule; 113-a second acquisition module; 115-an analysis module; 117-a generation module; 119-a sending module; 130-a memory; 150-a processor; 170-a communication unit; 200-a user terminal; 300-network.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present invention, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Fig. 1 is a schematic diagram illustrating the interaction between the server 100 and the user terminal 200 according to the preferred embodiment of the present invention. The server 100 is communicatively connected to one or more user terminals 200 through a network 300 for data communication or interaction. The server 100 may be a web server, a database server, etc. The user terminal 200 may be a Personal Computer (PC), a tablet PC, a smart phone, a Personal Digital Assistant (PDA), and the like.
Fig. 2 is a block diagram of the server 100. The server 100 includes a WordPress-based vulnerability analysis apparatus 110, a memory 130, a processor 150, and a communication unit 170.
The memory 130, the processor 150, and the communication unit 170 are electrically connected to each other directly or indirectly to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The WordPress-based vulnerability analysis apparatus 110 includes at least one software function module which can be stored in the memory 130 in the form of software or firmware (firmware) or solidified in an Operating System (OS) of the server 100. The processor 150 is used for executing executable modules stored in the memory 130, such as software functional modules and computer programs included in the WordPress-based vulnerability analysis device 110.
The Memory 130 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like. The memory 130 is used for storing a program, and the processor 150 executes the program after receiving the execution instruction. The communication unit 170 is configured to establish a communication connection between the server 100 and the user terminal 200 through the network 300, and is configured to transceive data through the network 300.
Please refer to fig. 3, which is a flowchart illustrating a method for vulnerability analysis based on WordPress according to a preferred embodiment of the present invention applied to the vulnerability analysis apparatus 110 based on WordPress shown in fig. 2. The specific flow shown in fig. 3 will be described in detail below.
And step S101, obtaining target vulnerability information of the WordPress on the public platform.
In the embodiment of the present invention, the server 100 is installed with an application program for WordPress vulnerability analysis. When analyzing the vulnerability of the WordPress, the server 100 firstly obtains the target vulnerability information of the WordPress from the public platform through the web crawler.
Referring to fig. 4, the step of obtaining the target vulnerability information of WordPress specifically includes the following sub-steps.
And a substep S1011, crawling the content information associated with the WordPress on the public platform.
The server 100 writes a corresponding crawler program, and the server 100 crawls the content information on the public platform at preset time intervals through the crawler program to obtain the content information containing WordPress, namely the content information associated with WordPress.
In the embodiment of the invention, the public platform refers to a vulnerability publishing platform which is published at home and abroad, such as social media platforms like Twitter, Facebook, GitHub, microblog and the like.
And a substep S1012, screening the content information through the keywords to obtain target vulnerability information.
After obtaining the content information associated with the WordPress on the public platform, the server 100 selects at least one of the currently known vulnerability name, vulnerability type, CVE number, vulnerability number, version number, object name, vulnerability verification code, etc. as a keyword, and obtains the target vulnerability information by screening the content information. And stores the target vulnerability information in the database of the server 100. The target vulnerability information comprises at least one of vulnerability name, vulnerability type, CVE number, vulnerability number, version number, object name, vulnerability verification code and other parameters.
And step S102, calling an API (application program interface) of WordPress, and acquiring data information of a plurality of components, templates and plug-ins according to the utilization rate.
Meanwhile, the service end 100 calls an API interface of WordPress to periodically query the release condition of the official version, acquires data information of a plurality of components, templates and plug-ins with higher current utilization rate according to the utilization rate (downloaded times), and stores the acquired data information into a database, wherein the data information includes a vulnerability type, a vulnerability influence range, an influence object and the like. Wherein, the vulnerability influence range refers to the version range of WordPress influenced by the vulnerability. The influence object refers to a component, a template or a plug-in affected by the vulnerability, for example, if the vulnerability affects the component a, the influence object in the data information is the component a.
It should be noted that the order of step S101 and step S102 is not limited in the embodiment of the present invention.
Step S103, performing correlation analysis on the target vulnerability information and the plurality of data information to obtain a vulnerability analysis result of each target vulnerability information.
The data information comprises parameters such as vulnerability types, vulnerability influence ranges and influence objects. After obtaining the target vulnerability information of WordPress on the public platform and the data information of a plurality of components, templates and plug-ins with the former current utilization rate, the server 100 performs correlation analysis on the target vulnerability information and the corresponding data information in the plurality of data information to obtain the vulnerability type, vulnerability influence range, influence object and hazard degree corresponding to each target vulnerability information.
The target vulnerability information and the corresponding data information in the plurality of data information mean that the vulnerability corresponding to the vulnerability information and the vulnerability corresponding to the data information are the same vulnerability.
For example: the obtained target vulnerability information is assumed to have a vulnerability exploitation code, wherein the vulnerability name is 'WordPress Plugin WoCommerce 2.0/3.0-Directory transaction', the influence version is WordPress 4.8.3, and the CVE number is CVE-2017-. Then, the plug-in name in the target vulnerability information is "wooCommerce", the version number is "2.0/3.0", and the vulnerability type is "Directory transaction".
At this time, the server 100 matches the plug-in name "WooCommerce" in the target vulnerability information with data information of a plurality of components, templates, and plug-ins with higher usage rates stored in the database. Assuming that there is data information matching with a plug-in name (i.e., an impact object) of "wooCommerce" and the latest version is 3.2.5, the number of active installations is 300 ten thousand or more.
Then, the server 100 gives a weight to each parameter in the data information to determine the vulnerability hazard degree. Such as: the vulnerability type is a directory traversal vulnerability and is a medium-risk vulnerability. The impact version ranges from 2.0 to 3.0, with a moderate hazard range relative to the latest version 3.2.5. The location where the vulnerability exists (i.e., the affected object) is a plug-in, and is not the WordPress main program, so the hazard is moderate. The installation quantity is more than 300 ten thousand, and the influence degree is medium and high. And comprehensively judging that the vulnerability damage degree is a medium-risk vulnerability, namely, the vulnerability analysis result of the target vulnerability information is the medium-risk vulnerability.
Through the above manner, the server 100 can obtain the vulnerability analysis result of each target vulnerability information.
And step S104, generating a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information, and pushing the vulnerability analysis report to a pre-configured user terminal.
After obtaining the vulnerability analysis result of each target vulnerability information, the server 100 mainly uses parameters such as vulnerability influence range (i.e. influenced version) and influence object (component, template or plug-in) in the vulnerability information as main parameters to generate a vulnerability analysis report. And meanwhile, establishing a WordPress vulnerability analysis report template. When the latest vulnerability is found, automatically generating a vulnerability analysis report after obtaining a result through the correlation analysis of the steps.
The server 100 is preconfigured with a plurality of user terminals 200, and after the server 100 generates a vulnerability analysis report, the server 100 actively pushes the generated vulnerability analysis report to all preconfigured user terminals 200 to remind users of the user terminals 200 to update patches or update versions in time so as to repair vulnerabilities.
To sum up, the method for vulnerability analysis based on WordPress according to the embodiment of the present invention obtains target vulnerability information of WordPress on a public platform at predetermined time intervals, and calls an official API interface to obtain data information of a plurality of components, templates and plug-ins of WordPress with a higher current utilization rate, and performs correlation analysis on the target vulnerability information and the data information to obtain a vulnerability analysis result, and finally sends the vulnerability analysis result to the user terminal 200. Therefore, the WordPress vulnerability on the Internet can be comprehensively discovered at regular time. Meanwhile, the vulnerability analysis report is generated based on parameters such as vulnerability influence range (influenced version) and influence object (component, template or plug-in), and a user can conveniently determine whether the website is influenced by the new vulnerability according to the vulnerability influence range and the influence object. In addition, the vulnerability early warning system has an automatic pushing function, and can quickly push vulnerability early warning information to the user so as to remind the user of the user terminal 200 to update patches or update versions in time so as to repair vulnerabilities.
Please refer to fig. 5, which is a functional block diagram of the bug analysis device 110 based on WordPress shown in fig. 2 according to a preferred embodiment of the present invention. The WordPress-based vulnerability analysis device 110 comprises a first obtaining module 111, a second obtaining module 113, an analysis module 115, a generation module 117 and a sending module 119.
The first obtaining module 111 is configured to obtain target vulnerability information of the WordPress on the public platform.
In the embodiment of the present invention, when analyzing a WordPress vulnerability, the first obtaining module 111 of the server 100 first obtains target vulnerability information of WordPress from a public platform through a web crawler.
Referring to fig. 6, the first obtaining module 111 includes a crawling sub-module 1111 and a filtering sub-module 1113. And the crawling sub-module 1111 is configured to crawl content information associated with the WordPress on the public platform. The screening submodule 1113 is configured to screen the content information through the keyword to obtain target vulnerability information.
It is understood that the first obtaining module 111 may be configured to perform the step S101, the crawling sub-module 1111 may be configured to perform the step S1011, and the filtering sub-module 1113 may be configured to perform the step S1012.
The second obtaining module 113 is configured to call an API interface of WordPress, and obtain data information of a plurality of components, templates, and plug-ins according to the usage rate.
Meanwhile, the server 100 calls an API interface of WordPress through the second obtaining module 113 to periodically query the release condition of the official version, obtains data information of a plurality of components, templates, and plug-ins with a higher current usage rate according to the usage rate (downloaded times), and stores the obtained data information into a database, where the data information includes a vulnerability type, a vulnerability influence range, an influence object, and the like.
It is understood that the second obtaining module 113 may be configured to perform the step S102.
The analysis module 115 is configured to perform association analysis on the target vulnerability information and the plurality of data information to obtain a vulnerability analysis result of each target vulnerability information.
The data information comprises parameters such as vulnerability types, vulnerability influence ranges and influence objects. After obtaining the target vulnerability information of WordPress on the public platform and the data information of a plurality of components, templates and plug-ins with the former current utilization rate, the server 100 performs correlation analysis on the target vulnerability information and the corresponding data information in the plurality of data information through the analysis module 115 to obtain the vulnerability type, vulnerability influence range, influence object and hazard degree corresponding to each target vulnerability information.
It is understood that the analysis module 115 may be used for at least the step S103 described above.
The generating module 117 is configured to generate a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information.
After obtaining the vulnerability analysis result of each target vulnerability information, the server 100 generates a vulnerability analysis report by using the parameters such as vulnerability influence range (i.e. influenced version) and influence object (component, template or plug-in) in the vulnerability information as main parameters through the generation module 117.
It is to be understood that the generating module 117 may be configured to perform the process of generating the vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information in step S104.
The sending module 119 is configured to push the vulnerability analysis report to the preconfigured user terminal.
The server 100 is preconfigured with a plurality of user terminals 200, and after generating the vulnerability analysis report, the server 100 actively pushes the generated vulnerability analysis report to all preconfigured user terminals 200 through the sending module 119 to remind the user of the user terminal 200 to update the patch or the update version in time, so as to repair the vulnerability.
It is to be understood that the sending module 119 may be configured to perform the procedure of pushing the vulnerability analysis report to the preconfigured user terminal in step S104.
To sum up, the loophole analysis device based on WordPress provided by the embodiment of the present invention can obtain target loophole information of WordPress on a public platform at predetermined time intervals, call an official API interface to obtain data information of a plurality of components, templates, and plug-ins of WordPress with a front current utilization rate, perform correlation analysis on the target loophole information and the data information to obtain a loophole analysis result, and finally send the loophole analysis result to the user terminal 200. Therefore, the WordPress vulnerability on the Internet can be comprehensively discovered at regular time. Meanwhile, the vulnerability analysis report is generated based on parameters such as vulnerability influence range (influenced version) and influence object (component, template or plug-in), and a user can conveniently determine whether the website is influenced by the new vulnerability according to the vulnerability influence range and the influence object. In addition, the vulnerability early warning system has an automatic pushing function, and can quickly push vulnerability early warning information to the user so as to remind the user of the user terminal 200 to update patches or update versions in time so as to repair vulnerabilities.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (6)
1. A vulnerability analysis method based on WordPress is applied to a server side and is characterized by comprising the following steps:
obtaining target vulnerability information of the WordPress on a public platform;
calling the API interface of the WordPress, inquiring and obtaining the release condition of the official WordPress version, and obtaining data information of a plurality of components, templates and plug-ins according to the utilization rate;
performing correlation analysis on the target vulnerability information and the plurality of data information to obtain vulnerability analysis results of each target vulnerability information;
generating a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information, and pushing the vulnerability analysis report to a pre-configured user terminal;
the obtaining target vulnerability information of WordPress on the public platform comprises:
crawling content information associated with the WordPress on the public platform;
screening the content information through keywords to obtain target vulnerability information;
the method for screening the content information through the keywords to obtain target vulnerability information comprises the following steps:
and screening the content information by taking at least one of a vulnerability name, a vulnerability type, a CVE (content security association) number, a vulnerability number, a version number, an object name and a vulnerability verification code as a keyword to obtain the target vulnerability information.
2. The WordPress-based vulnerability analysis method according to claim 1, wherein the data information includes vulnerability type, vulnerability influence scope and influence object, the target vulnerability information and the plurality of data information are subjected to correlation analysis to obtain vulnerability analysis result of each target vulnerability information, and the method includes:
and performing correlation analysis on the target vulnerability information and corresponding data information in the plurality of data information to obtain vulnerability types, vulnerability influence ranges, influence objects and hazard degrees corresponding to each target vulnerability information.
3. The method of claim 1, wherein the obtaining target vulnerability information of the WordPress on a common platform comprises:
and obtaining the target vulnerability information of the WordPress on the public platform at preset time intervals.
4. A loophole analyzing device based on WordPress is applied to a server side, and is characterized by comprising the following components:
the first acquisition module is used for acquiring target vulnerability information of the WordPress on the public platform;
the second acquisition module is used for calling the API of the WordPress, inquiring and acquiring the release condition of the official WordPress version, and acquiring data information of a plurality of components, templates and plug-ins according to the utilization rate;
the analysis module is used for performing correlation analysis on the target vulnerability information and the plurality of data information to obtain a vulnerability analysis result of each target vulnerability information;
the generating module is used for generating a vulnerability analysis report according to the vulnerability analysis result of each target vulnerability information;
the sending module is used for pushing the vulnerability analysis report to a pre-configured user terminal;
the first obtaining module comprises:
the crawling submodule is used for crawling content information related to the WordPress on the public platform;
the screening submodule is used for screening the content information through the keywords to obtain target vulnerability information;
the screening submodule is used for screening the content information by taking at least one of a vulnerability name, a vulnerability type, a CVE number, a vulnerability number, a version number, an object name and a vulnerability verification code as a keyword to obtain the target vulnerability information.
5. The WordPress-based vulnerability analysis device according to claim 4, wherein the data information includes vulnerability type, vulnerability influence range and influence object, and the analysis module is configured to perform correlation analysis on the target vulnerability information and corresponding data information in the plurality of data information to obtain vulnerability type, vulnerability influence range, influence object and hazard level corresponding to each target vulnerability information.
6. The WordPress-based vulnerability analysis device according to claim 4, wherein the first obtaining module is used for obtaining target vulnerability information of WordPress on a public platform at preset time intervals.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711394336.0A CN108154034B (en) | 2017-12-21 | 2017-12-21 | Vulnerability analysis method and device based on WordPress |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711394336.0A CN108154034B (en) | 2017-12-21 | 2017-12-21 | Vulnerability analysis method and device based on WordPress |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108154034A CN108154034A (en) | 2018-06-12 |
| CN108154034B true CN108154034B (en) | 2020-04-07 |
Family
ID=62464830
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711394336.0A Active CN108154034B (en) | 2017-12-21 | 2017-12-21 | Vulnerability analysis method and device based on WordPress |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108154034B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109062638B (en) * | 2018-06-15 | 2021-09-17 | 平安科技(深圳)有限公司 | System component display method, computer readable storage medium and terminal device |
| CN109361707B (en) * | 2018-12-13 | 2021-07-13 | 北京知道创宇信息技术股份有限公司 | Batch query method, device, server and storage medium |
| CN110110527A (en) * | 2019-05-10 | 2019-08-09 | 重庆八戒电子商务有限公司 | A kind of discovery method of loophole component, discovery device, computer installation and storage medium |
| CN114024691B (en) * | 2020-07-15 | 2023-11-03 | 腾讯科技(深圳)有限公司 | Vulnerability information processing method, device, equipment and medium based on cloud security |
| CN111967020B (en) * | 2020-08-19 | 2024-02-23 | 中国银行股份有限公司 | System security hole scanning device and method |
| CN115118498B (en) * | 2022-06-28 | 2023-11-28 | 北京中科微澜科技有限公司 | Vulnerability data analysis method and system based on relevance |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404281A (en) * | 2010-09-09 | 2012-04-04 | 北京神州绿盟信息安全科技股份有限公司 | Website scanning device and method |
| CN104065645A (en) * | 2014-05-28 | 2014-09-24 | 北京知道创宇信息技术有限公司 | Web vulnerability protection method and apparatus |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8925049B2 (en) * | 2011-11-18 | 2014-12-30 | Lockheed Martin Corporation | Automated wireless vulnerability assessment using hand-held wireless devices |
| CN105468981B (en) * | 2015-11-20 | 2018-07-06 | 上海斐讯数据通信技术有限公司 | Plug-in security scanning means and scan method based on loophole identification technology |
| CN106649429B (en) * | 2016-08-25 | 2019-09-17 | 北京知道未来信息技术有限公司 | A kind of loophole hazard rating fast evaluation method and device based on multidimensional statistics |
| CN106570403A (en) * | 2016-11-02 | 2017-04-19 | 北京知道未来信息技术有限公司 | Loophole harm degree identification method based on risk model |
| CN107480533B (en) * | 2017-08-08 | 2022-05-24 | 深圳市腾讯计算机系统有限公司 | Vulnerability repairing method and device and storage medium |
-
2017
- 2017-12-21 CN CN201711394336.0A patent/CN108154034B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404281A (en) * | 2010-09-09 | 2012-04-04 | 北京神州绿盟信息安全科技股份有限公司 | Website scanning device and method |
| CN104065645A (en) * | 2014-05-28 | 2014-09-24 | 北京知道创宇信息技术有限公司 | Web vulnerability protection method and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108154034A (en) | 2018-06-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108154034B (en) | Vulnerability analysis method and device based on WordPress | |
| CN109558748B (en) | Data processing method and device, electronic equipment and storage medium | |
| US10419499B2 (en) | Method and system for application security evaluation | |
| Feal et al. | Angel or devil? a privacy study of mobile parental control apps | |
| US9992025B2 (en) | Monitoring installed applications on user devices | |
| Agarwal et al. | ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing | |
| WO2021040994A1 (en) | Systems, method, and media for determining security compliance of continuous build software | |
| KR101899589B1 (en) | System and method for authentication about safety software | |
| US10754634B1 (en) | Customized application package with context specific token | |
| US9053322B2 (en) | Computing environment security method and electronic computing system | |
| CN105117544A (en) | Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing | |
| CN111191226B (en) | Method, device, equipment and storage medium for determining program by utilizing right-raising loopholes | |
| KR20160120733A (en) | Data proxy service | |
| IL260174A (en) | Providing application programs to devices | |
| US20150007330A1 (en) | Scoring security risks of web browser extensions | |
| CN104021141A (en) | Method, device and system for data processing and cloud service | |
| Wu et al. | Detect repackaged android application based on http traffic similarity | |
| KR101286711B1 (en) | System and method for preventing malicious codes of mobile terminal | |
| Geiger et al. | Datasets of android applications: a literature review | |
| CN103036896A (en) | Method and system for testing malicious links | |
| CN103856568A (en) | Terminal and system for prompting safety state of user terminal and implementation method | |
| CN103020528A (en) | Display method and display device for malicious acts of applications | |
| US9665732B2 (en) | Secure Download from internet marketplace | |
| CN113326506A (en) | Applet monitoring method and device | |
| Yadav et al. | Android vulnerabilities and security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 311501, Unit 1, Building 5, Courtyard 1, Futong East Street, Chaoyang District, Beijing Applicant after: Beijing Zhichuangyu Information Technology Co., Ltd. Address before: Room 803, Jinwei Building, 55 Lanindichang South Road, Haidian District, Beijing Applicant before: Beijing Knows Chuangyu Information Technology Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |