CN110753027A - Method and device for verifying weak password of equipment of UPnP protocol - Google Patents

Method and device for verifying weak password of equipment of UPnP protocol Download PDF

Info

Publication number
CN110753027A
CN110753027A CN201910487327.9A CN201910487327A CN110753027A CN 110753027 A CN110753027 A CN 110753027A CN 201910487327 A CN201910487327 A CN 201910487327A CN 110753027 A CN110753027 A CN 110753027A
Authority
CN
China
Prior art keywords
weak password
equipment
monitoring equipment
monitoring
weak
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910487327.9A
Other languages
Chinese (zh)
Inventor
单亦栋
单洪伟
陈洪楠
姜光杰
刘银龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hisense Co Ltd
Original Assignee
Qingdao Hisense Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qingdao Hisense Network Technology Co Ltd filed Critical Qingdao Hisense Network Technology Co Ltd
Priority to CN201910487327.9A priority Critical patent/CN110753027A/en
Publication of CN110753027A publication Critical patent/CN110753027A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/26Special purpose or proprietary protocols or architectures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for verifying a weak password of equipment in a UPnP protocol, wherein the method comprises the steps of periodically scanning online equipment in a network based on the UPnP protocol, acquiring a description document of the online equipment, and determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment; and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library. According to the equipment description information in the whole network, the specific information of each monitoring equipment is obtained by screening, and the UPNP protocol is improved, so that the UPNP protocol can perform periodic weak password detection on the universal video monitoring equipment according to a weak password library to detect the video equipment with the weak password, and the specific description information of all the equipment with the weak password is sorted, thereby providing early warning for the system and reducing the workload of manual detection.

Description

Method and device for verifying weak password of equipment of UPnP protocol
Technical Field
The embodiment of the invention relates to the technical field of traffic, in particular to a method and a device for verifying a weak password of equipment of a Universal Plug and play (UPnP) protocol.
Background
In the field of domestic monitoring at present, a camera, NVR (network video recorder) and DVR (digital video recorder) are main devices in a video monitoring system and are also sources for acquiring video information and evidence, so that the devices are effectively protected, external illegal control can be prevented, and malicious behaviors are prevented. Because the initial password of the monitoring equipment is too simple or related personnel are left out of setting the safe equipment password, most of the video equipment in the network has the hidden trouble of security loophole, on one hand, the detection workload caused by the fact that whether the manual work is safe to the passwords of a large number of different manufacturers is increased, and on the other hand, the serious consequences of the malicious invasion of hackers and lawbreakers on the whole video network are easily caused. Therefore, the scanning and the detection of the security of the password of the video equipment can reduce the workload of manually searching and detecting the monitoring equipment of different manufacturers, reduce the potential safety hazard of the password of the equipment to the video network and save the investment of labor cost.
The weak password detection method of the equipment follows the following two principles: (1) based on the existing video special networking environment, on the premise of ensuring that the normal use of the video is not influenced, video equipment in the network is automatically detected, and detailed description information of the equipment is output. (2) The detection method needs to be compatible with all video devices in the network and periodically detect the security of each video device according to a perfect weak password library. However, most of the existing methods do not meet the requirements in terms of automatic detection equipment or equipment compatibility. According to the scheme, weak password analysis is carried out on a current account by front-end equipment, when weak passwords exist in the front-end equipment, weak password marks are carried in a registration message sent to video management gateway equipment, although weak password detection can be carried out, the equipment is required to have a weak password analysis function, the front-end equipment mostly does not have a function of detecting the weak passwords and a development interface, the compatibility of the detection equipment cannot meet the requirement for reality, and the compatibility weak password detection of multi-brand equipment is not considered.
Disclosure of Invention
The embodiment of the invention provides a method and a device for verifying a weak password of equipment in a UPnP protocol, which are used for reducing the workload of manual detection and preventing illegal equipment from invading.
The method for verifying the weak password of the equipment of the UPnP protocol provided by the embodiment of the invention comprises the following steps:
periodically scanning online equipment in the network based on the UPnP protocol, and acquiring a description document of the online equipment;
determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment;
and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library.
In the technical scheme, the specific information of each monitoring device is obtained by screening according to the description information of the devices in the whole network, and the UPNP protocol is improved, so that the UPNP protocol can perform periodic weak password detection on the universal video monitoring devices according to a weak password library to detect the video devices with weak passwords, and arrange the specific description information of all the devices with weak passwords, provide early warning for a system, reduce the workload of manual detection and prevent illegal device intrusion.
Optionally, the performing weak password verification on the monitoring device according to a weak password library includes:
and performing weak password verification on the monitoring equipment based on an RTSP (Real Time Streaming Protocol) Protocol according to the weak password library.
Optionally, the performing weak password verification on the monitoring device includes:
and determining whether the monitoring equipment is successfully matched with the weak password in the previous period, if not, determining a weak password index which is not successfully matched in the previous period in the weak password library, and performing RTSP (real time streaming protocol) weak password verification on the monitoring equipment according to the next weak password index of the weak password index which is not successfully matched.
Optionally, after performing weak password authentication on the monitoring device, the method further includes:
and counting the monitoring equipment successfully matched with the weak password and the weak password successfully matched in the current period, and performing early warning prompt.
Optionally, after performing weak password authentication on the monitoring device, the method further includes:
and when the monitoring equipment is not successfully matched with the weak password in the current period, determining whether the monitoring equipment is locked, if so, waiting for the unlocking of the monitoring equipment and then continuing to periodically verify the weak password.
Correspondingly, the embodiment of the invention also provides a device for verifying the weak password of the equipment based on the UPnP protocol, which comprises:
the acquisition unit is used for periodically scanning online equipment in the network based on the UPnP protocol and acquiring a description document of the online equipment;
the processing unit is used for determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment; and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library.
Optionally, the processing unit is specifically configured to:
and carrying out weak password verification on the monitoring equipment based on an RTSP (real time streaming protocol) according to the weak password library.
Optionally, the processing unit is specifically configured to:
and determining whether the monitoring equipment is successfully matched with the weak password in the previous period, if not, determining a weak password index which is not successfully matched in the previous period in the weak password library, and performing RTSP (real time streaming protocol) weak password verification on the monitoring equipment according to the next weak password index of the weak password index which is not successfully matched.
Optionally, the processing unit is further configured to:
and after the monitoring equipment is subjected to weak password verification, counting the monitoring equipment successfully matched with the weak password and the weak password successfully matched in the current period, and performing early warning prompt.
Optionally, the processing unit is further configured to:
after the monitoring equipment is subjected to weak password verification, when the monitoring equipment is not successfully matched with a weak password in the current period, whether the monitoring equipment is locked is determined, if yes, the monitoring equipment continues to periodically perform the weak password verification after being unlocked.
Correspondingly, an embodiment of the present invention further provides a computing device, including:
a memory for storing program instructions;
and the processor is used for calling the program instructions stored in the memory and executing the method for verifying the weak password of the equipment in the UPnP protocol according to the obtained program.
Correspondingly, the embodiment of the invention also provides a computer-readable non-volatile storage medium, which comprises computer-readable instructions, and when the computer reads and executes the computer-readable instructions, the computer is enabled to execute the method for verifying the weak password of the equipment in the UPnP protocol.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of a system architecture according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a method for verifying a weak password of a device in a UPnP protocol according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating a description document according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus for weak password authentication of a device in a UPnP protocol according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 illustrates an exemplary system architecture, which may be a gateway device 100, including a processor 110, a communication interface 120, and a memory 130, to which embodiments of the present invention are applicable.
The communication interface 120 is used for communicating with a terminal device, and transceiving information transmitted by the terminal device to implement communication.
The processor 110 is a control center of the gateway apparatus 100, connects various parts of the entire gateway apparatus 100 using various interfaces and routes, and performs various functions of the gateway apparatus 100 and processes data by running or executing software programs and/or modules stored in the memory 130 and calling data stored in the memory 130. Alternatively, processor 110 may include one or more processing units.
The memory 130 may be used to store software programs and modules, and the processor 110 executes various functional applications and data processing by operating the software programs and modules stored in the memory 130. The memory 130 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to a business process, and the like. Further, the memory 130 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
It should be noted that the structure shown in fig. 1 is only an example, and the embodiment of the present invention is not limited thereto.
Based on the above description, fig. 2 exemplarily shows a flow of a method for device weak password authentication in UPnP protocol according to an embodiment of the present invention, where the flow may be performed by an apparatus for device weak password authentication in UPnP protocol, and the apparatus may be located in the gateway device 100 shown in fig. 1, or may be the gateway device 100.
As shown in fig. 2, the process specifically includes:
step 201, periodically scanning online devices in the network based on the UPnP protocol, and acquiring a description document of the online device.
In the embodiment of the present invention, UPnP is a structure in which various smart devices, wireless devices, personal computers, and the like realize peer-to-peer network connection (P2P) throughout the world, and UPnP protocol is universal plug and play. In the application of monitoring items, monitoring equipment and non-monitoring equipment (computers, printers and the like) in a network can be effectively distinguished by judging the equipment type and equipment manufacturer.
The following will describe in detail a process of scanning online devices in a network to obtain a description document of the online device:
first, UPnP device discovery.
The online detection and discovery of the equipment are the premise of the weak password security detection and early warning of the equipment. The method performs online device scanning based on a UPnP protocol. The specific method comprises the following steps:
first, UPnP device addressing.
First, send DHCPDISCOVER message to DHCP gateway device, if the device does not receive dhcpofferas response message in the designated time, the device must use Auto-IP to complete the setting of IP address. When using Auto-IP, the device looks for free addresses in the address range 169.254/169.16. After selecting an address, the device tests whether this address is in use. If the address is occupied, repeating the searching process until an unoccupied address is found, wherein the execution of the process needs the support of an underlying operating system, and the address selection process is random so as to avoid multiple conflicts when multiple devices select the address. To test whether the selected address is unoccupied, the device must use Address Resolution Protocol (ARP). An ARP query request sets the hardware address of the sender to the hardware address of the device, and the IP address of the sender is all 0 s. The device should listen for an ARP query response or whether there is an ARP query request with the same IP address. If found, the device must try a new address until the set IP address is obtained.
Second, UPnP device discovery.
Once the device is connected to the network and the address is assigned, a device discovery operation is performed. Device discovery is the first step in a UPnP network implementation. After a device discovery operation, the control point may discover the device of interest and cause the control point to obtain a description of the device capabilities, while the control point may also send commands to the device, listen for changes in the device's status, and add the online device to the list.
When a device joins a network, the device discovery process allows the device to inform a control point on the network of the services it provides. When a control point joins a network, the device discovery process allows the control point to find devices of interest on the network. In both cases, the basic exchanged information is the discovery message. The discovery message includes some specific information of the device or information of a certain service, such as its type, identifier, and pointer to an XML device description document.
When a new device joins the network, if it has multiple embedded devices, it will multicast a series of discovery messages, disclosing its devices and services. Any interested control point can listen for available new service notification messages at this standard multi-destination address. Similarly, when a control point joins the network, it multicast discovery messages looking for related devices or services. All devices must listen for these messages on the standard multicast address and automatically respond to discovery messages when there is a matching device or service. When a device is removed from the network, it should also issue a series of assertions indicating that the device contains devices and services that have failed.
The control point discovers devices and services using SSDP (Simple Service Discovery Protocol) and the devices announce their presence to the control point using SSDP. SSDP broadcasts in UDP multicast using one variant of HTTP and replies in UDP unicast using another variant of HTTP. One device may contain other devices, each with its own services. The device is identified by its type and a unique identifier. Services are identified by their type. To SEARCH for a device or service on the network, the control point transmits an M-SEARCH command of HTTP to the address 239.255.255.250:1900 using UDP multicast packets. Any device on the network that serves the control point search criteria sends back a UDP unicast reply containing the URL address to its descriptive document. A control point will go into the description phase if it receives one or more acceptable responses-when a control point issues a search request, the request contains in the SSDP header the length of time it is willing to wait. The matching device will wait randomly for a period of time between 0 and the time indicated by the control point before responding. If the control point does not receive any response before his search time has timed out, he considers that there is no matching device on the current network. The devices do not have to wait for the control point to search for their services. They can announce their device availability using a NOTIFY command that sends SSDP to the 239.255.255.250:1900 multicast address. When the control points obtain this NOTIFY multicast, they can use standard HTTP GET commands to request the URL address provided in the NOTIFY message to obtain the device's description document. Devices must send out an announcement message when their service is not available.
And thirdly, acquiring the UPnP device description document.
When the control point locates a service it wants to know more and thus will request a description document. The description is an XML document used to describe a device, including:
① manufacturer information, version, others.
② the URL address of the icon that the device employs.
③ list of embedded devices.
④ list of services offered by the device.
The control point requests the descriptive document using HTTP over TCP. According to the description document, information such as whether the current equipment is monitoring equipment and the manufacturer of the equipment can be located, before logging in by using the weak password library, the monitoring equipment which is discovered according to the UPnP and the description document thereof are required to be gathered to be used for logging in and detecting the weak password library. Fig. 3 shows a description document.
Step 202, determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment.
Judging whether the current equipment is the monitoring equipment or not according to whether the Description in the UPnP Description information is the IP Camera, the Network Video Recorder and the Digital Video Recorder which are used in the monitoring equipment or not, and judging whether a manufacturer is provided for the monitoring equipment or not according to the Manufacture Name, thereby judging whether the current equipment is the monitoring equipment used in the Network or not.
And 203, if the online equipment is monitoring equipment, performing weak password verification on the monitoring equipment according to a weak password library.
The weak password authentication is performed on the monitoring equipment based on the RTSP according to the weak password library. Specifically, whether the monitoring equipment is successfully matched with the weak password in the previous period is determined, if not, the weak password index which is not successfully matched in the previous period is determined in the weak password library, and the monitoring equipment is subjected to RTSP protocol weak password verification according to the next weak password index of the successfully unmatched weak password index.
Because the UPnP protocol does not have the weak password authentication function, the UPnP protocol is improved, and the weak password login authentication can be performed after the UPnP protocol passes through the positioning monitoring equipment.
RTSP (real-time streaming media protocol) extension support is added into the UPnP protocol, and the RTSP can be used for carrying out remote control and login authentication on a streaming media server. The transmission data can pass TCP and UDP protocols of a transmission layer to achieve the authentication of the equipment password information.
For example, the process of weak password verification includes:
1. the RTSP client sends a DESCRIBE command.
2. The monitoring device responds 401 with an error indicating that username-password authentication is required.
3. The RTSP client sends again a DESCRIBE command, which contains valid information such as a user name and a password, wherein the password is sent by using the MD5 algorithm.
4. The server responds to the success or failure of the authentication.
Because the monitoring equipment has the service in the RTSP protocol format, the UPnP extended RTSP mode login can effectively avoid the incompatibility among SDKs of different manufacturers so as to achieve the verification login of the universal monitoring equipment, and the specific flow is as follows:
step 1: and sending an options command to the UPnP discovered online device, inquiring about which methods are available, returning 200OK by the monitoring device, and displaying all available methods provided.
Step 2: and sending a DESCRIBE command to the monitoring device to acquire the provided media initialization description information.
The monitoring equipment responds 401 with an error, which indicates that user name and password authentication is needed, and returns to nonce for further encryption.
Step 3: and sending a DESCRIBE instruction to the monitoring equipment again, wherein the instruction contains effective information such as a user name and a password, reading a piece of weak password information from the weak password library as a password, and encrypting and sending the password by adopting an MD5 algorithm.
And the server successfully or unsuccessfully responds, and verifies whether the weak password information can normally log in the equipment or not according to the return value.
Step 4: and determining whether the weak password login is successful.
It should be noted that after the monitoring device is verified by the weak password, the monitoring device successfully matched with the weak password and the weak password successfully matched with the weak password in the current period may be counted, and an early warning prompt is performed. And meanwhile, when the monitoring equipment is not successfully matched with the weak password in the current period, determining whether the monitoring equipment is locked, and if so, continuing to periodically perform weak password verification after waiting for the unlocking of the monitoring equipment. Because each monitoring device can be locked when the login error exceeds a certain limit according to brand differentiation, and the current IP cannot be logged in after the locking, the monitoring device waits for a certain time after detecting different times of device locking according to different brands, and continues to periodically verify the weak password after the device is unlocked.
In order to better explain the weak password authentication process, the embodiment of the invention provides a UPnP protocol-based device weak password authentication process:
step 1: and reading the weak password library file, starting UPnP scanning, scanning the online equipment in the network, judging as the monitoring equipment, and then switching to the next step.
Step 2: if the device currently being scanned has previously successfully matched the weak password, the weak password detection for this device is ended. Otherwise, go to the next step.
Step 3: and matching the last failed weak password index of the current monitoring equipment, and performing RTSP (real time streaming protocol) login verification according to the next weak password index.
Step 4: and updating the matching result, starting to wait for the equipment unlocking time if the period is finished, and otherwise, verifying the next period.
Step 5: after the whole process is finished, counting all the equipment information searched in the weak password library and the matched weak passwords in the database, presenting the monitoring equipment with the weak password risk in the current network to the user, and giving an early warning prompt.
The embodiment shows that the online equipment in the network is periodically scanned based on the UPnP protocol, the description document of the online equipment is obtained, and whether the online equipment is the monitoring equipment or not is determined according to the description document of the online equipment; and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library. According to the equipment description information in the whole network, the specific information of each monitoring equipment is obtained by screening, and a UPNP protocol is improved, so that the UPNP protocol can perform periodic weak password detection on the universal video monitoring equipment according to a weak password library to detect the video equipment with the weak password, and arrange the specific description information of all the equipment with the weak password, thereby providing early warning for a system, reducing the workload of manual detection and preventing illegal equipment intrusion.
The method for verifying the weak password of the equipment of the UPnP protocol provided by the embodiment of the invention takes the UPnP as an online monitoring equipment discovery mode, performs full coverage scanning on the media equipment in the network, obtains monitoring equipment information by screening description information, performs weak password detection verification on the monitoring equipment in the video private network by expanding RTSP login equipment verification, determines the monitoring equipment with the weak password in the network, and improves the safety of the equipment in the video private network. Meanwhile, on the premise of not influencing the normal use of the monitoring equipment, weak password safety detection is periodically carried out on the monitoring equipment in the network, and the safety of the video monitoring equipment is automatically and periodically monitored.
The invention has the advantages that all online monitoring equipment in the network is discovered through the UPnP protocol, and weak password login is verified through an extended RTSP mode, so that the weak password security detection and early warning of the monitoring equipment are realized. Compared with the defects that the conventional method needs manual detection one by one and different equipment manufacturers need to distinguish SDKs for detection, the method and the device can periodically perform weak password security detection on the monitoring equipment in the network on the premise of not influencing the normal use of the equipment. The normal operation of the monitoring equipment can be guaranteed, negligence and labor cost caused by manual detection can be reduced, the safety intelligent monitoring of the monitoring equipment is really realized, and the monitoring equipment has more practical application value and application effect.
Based on the same technical concept, fig. 4 exemplarily shows a structure of an apparatus for weak password authentication of a device in UPnP protocol according to an embodiment of the present invention, where the apparatus can perform a procedure of weak password authentication of a device in UPnP protocol, and the apparatus may be located in the gateway device 100 shown in fig. 1, or may be the gateway device 100.
As shown in fig. 4, the apparatus specifically includes:
the acquisition unit is used for periodically scanning online equipment in the network based on the UPnP protocol and acquiring a description document of the online equipment;
the processing unit is used for determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment; and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library.
Optionally, the processing unit is specifically configured to:
and carrying out weak password verification on the monitoring equipment based on an RTSP (real time streaming protocol) according to the weak password library.
Optionally, the processing unit is specifically configured to:
and determining whether the monitoring equipment is successfully matched with the weak password in the previous period, if not, determining a weak password index which is not successfully matched in the previous period in the weak password library, and performing RTSP (real time streaming protocol) weak password verification on the monitoring equipment according to the next weak password index of the weak password index which is not successfully matched.
Optionally, the processing unit is further configured to:
and after the monitoring equipment is subjected to weak password verification, counting the monitoring equipment successfully matched with the weak password and the weak password successfully matched in the current period, and performing early warning prompt.
Optionally, the processing unit is further configured to:
after the monitoring equipment is subjected to weak password verification, when the monitoring equipment is not successfully matched with a weak password in the current period, whether the monitoring equipment is locked is determined, if yes, the monitoring equipment continues to periodically perform the weak password verification after being unlocked.
Based on the same technical concept, an embodiment of the present invention further provides a computing device, including:
a memory for storing program instructions;
and the processor is used for calling the program instructions stored in the memory and executing the method for verifying the weak password of the equipment in the UPnP protocol according to the obtained program.
Based on the same technical concept, embodiments of the present invention also provide a computer-readable non-volatile storage medium, which includes computer-readable instructions, and when the computer reads and executes the computer-readable instructions, the computer is caused to execute the method for verifying the device weak password of the UPnP protocol.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (10)

1. A method for verifying a weak password of equipment based on a universal plug and play (UPnP) protocol is characterized by comprising the following steps:
periodically scanning online equipment in the network based on the UPnP protocol, and acquiring a description document of the online equipment;
determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment;
and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library.
2. The method of claim 1, wherein the weak password authentication of the monitoring device according to a weak password library comprises:
and according to the weak password library, carrying out weak password verification on the monitoring equipment based on a real-time streaming media protocol RTSP.
3. The method of claim 2, wherein the weak password verification of the monitoring device comprises:
and determining whether the monitoring equipment is successfully matched with the weak password in the previous period, if not, determining a weak password index which is not successfully matched in the previous period in the weak password library, and performing RTSP (real time streaming protocol) weak password verification on the monitoring equipment according to the next weak password index of the weak password index which is not successfully matched.
4. The method of claim 1, after performing weak password authentication on the monitoring device, further comprising:
and counting the monitoring equipment successfully matched with the weak password and the weak password successfully matched in the current period, and performing early warning prompt.
5. The method of claim 1, after performing weak password authentication on the monitoring device, further comprising:
and when the monitoring equipment is not successfully matched with the weak password in the current period, determining whether the monitoring equipment is locked, if so, waiting for the unlocking of the monitoring equipment and then continuing to periodically verify the weak password.
6. An apparatus for weak password authentication of a device based on a universal plug and play (UPnP) protocol, comprising:
the acquisition unit is used for periodically scanning online equipment in the network based on the UPnP protocol and acquiring a description document of the online equipment;
the processing unit is used for determining whether the online equipment is monitoring equipment or not according to the description document of the online equipment; and if the online equipment is monitoring equipment, carrying out weak password verification on the monitoring equipment according to a weak password library.
7. The apparatus as claimed in claim 6, wherein said processing unit is specifically configured to:
and according to the weak password library, carrying out weak password verification on the monitoring equipment based on a real-time streaming media protocol RTSP.
8. The apparatus as claimed in claim 7, wherein said processing unit is specifically configured to:
and determining whether the monitoring equipment is successfully matched with the weak password in the previous period, if not, determining a weak password index which is not successfully matched in the previous period in the weak password library, and performing RTSP (real time streaming protocol) weak password verification on the monitoring equipment according to the next weak password index of the weak password index which is not successfully matched.
9. The apparatus as recited in claim 6, said processing unit to further:
and after the monitoring equipment is subjected to weak password verification, counting the monitoring equipment successfully matched with the weak password and the weak password successfully matched in the current period, and performing early warning prompt.
10. The apparatus as recited in claim 6, said processing unit to further:
after the monitoring equipment is subjected to weak password verification, when the monitoring equipment is not successfully matched with a weak password in the current period, whether the monitoring equipment is locked is determined, if yes, the monitoring equipment continues to periodically perform the weak password verification after being unlocked.
CN201910487327.9A 2019-06-05 2019-06-05 Method and device for verifying weak password of equipment of UPnP protocol Pending CN110753027A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910487327.9A CN110753027A (en) 2019-06-05 2019-06-05 Method and device for verifying weak password of equipment of UPnP protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910487327.9A CN110753027A (en) 2019-06-05 2019-06-05 Method and device for verifying weak password of equipment of UPnP protocol

Publications (1)

Publication Number Publication Date
CN110753027A true CN110753027A (en) 2020-02-04

Family

ID=69275770

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910487327.9A Pending CN110753027A (en) 2019-06-05 2019-06-05 Method and device for verifying weak password of equipment of UPnP protocol

Country Status (1)

Country Link
CN (1) CN110753027A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304350A (en) * 2007-05-11 2008-11-12 华为技术有限公司 Method and system for accessing household network equipment as well as household network access equipment
US7581245B2 (en) * 2004-03-05 2009-08-25 Sap Ag Technique for evaluating computer system passwords
CN104683127A (en) * 2013-11-27 2015-06-03 北京神州泰岳软件股份有限公司 Method and system for centrally checking weak passwords of equipment
CN104751047A (en) * 2013-12-31 2015-07-01 北京新媒传信科技有限公司 Weak password scanning method and device
US20150304302A1 (en) * 2014-04-16 2015-10-22 Alibaba Group Holding Limited Method and apparatus of detecting weak password
CN106412031A (en) * 2016-09-14 2017-02-15 深圳市丰巨泰科电子有限公司 Internet of things device discovering and controlling method
CN108833447A (en) * 2018-08-01 2018-11-16 杭州安恒信息技术股份有限公司 A kind of IP Camera weak passwurd detection method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7581245B2 (en) * 2004-03-05 2009-08-25 Sap Ag Technique for evaluating computer system passwords
CN101304350A (en) * 2007-05-11 2008-11-12 华为技术有限公司 Method and system for accessing household network equipment as well as household network access equipment
CN104683127A (en) * 2013-11-27 2015-06-03 北京神州泰岳软件股份有限公司 Method and system for centrally checking weak passwords of equipment
CN104751047A (en) * 2013-12-31 2015-07-01 北京新媒传信科技有限公司 Weak password scanning method and device
US20150304302A1 (en) * 2014-04-16 2015-10-22 Alibaba Group Holding Limited Method and apparatus of detecting weak password
CN106412031A (en) * 2016-09-14 2017-02-15 深圳市丰巨泰科电子有限公司 Internet of things device discovering and controlling method
CN108833447A (en) * 2018-08-01 2018-11-16 杭州安恒信息技术股份有限公司 A kind of IP Camera weak passwurd detection method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
记得最初的梦想: "UPnP协议编程实践(一)", 《HTTPS://BLOG.CSDN.NET /CNCLENOVO/ARTICLE/DETAILS/38710011》 *

Similar Documents

Publication Publication Date Title
CN1714541B (en) Information processing device, server client system, method, and computer program
US8204975B2 (en) Server apparatus, client apparatus and system for securely transmitting stored content
US7418486B2 (en) Automatic discovery and configuration of external network devices
CN110493366B (en) Method and device for adding access point into network management
CN107770226B (en) Control method and device for smart home, home gateway and mobile terminal
CN111447089B (en) Terminal asset identification method and device and computer readable storage medium
CN102843546B (en) Method for connecting network camera and video workstation and video monitoring system
CN112671887B (en) Asset identification method and device, electronic equipment and computer storage medium
US20100030346A1 (en) Control system and control method for controlling controllable device such as peripheral device, and computer program for control
JP2012034129A (en) Management server, communication interruption device, information processing system, method and program
US20070274274A1 (en) Open wireless access point detection and identification
CN111193900B (en) Monitoring video sharing method and device and storage medium
CN111147527A (en) Internet of things system and equipment authentication method, device, equipment and medium thereof
CN106165497B (en) Method implemented by a communication terminal, corresponding terminal and storage medium
CN106779881A (en) Member's sharing method and device
US20070282996A1 (en) Network connection apparatus and providing service control program
KR101432039B1 (en) Method for remote monitoring using IP camera
CN112583627A (en) Networking topology structure display method and device
CN110753027A (en) Method and device for verifying weak password of equipment of UPnP protocol
CN114629725B (en) User domain dumb terminal management method, device, system and storage medium
JP2003258795A (en) Computer aggregate operating method, implementation system therefor, and processing program therefor
CN113328974B (en) Video private network monitoring method, device, equipment and storage medium
JP2005167793A (en) System and program for managing transmission information
CN109698840B (en) Method and device for detecting DHCP (dynamic host configuration protocol) malicious event
CN115242857B (en) Network camera access method, network video recorder, electronic device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20200810

Address after: 266555 Qingdao economic and Technological Development Zone, Shandong, Hong Kong Road, No. 218

Applicant after: QINGDAO HISENSE ELECTRONIC INDUSTRY HOLDING Co.,Ltd.

Address before: 266071 No. 151, Zhuzhou Road, Laoshan District, Shandong, Qingdao

Applicant before: QINGDAO HISENSE TRANSTECH Co.,Ltd.

TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20201127

Address after: Donghai West Road 266071 Shandong city of Qingdao province No. 17

Applicant after: HISENSE Co.,Ltd.

Address before: 266555 Qingdao economic and Technological Development Zone, Shandong, Hong Kong Road, No. 218

Applicant before: QINGDAO HISENSE ELECTRONIC INDUSTRY HOLDING Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200204