CN110490258A - A kind of method, apparatus judging automatically web site scan login result and electronic equipment - Google Patents

A kind of method, apparatus judging automatically web site scan login result and electronic equipment Download PDF

Info

Publication number
CN110490258A
CN110490258A CN201910777373.2A CN201910777373A CN110490258A CN 110490258 A CN110490258 A CN 110490258A CN 201910777373 A CN201910777373 A CN 201910777373A CN 110490258 A CN110490258 A CN 110490258A
Authority
CN
China
Prior art keywords
page
detected
target pages
log
pages
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910777373.2A
Other languages
Chinese (zh)
Other versions
CN110490258B (en
Inventor
陈高翔
范渊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dbappsecurity Technology Co Ltd
Original Assignee
Hangzhou Dbappsecurity Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dbappsecurity Technology Co Ltd filed Critical Hangzhou Dbappsecurity Technology Co Ltd
Priority to CN201910777373.2A priority Critical patent/CN110490258B/en
Publication of CN110490258A publication Critical patent/CN110490258A/en
Application granted granted Critical
Publication of CN110490258B publication Critical patent/CN110490258B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/951Indexing; Web crawling techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/22Matching criteria, e.g. proximity measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Evolutionary Computation (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Evolutionary Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides a kind of methods for judging automatically web site scan login result, device and electronic equipment, it is related to the technical field of communication, first, obtain all pages to be detected for logging in the website of the end of scan, then, judge in the page to be detected with the presence or absence of with the target pages for being not logged in page feature, if it exists, with regard to needing further to obtain the corresponding no log-on message page of target pages, and target pages are subjected to similarity with the corresponding no log-on message page and are compared, obtain comparison result, if comparison result is similar target pages number, the accounting in all page sums to be detected is more than preset threshold, it can then determine web site scan login failure, information needed for the method for the present invention only needs user to issue the web site url for needing login scanning and log in the website, website can be judged automatically according to above-mentioned process to sweep Retouch whether login succeeds, so that the technical problem for judging that the method for web site scan login result is time-consuming and laborious in the prior art be effectively relieved.

Description

A kind of method, apparatus judging automatically web site scan login result and electronic equipment
Technical field
The present invention relates to the technical fields of communication, more particularly, to a kind of side for judging automatically web site scan login result Method, device and electronic equipment.
Background technique
Web site scan device is used to find the website security breaches that may be present that user is safeguarded, but is frequently encountered user Website needs to log in the case where being just scanned, and when scanning means using the login of web site scan device at this time, user is difficult to Whether judgement is correctly logged in when time scanning process, it is necessary to manually check the log output of web site scan device, confirmation scanning Whether results link contains the link after logging in.
In conclusion judging the method for web site scan login result in the prior art, there are time-consuming and laborious technical problems.
Summary of the invention
The purpose of the present invention is to provide a kind of method, apparatus for judging automatically web site scan login result and electronics to set It is standby, technical problem time-consuming and laborious existing for the method for web site scan login result is judged in the prior art to alleviate.
In a first aspect, the embodiment of the present invention provides a kind of method for judging automatically web site scan login result, comprising: obtain Log in all pages to be detected of the website of the end of scan, wherein the page to be detected is normal return request page content The page;Judge in all pages to be detected with the presence or absence of with the target pages for being not logged in page feature;If it exists, then Obtain the corresponding no log-on message page of the target pages;The target pages and the no log-on message page are subjected to phase It is compared like degree, obtains comparison result;If comparison result is similar target pages number in all page sums to be detected Accounting is more than preset threshold, it is determined that web site scan login failure.
In alternative embodiments, the page feature that is not logged in includes: logon form;Judge described all to be detected With the presence or absence of with the target pages for being not logged in page feature in the page, comprising: carry out content of pages to each page to be detected Structural analysis, obtain the DOM Document Object Model dom tree of each page to be detected;Each dom tree is traversed, if it exists table It is single, then judge whether the list is logon form, and the page to be detected of logon form will be present as target pages.
In alternative embodiments, judge whether the list is logon form, comprising: count in the list and be The quantity of the input node of password type;If quantity is 1, whether judge in the list containing text type Input node.
In alternative embodiments, the corresponding no log-on message page of the target pages is obtained, comprising: Xiang Suoshu mesh It marks the page and sends the page request for not including log-on message;Receive that the page request returns without the log-on message page.
In alternative embodiments, the target pages similarity is carried out with the no log-on message page to compare, Obtain comparison result, comprising: the node element for extracting the target pages and the no log-on message page respectively arranges;Judgement Whether the node element arrangement of the target pages matches with the arrangement of the node element of the no log-on message page;If matching, Then obtain target pages comparison result similar with the no log-on message page.
Second aspect, the embodiment of the present invention provide a kind of device for judging automatically web site scan login result, comprising: first Module is obtained, for obtaining all pages to be detected for logging in the website of the end of scan, wherein the page to be detected is normal Return to the page of request page content;Judgment module is not stepped on for judging to whether there is to have in all pages to be detected Record the target pages of page feature;Second obtains module, and if it exists, then obtains the corresponding no log-on message page of the target pages Face;Comparison module is compared for the target pages to be carried out similarity with the no log-on message page, obtains comparing knot Fruit;Determining module, if comparison result is similar target pages number, the accounting in all page sums to be detected is more than pre- If threshold value, it is determined that web site scan login failure.
In alternative embodiments, the page feature that is not logged in includes: logon form;Judgment module includes: analysis Unit obtains the document of each page to be detected for carrying out the structural analysis of content of pages to each page to be detected Object model dom tree;Judging unit, for traversing each dom tree, list, then judge whether the list is login if it exists List, and the page to be detected of logon form will be present as target pages.
In alternative embodiments, judging unit includes: statistics subelement, is for counting in the list The quantity of the input node of password type;Judgment sub-unit judges whether contain in the list if quantity is 1 The input node of text type.
The third aspect, the embodiment of the present invention provide a kind of electronic equipment, including memory, processor, on the memory It is stored with the computer program that can be run on the processor, the processor is realized above-mentioned when executing the computer program The step of method described in any one of aforementioned embodiments.
Fourth aspect, the embodiment of the present invention provide a kind of calculating of non-volatile program code that can be performed with processor Machine readable medium, said program code make the processor execute method described in any one of aforementioned embodiments.
In the prior art, to judge the whether successful Website login of web site scan device, it can only manual confirmation web site scan device Whether scanning result link contains the link after logging in, and not only waste of manpower wasted time again, compared with prior art, of the invention A kind of method for judging automatically web site scan login result is provided, firstly, obtaining being needed for the website for logging in the end of scan Detect the page, wherein the page to be detected is the normal page for returning to request page content, then, judge be in the page to be detected It is no to exist with the target pages for being not logged in page feature, and if it exists, just to need further to obtain the corresponding nothing of target pages and step on Information page is recorded, and target pages are subjected to similarity with the corresponding no log-on message page and are compared, obtains comparison result, if than It is accounting of the similar target pages number in all page sums to be detected more than preset threshold to result, then can determines Web site scan login failure, the method for the present invention only need user to issue the web site url for needing login scanning and log in the website Required information, it will be able to judge automatically whether web site scan login succeeds according to above-mentioned process, to be effectively relieved existing The time-consuming and laborious technical problem of the method for web site scan login result is judged in technology.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart for the method for judging automatically web site scan login result provided in an embodiment of the present invention;
Fig. 2 be it is provided in an embodiment of the present invention it is a kind of by target pages and no log-on message page progress similarity compare, Obtain the flow chart of comparison result;
Fig. 3 is a kind of functional module for the device for judging automatically web site scan login result provided in an embodiment of the present invention Figure;
Fig. 4 is the schematic diagram of a kind of electronic equipment provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.The present invention being usually described and illustrated herein in the accompanying drawings is implemented The component of example can be arranged and be designed with a variety of different configurations.
Therefore, the detailed description of the embodiment of the present invention provided in the accompanying drawings is not intended to limit below claimed The scope of the present invention, but be merely representative of selected embodiment of the invention.Based on the embodiments of the present invention, this field is common Technical staff's every other embodiment obtained without creative efforts belongs to the model that the present invention protects It encloses.
With reference to the accompanying drawing, it elaborates to some embodiments of the present invention.In the absence of conflict, following Feature in embodiment and embodiment can be combined with each other.
Web site scan device serve mainly to facilitate user find user institute maintenance site there may be security breaches, in work Website link information as much as possible is obtained by crawler first when making, is then checked one by one for these links that may be present Cyberspace vulnerability, but web site scan device is when scanning user site, being frequently encountered that user site needs to log in just can be with The case where being scanned, web site scan device, which mostly uses, at this time logs in scanning means, and Website server generally passes through informing client Cookie is set, and identifies whether user logs in requesting the mode of incidentally upper cookie later, and determine that returning response is stepped on Page info before record or after logging in, above-mentioned login scanning means refer to that user is normally carried out log-on webpage, then will service Device return and be arranged in browser cookie information be arranged into the sweep parameter of web site scan device, then web site scan device is User after logging in using the cookie disguise as carries out page discovery, wherein cookie is one in HTTP request head Attribute field, Website server usually judge whether user has logged on website using the field, to provide the page after logging in Face information, it should be noted that website log scanning means are not limited to the login scanning mode of setting cookie set forth above, Web site scan device can also be logged in using other modes.
When scanning means using the login of web site scan device, user is difficult to judge whether correctly carry out when time scanning process It logs in, it is necessary to the log output of web site scan device is manually checked, whether confirmation scanning result link contains the link after logging in, Because if scanning result is not logged in the page, then the page link of web site scan device discovery is just not complete enough, subscriber station The potential security breaches of point can not just be found in time, and then be easy to cause network security problem, and a large amount of websites carry out batch inspection When survey, testing staff's great effort and time can be also expended.
In consideration of it, the embodiment of the invention provides a kind of methods for judging automatically web site scan login result, for solving The time-consuming and laborious technical problem of the method for judgement web site scan login result existing in the prior art.
Embodiment one
Fig. 1 is a kind of flow chart of method for judging automatically web site scan login result according to an embodiment of the present invention, such as Shown in Fig. 1, this method comprises the following steps:
Step S11 obtains all pages to be detected for logging in the website of the end of scan.
The method of the embodiment of the present invention is based on basic web site scan process, and default use login scanning means, net Scanner stand when carrying out page scan, can use the crawler progress page and creep, obtain the institute for logging in the website of the end of scan There is the page, the embodiment of the present invention is not defined the mode specifically creeped, and user can be configured according to the actual situation, page Face is creeped end, the page of request page content will be normally returned in all pages obtained above as the page to be detected, and one As in the case of, all pages for logging in the website of the end of scan are all pages under above-mentioned website domain name, and normal return is asked The page return code for seeking content of pages is 200, and return code is that 200 representative servers are successfully processed request, if the page is one Account login interface, then return code be 200 can only representative server handled logging request, but uncertain whether log in into Function.
Step S12 judges in all pages to be detected with the presence or absence of with the target pages for being not logged in page feature.
If it exists, S13 is thened follow the steps;If it does not exist, it is determined that web site scan logins successfully.
Step S13 obtains the corresponding no log-on message page of target pages;
After getting all pages to be detected, it is necessary first to judge to whether there is target pages in the page to be detected, In, target pages are with the page for being not logged in page feature, which can be carried out by way of machine learning, are instructed Practice a neural network model and inputs a page, the neural network mould after training for realizing the judgement of page feature Whether type can be the page after logging in page-out, and the method for the present invention does not limit the mode of determining target pages specifically System, user can according to circumstances carry out sets itself.
If it is determined that target pages are not present in above-mentioned all pages to be detected, that is to say, that all pages to be detected are all It is not not logged in the feature of the page, just illustrates that this web site scan logins successfully;If in all pages to be detected, there are targets The page, it is necessary to judge again above-mentioned target pages whether be strictly login failure the page, so, further obtaining above-mentioned has It is not logged in the corresponding no log-on message page of target pages of page feature.
Target pages are carried out similarity with no log-on message page and compared, obtain comparison result by step S14.
After getting the corresponding no log-on message page of above-mentioned target pages, just by target pages and without the log-on message page Similarity comparison is carried out, the means that the process of the similarity comparison also can use machine learning are realized, one neural network of training Model, inputting two pages can judge whether two pages are similar, it should be noted that the comparison knot of two pages herein Fruit is similar or dissimilar, rather than identical or not identical, because if in above-mentioned two page including temporal information (text This node), then causing the temporal information on the page just different, in two pages since the time that two pages obtain is different Holding must be different, meanwhile, if other elements node is identical in two pages, it can only assert that above-mentioned two page is similar. Above-mentioned temporal information is only to facilitate understand the example provided, because the text node on the page may be random variation , but the difference of text node has no effect on whether the page is the judgement of the page after logging in, so cannot be incited somebody to action when page comparison Target pages it is identical as no log-on message page as target pages be failed login page Rule of judgment.
Step S15, if comparison result is similar target pages number, the accounting in all page sums to be detected is super Cross preset threshold, it is determined that web site scan login failure.
Each target pages compares end with the corresponding no log-on message page, can access corresponding comparison knot Fruit, user can determine the condition of web site scan login failure with sets itself, by similar target pages in the embodiment of the present invention When accounting of the number in page sum to be detected is more than preset threshold, web site scan login failure is determined, user can also set It is set to when any one target pages is similar with the corresponding no log-on message page, exports the knot of web site scan login failure immediately Fruit.
For example, if the page to be detected has 100, preset threshold 55%, if comparison result is and corresponding no login The similar target pages of information page have 80, that is, accounting is 80%, then determine web site scan login failure.
In the prior art, to judge the whether successful Website login of web site scan device, it can only manual confirmation web site scan device Whether scanning result link contains the link after logging in, and not only waste of manpower wasted time again, compared with prior art, of the invention A kind of method for judging automatically web site scan login result is provided, firstly, obtaining being needed for the website for logging in the end of scan Detect the page, wherein the page to be detected is the normal page for returning to request page content, then, judge be in the page to be detected It is no to exist with the target pages for being not logged in page feature, and if it exists, just to need further to obtain the corresponding nothing of target pages and step on Information page is recorded, and target pages are subjected to similarity with the corresponding no log-on message page and are compared, obtains comparison result, if than It is accounting of the similar target pages number in all page sums to be detected more than preset threshold to result, then can determines Web site scan login failure, the method for the present invention only need user to issue the web site url for needing login scanning and log in the website Required information, it will be able to judge automatically whether web site scan login succeeds according to above-mentioned process, to be effectively relieved existing The time-consuming and laborious technical problem of the method for web site scan login result is judged in technology.
Above the method for judging automatically web site scan login result of the embodiment of the present invention is described in detail, Be not logged in that page feature can there are many selections, below to when being not logged in page feature and being logon form the case where carry out it is specific It is discussed in detail.
In an optional embodiment, being not logged in page feature includes: logon form.
Judging, which whether there is in all pages to be detected, has the target pages for being not logged in page feature, including walks as follows It is rapid:
Step S21 carries out the structural analysis of content of pages to each page to be detected, obtains the text of each page to be detected Shelves object model dom tree.
Specifically, logon form refers to HTML (Hyper Text Markup Language, hypertext markup language) page The form list utilized is logged in face, when being not logged in page feature and being appointed as logon form, is getting all pages to be detected Behind face, the structural analysis of content of pages is carried out to each page to be detected first, html page is a tree structure, structure point Analysis, which refers to, analyzes this tree structure, mainly carries out Reading text and string processing to content of pages (page source code), And then DOM Document Object Model DOM (the Document Object Model) tree of each page to be detected is analyzed, dom tree is net It stands the logic tree of each label composition in the page, it includes node element and text node, node also has corresponding Attribute, wherein each label is a node element, rather than the text of label is then text node, and category can be set in start-tag Property, form is similar are as follows:<form action=" a.html ">, action therein are the attribute of form label.
Step S22, traverses each dom tree, if it exists list, then judges whether list is logon form, and will be present and step on The page to be detected of list is recorded as target pages.
After getting all dom trees, each dom tree is just traversed, judges whether there is list, list refers to html page In<form></form>structure composed by label, for sending POST request, action attribute specifies the chain of POST request It connects, id or name attribute is for identifying the form list, because being not necessarily entirely to be used to input there are many functions of list Log-on message, so list if it exists, then need to carry out the Function detection of list, judge whether above-mentioned list is log form It is single, and the page to be detected of logon form will be present as target pages.
Have above for when being logon form for login page feature, judging to whether there is in all pages to be detected There is the process for the target pages for being not logged in page feature to be described in detail, below for the deterministic process being directed into Row is discussed in detail.
In an optional embodiment, judge whether list is logon form, is included the following steps:
Step S31 is counted in list as the quantity of the input node of password type.
If quantity is 1, S32 is thened follow the steps, if quantity is for 0 or multiple, it is determined that above-mentioned list is not to log in List.
Step S32, judge in list whether the input node containing text type.
Specifically, the embodiment of the present invention by the way of pattern-recognition, know by mode when judging whether list is logon form Do not refer to that the characteristic information of matching content is wished in extraction, form a feature mode, letter to be matched is carried out by the mode later The detection of breath judges whether that the process for meeting existing mode, the mode of pattern-recognition have very much, can use artificial constructed, machine The modes such as device study are realized.
Input node in list is the node element that input label is formed, and for inputting text, type attribute refers to Determine type, including text text type, password password type, id or name attribute is for identifying input input label.
Because the input node that logon form centainly has and only 1 type is password, is obtaining list It afterwards, is the quantity of the input node of password type first in statistics list, if quantity is for 0 or multiple, it is determined that Above-mentioned list is not centainly logon form;If result is to have and only 1, the matching of next feature can be carried out, is sentenced In disconnected list whether the input node containing text type, the input that logon form should be at least text containing a type Node, if contained, it is determined that the list is logon form, if there is no such input node, then the list It is not logon form.
Logon form generally also has following characteristics: name, id or action attribute of form node may contain The login features text such as " login ";Name or id attribute may contain user names feature texts such as " user ";Name or id attribute May can determine whether list is log form according to actual needs containing cipher features texts such as " password ", user Increase Rule of judgment appropriate when single.
In an optional embodiment, the corresponding no log-on message page of target pages is obtained, is included the following steps:
Step S41 sends the page request for not including log-on message to target pages.
Step S42, receive page request return without the log-on message page.
In embodiments of the present invention, if above-mentioned login scanning means are setting cookie, target is obtained at this time The corresponding no log-on message page of the page first has to removal log-on message, then sends to target pages and do not include log-on message Page request, the back page finally received is exactly no log-on message page.
In an optional embodiment, target pages are subjected to similarity with no log-on message page and are compared, are obtained Comparison result, as shown in Fig. 2, including the following steps:
Step S51, the node element for extracting target pages and no log-on message page respectively arrange.
In embodiments of the present invention, the similarity of the Yao Jinhang page compares, and first has to the node element arrangement for extracting the page (attribute and corresponding attribute value including node element), it should be noted that do not include text node when extraction, above Judgement through influencing Page resemblance to text node is described in detail, and details are not described herein again.
Step S52 judges that the node element of target pages arranges and whether is the arrangement of the node element of no log-on message page Matching.
If matching, thens follow the steps S53, if mismatching, S54 is thened follow the steps.
Step S53 obtains target pages comparison result similar with no log-on message page.
Step S54 obtains the comparison result of target pages with no log-on message page dissmilarity.
After the node element arrangement for obtaining target pages and no log-on message page, it can be used and successively compare or compare The modes such as node total number are judged with whether above-mentioned two node element arrangement matches, if it does, then it can be concluded that target Page comparison result similar with no log-on message page;If it does not match, obtaining target pages and no log-on message page Dissimilar comparison result.
The method provided in an embodiment of the present invention for judging automatically web site scan login result, directly in original web site scan device On the basis of increase and judge that process can be realized, and not excessive extra performance expense, acquisition of the user for login result Without additional operation, manual record login process is not needed, the artificial investigation after not needing scanning, while user is not required to completely It is to be understood that the structure feature of website to be scanned, only needs user to issue and needs the web site url for logging in scanning and log in the website institute The information needed, web site scan device will judge automatically whether web site scan login succeeds.
Embodiment two
The embodiment of the invention also provides a kind of devices for judging automatically web site scan login result, this judges automatically website The device of scanning login result, which is mainly used for executing provided by above-described embodiment one, judges automatically web site scan login result Method does specific introduction to the device provided in an embodiment of the present invention for judging automatically web site scan login result below.
Fig. 3 is a kind of functional module of device for judging automatically web site scan login result according to an embodiment of the present invention Figure, as shown in figure 3, the device mainly includes: first obtains module 10, and judgment module 20, second obtains module 30, comparison module 40, determining module 50, in which:
First obtains module 10, for obtaining all pages to be detected for logging in the website of the end of scan, wherein to be detected The page is the normal page for returning to request page content.
Judgment module 20, for judging in all pages to be detected with the presence or absence of with the page object for being not logged in page feature Face.
Second obtains module 30, and if it exists, then obtains the corresponding no log-on message page of target pages.
Comparison module 40 compares for target pages to be carried out similarity with no log-on message page, obtains comparison result.
Determining module 50, if comparison result is accounting of the similar target pages number in all page sums to be detected More than preset threshold, it is determined that web site scan login failure.
In the prior art, to judge the whether successful Website login of web site scan device, it can only manual confirmation web site scan device Whether scanning result link contains the link after logging in, and not only waste of manpower wasted time again, compared with prior art, of the invention A kind of device for judging automatically web site scan login result is provided, firstly, obtaining being needed for the website for logging in the end of scan Detect the page, wherein the page to be detected is the normal page for returning to request page content, then, judge be in the page to be detected It is no to exist with the target pages for being not logged in page feature, and if it exists, just to need further to obtain the corresponding nothing of target pages and step on Information page is recorded, and target pages are subjected to similarity with the corresponding no log-on message page and are compared, obtains comparison result, if than It is accounting of the similar target pages number in all page sums to be detected more than preset threshold to result, then can determines Web site scan login failure, apparatus of the present invention only need user to issue the web site url for needing login scanning and log in the website Required information, it will be able to judge automatically whether web site scan login succeeds according to above-mentioned process, to be effectively relieved existing The time-consuming and laborious technical problem of the method for web site scan login result is judged in technology.
Optionally, being not logged in page feature includes: logon form.
Judgment module includes:
Analytical unit obtains each page to be detected for carrying out the structural analysis of content of pages to each page to be detected The DOM Document Object Model dom tree in face.
Judging unit, for traversing each dom tree, list, then judge whether list is logon form, and will deposit if it exists Logon form the page to be detected as target pages.
Optionally, judging unit includes:
Subelement is counted, for counting in list as the quantity of the input node of password type.
Judgment sub-unit, if quantity is 1, judge in list whether the input node containing text type.
Optionally, second module is obtained, comprising:
Transmission unit, for sending the page request for not including log-on message to target pages.
Receiving unit, for receive page request return without the log-on message page.
Optionally, comparison module is also used to:
The node element for extracting target pages and no log-on message page respectively arranges.
Judge whether the node element arrangement of target pages matches with the arrangement of the node element of no log-on message page.
If matching, obtains target pages comparison result similar with no log-on message page.
Embodiment three
Referring to fig. 4, the embodiment of the invention provides a kind of electronic equipment, which includes: processor 60, memory 61, bus 62 and communication interface 63, the processor 60, communication interface 63 and memory 61 are connected by bus 62;Processor 60 for executing the executable module stored in memory 61, such as computer program.
Wherein, memory 61 may include high-speed random access memory (RAM, RandomAccessMemory), can also It can further include non-labile memory (non-volatile memory), for example, at least a magnetic disk storage.By at least One communication interface 63 (can be wired or wireless) realizes the communication between the system network element and at least one other network element Connection, can be used internet, wide area network, local network, Metropolitan Area Network (MAN) etc..
Bus 62 can be isa bus, pci bus or eisa bus etc..The bus can be divided into address bus, data Bus, control bus etc..Only to be indicated with a four-headed arrow convenient for indicating, in Fig. 4, it is not intended that an only bus or A type of bus.
Wherein, memory 61 is for storing program, and the processor 60 executes the journey after receiving and executing instruction Sequence, method performed by the device that the stream process that aforementioned any embodiment of the embodiment of the present invention discloses defines can be applied to handle In device 60, or realized by processor 60.
Processor 60 may be a kind of IC chip, the processing capacity with signal.During realization, above-mentioned side Each step of method can be completed by the integrated logic circuit of the hardware in processor 60 or the instruction of software form.Above-mentioned Processor 60 can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network Processor (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (Digital Signal Processing, abbreviation DSP), specific integrated circuit (Application Specific Integrated Circuit, referred to as ASIC), ready-made programmable gate array (Field-Programmable Gate Array, abbreviation FPGA) or other are programmable Logical device, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute in the embodiment of the present invention Disclosed each method, step and logic diagram.General processor can be microprocessor or the processor is also possible to appoint What conventional processor etc..The step of method in conjunction with disclosed in the embodiment of the present invention, can be embodied directly in hardware decoding processing Device executes completion, or in decoding processor hardware and software module combination execute completion.Software module can be located at Machine memory, flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register etc. are originally In the storage medium of field maturation.The storage medium is located at memory 61, and processor 60 reads the information in memory 61, in conjunction with Its hardware completes the step of above method.
A kind of method, apparatus judging automatically web site scan login result and electronic equipment provided by the embodiment of the present invention Computer program product, the computer-readable storage medium including storing the executable non-volatile program code of processor Matter, the instruction that said program code includes can be used for executing previous methods method as described in the examples, and specific implementation can be found in Embodiment of the method, details are not described herein.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in the executable non-volatile computer-readable storage medium of a processor.Based on this understanding, of the invention Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words The form of product embodies, which is stored in a storage medium, including some instructions use so that One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the present invention State all or part of the steps of method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read- Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can be with Store the medium of program code.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.
In the description of the present invention, it should be noted that term " first ", " second ", " third " etc. are only used for distinguishing and retouch It states, is not understood to indicate or imply relative importance.
In the description of the present invention, it is also necessary to which explanation is unless specifically defined or limited otherwise, term " setting ", " installation ", " connected ", " connection " shall be understood in a broad sense, for example, it may be fixedly connected, may be a detachable connection or one Connect to body;It can be mechanical connection, be also possible to be electrically connected;It can be directly connected, it can also be indirect by intermediary It is connected, can be the connection inside two elements.For the ordinary skill in the art, on being understood with concrete condition State the concrete meaning of term in the present invention.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution The range of scheme.

Claims (10)

1. a kind of method for judging automatically web site scan login result characterized by comprising
Obtain all pages to be detected for logging in the website of the end of scan, wherein the page to be detected is normal return request The page of content of pages;
Judge in all pages to be detected with the presence or absence of with the target pages for being not logged in page feature;
If it exists, then the corresponding no log-on message page of the target pages is obtained;
The target pages are carried out similarity with the no log-on message page to compare, obtain comparison result;
If comparison result is similar target pages number, the accounting in all page sums to be detected is more than preset threshold, Determine web site scan login failure.
2. the method according to claim 1, wherein the page feature that is not logged in includes: logon form;
Judge in all pages to be detected with the presence or absence of with the target pages for being not logged in page feature, comprising:
The structural analysis that content of pages is carried out to each page to be detected, obtains the document object mould of each page to be detected Type dom tree;
Each dom tree is traversed, if it exists list, then judges whether the list is logon form, and logon form will be present The page to be detected is as target pages.
3. according to the method described in claim 2, it is characterized in that, judging whether the list is logon form, comprising:
It counts in the list as the quantity of the input node of password type;
If quantity is 1, judge in the list whether the input node containing text type.
4. the method according to claim 1, wherein obtaining the corresponding no log-on message page of the target pages Face, comprising:
The page request for not including log-on message is sent to the target pages;
Receive that the page request returns without the log-on message page.
5. the method according to claim 1, wherein by the target pages and the no log-on message page into Row similarity compares, and obtains comparison result, comprising:
The node element for extracting the target pages and the no log-on message page respectively arranges;
Judge whether the node element arrangement of the target pages matches with the arrangement of the node element of the no log-on message page;
If matching, target pages comparison result similar with the no log-on message page is obtained.
6. a kind of device for judging automatically web site scan login result characterized by comprising
First obtains module, for obtaining all pages to be detected for logging in the website of the end of scan, wherein the page to be detected Face is the normal page for returning to request page content;
Judgment module, for judging in all pages to be detected with the presence or absence of with the page object for being not logged in page feature Face;
Second obtains module, and if it exists, then obtains the corresponding no log-on message page of the target pages;
Comparison module is compared for the target pages to be carried out similarity with the no log-on message page, obtains comparing knot Fruit;
Determining module, if comparison result is similar target pages number, the accounting in all page sums to be detected is more than pre- If threshold value, it is determined that web site scan login failure.
7. device according to claim 6, which is characterized in that the page feature that is not logged in includes: logon form;
Judgment module includes:
Analytical unit obtains each page to be detected for carrying out the structural analysis of content of pages to each page to be detected The DOM Document Object Model dom tree in face;
Judging unit, for traversing each dom tree, list, then judge whether the list is logon form, and will deposit if it exists Logon form the page to be detected as target pages.
8. device according to claim 7, which is characterized in that judging unit includes:
Subelement is counted, for counting in the list as the quantity of the input node of password type;
Judgment sub-unit, if quantity is 1, judge in the list whether the input node containing text type.
9. a kind of electronic equipment, including memory, processor, be stored on the memory to run on the processor Computer program, which is characterized in that the processor is realized in the claims 1 to 5 when executing the computer program appoints The step of method described in one.
10. a kind of computer-readable medium for the non-volatile program code that can be performed with processor, which is characterized in that described Program code makes method described in any one of described processor perform claim requirement 1 to 5.
CN201910777373.2A 2019-08-22 2019-08-22 Method and device for automatically judging website scanning login result and electronic equipment Active CN110490258B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910777373.2A CN110490258B (en) 2019-08-22 2019-08-22 Method and device for automatically judging website scanning login result and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910777373.2A CN110490258B (en) 2019-08-22 2019-08-22 Method and device for automatically judging website scanning login result and electronic equipment

Publications (2)

Publication Number Publication Date
CN110490258A true CN110490258A (en) 2019-11-22
CN110490258B CN110490258B (en) 2022-03-11

Family

ID=68552787

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910777373.2A Active CN110490258B (en) 2019-08-22 2019-08-22 Method and device for automatically judging website scanning login result and electronic equipment

Country Status (1)

Country Link
CN (1) CN110490258B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114465811A (en) * 2022-03-09 2022-05-10 北京华云安信息技术有限公司 Website login determination method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459624A (en) * 2007-12-12 2009-06-17 北京亿企通信息技术有限公司 Method for determining Internet login location of visitor
CN101763294A (en) * 2008-11-26 2010-06-30 上海网环信息科技有限公司 Method for looking up and backing up system operation log according to time slots
CN104517206A (en) * 2013-09-27 2015-04-15 中国移动通信集团黑龙江有限公司 Business processing method and device
CN105590047A (en) * 2015-12-15 2016-05-18 重庆凯泽科技有限公司 Face identification based login system and login method
CN109246069A (en) * 2018-06-15 2019-01-18 华为技术有限公司 Webpage login method, device and readable storage medium storing program for executing
CN110035075A (en) * 2019-04-03 2019-07-19 北京奇安信科技有限公司 Detection method, device, computer equipment and the storage medium of fishing website

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459624A (en) * 2007-12-12 2009-06-17 北京亿企通信息技术有限公司 Method for determining Internet login location of visitor
CN101763294A (en) * 2008-11-26 2010-06-30 上海网环信息科技有限公司 Method for looking up and backing up system operation log according to time slots
CN104517206A (en) * 2013-09-27 2015-04-15 中国移动通信集团黑龙江有限公司 Business processing method and device
CN105590047A (en) * 2015-12-15 2016-05-18 重庆凯泽科技有限公司 Face identification based login system and login method
CN109246069A (en) * 2018-06-15 2019-01-18 华为技术有限公司 Webpage login method, device and readable storage medium storing program for executing
CN110035075A (en) * 2019-04-03 2019-07-19 北京奇安信科技有限公司 Detection method, device, computer equipment and the storage medium of fishing website

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
徐强 等: "基于SURF算法的Android恶意应用钓鱼登录界面检测", 《第七届信息安全漏洞分析与风险评估大会(VARA201 4)论文集》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114465811A (en) * 2022-03-09 2022-05-10 北京华云安信息技术有限公司 Website login determination method and device, electronic equipment and storage medium
CN114465811B (en) * 2022-03-09 2023-05-23 北京华云安信息技术有限公司 Website login determination method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN110490258B (en) 2022-03-11

Similar Documents

Publication Publication Date Title
CN105068925B (en) Software safety defect finds system
CN104766014A (en) Method and system used for detecting malicious website
CN103501306B (en) A kind of network address knows method for distinguishing, server and system
CN109376291B (en) Website fingerprint information scanning method and device based on web crawler
KR20090090685A (en) Method and system for determining vulnerability of web application
CN104615760A (en) Phishing website recognizing method and phishing website recognizing system
CN109145585B (en) Method and device for detecting weak password of website
CN105302707B (en) The leak detection method and device of application program
CN103914655A (en) Downloaded file security detection method and device
CN101388768A (en) Method and device for detecting malicious HTTP request
CN107341399A (en) Assess the method and device of code file security
CN112565250B (en) Website identification method, device, equipment and storage medium
CN102902675A (en) Picture content approval method and device
CN113032792A (en) System service vulnerability detection method, system, equipment and storage medium
CN112989348B (en) Attack detection method, model training method, device, server and storage medium
WO2017063274A1 (en) Method for automatically determining malicious-jumping and malicious-nesting offensive websites
CN106598991A (en) Web crawler system capable of realizing website interaction and automatic form extraction by conversational mode
CN108268635A (en) For obtaining the method and apparatus of data
CN107590236A (en) A kind of big data acquisition method and system towards enterprise in charge of construction
CN115580494B (en) Method, device and equipment for detecting weak password
CN110020161B (en) Data processing method, log processing method and terminal
CN113779571A (en) WebShell detection device, WebShell detection method and computer-readable storage medium
CN105117340B (en) URL detection methods and device for iOS browser application quality evaluations
CN110490258A (en) A kind of method, apparatus judging automatically web site scan login result and electronic equipment
JP5618861B2 (en) Information processing apparatus, information processing method, and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant