CN110147675A - A kind of safety detection method and equipment of intelligent terminal - Google Patents
A kind of safety detection method and equipment of intelligent terminal Download PDFInfo
- Publication number
- CN110147675A CN110147675A CN201910429239.3A CN201910429239A CN110147675A CN 110147675 A CN110147675 A CN 110147675A CN 201910429239 A CN201910429239 A CN 201910429239A CN 110147675 A CN110147675 A CN 110147675A
- Authority
- CN
- China
- Prior art keywords
- intelligent terminal
- measured
- data packet
- detection
- firmware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
Abstract
This application discloses a kind of safety detection methods of intelligent terminal, applied to security detection equipment, it include: to establish to communicate to connect by universal interconnecting device and intelligent terminal to be measured when security detection equipment, then security detection equipment can obtain the data information in intelligent terminal to be measured, and utilize preset loophole rule base detection data information, if receiving the response message of data information or detecting sensitive keys word, then showing intelligent terminal to be measured, there are Information Security Risks, then generate corresponding testing result.Wherein, a plurality of types of data-interfaces are equipped in universal interconnecting device, connection can be established with different types of intelligent terminal, therefore safety detection can be carried out to a variety of intelligent terminals with a security detection equipment, to reduce detection duration and testing cost, the safety detection efficiency of intelligent terminal is improved.Correspondingly, the security detection equipment of a kind of intelligent terminal disclosed in the present application, similarly has above-mentioned technique effect.
Description
Technical field
This application involves safety detection technology field, in particular to the safety detection method and equipment of a kind of intelligent terminal.
Background technique
Common intelligent terminal includes: mobile intelligent terminal, vehicle intelligent terminal, smart television, wearable sets in life
Standby etc., the application scenarios and type of these intelligent terminals are varied, bring many conveniences to people's life.
In the prior art, if it is desired to detect the safety of intelligent terminal various aspects, it is necessary to be taken for current intelligent terminal
Test environment is built, measurement circuit is welded.And since the process for building test environment and measurement circuit is more complicated, the duration of consuming
And higher cost, therefore each production firm does not generally carry out safety test to intelligent terminal, but directly sell.Namely
It says, existing intelligent terminal lacks necessary safety detection link before factory;And existing safety adds detection mode to expend
Duration and higher cost, be unfavorable for implementing.
It should be noted that if safety test is not carried out to intelligent terminal, the intelligent terminal containing security breaches is direct
Sell to market, criminal is likely to steal privacy information using the security breaches of intelligent terminal, therefore sell without
There are high Information Security Risks for the intelligent terminal of safety detection.
Therefore, the safety detection efficiency of intelligent terminal how is improved, testing cost is reduced, is those skilled in the art's needs
It solves the problems, such as.
Summary of the invention
In view of this, a kind of safety detection method and equipment for being designed to provide intelligent terminal of the application, to improve
The safety detection efficiency of intelligent terminal reduces testing cost.Its concrete scheme is as follows:
In a first aspect, being applied to security detection equipment, packet this application provides a kind of safety detection method of intelligent terminal
It includes:
It is established and is communicated to connect by universal interconnecting device and intelligent terminal to be measured when security detection equipment, then obtain intelligence to be measured
Data information in energy terminal;A plurality of types of data-interfaces are equipped in universal interconnecting device;
Using preset loophole rule base detection data information, if receiving the response message of data information or detecting quick
Feel keyword, then generates testing result corresponding with data information.
Preferably, it is established and is communicated to connect by universal interconnecting device and intelligent terminal to be measured when security detection equipment, then obtained
The data information in intelligent terminal to be measured is taken, preset loophole rule base detection data information is utilized;If receiving data information
Response message or detect sensitive keys word, then generate corresponding with data information testing result, comprising:
When the security detection equipment establishes serial communication by the universal interconnecting device and the intelligent terminal to be measured
Connection then obtains the file in intelligent terminal to be measured using sftp order;
File is detected using preset loophole rule base, if detecting sensitive keys word from file, generates file leakage
Hole testing result.
Preferably, when the security detection equipment is established and gone here and there by the universal interconnecting device and the intelligent terminal to be measured
Port communications connection, further includes:
The shell permission of intelligent terminal serial ports to be measured is detected using whoami order, if shell permission is opened, is generated
Serial ports Hole Detection result.
Preferably, it is established and is communicated to connect by universal interconnecting device and intelligent terminal to be measured when security detection equipment, then obtained
The data information in intelligent terminal to be measured is taken, preset loophole rule base detection data information is utilized;If receiving data information
Response message or detect sensitive keys word, then generate corresponding with data information testing result, comprising:
It is established and is connected to the network with the intelligent terminal to be measured by the universal interconnecting device when the security detection equipment,
Then using the data packet in intelligent terminal to be measured described in packet capturing software grabs, data packet set is obtained;
The sensitive keys word in the data packet set is detected using the preset loophole rule base;
If receiving the response message of the sensitive keys word in the data packet set, data transmission Hole Detection is generated
As a result.
Preferably, after obtaining data packet set, further includes:
Judge in data packet set with the presence or absence of application data packet;
If so, detecting application data packet using preset loophole rule base;If from application data Bao Zhongjian
Sensitive keys word is measured, then generates vulnerability of application program testing result;
If it is not, then download application data packet, and execute and detect application data using preset loophole rule base
Packet;If the step of detecting sensitive keys word from application data packet, generating vulnerability of application program testing result.
Preferably, after obtaining data packet set, further includes:
Judge in data packet set with the presence or absence of firmware data packet;
If so, being detected using default firmware analysis tool scans firmware data packet, and using preset loophole rule base
Firmware data packet;If detecting sensitive keys word from firmware data packet, firmware Hole Detection result is generated;
If it is not, then obtaining firmware data packet, and execute using default firmware analysis tool scans firmware data packet, and utilize
Preset loophole rule base detects firmware data packet;If detecting sensitive keys word from firmware data packet, firmware leakage is generated
The step of hole testing result.
Preferably, it is established and is connected to the network by universal interconnecting device and intelligent terminal to be measured when security detection equipment, also wrapped
It includes:
IP address is configured for intelligent terminal to be measured, and Fuzz scanning is carried out to the open port of intelligent terminal to be measured, to obtain
Obtain open port testing result.
Preferably, it is established and is connected to the network by universal interconnecting device and intelligent terminal to be measured when security detection equipment, also wrapped
It includes:
The address URL in intelligent terminal to be measured is obtained, and accesses the address URL using blasting-tool;
If accessing successfully, URL Hole Detection result is generated.
Second aspect, this application provides a kind of security detection equipments of intelligent terminal, comprising:
Memory, for storing computer program;
Processor, for executing computer program, to realize the safety detection side of aforementioned disclosed any one intelligent terminal
Method.
Preferably, processor is set on USB device, and USB device is equipped with for connecting different types of intelligence to be measured eventually
The attachment device at end.
As it can be seen that the application can detect security risk present in a variety of intelligent terminals using security detection equipment.Specifically
, security detection equipment can be established by universal interconnecting device and intelligent terminal to be measured and be communicated to connect, and such safety detection is set
The standby data information that can be obtained in intelligent terminal to be measured, and preset loophole rule base detection data information is utilized, if connecing
Receive the response message of data information or detect sensitive keys word, then show intelligent terminal to be measured there are Information Security Risk,
Then generate corresponding testing result.Wherein, a plurality of types of data-interfaces are equipped in universal interconnecting device, it can be with different type
Intelligent terminal establish connection, therefore safety detection can be carried out to a variety of intelligent terminals with a security detection equipment,
It can avoid building test environment and measurement circuit for each intelligent terminal, to reduce detection duration and testing cost, mention
The high safety detection efficiency of intelligent terminal.
Correspondingly, the security detection equipment of a kind of intelligent terminal provided by the present application, similarly has above-mentioned technique effect.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the safety detection method flow chart of the first intelligent terminal disclosed in the present application;
Fig. 2 is a kind of file leak detection method flow chart disclosed in the present application;
Fig. 3 is a kind of serial ports leak detection method flow chart disclosed in the present application;
Fig. 4 is that a kind of data disclosed in the present application transmit leak detection method flow chart;
Fig. 5 is a kind of vulnerability of application program detection method flow chart disclosed in the present application;
Fig. 6 is a kind of firmware leak detection method flow chart disclosed in the present application;
Fig. 7 is a kind of open port detection method flow chart disclosed in the present application;
Fig. 8 is a kind of URL leak detection method flow chart disclosed in the present application;
Fig. 9 is the safety detection method flow chart of another intelligent terminal disclosed in the present application;
Figure 10 is a kind of security detection equipment schematic diagram of intelligent terminal disclosed in the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
At present, if it is desired to detect the safety of intelligent terminal various aspects, it is necessary to build test wrapper for current intelligent terminal
Measurement circuit is welded in border.And since the process for building test environment and measurement circuit is more complicated, duration of consuming and cost compared with
It is high.For this purpose, can reduce detection duration and testing cost this application provides a kind of safety detection scheme of intelligent terminal,
Improve the safety detection efficiency of intelligent terminal.
Shown in Figure 1, the embodiment of the present application discloses a kind of safety detection method of intelligent terminal, is applied to safety inspection
Measurement equipment, comprising:
S101, communication connection is established with intelligent terminal to be measured when security detection equipment passes through universal interconnecting device, then obtained
Data information in intelligent terminal to be measured;A plurality of types of data-interfaces are equipped in universal interconnecting device;
It should be noted that the data information in intelligent terminal to be measured includes: flowing through the data of the intelligent terminal to be measured
The local data information of information and intelligent terminal to be measured.Specifically, flowing through the data information of the intelligent terminal to be measured i.e. are as follows: to
Survey data information when intelligent terminal carries out data interaction by security detection equipment and network.Wherein, when intelligent terminal to be measured
When carrying out data interaction by security detection equipment and network, security detection equipment is equivalent to gateway.
S102, using preset loophole rule base detection data information, if receiving response message or the inspection of data information
Sensitive keys word is measured, then generates testing result corresponding with data information.
Specifically, presetting in loophole rule base, there are many vulnerability detection rules, specifically include: file vulnerability detection rule,
Serial ports vulnerability detection rule, data transmission vulnerability detection rule, vulnerability of application program detected rule, firmware vulnerability detection rule,
Open port detected rule, URL vulnerability detection rule.After getting data information, then corresponding vulnerability detection rule is used
Detection data information, to can get corresponding testing result.
It should be noted that being preset using in preset loophole rule base detection data information process if executing in library
Scanning rule corresponding sensitive keys word can be detected from data information, then show that data information may have been revealed and do not award
Weigh information;If constructing new detection packet based on data information, and other data informations are got using new detection packet, then shown
The other information of unauthorized can be got based on data information, it may be assumed that data information may also reveal other unauthorized information.Leakage
Rule in the rule base of hole can be used canonical matching way and carry out matching detection.
In the present embodiment, the data-interface in universal interconnecting device includes: the adapter of USB and serial ports, various models
4P adapter, the adapter of public affairs USB and public affairs Micro USB, public affairs HDMI and public affairs Micro HDMI adapter.Wherein, USB with
The adapter of serial ports can be specially that USB turns serial ports FT232.It is, of course, also possible to other types data-interface is set on bread board,
And bread board is arranged in universal interconnecting device, then security detection equipment can carry out further types of intelligent terminal
Safety detection.
Wherein, the safety detection of intelligent terminal is included at least: file Hole Detection, serial ports Hole Detection, data transmission
Hole Detection, vulnerability of application program detection, the detection of firmware Hole Detection, open port, URL Hole Detection.Wherein, when safety is examined
Measurement equipment is established serial communication with intelligent terminal to be measured by universal interconnecting device and is connect, then can carry out file Hole Detection and
Serial ports Hole Detection;It is established and is connected to the network by universal interconnecting device and intelligent terminal to be measured when security detection equipment, then it can be with
Carry out data transmission Hole Detection, vulnerability of application program detection, the detection of firmware Hole Detection, open port and URL Hole Detection.
As it can be seen that the present embodiment can detect security risk present in a variety of intelligent terminals using security detection equipment.Tool
Body, security detection equipment can be established by universal interconnecting device and intelligent terminal to be measured and be communicated to connect, such safety detection
Equipment can obtain the data information in intelligent terminal to be measured, and utilize preset loophole rule base detection data information, if
It receives the response message of data information or detects sensitive keys word, then showing intelligent terminal to be measured, there are information security wind
Danger, then generate corresponding testing result.Wherein, a plurality of types of data-interfaces are equipped in universal interconnecting device, it can be with difference
The intelligent terminal of type establishes connection, therefore can carry out safety inspection to a variety of intelligent terminals with a security detection equipment
It surveys, can avoid building test environment and measurement circuit for each intelligent terminal, so that detection duration and testing cost are reduced,
Improve the safety detection efficiency of intelligent terminal.
Shown in Figure 2, the embodiment of the present application discloses a kind of file leak detection method, sets applied to safety detection
It is standby, specifically includes the following steps:
S201, it serial communication is established with intelligent terminal to be measured by universal interconnecting device when security detection equipment connect, then
The file in intelligent terminal to be measured is obtained using sftp order;
S202, text is generated if detecting sensitive keys word from file using preset loophole rule base detection file
Part Hole Detection result.
In the present embodiment, preparatory programming (SuSE) Linux OS on the memory in security detection equipment, therefore pass through
Security detection equipment can use sftp instruction and export the file in intelligent terminal to be measured to security detection equipment, and using in advance
If loophole rule base detection file in whether there is sensitive keys word, sensitive keys word generally comprises in file: root,
Login, webserver, password, encrypt etc..If detecting these sensitive keys words, show intelligent terminal to be measured
In file there are information security loophole, therefore generate file Hole Detection result.
As it can be seen that the present embodiment is capable of detecting when that the file in intelligent terminal to be measured whether there is the risk of information leakage, if
In the presence of corresponding file Hole Detection result then can be generated.
Shown in Figure 3, the embodiment of the present application discloses a kind of serial ports leak detection method, sets applied to safety detection
It is standby, specifically includes the following steps:
S301, it serial communication is established with intelligent terminal to be measured by universal interconnecting device when security detection equipment connect, then
The shell permission of intelligent terminal serial ports to be measured is detected using whoami order;
S302, judge whether the shell permission of intelligent terminal serial ports to be measured opens;If so, executing S303;If it is not, then
Without operation;
S303, serial ports Hole Detection result is generated.
In the present embodiment, preparatory programming (SuSE) Linux OS on the memory in security detection equipment, therefore can be with
The shell permission of intelligent terminal serial ports to be measured is checked by serial communication tool minicom, if intelligent terminal serial ports to be measured is opened
Shell permission then shows that intelligent terminal serial ports to be measured has debugging risk, therefore generates serial ports Hole Detection result.
It should be noted that intelligent terminal serial ports to be measured is connected by connecting line with the serial ports in universal interconnecting device, and
And universal interconnecting device is connected with security detection equipment, therefore intelligent terminal to be measured and security detection equipment can establish serial ports and lead to
Letter connection.
As it can be seen that whether the shell permission that the present embodiment is able to detect intelligent terminal serial ports to be measured opens, if so, showing
There is debugging risk in intelligent terminal serial ports to be measured, then corresponding serial ports Hole Detection result can be generated.
Shown in Figure 4, the embodiment of the present application discloses a kind of data transmission leak detection method, is applied to safety detection
Equipment, comprising:
S401, network connection is established with intelligent terminal to be measured when security detection equipment passes through universal interconnecting device, then utilized
Data packet in packet capturing software grabs intelligent terminal to be measured, obtains data packet set;
S402, the sensitive keys word in preset loophole rule base detection data packet set is utilized;
If S403, the response message for receiving sensitive keys word in data packet set, data transmission loophole inspection is generated
Survey result.
Specifically, network connection is Wi-Fi connection or Ethernet connection.That is: security detection equipment and intelligence to be measured is whole
The internetwork connection mode at end can connect for WIFI connection or physical network.When security detection equipment and intelligent terminal to be measured are established
When network connection, security detection equipment is equivalent to gateway, can distribute IP address for intelligent terminal to be measured.Work as safety detection
When equipment is established WIFI network with intelligent terminal to be measured and connect, the two can carry out physical network company without going through universal interconnecting device
It connects.
In the present embodiment, if detecting the sensitive keys word in data packet set using preset loophole rule base,
Based on the keyword building detection packet detected, and detection packet is sent to intelligent terminal to be measured, if receiving corresponding response report
Text then shows that intelligent terminal to be measured can reveal other unauthorized information, then generates data transmission Hole Detection result.
It establishes and is connected to the network when security detection equipment and intelligent terminal to be measured, can use packet capturing software grabs intelligence to be measured
Data packet in terminal, packet capturing software such as wireshark plug-in unit.Grab the sensitive keys word packet in obtained data packet set
It includes: dev, id, name, address, phone, lantitude, status, date, sid, upload, token, IP, url, postal
Case authorizes sensitive field, authorizes sensitive field such as: opening open, closes close, adjusts change, drop, shared share, update.
Detect that the sensitive keys word in data packet set, modification sensitive keys word carry out Replay Attack using preset loophole rule base
Afterwards, if success attack, show available to other equipment or more based on the data packet in intelligent terminal to be measured
Information.Therefore there are data to transmit loophole for intelligent terminal to be measured, therefore generates data and transmit Hole Detection result.Wherein, if obtaining
The information of more unauthorizeds is got, then unauthorized operation API list, information leakage API list, SQL injection list, text can be generated
Part uploads list, and these lists are added in data transmission Hole Detection result.
In the specific implementation, above-mentioned data transmission leak detection method can be written as python script, pass through python foot
The crawl of this calling packet capturing software realization data packet.
In the present embodiment, after obtaining data packet set, further includes: vulnerability of application program detection method please specifically join
See Fig. 5:
S501, judge in data packet set with the presence or absence of application data packet;If so, executing S502;If it is not, then holding
Row S503;
S502, application data packet is detected using preset loophole rule base;If being detected from application data packet
To sensitive keys word, then vulnerability of application program testing result is generated;
S503, download application data packet, and execute S502.
It should be noted that may have application data packet in the data packet set grabbed, but also having can
Application data packet can not be grabbed, only grab the download link of application data packet.
When there are application data packet, can directly being answered using the detection of preset loophole rule base in data packet set
Show that application data packet exists if detecting corresponding sensitive keys word with the sensitive keys word in program data packet
Information Security Risk, therefore generate vulnerability of application program testing result.
When application data packet is not present in data packet set, but there are the download links of application data packet, then
It can use wget download tool download application data packet, to obtain application data packet, and execute S503.
If application data packet is both not present in data packet set, the downloading chain of application data packet is also not present
Connect, then can from intelligent terminal to be measured corresponding official website download application data packet.
Specifically, in preset loophole rule base include a variety of scanners, respectively jadx, apktool, baksmali,
Smali, XMLPrinter, xposed, zjdroid, DumpDex, FDex2 and certainly the shelling virtual machine of compiling.These scannings
Device can inversely get the code in application data packet.Wherein, the sensitive keys word in application data packet includes:
Hard coded password, Encryption Algorithm, mailbox, phone, access address, IP etc.;Detection export component, constructs adb packet and extra
Field, the sensitive behaviors such as detection ad interface, test interface;Debug debugging configuration;Backup debugging configuration;Sensitivity is locally stored
File detection;Webview test password is locally stored and orders execution etc..
In the present embodiment, after obtaining data packet set, further includes: firmware leak detection method specifically refers to figure
6:
S601, judge in data packet set with the presence or absence of firmware data packet;If so, executing S602;If it is not, then executing
S603;
S602, it is detected admittedly using default firmware analysis tool scans firmware data packet, and using preset loophole rule base
Part data packet;If detecting sensitive keys word from firmware data packet, firmware Hole Detection result is generated;
S603, firmware data packet is obtained, and executes S602.
It should be noted that there may be firmware data packet in the data packet set grabbed, but it is also possible to not
Grab firmware data packet.When there are firmware data packet, can directly utilizing default firmware analysis tool in data packet set
Firmware data packet is scanned, and utilizes the sensitive keys word in preset loophole rule base detection firmware data packet;If detecting phase
The sensitive keys word answered, then showing firmware data packet, there are Information Security Risks, therefore generate firmware Hole Detection result.
When firmware data packet is not present in data packet set, then firmware data can be obtained using any one following method
Packet.The first: downloading firmware data packet from the corresponding official website of intelligent terminal to be measured, to obtain firmware data packet;The
Two kinds: the device version of intelligent terminal to be measured being revised as minimum version, playback request updated data package is online to trigger firmware
Upgrading, to intercept firmware data packet;The third: being obtained solid by hardware debugging interface (jtag mouthfuls, serial ports or storage chip)
Part data packet.
It should be noted that the data packet in data packet set is to flow through the data packet of intelligent terminal to be measured.
As it can be seen that whether the data packet that the present embodiment is able to detect in intelligent terminal to be measured can reveal sensitive keys word;It utilizes
Whether the sensitive keys word of leakage can get other information of going beyond one's commission;If so, showing intelligent terminal to be measured, there are data transmission to leak
Hole, therefore generate data and transmit Hole Detection result.Meanwhile if the data packet in intelligent terminal to be measured there are application data packets
And firmware data packet, application data packet and firmware data packet can also be detected, and generate vulnerability of application program inspection
Survey result and firmware Hole Detection result.
Shown in Figure 7, the embodiment of the present application discloses a kind of open port detection method, sets applied to safety detection
It is standby, specifically includes the following steps:
S701, network connection is established with intelligent terminal to be measured when security detection equipment passes through universal interconnecting device, is to be measured
Intelligent terminal configures IP address;
S701, Fuzz scanning is carried out to the open port of intelligent terminal to be measured, to obtain open port testing result.
It is established and is connected to the network by universal interconnecting device and intelligent terminal to be measured when security detection equipment, and safety detection is set
It is standby to be modeled as gateway, and be that intelligent terminal to be measured is configured with IP address using DHCP service, then can be to intelligence to be measured
The open port of terminal carries out Fuzz scanning.
If the open port of intelligent terminal to be measured is 5555, consideration may be the long-range ADB debugging end of android system
Mouthful, the instruction such as push/pull/install is executed after attempting connection;If the open port of intelligent terminal to be measured is 3389, examine
Worry may be the long-range connection port telnet, execute the instruction such as whoami after attempting connection;If the open end of intelligent terminal to be measured
Mouthful it is 22, then considers to attempt to execute whoami after remote connection unit, be switched to sftp, attempt execution there may be ssh connection
Get/put instruction uploads downloading data;If the open port of intelligent terminal to be measured is 5683, consider that there may be coap agreements;
If the open port of intelligent terminal to be measured is 1883, consider to be mqtt agreement etc..
If showing intelligence to be measured if connection can be established by the open port and intelligent terminal to be measured of intelligent terminal to be measured
There are information leakage risks for the open port of energy terminal, then generate open port testing result.It is set in open port testing result
Be equipped with: whether the open port and each open port that scan can establish the result of connection.
As it can be seen that the present embodiment is capable of detecting when the open port of intelligent terminal to be measured with the presence or absence of information leakage risk;If
It is then to generate open port testing result.
Shown in Figure 8, the embodiment of the present application discloses a kind of URL leak detection method, is applied to security detection equipment,
Specifically includes the following steps:
S801, network connection is established with intelligent terminal to be measured when security detection equipment passes through universal interconnecting device, then obtained
The address URL in intelligent terminal to be measured;
S802, the address URL is accessed using blasting-tool;If accessing successfully, URL Hole Detection result is generated.
Established and be connected to the network by universal interconnecting device and intelligent terminal to be measured when security detection equipment, then it is available to
The address URL in intelligent terminal is surveyed, if these addresses URL can be by successful access, with showing the URL in intelligent terminal to be measured
There are the risks that information is stolen for location.It should be noted that being illustrated using the blasting-tool access address URL if successful access
Can be with the unwarranted information of unauthorized access, therefore generate URL Hole Detection result.
Wherein, blasting-tool can be with are as follows: dirsearch, Gobuster etc..The address URL is handled using blasting-tool, it may
The key messages such as cloud address, back-stage management address, gateway address can be obtained, and these information are typically all to need by authorization
It could access.
As it can be seen that the present embodiment be capable of detecting when in the address URL whether there is the risk that is stolen of information;If it exists, then
Generate URL Hole Detection result.
Shown in Figure 9, the embodiment of the present application discloses the safety detection method of another intelligent terminal, and this method can be with
File, serial ports, data transmission, application program, firmware, open port and the URL in intelligent terminal to be measured are detected, to obtain
Including file Hole Detection, serial ports Hole Detection, data transmission Hole Detection, vulnerability of application program detection, firmware Hole Detection,
Open port detection, URL Hole Detection examining report.Technical staff can carry out intelligent terminal according to examining report
Loophole reparation, to improve the safety of intelligent terminal.
Wherein, file Hole Detection, serial ports Hole Detection, data transmission Hole Detection, vulnerability of application program detection, firmware
Hole Detection, open port detect, the testing process of URL Hole Detection refers to Fig. 9.Test equipment in Fig. 9 is safety
Detection device;Mobile phone application is the above-mentioned application data packet referred to, and mobile phone application can be specially control smart machine
Application program.Generally smart machine can all correspond to the APP for controlling itself;Update firmware packet is above-mentioned refers to
Firmware data packet.
It should be noted that step and the same or similar part of above-mentioned any embodiment in Fig. 9, refer to above-mentioned reality
Example is applied, this embodiment is not repeated.
It should be noted that during using preset loophole rule base detection data information, it may be using in library
Preset scanning rule directly detects sensitive keys word, it is also possible to need to carry out based on the sensitive keys word detected further
Detection.When needing further to be detected based on the sensitive keys word detected, then based on the sensitive keys word detected
Building detection packet, and send detection packet and illustrate intelligence to be measured eventually if receiving corresponding response message to intelligent terminal to be measured
There are corresponding security breaches at end.
As it can be seen that the present embodiment can detect security risk present in a variety of intelligent terminals using security detection equipment.Tool
Body, security detection equipment can be established by universal interconnecting device and intelligent terminal to be measured and be communicated to connect, such safety detection
Equipment can obtain the data information in intelligent terminal to be measured, and utilize preset loophole rule base detection data information, if
It receives the response message of data information or detects sensitive keys word, then showing intelligent terminal to be measured, there are information security wind
Danger, then generate corresponding testing result.Wherein, a plurality of types of data-interfaces are equipped in universal interconnecting device, it can be with difference
The intelligent terminal of type establishes connection, therefore can carry out safety inspection to a variety of intelligent terminals with a security detection equipment
It surveys, can avoid building test environment and measurement circuit for each intelligent terminal, so that detection duration and testing cost are reduced,
Improve the safety detection efficiency of intelligent terminal.
A kind of security detection equipment of intelligent terminal provided by the embodiments of the present application is introduced below, it is described below
A kind of security detection equipment of intelligent terminal can be cross-referenced with a kind of above-described safety detection method of intelligent terminal.
Shown in Figure 10, the embodiment of the present application discloses a kind of security detection equipment of intelligent terminal, comprising:
Memory 1001, for saving computer program;
Processor 1002, for executing the computer program, to realize intelligent terminal disclosed in above-mentioned any embodiment
Safety detection method.
In the present embodiment, processor is set on USB device, and USB device is equipped with different types of to be measured for connecting
The universal interconnecting device of intelligent terminal.Universal interconnecting device can be detachably connected with USB device.Memory is TF card, wherein
Programming has operating system.
USB device can be with are as follows: NanoPi, Raspberry Pi Zero etc..Security detection equipment further include: display screen and
Input equipment, display screen and input equipment are connect with USB device, and input equipment can be keyboard, such as 2.4G Wireless Keyboard.When
So, display screen and input equipment can also be connected by universal interconnecting device with USB device, as display screen can pass through general connection
Micro HDMI interface in device is connected with USB device.
In the present embodiment, USB device has wireless communication chips, wireless communication chips such as WIFI chip and bluetooth core
Piece.
The process that security detection equipment is modeled as gateway be can refer into following introductions.If the behaviour in safety test equipment
Making system is linux operating system, then linux kernel configuration and firmware image programming process are as follows:
1, corresponding kernel file is downloaded, it is as follows to modify configuration item at/build/.config:
CONFIG_USB_GADGET=y
CONFIG_USB_OTG=y
CONFIG_USB=y
CONFIG_USB_MUSB_HDRC=y
CONFIG_USB_SUPPORT=y
CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_MUSB_SOC=y
CONFIG_USB_MUSB_OTG=y
CONFIG_USB_GADGET_MUSB_HDRC=y
CONFIG_USB_MUSB_HDRC_HCD=y
CONFIG_USB_TI_CPPI_DMA=y
2, after the completion of compiling, TF card is inserted into card reader, reconnects the computer of compiling linux kernel, programming system code.
Vim/etc/modules file is modified, self-starting is added and drives list.Serial ports will be loaded automatically when so USB device starts
Driving, usb driving and trawl performance.
3, config.txt, new line increment dtoverlay=dwc2 are modified;Modification/etc/network/interfaces text
Part.
4, modification/etc/dhcp/dhcpd.conf file, modification/etc/rc.local file.
5, wpa_supplicant.conf file is written into WiFi title and password.
6, order line runs sudo ifup wlan0;sudo apt-get update;sudo apt-get install-
y python git python-pip python-dev screen sqlite3isc-dhcp-server python-
crypto inotify-tool scapy.At this time once there are usb connection or being connected to the WiFi of generation, safety detection is set
It is standby to be modeled to gateway, IP address is distributed for the intelligent terminal of connection.Use USB Image Tool tool making
Backup image, subsequent is backed up mirror image, without compiling system repeatedly, to save the time.
If USB device is Raspberry Pi Zero, then the micro USB interface of Raspberry Pi Zero connects
Male micro USB turns mother's USB adapter, reconnects public affairs USB and turns public affairs micro USB adapter, and then connects intelligent terminal;Or
The D- of Raspberry Pi Zero D+ VUSB GND pin connect USB interface, USB interface connects intelligent terminal in turn.In this way
USB device in security detection equipment just establishes communication connection with intelligent terminal, then can be carried out data transmission loophole
Detection.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with it is other
The difference of embodiment, same or similar part may refer to each other between each embodiment.For being set disclosed in embodiment
For standby, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method part
Explanation.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of readable storage medium storing program for executing well known in field.
Specific examples are used herein to illustrate the principle and implementation manner of the present application, and above embodiments are said
It is bright to be merely used to help understand the present processes and its core concept;At the same time, for those skilled in the art, foundation
The thought of the application, there will be changes in the specific implementation manner and application range, in conclusion the content of the present specification is not
It is interpreted as the limitation to the application.
Claims (10)
1. a kind of safety detection method of intelligent terminal, which is characterized in that be applied to security detection equipment, comprising:
Established and communicated to connect by universal interconnecting device and intelligent terminal to be measured when the security detection equipment, then obtain it is described to
Survey the data information in intelligent terminal;A plurality of types of data-interfaces are equipped in the universal interconnecting device;
The data information is detected using preset loophole rule base, if receiving response message or the detection of the data information
To sensitive keys word, then testing result corresponding with the data information is generated.
2. the safety detection method of intelligent terminal according to claim 1, which is characterized in that described to work as the safety detection
Equipment is established by universal interconnecting device and intelligent terminal to be measured and is communicated to connect, then obtains the data in the intelligent terminal to be measured
Information detects the data information using preset loophole rule base;If receiving response message or the inspection of the data information
Sensitive keys word is measured, then generates testing result corresponding with the data information, comprising:
Serial communication is established with the intelligent terminal to be measured by the universal interconnecting device when the security detection equipment to connect,
The file in the intelligent terminal to be measured is then obtained using sftp order;
The file is detected using the preset loophole rule base to give birth to if detecting sensitive keys word from the file
At file Hole Detection result.
3. the safety detection method of intelligent terminal according to claim 2, which is characterized in that when the security detection equipment
Serial communication is established with the intelligent terminal to be measured by the universal interconnecting device to connect, further includes:
The shell permission of the intelligent terminal serial ports to be measured is detected using whoami order, if shell permission is opened, is generated
Serial ports Hole Detection result.
4. the safety detection method of intelligent terminal according to claim 1, which is characterized in that described to work as the safety detection
Equipment is established by universal interconnecting device and intelligent terminal to be measured and is communicated to connect, then obtains the data in the intelligent terminal to be measured
Information detects the data information using preset loophole rule base;If receiving response message or the inspection of the data information
Sensitive keys word is measured, then generates testing result corresponding with the data information, comprising:
It is established and is connected to the network with the intelligent terminal to be measured by the universal interconnecting device when the security detection equipment, then it is sharp
Data packet in the intelligent terminal to be measured described in packet capturing software grabs, obtains data packet set;
The sensitive keys word in the data packet set is detected using the preset loophole rule base;
If receiving the response message of the sensitive keys word in the data packet set, data transmission Hole Detection knot is generated
Fruit.
5. the safety detection method of intelligent terminal according to claim 4, which is characterized in that described to obtain data packet set
Later, further includes:
Judge in the data packet set with the presence or absence of application data packet;
If so, detecting the application data packet using the preset loophole rule base;If from application data packet
In detect sensitive keys word, then generate vulnerability of application program testing result;
If it is not, then downloading the application data packet, and execute described using described in the preset loophole rule base detection
Application data packet;If detecting sensitive keys word from application data packet, vulnerability of application program detection knot is generated
The step of fruit.
6. the safety detection method of intelligent terminal according to claim 4, which is characterized in that described to obtain data packet set
Later, further includes:
Judge in the data packet set with the presence or absence of firmware data packet;
If so, using firmware data packet described in default firmware analysis tool scans, and utilize the preset loophole rule base
Detect the firmware data packet;If detecting sensitive keys word from the firmware data packet, firmware Hole Detection knot is generated
Fruit;
If it is not, then obtaining the firmware data packet, and executes described utilize and preset firmware data described in firmware analysis tool scans
Packet, and the firmware data packet is detected using the preset loophole rule base;If being detected from the firmware data packet quick
The step of feeling keyword, then generating firmware Hole Detection result.
7. the safety detection method of intelligent terminal according to claim 4, which is characterized in that when the security detection equipment
It establishes and is connected to the network by the universal interconnecting device and the intelligent terminal to be measured, further includes:
IP address is configured for the intelligent terminal to be measured, and Fuzz scanning is carried out to the open port of the intelligent terminal to be measured,
To obtain open port testing result.
8. the safety detection method of intelligent terminal according to claim 4, which is characterized in that when the security detection equipment
It establishes and is connected to the network by the universal interconnecting device and the intelligent terminal to be measured, further includes:
The address URL in the intelligent terminal to be measured is obtained, and accesses the address URL using blasting-tool;
If accessing successfully, URL Hole Detection result is generated.
9. a kind of security detection equipment of intelligent terminal characterized by comprising
Memory, for storing computer program;
Processor, for executing the computer program, to realize intelligent terminal as claimed in any one of claims 1 to 8
Safety detection method.
10. the security detection equipment of intelligent terminal according to claim 9, which is characterized in that the processor is set to
On USB device, the USB device is equipped with the universal interconnecting device for connecting different types of intelligent terminal to be measured.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910429239.3A CN110147675B (en) | 2019-05-22 | 2019-05-22 | Safety detection method and equipment for intelligent terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910429239.3A CN110147675B (en) | 2019-05-22 | 2019-05-22 | Safety detection method and equipment for intelligent terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110147675A true CN110147675A (en) | 2019-08-20 |
| CN110147675B CN110147675B (en) | 2021-05-28 |
Family
ID=67592710
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910429239.3A Active CN110147675B (en) | 2019-05-22 | 2019-05-22 | Safety detection method and equipment for intelligent terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110147675B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110704267A (en) * | 2019-09-23 | 2020-01-17 | 福建经联网络技术有限公司 | Core control chip firmware analysis and verification system |
| CN110730180A (en) * | 2019-10-17 | 2020-01-24 | 杭州安恒信息技术股份有限公司 | Portable communication equipment detection instrument and communication equipment detection method |
| CN110808962A (en) * | 2019-10-17 | 2020-02-18 | 奇安信科技集团股份有限公司 | Malformed data packet detection method and device |
| CN111240912A (en) * | 2020-01-06 | 2020-06-05 | 重庆特斯联智慧科技股份有限公司 | Safety detection method and device based on intelligent access control equipment, storage medium and terminal |
| CN111310188A (en) * | 2020-04-01 | 2020-06-19 | 全球能源互联网研究院有限公司 | Method and device for checking sensitive information of terminal file system |
| CN111859434A (en) * | 2020-07-28 | 2020-10-30 | 北京中科麒麟信息工程有限责任公司 | External terminal protection device and protection system for providing confidential file transmission |
| CN111967020A (en) * | 2020-08-19 | 2020-11-20 | 中国银行股份有限公司 | System security vulnerability scanning device and method |
| CN112182581A (en) * | 2020-09-24 | 2021-01-05 | 百度在线网络技术(北京)有限公司 | Application testing method and device, application testing equipment and storage medium |
| CN113515347A (en) * | 2021-06-30 | 2021-10-19 | 惠州华阳通用电子有限公司 | Dual-system data transmission method and device based on virtual machine |
| CN114389837A (en) * | 2021-12-07 | 2022-04-22 | 广东宜通衡睿科技有限公司 | Safety monitoring method, device, medium and equipment for terminal of Internet of things |
| CN115242462A (en) * | 2022-06-30 | 2022-10-25 | 北京华顺信安科技有限公司 | Data leakage detection method |
| CN117494148A (en) * | 2024-01-03 | 2024-02-02 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Security detection method, security detection device, terminal equipment and computer readable storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103368978A (en) * | 2013-08-02 | 2013-10-23 | 公安部第三研究所 | System and method for achieving leak application and communication safety detection of smart mobile terminal |
| US20130298245A1 (en) * | 2011-02-24 | 2013-11-07 | Red Hat, Inc. | Generating vulnerability reports based on application binary interface/application programming interface usage |
| CN104833938A (en) * | 2015-05-21 | 2015-08-12 | 国网重庆市电力公司 | Terminal detection circuit device suitable for collection of multiple types of power utilization information |
| CN105553917A (en) * | 2014-10-28 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Detection method and system of webpage bugs |
| CN107563205A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | Typical smart machine leak detection method and permeability apparatus |
| CN107566349A (en) * | 2017-08-14 | 2018-01-09 | 北京知道创宇信息技术有限公司 | The method and computing device that sensitive document is revealed in a kind of detection webserver |
| CN108965296A (en) * | 2018-07-17 | 2018-12-07 | 北京邮电大学 | A kind of leak detection method and detection device for smart home device |
-
2019
- 2019-05-22 CN CN201910429239.3A patent/CN110147675B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130298245A1 (en) * | 2011-02-24 | 2013-11-07 | Red Hat, Inc. | Generating vulnerability reports based on application binary interface/application programming interface usage |
| CN103368978A (en) * | 2013-08-02 | 2013-10-23 | 公安部第三研究所 | System and method for achieving leak application and communication safety detection of smart mobile terminal |
| CN105553917A (en) * | 2014-10-28 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Detection method and system of webpage bugs |
| CN104833938A (en) * | 2015-05-21 | 2015-08-12 | 国网重庆市电力公司 | Terminal detection circuit device suitable for collection of multiple types of power utilization information |
| CN107566349A (en) * | 2017-08-14 | 2018-01-09 | 北京知道创宇信息技术有限公司 | The method and computing device that sensitive document is revealed in a kind of detection webserver |
| CN107563205A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | Typical smart machine leak detection method and permeability apparatus |
| CN108965296A (en) * | 2018-07-17 | 2018-12-07 | 北京邮电大学 | A kind of leak detection method and detection device for smart home device |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110704267A (en) * | 2019-09-23 | 2020-01-17 | 福建经联网络技术有限公司 | Core control chip firmware analysis and verification system |
| CN110704267B (en) * | 2019-09-23 | 2022-08-30 | 福建经联网络技术有限公司 | Core control chip firmware analysis and verification system |
| CN110730180A (en) * | 2019-10-17 | 2020-01-24 | 杭州安恒信息技术股份有限公司 | Portable communication equipment detection instrument and communication equipment detection method |
| CN110808962A (en) * | 2019-10-17 | 2020-02-18 | 奇安信科技集团股份有限公司 | Malformed data packet detection method and device |
| CN110808962B (en) * | 2019-10-17 | 2022-04-29 | 奇安信科技集团股份有限公司 | Malformed data packet detection method and device |
| CN111240912A (en) * | 2020-01-06 | 2020-06-05 | 重庆特斯联智慧科技股份有限公司 | Safety detection method and device based on intelligent access control equipment, storage medium and terminal |
| CN111310188A (en) * | 2020-04-01 | 2020-06-19 | 全球能源互联网研究院有限公司 | Method and device for checking sensitive information of terminal file system |
| CN111859434A (en) * | 2020-07-28 | 2020-10-30 | 北京中科麒麟信息工程有限责任公司 | External terminal protection device and protection system for providing confidential file transmission |
| CN111967020A (en) * | 2020-08-19 | 2020-11-20 | 中国银行股份有限公司 | System security vulnerability scanning device and method |
| CN111967020B (en) * | 2020-08-19 | 2024-02-23 | 中国银行股份有限公司 | System security hole scanning device and method |
| CN112182581B (en) * | 2020-09-24 | 2023-10-13 | 百度在线网络技术(北京)有限公司 | Application testing method, device, application testing equipment and storage medium |
| CN112182581A (en) * | 2020-09-24 | 2021-01-05 | 百度在线网络技术(北京)有限公司 | Application testing method and device, application testing equipment and storage medium |
| CN113515347A (en) * | 2021-06-30 | 2021-10-19 | 惠州华阳通用电子有限公司 | Dual-system data transmission method and device based on virtual machine |
| CN113515347B (en) * | 2021-06-30 | 2024-03-29 | 惠州华阳通用电子有限公司 | Dual-system data transmission method and device based on virtual machine |
| CN114389837A (en) * | 2021-12-07 | 2022-04-22 | 广东宜通衡睿科技有限公司 | Safety monitoring method, device, medium and equipment for terminal of Internet of things |
| CN115242462A (en) * | 2022-06-30 | 2022-10-25 | 北京华顺信安科技有限公司 | Data leakage detection method |
| CN115242462B (en) * | 2022-06-30 | 2024-08-27 | 北京华顺信安科技有限公司 | Data leakage detection method |
| CN117494148A (en) * | 2024-01-03 | 2024-02-02 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Security detection method, security detection device, terminal equipment and computer readable storage medium |
| CN117494148B (en) * | 2024-01-03 | 2024-03-26 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Security detection method, security detection device, terminal equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110147675B (en) | 2021-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110147675A (en) | A kind of safety detection method and equipment of intelligent terminal | |
| US11652918B2 (en) | Using automatically collected device problem information to route and guide users' requests | |
| US11507450B2 (en) | Systems and methods to reprogram mobile devices via a cross-matrix controller to port connection | |
| CN104333863B (en) | Connection management method and device, electronic equipment | |
| CN104798355A (en) | Mobile device management and security | |
| US20170257463A1 (en) | Configuring initial settings of a network security device via a hand-held computing device | |
| CN102882855A (en) | Networking capability according to process | |
| CN110505116A (en) | Power information acquisition system and penetration test method, device, readable storage medium storing program for executing | |
| Muniz et al. | Penetration testing with raspberry pi | |
| CN104570967B (en) | Long-range control method and system based on android system | |
| CN104660660A (en) | Cloud platform application method and system | |
| CN110418431A (en) | A kind of control method and device of communication connection | |
| CN110795111A (en) | Remote automatic upgrading method for communication equipment and management terminal | |
| CN114285613B (en) | Data information calling method and device, storage medium and electronic device | |
| US11122040B1 (en) | Systems and methods for fingerprinting devices | |
| CN113225334B (en) | Terminal security management method and device, electronic equipment and storage medium | |
| CN104040513A (en) | Display device management system, server apparatus therefor, programmable display device, and operation control method | |
| Newton Hedelin et al. | Ethical hacking of a Smart Wi-Fi Plug | |
| CN106982232B (en) | Discrete security management switch | |
| CN115118471A (en) | Remote connection method, device, electronic equipment and storage medium | |
| CN113596819A (en) | Network detection method, related device, equipment and storage medium | |
| Gibson | CompTIA Strata IT Fundamentals Quick Reference |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220915 Address after: Room 709, 7th Floor, No. 188, Lianhui Street, Xixing Street, Binjiang District, Hangzhou City, Zhejiang Province 310000 Patentee after: Hangzhou Anheng Vehicle Network Security Technology Co.,Ltd. Address before: No. 188, Lianhui street, Xixing street, Binjiang District, Hangzhou, Zhejiang Province, 310000 Patentee before: Dbappsecurity Co.,Ltd. |