CN111309311A - Vulnerability detection tool generation method, device, equipment and readable storage medium - Google Patents
Vulnerability detection tool generation method, device, equipment and readable storage medium Download PDFInfo
- Publication number
- CN111309311A CN111309311A CN202010143934.6A CN202010143934A CN111309311A CN 111309311 A CN111309311 A CN 111309311A CN 202010143934 A CN202010143934 A CN 202010143934A CN 111309311 A CN111309311 A CN 111309311A
- Authority
- CN
- China
- Prior art keywords
- script
- target
- vulnerability
- detection tool
- vulnerability detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a vulnerability detection tool generation method, which comprises the following steps: acquiring and analyzing a generation instruction, and determining a target vulnerability specified by the generation instruction; acquiring a vulnerability script corresponding to a target vulnerability, and adding an entry code to the vulnerability script to obtain a target script; determining a scripting language corresponding to the target script, and converting the target script into a target format according to the scripting language to obtain a vulnerability detection tool; according to the method, a targeted development method is not needed to be adopted to write a development vulnerability detection tool, the existing vulnerability script is processed by adding an entry code, and then format conversion processing is carried out, so that the vulnerability detection tool can be obtained, and the development time of the vulnerability detection tool is reduced; in addition, the invention also provides a vulnerability detection tool generation device, equipment and a computer readable storage medium, and the vulnerability detection tool generation device, the equipment and the computer readable storage medium also have the beneficial effects.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a vulnerability detection tool generation method, a vulnerability detection tool generation apparatus, vulnerability detection tool generation equipment, and a computer-readable storage medium.
Background
With the rapid development of the internet, the vulnerabilities of various operating systems and application software in the internet are increasing. For a burst vulnerability, the task of timely vulnerability detection becomes very slow.
After a certain vulnerability is exploded in the internet, the vulnerability is detected to detect whether the target terminal has the vulnerability. Generally, a vulnerability scanning system or a vulnerability detection tool is adopted to comprehensively evaluate a target terminal and detect whether the vulnerability exists. The vulnerability scanning system is developed by a professional security manufacturer, the system disk occupies a large space and is not beneficial to installation and deployment, the installation, deployment and use of the vulnerability scanning system are relatively complex, and certain network security technical requirements are imposed on users, so that in actual situations, the number of terminals provided with the vulnerability scanning system is small, and a large number of common users cannot install or use the vulnerability scanning system. The vulnerability detection tool is specially developed for a certain vulnerability and is small in occupied space, simple to install, low in requirement on a user and convenient to use by a common user. In an actual scenario, once a specific vulnerability is exploded, a security manufacturer can upgrade the vulnerability scanning system aiming at the vulnerability so as to improve the security capability of the vulnerability scanning system. However, the vulnerability detection tool needs to be developed in a targeted manner, and the development work needs a long time, so that the vulnerability detection tool cannot be developed and applied in time, and a large number of common users are attacked by attackers who use vulnerabilities.
Therefore, how to solve the problems that the existing special vulnerability detection method needs targeted development and the development work needs a long time is a technical problem to be solved by the technical personnel in the field.
Disclosure of Invention
In view of the above, the present invention provides a vulnerability detection tool generation method, a vulnerability detection tool generation apparatus, a vulnerability detection tool generation device, and a computer readable storage medium, which solve the problems that the existing specialized vulnerability detection method needs targeted development and requires a long time for development.
In order to solve the technical problem, the invention provides a vulnerability detection tool generation method, which comprises the following steps:
acquiring and analyzing a generating instruction, and determining a target vulnerability specified by the generating instruction;
acquiring a vulnerability script corresponding to the target vulnerability, and adding an entry code to the vulnerability script to obtain a target script;
and determining a scripting language corresponding to the target script, and converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool.
Optionally, the converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool includes:
determining a conversion rule corresponding to the script language according to the script language;
extracting information of the target script by using an extraction rule in the conversion rule to obtain script information;
and performing executable file generation processing on the script information by using a generation rule in the conversion rule to obtain the vulnerability detection tool.
Optionally, the determining a scripting language corresponding to the target script includes:
acquiring script attributes corresponding to the target script, and determining a file suffix corresponding to the target script by using the script attributes;
and determining the script language corresponding to the file suffix by utilizing a preset corresponding relation.
Optionally, the converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool includes:
determining a corresponding conversion tool according to the script language;
and converting the target script into the target format by using the conversion tool to obtain the vulnerability detection tool.
The invention also provides a vulnerability detection tool generation device, which comprises:
the target vulnerability determining module is used for acquiring and analyzing a generating instruction and determining a target vulnerability specified by the generating instruction;
the script language determining module is used for acquiring a vulnerability script corresponding to the target vulnerability and adding an entry code to the vulnerability script to obtain a target script;
and the tool generation module is used for determining a script language corresponding to the target script, and converting the target script into a target format according to the script language to obtain the vulnerability detection tool.
Optionally, the tool generation module includes:
the conversion rule determining unit is used for determining a conversion rule corresponding to the script language according to the script language;
the script information acquisition unit is used for extracting information of the target script by using an extraction rule in the conversion rule to obtain script information;
and the first conversion unit is used for generating an executable file for the script information by using a generation rule in the conversion rule to obtain the vulnerability detection tool.
Optionally, the tool generation module includes:
a file suffix determining unit, configured to obtain a script attribute corresponding to the target script, and determine a file suffix corresponding to the target script by using the script attribute;
and the script language determining unit is used for determining the script language corresponding to the file suffix by utilizing a preset corresponding relation.
Optionally, the tool generation module includes:
the conversion tool determining unit is used for determining a corresponding conversion tool according to the script language;
and the second conversion unit is used for converting the target script into the target format by using the conversion tool to obtain the vulnerability detection tool.
The invention also provides vulnerability detection tool generation equipment, which comprises a memory and a processor, wherein:
the memory is used for storing a computer program;
the processor is configured to execute the computer program to implement the vulnerability detection tool generation method.
The invention further provides a computer readable storage medium for storing a computer program, wherein the computer program realizes the vulnerability detection tool generation method when being executed by a processor.
The vulnerability detection tool generation method provided by the invention obtains and analyzes the generation instruction, and determines the target vulnerability specified by the generation instruction. And acquiring a vulnerability script corresponding to the target vulnerability, and adding an entry code to the vulnerability script to obtain the target script. And determining a scripting language corresponding to the target script, and converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool.
Therefore, after the specified target vulnerability is determined, the vulnerability script corresponding to the target vulnerability is determined, and the target script which can be converted is obtained by adding the entry codes to the vulnerability script. And after determining the script language corresponding to the target script, converting the target script to obtain the vulnerability detection tool. According to the method, a targeted development method is not needed to write a development vulnerability detection tool, and the vulnerability detection tool can be obtained by adding entry codes to an existing vulnerability script and then performing format conversion processing. The development time of a vulnerability detection tool is reduced, a large number of common users can avoid attacks initiated by attackers by utilizing vulnerabilities, and the problems that the existing special vulnerability detection method needs targeted development and the development work needs long time are solved.
In addition, the invention also provides a vulnerability detection tool generation device, vulnerability detection tool generation equipment and a computer readable storage medium, and the vulnerability detection tool generation device, the vulnerability detection tool generation equipment and the computer readable storage medium have the beneficial effects.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a vulnerability detection tool generation method according to an embodiment of the present invention;
fig. 2 is a flowchart of a specific format conversion method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a vulnerability detection tool generation apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a vulnerability detection tool generation device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a flowchart illustrating a method for generating a vulnerability detection tool according to an embodiment of the present invention. The method comprises the following steps:
s101: and acquiring and analyzing the generation instruction, and determining a target vulnerability specified by the generation instruction.
Specifically, all or part of the steps of the vulnerability detection tool generation method provided by the present invention may be completed by a designated device or terminal, for example, a designated Windows system computer. The generation instruction is used for designating a target vulnerability, after the generation instruction is received, the generation instruction is analyzed so as to determine the target vulnerability, and a vulnerability detection tool for detecting the target vulnerability is generated in the subsequent steps. The type of the target vulnerability can be a vulnerability of a Windows operating system, or can be a vulnerability of a Linux operating system, or can be other types of vulnerabilities. The specific content of the generation instruction is not limited in this embodiment. In order to specify the target vulnerability, the generation instruction may include vulnerability information, where the vulnerability information may specifically be a name of the target vulnerability or a serial number of the target vulnerability. The target vulnerability specified by the generation instruction can be determined according to the vulnerability information.
The embodiment does not limit the method for acquiring the generation instruction, and for example, the generation instruction input by a control person may be acquired, or the generation instruction sent by another device or terminal may be acquired. When the generation instruction is obtained by obtaining the generation instruction input by the controller, the embodiment does not limit a specific input method of the generation instruction, for example, the controller may manually input the generation instruction; or preset rules can be set, and control personnel input or select the target vulnerability and construct a corresponding generation instruction according to the preset rules after clicking is determined.
S102: and acquiring a vulnerability script corresponding to the target vulnerability, and adding an entry code to the vulnerability script to obtain the target script.
And after the target vulnerability is determined, acquiring a vulnerability script corresponding to the target vulnerability. The embodiment does not limit the specific method for acquiring the vulnerability script, and for example, the vulnerability script may be acquired from a vulnerability library of a specified vulnerability scanning system, or may be sent by other devices or terminals, or may be uploaded by control personnel. The vulnerability code is a script in a vulnerability library used by the vulnerability scanning system, and is used for the vulnerability scanning system to call and analyze and further scan, and the vulnerability code is specifically an unexecutable vulnerability script, for example, a JS script, a Python script or a Lua script. Since the vulnerability script is not executable, the vulnerability script cannot be used as a vulnerability detection tool, and in order to quickly obtain the vulnerability detection tool, the corresponding vulnerability detection tool can be obtained by performing format conversion processing on the vulnerability detection tool.
It should be noted that, since the vulnerability script is originally used for the vulnerability scanning system to perform call analysis, it cannot be directly subjected to format conversion. And after the vulnerability script is obtained, adding an entry code to the vulnerability script to obtain a target script so as to perform format conversion processing. The specific form of the entry code is not limited in this embodiment, and the form and content of the entry code corresponding to the vulnerability script are different according to the difference of the scripting language of the vulnerability script. The target script is a script which can be subjected to format conversion, and a vulnerability detection tool corresponding to the target vulnerability can be obtained by using the target script.
S103: and determining a scripting language corresponding to the target script, and converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool.
The target scripts of different scripting languages have different writing rules, and in order to convert the target scripts into the target format, the scripting language corresponding to the target scripts needs to be determined before conversion. It should be noted that the target format is an executable file format, and the vulnerability detection tool is obtained after the target script is converted into the executable file format. The present application does not limit the method for determining the script language corresponding to the target script, and for example, the script language corresponding to the target script may be determined according to the content of the target script, and specifically, information such as syntax of a code in the target script may be detected to determine the script language corresponding to the target script.
Further, in order to accurately determine the script language, in this embodiment, preferably, a script attribute corresponding to the target script is obtained, and a file suffix corresponding to the target script is determined by using the script attribute; and determining the script language corresponding to the file suffix by utilizing the preset corresponding relation. The script attribute is used to record an attribute of the target script, that is, a file attribute of the target script. The script attribute records a file suffix of the target script, and the file suffix can indicate the file type of the target script. The preset corresponding relation is set for recording the corresponding relation between various script languages and the suffixes of the files, after the suffixes of the files corresponding to the target scripts are determined, the script languages corresponding to the suffixes of the files can be determined by utilizing the preset corresponding relation, and the script languages corresponding to the target scripts can be determined. For example, when the target script is named as a vul, the script attribute of the vul script may be obtained, and the file suffix corresponding to the vul, for example, py, may be determined from the script attribute. When the file suffix is determined to be py, the target script can be determined to be written by Python language according to the preset corresponding relation, namely the corresponding script language is Python.
Further, after obtaining the vulnerability detection tool, subsequent operations may be performed, such as sending the vulnerability detection tool to the target device; or a generation completion notification may be issued; or the vulnerability detection tool can be detected to judge whether errors exist. The present embodiment does not limit the specific content of the subsequent operation.
By applying the vulnerability detection tool generation method provided by the embodiment of the invention, after the specified target vulnerability is determined, the vulnerability script corresponding to the target vulnerability is determined, and the target script which can be converted is obtained by adding the entry code to the vulnerability script. And after determining the script language corresponding to the target script, converting the target script to obtain the vulnerability detection tool. According to the method, a targeted development method is not needed to write a development vulnerability detection tool, and the vulnerability detection tool can be obtained by adding entry codes to an existing vulnerability script and then performing format conversion processing. The development time of a vulnerability detection tool is reduced, a large number of common users can avoid attacks initiated by attackers by utilizing vulnerabilities, and the problems that the existing special vulnerability detection method needs targeted development and the development work needs long time are solved.
Based on the above embodiments of the invention, a specific format conversion method will be described in the embodiments of the invention. Referring to fig. 2, fig. 2 is a flowchart of a specific format conversion method according to an embodiment of the present invention, including:
s201: and determining a conversion rule corresponding to the script language according to the script language.
It should be noted that, in the embodiment of the present invention, the target script is converted into the target format by using the conversion rule, that is, the file format may be executed. Because different scripting languages have different grammar rules, the conversion rules corresponding to the different scripting languages are different, and before the target script is converted, the conversion rules corresponding to the scripting languages need to be determined. Specifically, conversion rules corresponding to various scripting languages may be stored locally, and after a scripting language corresponding to a target script is determined, conversion rules corresponding to the scripting language may be obtained by using index information.
S202: and performing information extraction processing on the target script by using an extraction rule in the conversion rule to obtain script information.
In an embodiment of the present invention, the conversion rule includes an extraction rule and a generation rule. The extraction rule is used for carrying out information extraction processing on the target script to obtain script information; and the generation rule is used for processing the script information to generate a vulnerability detection tool. Because the corresponding writing rules of different scripting languages are different, the extraction rules in different conversion rules are different. The generation rules in different conversion rules may be the same or different, for example, different generation rules may be set for different scripting languages in order to ensure generation reliability and prevent a vulnerability detection tool from malfunctioning; or the same generation rule may be set for different scripting languages in order to ensure consistency.
The script information is used to generate a vulnerability detection tool, the specific content of the vulnerability detection tool is not limited in this embodiment, and the script information corresponding to different target scripts has different contents.
S203: and performing executable file generation processing on the script information by using a generation rule in the conversion rule to obtain a vulnerability detection tool.
And after obtaining the script information, performing executable file generation processing on the script information by using a generation rule in the conversion rule. The vulnerability detection tool can be obtained by processing the script information according to the generation rule without manually writing the vulnerability detection tool by developers, so that the development time of the vulnerability detection tool is reduced, a large number of common users can also avoid attacks initiated by attackers by utilizing vulnerabilities, and the problems that the existing special vulnerability detection method needs targeted development and the development work needs long time are solved.
Further, in order to improve the generation speed and the generation efficiency of the vulnerability detection tool, in this embodiment, it is preferable that a plurality of conversion tools are preset, and the script language corresponding to each conversion tool is different. When the step of converting the target script into the target format according to the scripting language to obtain the vulnerability detection tool is executed, the corresponding conversion tool can be determined according to the scripting language, and the target script is converted into the target format by using the conversion tool to obtain the vulnerability detection tool. Specifically, the conversion tool can be used for simultaneously completing two steps of script information extraction and executable file generation processing, and the generation speed of the vulnerability detection tool is improved. For example, when the target script is vulpy, the corresponding scripting language is Python, and therefore the corresponding conversion tool is determined to be a pyinstaller tool according to the scripting language, and the target script is subjected to format conversion processing by the pyinstaller tool, so that the vulnerability detection tool can be obtained.
In the following, the vulnerability detection tool generation apparatus provided by the embodiment of the present invention is introduced, and the vulnerability detection tool generation apparatus described below and the vulnerability detection tool generation method described above may be referred to in correspondence.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a vulnerability detection tool generation apparatus according to an embodiment of the present invention, including:
the target vulnerability determining module 310 is configured to obtain and analyze the generation instruction, and determine a target vulnerability specified by the generation instruction;
the target script obtaining module 320 is configured to obtain a vulnerability script corresponding to a target vulnerability, and add an entry code to the vulnerability script to obtain a target script;
and the tool generation module 330 is configured to determine a scripting language corresponding to the target script, and convert the target script into a target format according to the scripting language to obtain a vulnerability detection tool.
Optionally, the tool generation module 330 includes:
the conversion rule determining unit is used for determining a conversion rule corresponding to the script language according to the script language;
the script information acquisition unit is used for extracting information of the target script by using the extraction rule in the conversion rule to obtain script information;
and the first conversion unit is used for generating an executable file for the script information by using a generation rule in the conversion rule to obtain a vulnerability detection tool.
Optionally, the tool generation module 330 includes:
the file suffix determining unit is used for acquiring script attributes corresponding to the target script and determining a file suffix corresponding to the target script by using the script attributes;
and the script language determining unit is used for determining the script language corresponding to the file suffix by utilizing the preset corresponding relation.
Optionally, the tool generation module 330 includes:
the conversion tool determining unit is used for determining a corresponding conversion tool according to the script language;
and the second conversion unit is used for converting the target script into a target format by using a conversion tool to obtain the vulnerability detection tool.
In the following, the vulnerability detection tool generation device provided by the embodiment of the present invention is introduced, and the vulnerability detection tool generation device described below and the vulnerability detection tool generation method described above may be referred to in correspondence with each other.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a vulnerability detection tool generation device according to an embodiment of the present invention, where the vulnerability detection tool generation device includes a memory and a processor, where:
a memory 410 for storing a computer program;
the processor 420 is configured to execute a computer program to implement the vulnerability detection tool generation method.
In the following, the computer-readable storage medium provided by the embodiment of the present invention is introduced, and the computer-readable storage medium described below and the vulnerability detection tool generation method described above may be referred to correspondingly.
The invention further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the vulnerability detection tool generation method.
The computer-readable storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it should also be noted that, herein, relationships such as first and second, etc., are intended only to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
The above detailed descriptions of the vulnerability detection tool generation method, the vulnerability detection tool generation device, the vulnerability detection tool generation equipment and the computer readable storage medium provided by the present invention are provided, and specific examples are applied in the text to explain the principle and the implementation of the present invention, and the descriptions of the above embodiments are only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A vulnerability detection tool generation method is characterized by comprising the following steps:
acquiring and analyzing a generating instruction, and determining a target vulnerability specified by the generating instruction;
acquiring a vulnerability script corresponding to the target vulnerability, and adding an entry code to the vulnerability script to obtain a target script;
and determining a scripting language corresponding to the target script, and converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool.
2. The vulnerability detection tool generation method according to claim 1, wherein the converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool comprises:
determining a conversion rule corresponding to the script language according to the script language;
extracting information of the target script by using an extraction rule in the conversion rule to obtain script information;
and performing executable file generation processing on the script information by using a generation rule in the conversion rule to obtain the vulnerability detection tool.
3. The vulnerability detection tool generation method of claim 1, wherein the determining the scripting language corresponding to the target script comprises:
acquiring script attributes corresponding to the target script, and determining a file suffix corresponding to the target script by using the script attributes;
and determining the script language corresponding to the file suffix by utilizing a preset corresponding relation.
4. The vulnerability detection tool generation method according to any one of claims 1 to 3, wherein the converting the target script into a target format according to the scripting language to obtain the vulnerability detection tool comprises:
determining a corresponding conversion tool according to the script language;
and converting the target script into the target format by using the conversion tool to obtain the vulnerability detection tool.
5. A vulnerability detection tool generation apparatus, comprising:
the target vulnerability determining module is used for acquiring and analyzing a generating instruction and determining a target vulnerability specified by the generating instruction;
the target script obtaining module is used for obtaining a vulnerability script corresponding to the target vulnerability and adding an entry code to the vulnerability script to obtain a target script;
and the tool generation module is used for determining a script language corresponding to the target script, and converting the target script into a target format according to the script language to obtain the vulnerability detection tool.
6. The vulnerability detection tool generation apparatus of claim 5, wherein the tool generation module comprises:
the conversion rule determining unit is used for determining a conversion rule corresponding to the script language according to the script language;
the script information acquisition unit is used for extracting information of the target script by using an extraction rule in the conversion rule to obtain script information;
and the first conversion unit is used for generating an executable file for the script information by using a generation rule in the conversion rule to obtain the vulnerability detection tool.
7. The vulnerability detection tool generation apparatus of claim 5, wherein the tool generation module comprises:
a file suffix determining unit, configured to obtain a script attribute corresponding to the target script, and determine a file suffix corresponding to the target script by using the script attribute;
and the script language determining unit is used for determining the script language corresponding to the file suffix by utilizing a preset corresponding relation.
8. The vulnerability detection tool generation apparatus of any of claims 5 to 7, wherein the tool generation module comprises:
the conversion tool determining unit is used for determining a corresponding conversion tool according to the script language;
and the second conversion unit is used for converting the target script into the target format by using the conversion tool to obtain the vulnerability detection tool.
9. A vulnerability detection tool generation device, comprising a memory and a processor, wherein:
the memory is used for storing a computer program;
the processor is configured to execute the computer program to implement the vulnerability detection tool generation method according to any of claims 1 to 4.
10. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the vulnerability detection tool generation method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010143934.6A CN111309311B (en) | 2020-03-04 | 2020-03-04 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010143934.6A CN111309311B (en) | 2020-03-04 | 2020-03-04 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111309311A true CN111309311A (en) | 2020-06-19 |
| CN111309311B CN111309311B (en) | 2023-04-25 |
Family
ID=71160333
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010143934.6A Active CN111309311B (en) | 2020-03-04 | 2020-03-04 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111309311B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070113282A1 (en) * | 2005-11-17 | 2007-05-17 | Ross Robert F | Systems and methods for detecting and disabling malicious script code |
| US20160110547A1 (en) * | 2014-10-21 | 2016-04-21 | Veracode, Inc. | Systems and methods for analysis of cross-site scripting vulnerabilities |
| CN105991554A (en) * | 2015-02-04 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Vulnerability detection method and equipment |
| CN107145784A (en) * | 2017-05-04 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of method of vulnerability scanning, device and computer-readable medium |
| CN107454081A (en) * | 2017-08-07 | 2017-12-08 | 四川长虹电器股份有限公司 | The method for automatically generating POC scripts |
| CN108011898A (en) * | 2018-01-30 | 2018-05-08 | 上海壹账通金融科技有限公司 | Leak detection method, device, computer equipment and storage medium |
| CN108537042A (en) * | 2018-04-04 | 2018-09-14 | 上海有云信息技术有限公司 | Self-defined plug-in unit generation method, device, equipment and storage medium |
| CN108920963A (en) * | 2018-07-23 | 2018-11-30 | 国网浙江省电力有限公司电力科学研究院 | A kind of industrial control system automation Hole Detection plug-in unit generation method and system |
| CN109522723A (en) * | 2018-11-14 | 2019-03-26 | 平安科技(深圳)有限公司 | POC scenario generation method, device, electronic equipment and storage medium |
| CN110135169A (en) * | 2019-05-21 | 2019-08-16 | 江苏亨通工控安全研究院有限公司 | Leak detection method and device |
-
2020
- 2020-03-04 CN CN202010143934.6A patent/CN111309311B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070113282A1 (en) * | 2005-11-17 | 2007-05-17 | Ross Robert F | Systems and methods for detecting and disabling malicious script code |
| US20160110547A1 (en) * | 2014-10-21 | 2016-04-21 | Veracode, Inc. | Systems and methods for analysis of cross-site scripting vulnerabilities |
| CN105991554A (en) * | 2015-02-04 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Vulnerability detection method and equipment |
| CN107145784A (en) * | 2017-05-04 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of method of vulnerability scanning, device and computer-readable medium |
| CN107454081A (en) * | 2017-08-07 | 2017-12-08 | 四川长虹电器股份有限公司 | The method for automatically generating POC scripts |
| CN108011898A (en) * | 2018-01-30 | 2018-05-08 | 上海壹账通金融科技有限公司 | Leak detection method, device, computer equipment and storage medium |
| CN108537042A (en) * | 2018-04-04 | 2018-09-14 | 上海有云信息技术有限公司 | Self-defined plug-in unit generation method, device, equipment and storage medium |
| CN108920963A (en) * | 2018-07-23 | 2018-11-30 | 国网浙江省电力有限公司电力科学研究院 | A kind of industrial control system automation Hole Detection plug-in unit generation method and system |
| CN109522723A (en) * | 2018-11-14 | 2019-03-26 | 平安科技(深圳)有限公司 | POC scenario generation method, device, electronic equipment and storage medium |
| CN110135169A (en) * | 2019-05-21 | 2019-08-16 | 江苏亨通工控安全研究院有限公司 | Leak detection method and device |
Non-Patent Citations (2)
| Title |
|---|
| 张嘉元;: "一种基于匹配的Android系统漏洞检测方法" * |
| 王晓艳;牟景华;: "网络漏洞扫描器的设计" * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111309311B (en) | 2023-04-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107783899B (en) | Method and device for testing H5 page in application program and computer equipment | |
| WO2015081841A1 (en) | Devices and methods for test scenario reproduction | |
| US10713437B2 (en) | Method and apparatus for identifying questionable line break characters in an application | |
| CN106203007B (en) | Code processing method and device and computing equipment | |
| CN110955409B (en) | Method and device for creating resources on cloud platform | |
| US11422917B2 (en) | Deriving software application dependency trees for white-box testing | |
| CN110941405A (en) | Kernel client log printing method, device, equipment and storage medium | |
| CN114035789A (en) | Log analysis template generation method, log analysis device and log analysis equipment | |
| CN105302700A (en) | Method and equipment for recording user operation on touch terminal | |
| CN111309311B (en) | Vulnerability detection tool generation method, device, equipment and readable storage medium | |
| CN116719736A (en) | Test case generation method and device for testing software interface | |
| CN112685072B (en) | Method, device, equipment and storage medium for generating communication address knowledge base | |
| CN110597724B (en) | Calling method and device of application security test component, server and storage medium | |
| US11030087B2 (en) | Systems and methods for automated invocation of accessibility validations in accessibility scripts | |
| CN109358972B (en) | Log management method and device of middleware client and computer system | |
| CN111151008A (en) | Game operation data verification method, device, configuration background and medium | |
| CN112748930A (en) | Compilation detection method, device, equipment and storage medium | |
| JP7302223B2 (en) | Script detection device, method and program | |
| CN111813757B (en) | Characteristic information storage method, device, equipment and readable storage medium | |
| CN117033318B (en) | Method and device for generating data to be tested, storage medium and electronic equipment | |
| CN114253867B (en) | Automatic testing method, device and system based on neural network model | |
| CN116860638A (en) | Vulnerability detection tool generation method, device, equipment and readable storage medium | |
| JP6818568B2 (en) | Communication device, communication specification difference extraction method and communication specification difference extraction program | |
| CN115757119A (en) | Method and device for determining cause of program crash | |
| CN115658519A (en) | Code testing method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |