CN111913826A - Android system vulnerability detection process control device and method and storage medium - Google Patents
Android system vulnerability detection process control device and method and storage medium Download PDFInfo
- Publication number
- CN111913826A CN111913826A CN202010829446.0A CN202010829446A CN111913826A CN 111913826 A CN111913826 A CN 111913826A CN 202010829446 A CN202010829446 A CN 202010829446A CN 111913826 A CN111913826 A CN 111913826A
- Authority
- CN
- China
- Prior art keywords
- android
- equipment
- vulnerability detection
- test
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 108
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000004886 process control Methods 0.000 title claims abstract description 34
- 238000012360 testing method Methods 0.000 claims abstract description 85
- 238000007689 inspection Methods 0.000 claims abstract description 10
- 238000011084 recovery Methods 0.000 claims abstract description 6
- 238000004891 communication Methods 0.000 claims description 29
- 230000002159 abnormal effect Effects 0.000 claims description 4
- 230000015556 catabolic process Effects 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000000060 site-specific infrared dichroism spectroscopy Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0793—Remedial or corrective actions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Computing Systems (AREA)
- Test And Diagnosis Of Digital Computers (AREA)
Abstract
The invention discloses a flow control device, a method and a storage medium for Android system vulnerability detection, and the scheme comprises the following steps: the Android inspection system comprises a process control system and a vulnerability detection system, wherein the process control system runs in inspection control equipment, the vulnerability detection system runs on Android equipment to be inspected, and wired data connection is carried out between the inspection control equipment and the Android equipment to be inspected through a USB data line; the process control system sends a control instruction to the Android equipment to be checked through the adb process, controls a vulnerability detection system in the Android equipment to be checked to operate to detect the Android system vulnerability, and obtains the operation state of the Android equipment. The scheme provided by the invention can effectively control the testing process of the Android system vulnerability, can ensure the normal recovery of the testing scene when the vulnerability is stuck or restarted in the vulnerability testing process, and can solve the problem that the testing scene cannot be automatically recovered when the equipment crashes in the current Android system vulnerability detection scheme.
Description
Technical Field
The invention belongs to the field of network security, and relates to a control scheme for Android system vulnerability detection.
Background
The existing Android system vulnerability detection scheme has the problem that the system continues to be tested after being crashed in the testing process cannot be solved in the actual application process.
Specifically, there are two existing detection schemes:
the first method is that vulnerability detection is carried out in a shell environment on Android detection equipment; once the system is crashed, the detection scheme cannot automatically recover the test environment and needs manual intervention;
the second method is that the Android equipment is controlled to test in a wireless connection mode; the detection scheme is based on wireless connection, and because the wireless connection is very unstable, network states such as IP change and SSID switching can be lost after restarting on a plurality of terminal devices, and the test environment cannot be automatically restored under the scene.
Moreover, in the vulnerability detection, if the vulnerability detection is performed by a PoC or Exp method, system crash often occurs, and the existing Android system vulnerability detection method is not enough to cover the detection scene.
Disclosure of Invention
Aiming at the problems of the existing Android system vulnerability detection scheme, a new Android system vulnerability detection scheme is needed.
Therefore, the invention aims to provide a flow control device for Android system vulnerability detection, which can solve the problems that the existing detection scheme cannot automatically recover a test environment after a system is crashed and cannot continue to test; accordingly, the present invention further provides a method for controlling the inspection process and a storage medium.
In order to achieve the above object, the flow control device for Android system vulnerability detection provided by the present invention includes: the Android inspection system comprises a process control system and a vulnerability detection system, wherein the process control system runs in inspection control equipment, the vulnerability detection system runs on Android equipment to be inspected, and wired data connection is carried out between the inspection control equipment and the Android equipment to be inspected through a USB data line; the method comprises the steps that a flow control system sends a control instruction to Android equipment to be inspected through an adb process, a vulnerability detection system in the Android equipment to be inspected is controlled to operate to carry out Android system vulnerability detection, the operation state of the Android equipment is obtained, a detection control device operating with the flow control system controls a test flow of the Android equipment to be inspected through socket communication connection, and a test scene is recovered under the condition of abnormity.
Furthermore, the process control system module comprises a communication module, an equipment control module and a process control module; the communication module is used for communicating with a vulnerability detection system running in the Android equipment to be detected, sending a test instruction and acquiring feedback information; the device control module is used for acquiring the state of the Android device to be checked and issuing an instruction; the process control module is used for completing the whole vulnerability detection process.
Further, when the Android device to be tested is stuck or the state is abnormal in the test process, the flow control module firstly records the current test state, then tries to restart the Android device to be tested through the adb command, and after the device is restarted, pulls up the detection APP again through the adb command, and reestablishes the socket communication recovery test scene.
Further, the vulnerability detection system comprises a communication module and a vulnerability testing module; the communication module is used for performing data communication on a process control system running in the detection control equipment; the vulnerability testing module is used for carrying out vulnerability detection on an Android system carried by the Android equipment to be tested.
Furthermore, the vulnerability testing module can be dynamically loaded and provides a uniform API interface for a calling party to call.
In order to achieve the above object, the method for controlling the Android system vulnerability detection process provided by the invention comprises the following steps:
in the vulnerability detection process, the detection control equipment acquires the running state of the Android equipment to be detected in real time;
if the Android device to be inspected crashes due to the test, the Android device to be inspected is tried to be restarted through the detection control device; if the Android equipment to be inspected is restarted due to test breakdown, continuously monitoring the Android equipment to be inspected through the detection control device, and waiting for the Android equipment to be inspected to be restarted;
and after the Android equipment to be tested is restarted, recovering the test environment through the detection control equipment, and continuing the test.
Further, when the test environment is recovered, the method includes the steps that firstly, whether the Android equipment to be detected is restarted or not is checked through an adb command by the detection control equipment, after the Android equipment is restarted, a test APP on the Android equipment to be detected is pulled up through the adb command, after the APP is started, the detection control equipment and the APP establish socket communication, finally, the detection control equipment recovers the test state before the Android equipment is restarted, and subsequent tests are continued.
In order to achieve the above object, the present invention provides a storage medium including a stored program that executes the above flow control method.
The scheme provided by the invention can effectively control the testing process of the Android system vulnerability, can ensure the normal recovery of the testing scene when the vulnerability is stuck or restarted in the vulnerability testing process, and can solve the problem that the testing scene cannot be automatically recovered when the equipment crashes in the current Android system vulnerability detection scheme.
Moreover, the scheme provided by the invention can be suitable for various existing Android system vulnerability detection schemes, and is high in practicability.
Drawings
The invention is further described below in conjunction with the appended drawings and the detailed description.
FIG. 1 is a view showing an exemplary configuration of a flow control apparatus according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating an example of a process control system according to an embodiment of the present invention;
fig. 3 is a diagram illustrating an exemplary configuration of a vulnerability detection system in an embodiment of the present invention.
Detailed Description
In order to make the technical means, the creation characteristics, the achievement purposes and the effects of the invention easy to understand, the invention is further explained below by combining the specific drawings.
According to the Android system vulnerability detection method and device, aiming at the characteristics and problems of Android system vulnerability detection, the Android system vulnerability detection process control device is provided, so that the test environment is automatically recovered after the Android system to be detected crashes, continuous testing is realized, and the detection reliability is guaranteed.
Referring to fig. 1, a composition example of a flow control device for Android system vulnerability detection according to the present disclosure is described.
As can be seen from the figure, the flow control device 100 for Android system vulnerability detection provided in the present embodiment is mainly formed by matching a flow control system 110 and a vulnerability detection system 120, where the flow control system 110 operates in a detection control device 130, the vulnerability detection system 120 operates on an Android device 200 to be tested, and meanwhile, the detection control device 130 and the Android device 200 to be tested are in wired data connection through a USB data line 140. The state of the Android equipment to be detected can be accurately judged by carrying out wired connection through the USB data line relative to a wireless connection mode, when the equipment is disconnected, whether the terminal is jammed or restarted can be accurately judged, whether follow-up testing is possible to be carried out or not can be carried out, and a very clear strategy is adopted for the state of the equipment. If the wireless connection is carried out, if the wireless connection is disconnected, whether the terminal is jammed or restarted cannot be judged only by the disconnected state, and whether follow-up tests can be carried out or not is possible.
The specific configuration of the detection control device 130 herein may be determined according to actual requirements, and may be a PC, a PAD, and the like.
In the scheme formed in this way, the process control system 110 sends a control instruction to the Android device 200 to be checked through the adb process, controls the vulnerability detection system 120 in the Android device 200 to be checked to operate to perform Android system vulnerability detection, and obtains an operating state of the Android device 200 to be checked.
For the Android device 200 to be inspected having an adb process, the detection control device 130 running with the process control system 110 may issue a corresponding control instruction to the Android device 200 to be inspected through the adb process via the USB data line 140, where the control instruction includes a plurality of commands for restarting the Android device and acquiring a device state.
Furthermore, the detection control device 130 running with the process control system 110 may also control the Android device 200 to be checked through an adb process, or obtain information such as a state of the Android device 200 to be checked.
On this basis, when the Android device 200 to be inspected is jammed or restarted in the vulnerability testing process, the detection control device 130 running with the process control system 110 acquires the state of the Android device 200 to be inspected in real time through the USB connection and the adb process. The states here include: and (4) normally testing, blocking, restarting and completing the restart.
Meanwhile, the detection control device 130 running with the process control system 110 may also issue different instructions according to different states of the Android device 200 to be inspected, and the detection control device 130 running with the process control system 110 realizes that the control of the test process is always maintained, thereby ensuring normal recovery of the test scene.
The detection control equipment 130 running with the process control system 110 and the Android equipment 200 to be detected establish communication through a socket; if the Android equipment to be tested is blocked in the vulnerability testing process, the packet return can not be received; if the Android device is restarted, socket communication is directly disconnected, accordingly, the detection control device 130 accurately controls the testing process of the Android device in the whole process, and the testing scene is guaranteed to be recovered under the condition that the Android device is abnormal.
Therefore, the flow control device provided by the scheme can effectively solve the problem that the test scene cannot be automatically recovered when the equipment is crashed in the current Android system vulnerability detection scheme.
Referring to fig. 2, in a specific implementation of the present invention, the process control system 110 includes a communication module 111, an equipment control module 112, and a process control module 113.
The communication module 111 is used for operating on the Android device 200 to be checked. The vulnerability detection system 120 communicates, sends test instructions, obtains test results, and the like.
The device control module 112 is configured to obtain a state of the Android device 200 to be checked, and issue an instruction to the Android device 200 to be checked.
The flow control module 113 is responsible for controlling the whole vulnerability detection process. When the Android device to be tested is stuck or the state is abnormal in the testing process, the process control module 113 firstly records the current testing state, then tries to restart the Android device to be tested through the adb command, restarts the detection APP through the adb command after the device is restarted, and reestablishes the socket communication recovery testing scene. If the control equipment cannot be restarted in detection, and the Android equipment to be detected is stuck all the time, a warning needs to be popped up to prompt a tester to perform manual intervention.
Referring to fig. 3, in a specific implementation of the present disclosure, the vulnerability detection system 120 includes a communication module 121 and a vulnerability testing module 122.
The communication module 121 is configured to establish a communication connection with the communication module 111 in the process control system 110 running in the detection control device 130.
The vulnerability testing module 122 is used for detecting vulnerabilities of an Android system carried by the Android device to be tested.
For example, the vulnerability testing module 122 may be presented in the form of a dynamic loading module during specific implementation, and provide a uniform API interface for a caller to call, thereby implementing corresponding vulnerability testing.
The system device can be embodied in the form of a corresponding software program and can be stored in a corresponding storage medium, and the configuration form of the storage medium is not limited herein.
The implementation process of the above scheme is further described by specific application examples.
Constructing a corresponding flow control device based on the scheme, and installing the vulnerability detection system 120 on the Android device 200 to be tested; the flow control system 110 is installed in a PC device as a detection control device.
After the preparation work is finished, when the test control is carried out, the whole process is as follows:
firstly, Android equipment and PC equipment are connected through a USB line, and the PC equipment establishes communication connection with the Android equipment to be checked through the USB.
And then, starting vulnerability testing through the communication modules at the two ends, and firstly, obtaining basic information of the Android equipment to be tested, such as an Android version number, a kernel version number, equipment chip information and the like, by the detection control equipment through an adb command. Preparing a vulnerability detection module to be tested through basic equipment information; then, the vulnerability detection module is pushed to the Android equipment to be detected through the detection control equipment; and finally, loading a vulnerability detection module by the Android equipment to perform actual vulnerability detection.
Then, if the Android device to be checked crashes due to the test, the PC device tries to restart the Android device. When the PC equipment tries to restart the Android equipment, the PC equipment firstly checks whether an adb command is available, if so, the equipment is restarted through the adb command, and whether the equipment is restarted is judged by continuously detecting the state of the adb; if the device is unavailable, the device is jammed or is restarted, the restart is tried by an adb command for a period of time, if the restart is waited for, a prompt needs to be popped up, and manual intervention of a tester is needed.
And then, if the Android device is restarted due to the test breakdown, the PC device continuously monitors the Android device and waits for the Android device to be restarted. During implementation, the PC device monitors the adb connection condition with the Android device through an adb command, and after the adb connection, checks the sys.
And then, after the Android equipment is restarted, the PC side control software recovers the test environment and continues to test. When the test environment is recovered, the PC side control software pulls up the test app again through the adb command, and establishes socket communication with the app again.
And finally, finishing the whole testing process, cleaning the testing environment by a process control system in the PC terminal, deleting the vulnerability detection module on the Android device, disconnecting socket communication, deleting the testing app and the like, and disconnecting the connection.
Therefore, the Android system vulnerability detection device provided by the scheme can effectively solve the problem that the existing Android system vulnerability detection scheme cannot automatically recover the test environment after the system crashes and cannot continue to test.
Finally, it should be noted that the above-mentioned method of the present invention, or specific system units, or some of the above-mentioned units, are purely software structures, and can be distributed on a physical medium such as a hard disk, an optical disk, or any electronic device (such as a smart phone, a computer readable storage medium) through a program code, and when the program code is loaded and executed by a machine (such as a smart phone), the machine becomes an apparatus for implementing the present invention. The methods and apparatus of the present invention may also be embodied in the form of program code transmitted over some transmission medium, such as electrical cable, fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as a smart phone, the machine becomes an apparatus for practicing the invention.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (8)
- The Android system vulnerability detection process control device is characterized by comprising the following steps: the Android inspection system comprises a process control system and a vulnerability detection system, wherein the process control system runs in inspection control equipment, the vulnerability detection system runs on Android equipment to be inspected, and wired data connection is carried out between the inspection control equipment and the Android equipment to be inspected through a USB data line; the method comprises the steps that a flow control system sends a control instruction to Android equipment to be inspected through an adb process, a vulnerability detection system in the Android equipment to be inspected is controlled to operate to carry out Android system vulnerability detection, the operation state of the Android equipment is obtained, a detection control device operating with the flow control system controls a test flow of the Android equipment to be inspected through socket communication connection, and a test scene is recovered under the condition of abnormity.
- 2. The flow control device for Android system vulnerability detection according to claim 1, wherein the flow control system module comprises a communication module, an equipment control module, and a flow control module; the communication module is used for communicating with a vulnerability detection system running in the Android equipment to be detected, sending a test instruction and acquiring feedback information; the device control module is used for acquiring the state of the Android device to be checked and issuing an instruction; the process control module is used for completing the whole vulnerability detection process.
- 3. The flow control device for Android system vulnerability detection according to claim 2, wherein when the Android device to be detected is stuck or has an abnormal state during a test process, the flow control module firstly records the current test state, then tries to restart the Android device to be detected through an adb command, and after the device is restarted, pulls up the detection APP again through the adb command, and reestablishes a socket communication recovery test scenario.
- 4. The Android system vulnerability detection process control apparatus of claim 1, wherein the vulnerability detection system comprises a communication module and a vulnerability testing module; the communication module is used for performing data communication on a process control system running in the detection control equipment; the vulnerability testing module is used for carrying out vulnerability detection on an Android system carried by the Android equipment to be tested.
- 5. The Android system vulnerability detection flow control apparatus of claim 4, wherein the vulnerability testing module can be dynamically loaded and provides a uniform API interface for a calling party to call.
- The Android system vulnerability detection process control method is characterized by comprising the following steps:in the vulnerability detection process, the detection control equipment acquires the running state of the Android equipment to be detected in real time;if the Android device to be inspected crashes due to the test, the Android device to be inspected is tried to be restarted through the detection control device; if the Android equipment to be inspected is restarted due to test breakdown, continuously monitoring the Android equipment to be inspected through the detection control device, and waiting for the Android equipment to be inspected to be restarted;and after the Android equipment to be tested is restarted, recovering the test environment through the detection control equipment, and continuing the test.
- 7. The Android system vulnerability detection process control method according to claim 6, characterized in that when the test environment is recovered, the test control device first checks whether the current Android device to be detected is restarted through an adb command, after the Android device is restarted, the test APP on the Android device to be detected is pulled up through the adb command, after the APP is started, the test control device and the APP establish socket communication, and finally the test control device recovers the test state before the Android device is restarted, and continues to perform subsequent tests.
- 8. Storage medium including a stored program, wherein the program executes the process control method for Android system vulnerability detection according to any one of claims 6 and 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010829446.0A CN111913826A (en) | 2020-08-18 | 2020-08-18 | Android system vulnerability detection process control device and method and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010829446.0A CN111913826A (en) | 2020-08-18 | 2020-08-18 | Android system vulnerability detection process control device and method and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111913826A true CN111913826A (en) | 2020-11-10 |
Family
ID=73279051
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010829446.0A Pending CN111913826A (en) | 2020-08-18 | 2020-08-18 | Android system vulnerability detection process control device and method and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111913826A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105302726A (en) * | 2015-11-13 | 2016-02-03 | 浪潮电子信息产业股份有限公司 | Test method and device |
| CN106294149A (en) * | 2016-08-09 | 2017-01-04 | 北京邮电大学 | A kind of method detecting Android application component communication leak |
| CN110390199A (en) * | 2018-04-20 | 2019-10-29 | 上海巍擎信息技术有限责任公司 | Android system leak detection method, device, computer equipment and storage medium |
-
2020
- 2020-08-18 CN CN202010829446.0A patent/CN111913826A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105302726A (en) * | 2015-11-13 | 2016-02-03 | 浪潮电子信息产业股份有限公司 | Test method and device |
| CN106294149A (en) * | 2016-08-09 | 2017-01-04 | 北京邮电大学 | A kind of method detecting Android application component communication leak |
| CN110390199A (en) * | 2018-04-20 | 2019-10-29 | 上海巍擎信息技术有限责任公司 | Android system leak detection method, device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110838953B (en) | Test method, test system, electronic equipment and storage medium | |
| CN103731663B (en) | The testing method of a kind of intelligent television and device | |
| KR20080000476A (en) | System and method for debugging | |
| CN109766197B (en) | 4G module stable working method based on Android system | |
| CN101207519A (en) | Version server, operation maintenance unit and method for restoring failure | |
| CN111866083A (en) | Equipment debugging system and method, equipment to be debugged, remote debugging equipment and transfer server | |
| CN104750537B (en) | Method and device for executing test case | |
| CN110618853B (en) | Detection method, device and equipment for zombie container | |
| CN111782522A (en) | Output method of trace message, electronic device and storage medium | |
| CN107105100B (en) | Method and system for monitoring mobile terminal game | |
| CN109597389B (en) | Test system of embedded control system | |
| CN111880992B (en) | Monitoring and maintaining method for controller state in storage device | |
| CN113392028A (en) | Distributed test system and control method | |
| CN111913826A (en) | Android system vulnerability detection process control device and method and storage medium | |
| CN112015587B (en) | Method and device for enhancing reliability of operating system | |
| CN104346239A (en) | Method and device for recovering anomaly of application program in embedded system | |
| CN103139036A (en) | Electronic equipment and information processing method thereof | |
| CN105824622A (en) | Data processing method and electronic equipment | |
| CN113300913B (en) | Equipment testing method and device, testing equipment and storage medium | |
| CN103235728B (en) | The installation method of preset third-party application and device in Android terminal | |
| CN111382016A (en) | Method and device for connecting test terminal and computer | |
| CN111767242B (en) | PCIE equipment control method and device, computer equipment and storage medium | |
| CN111209143B (en) | Recovery method and device of embedded system, embedded device and storage medium | |
| CN110572292B (en) | High availability system and method based on unidirectional transmission link | |
| CN111782515A (en) | Web application state detection method and device, server and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |