CN112507344A - Vulnerability detection method and device, electronic equipment and computer readable storage medium - Google Patents
Vulnerability detection method and device, electronic equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN112507344A CN112507344A CN202011460526.XA CN202011460526A CN112507344A CN 112507344 A CN112507344 A CN 112507344A CN 202011460526 A CN202011460526 A CN 202011460526A CN 112507344 A CN112507344 A CN 112507344A
- Authority
- CN
- China
- Prior art keywords
- detection
- program
- vulnerability
- equipment
- port
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 116
- 238000012360 testing method Methods 0.000 claims description 23
- 230000006870 function Effects 0.000 claims description 16
- 238000000034 method Methods 0.000 claims description 14
- 238000004891 communication Methods 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 8
- 238000012795 verification Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The application provides a vulnerability detection method, a vulnerability detection device, electronic equipment and a computer readable storage medium, wherein a target port in an open state is determined by scanning a plurality of ports of equipment to be detected, and then a corresponding target detection program is obtained from a plurality of prestored detection programs according to port information of the target port, wherein the target detection program is a vulnerability concept verification POC program. And finally, detecting whether the equipment to be detected has a system bug or not by operating the target detection program. In the scheme, the port is scanned and the corresponding vulnerability concept verification program is operated to detect whether the equipment has the system vulnerability or not, so that the vulnerability condition on the system level can be successfully detected, and the subsequent attacked phenomenon caused by the vulnerability on the system level of the equipment is avoided.
Description
Technical Field
The present application relates to the field of system security technologies, and in particular, to a vulnerability detection method, apparatus, electronic device, and computer-readable storage medium.
Background
In a network system scenario, for example, a system scenario composed of a plurality of networking devices such as a smart phone or an internet of things device, there is a malicious network, that is, a phenomenon that the networking devices in the network contain one or more malicious programs. An attacker can manipulate the network with relevant commands or control software to perform various malicious activities that require extensive automation.
With the progress of science and technology and the development of network technology, various intelligent devices are more and more popular in daily life of a family, but the existing security problem is more and more prominent. If so, the attacker can cause the intelligent device to be incapable of being used normally, and if so, the intelligent device may be accessed into the malicious network, or the attacked intelligent device is used as a springboard to control other intelligent devices, such as a router, a camera and the like. Therefore, it is important to detect leaks in smart devices. In the prior art, it is generally adopted to detect whether malicious software or a malicious program is installed in an intelligent device to determine whether a vulnerability exists in the intelligent device. However, this method can only detect whether there is a bug from the software level, and if it is due to a system writing error or other system level problems, it will not be able to detect successfully.
Disclosure of Invention
The present application provides a vulnerability detection method, apparatus, electronic device and computer readable storage medium, which can successfully detect a vulnerability condition on a system level to avoid subsequent attacks of the device due to the vulnerability on the system level.
The embodiment of the application can be realized as follows:
in a first aspect, the present application provides a vulnerability detection method, including:
scanning a plurality of ports of equipment to be tested, and determining a target port in an open state in the plurality of ports;
acquiring a corresponding target detection program in a plurality of prestored detection programs according to the port information of the target port, wherein the target detection program is a POC (point of sale) program for verifying the concept of the vulnerability;
and running the target detection program to detect whether the equipment to be detected has a system bug.
In an alternative embodiment, the method further comprises:
detecting whether a set program exists in the equipment to be detected, wherein the set program is a network debugging function adb program;
and when the set program exists in the equipment to be tested, acquiring the working state of the set program.
In an alternative embodiment, the method further comprises:
and generating a detection report according to the port information of the target port, the obtained detection result and the working state, wherein the format of the detection report is a hypertext markup language (HTML) format.
In an optional embodiment, the step of scanning a plurality of ports of a device under test and determining a target port in an open state in the plurality of ports includes:
for each port in a plurality of ports of the equipment to be tested, running a pre-compiled connecting program to connect the ports;
and if the port is successfully connected within the set connection duration, determining that the port is a target port in an open state.
In an optional implementation manner, the step of running the target detection program to detect whether the device under test has a system bug includes:
running the target detection program through a pre-stored detection tool to obtain a running result;
if the operation result represents that the operation is successful, determining that the equipment to be detected has a system bug corresponding to the detection program;
and if the operation result represents that the operation fails, determining that the equipment to be detected does not have a system bug corresponding to the detection program.
In an optional embodiment, the step of obtaining an operation result by operating the target detection program through a pre-stored detection tool includes:
setting a vulnerability detection type and a vulnerability detection mode;
and running the target detection program through a pre-stored detection tool under the vulnerability detection type and the vulnerability detection mode to obtain a corresponding running result.
In an optional implementation manner, the step of determining the working state of the setting program when the setting program exists in the device under test includes:
adding the IP address of the equipment to be tested to a prestored connecting tool with the set program;
and operating the connecting tool to detect whether the connecting tool is successfully connected to the equipment to be tested, and if the connecting tool is successfully connected to the equipment to be tested, determining the working state of the set program to be the operating state.
In a second aspect, the present application provides a vulnerability detection apparatus, the apparatus comprising:
the device comprises a scanning module, a processing module and a processing module, wherein the scanning module is used for scanning a plurality of ports of equipment to be tested and determining a target port in an open state in the plurality of ports;
the acquisition module is used for acquiring a corresponding target detection program from a plurality of pre-stored detection programs according to the port information of the target port;
and the detection module is used for operating the target detection program to detect whether the equipment to be detected has a system bug.
In a third aspect, the present application provides an electronic device, including one or more storage media and one or more processors in communication with the storage media, where the one or more storage media store machine-executable instructions executable by the processors, and when the electronic device runs, the processors execute the machine-executable instructions to perform the vulnerability detection method according to any of the foregoing embodiments.
In a fourth aspect, the present application provides a computer-readable storage medium storing machine-executable instructions that, when executed, implement the vulnerability detection method of any of the preceding embodiments.
The beneficial effects of the embodiment of the application include, for example:
the embodiment of the application provides a vulnerability detection method, a vulnerability detection device, electronic equipment and a computer-readable storage medium, wherein a target port in an open state is determined by scanning a plurality of ports of equipment to be detected, and then a corresponding target detection program is obtained in a plurality of pre-stored detection programs according to port information of the target port, wherein the target detection program is a vulnerability concept verification POC program. And finally, detecting whether the equipment to be detected has a system bug or not by operating the target detection program. In the scheme, the port is scanned and the corresponding vulnerability concept verification program is operated to detect whether the equipment has the system vulnerability or not, so that the vulnerability condition on the system level can be successfully detected, and the subsequent attacked phenomenon caused by the vulnerability on the system level of the equipment is avoided.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a block diagram of an electronic device according to an embodiment of the present disclosure;
fig. 2 is a flowchart of a vulnerability detection method provided in an embodiment of the present application;
fig. 3 is a flowchart of a target port determination method in the vulnerability detection method provided in the embodiment of the present application;
fig. 4 is a flowchart of a system vulnerability determination method in the vulnerability detection method provided in the embodiment of the present application;
fig. 5 is another flowchart of a vulnerability detection method provided in the present embodiment;
fig. 6 is a flowchart of a set program operating state detection method in the vulnerability detection method provided in the embodiment of the present application;
fig. 7 is a functional block diagram of a vulnerability detection apparatus according to an embodiment of the present application.
Icon: 110-vulnerability detection means; 111-a scanning module; 112-an obtaining module; 113-a detection module; 120-a memory; 130-a processor; 140-a communication unit.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
In the description of the present application, it should be noted that the features in the embodiments of the present application may be combined with each other without conflict.
Referring to fig. 1, an electronic device according to an embodiment of the present disclosure includes a vulnerability detection apparatus 110, a memory 120, a processor 130, and a communication unit 140.
The elements of the memory 120, the processor 130 and the communication unit 140 are electrically connected to each other directly or indirectly to realize the transmission or interaction of information. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The memory 120 stores software functional modules stored in the memory 120 in the form of software or Firmware (Firmware), and the processor 130 executes various functional applications and data processing by running software programs and modules stored in the memory 120, such as the vulnerability detection apparatus 110 in the embodiment of the present application, so as to implement the vulnerability detection method in the embodiment of the present application.
The Memory 120 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like. The memory 120 is used for storing a program, and the processor 130 executes the program after receiving the execution instruction. The communication unit 140 is used for establishing communication between the electronic device and other external devices.
The processor 130 may be an integrated circuit chip having signal processing capabilities. The Processor 130 may be a general-purpose Processor including a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), a Network Processor (NP), and the like. But may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor 130 may be any conventional processor or the like.
In this embodiment, the electronic device may be, for example, a computer device, and may be configured to perform vulnerability detection on a device to be tested, where the device to be tested may be an intelligent home, such as an intelligent door lock, an intelligent television, and an intelligent refrigerator. Therefore, the electronic device may be a computer device or the like independent of the device under test, or may be a device embedded in the device under test for performing vulnerability detection on the device under test. In the present embodiment, the physical form of the electronic device is not particularly limited.
Fig. 2 shows a schematic flow chart of the vulnerability detection method provided in the embodiment of the present application, and the vulnerability detection method provided in the present application can be applied to the electronic device and implemented by the electronic device. It should be understood that, in other embodiments, the order of some steps in the vulnerability detection method described in this embodiment may be interchanged according to actual needs, or some steps may be omitted or deleted. The detailed steps of the vulnerability detection method are introduced as follows.
Step S110, scanning a plurality of ports of the device under test, and determining a target port in an open state among the plurality of ports.
Step S120, obtaining a corresponding target detection program from a plurality of pre-stored detection programs according to the port information of the target port, wherein the target detection program is a POC program for vulnerability concept verification.
Step S130, running the target detection program to detect whether the device under test has a system bug.
In this embodiment, the device to be tested may be the above-mentioned multiple types of smart homes, and in this embodiment, it is considered that if the smart television is attacked, an attacker may play malicious audio and video data through the smart television, so that a great deal of adverse effects are generated. Therefore, in the present embodiment, the following description will be given by taking the smart phone as an example.
Considering from the system level of the device under test, considering that the port of the device under test in the open state is easily attacked, in this embodiment, the multiple ports of the device under test are first scanned to determine the target port in the open state.
The ports of the device under test may include, for example, a tcp (transmission Control protocol) port, a udp (user data protocol) port, and other types of ports. Since the TCP port and the UDP port have the characteristics of being remotely controlled, the states of the TCP port and the UDP port of the device to be tested can be heavily scanned during scanning.
Optionally, in this embodiment, Python3 may be used as a programming language to scan each port of the device under test, and after determining the target port in the open state, the port information of the target port may be recorded and stored.
In this embodiment, a database in the electronic device is pre-stored with a plurality Of detection programs, and each detection program is a Proof Of Concept (POC) program. Each detection program corresponds to each port, and different detection programs can be used for detecting the vulnerability condition caused by different ports. Therefore, after the target port is determined, the corresponding target detection program can be obtained from the plurality of pre-stored detection programs according to the port information of the target port. And then, whether the equipment to be detected has a system bug is detected by operating a target detection program.
According to the vulnerability scanning scheme provided by the embodiment, whether the equipment has the system vulnerability or not is detected by scanning the port and operating the corresponding vulnerability concept verification program, so that the vulnerability condition on the system level can be successfully detected, and the subsequent phenomenon that the equipment is attacked due to the vulnerability on the system level is avoided.
When the port scan of the device to be tested is performed, please refer to fig. 3, which can be implemented in the following manner:
step S111, for each of the plurality of ports of the device under test, running a pre-compiled connection program to connect the ports.
Step S112, if the port is successfully connected within the set connection duration, determining that the port is a target port in an open state.
In this embodiment, the electronic device may initiate connection to the port of the device to be tested to detect whether the corresponding port is in an open state. The set connection time period may be, for example, 1 second or 2 seconds, and is not particularly limited. If the port is successfully connected within the set connection duration, the port is in an open state. If the port is not successfully connected or some other error message is returned, the port may be considered not to be open.
In this embodiment, the pseudo code for implementing the scanning process of the TCP port of the device to be tested may be as follows:
in this embodiment, the pseudo code for implementing the scanning process of the UDP port of the device under test may be as follows:
in addition, in this embodiment, when the searched target detection program is run to detect whether a system bug exists in the device to be detected, the following method may be implemented, please refer to fig. 4:
and S131, operating the target detection program through a pre-stored detection tool to obtain an operation result.
Step S132, if the operation result represents that the operation is successful, determining that the equipment to be detected has a system bug corresponding to the detection program.
Step S133, if the operation result represents that the operation fails, determining that the equipment to be tested does not have a system bug corresponding to the detection program.
In this embodiment, the detection tool may be an open source detection tool corresponding to the target detection program. And judging whether the equipment to be detected has a known bug or not according to the returned operation result by operating the target detection program.
Further, in this embodiment, when the target detection program is run, a vulnerability detection type and a vulnerability detection mode may be set first, and then the target detection program is run through a pre-stored detection tool under the vulnerability detection type and the vulnerability detection mode to obtain a corresponding running result. Therefore, whether the system vulnerability of the corresponding type exists or not can be detected in the set vulnerability detection mode.
On the basis, it is considered that the device to be tested is generally provided with a network debugging function (Android Debug Bridge, adb) program. Adb is a client-server program that Adb commands can be used to perform various device operations, such as installing and debugging applications, and provide access to Unix shells (which can be used to run various commands on the device). That is, the adb on the device can directly obtain the shell authority of the device, and can optionally install the application program without allowing the user to perform the operation of playing malicious video and audio data.
Normally, the adb on the device should be in an off state, otherwise, the device is at risk of being attacked. Based on this consideration, referring to fig. 5, the vulnerability detection method provided by the embodiment further includes the following steps:
step S140, detecting whether a setting program exists in the device to be tested, where the setting program is a network debug function adb program.
Step S150, when the setting program exists in the equipment to be tested, the working state of the setting program is obtained.
In this embodiment, the adb function is generally set to a default off state when the device leaves a factory, but in the use process of the device, the adb function may be turned on and in an operating state due to other reasons. Therefore, in this embodiment, the adb program exists in the device to be tested, and the working state of the adb program is detected, so that when the working state of the adb program is the running state, the user is notified to prompt the user to close the device.
When determining the working state of the adb program, please refer to fig. 6, which can be implemented as follows:
and step S151, adding the IP address of the device to be tested to a prestored connection tool with the set program.
Step S152, operating the connection tool to detect whether the connection tool is successfully connected to the device to be tested, and if the connection tool is successfully connected to the device to be tested, determining that the working state of the set program is an operating state.
In this embodiment, a connection tool for detecting the adb function of the open source may be obtained, and an IP address of the device to be tested may be obtained. The IP address of the device under test is added to the connection tool, which is run to detect whether a successful connection to the device under test is possible. If the connection can be successfully made, it indicates that the adb function on the device under test is in an operating state. At this time, in order to avoid the subsequent device under test from being attacked, the detection result may be generated to prompt the user.
In this embodiment, after the target port in the open state is obtained, the detection result of the system bug is obtained, and the working state of the adb function on the device to be tested is determined, a detection report may be generated according to the port information of the target port, the obtained detection result, and the working state, and the format of the detection report may be a hypertext markup language HTML format. Thus, the generated detection report can be provided to the user or the manufacturer for reference.
The hypertext markup language is a language for describing a document structure and expression form by using a markup, and the result is displayed on a web page after being parsed by a browser. The report in the format of the hypertext markup language is not complex to manufacture, but has strong functions, and supports the file embedding of different data formats. And moreover, a super-collection mode is adopted, so that the method is more flexible and convenient and has strong simplicity. In addition, the hypertext markup language can also have other enhanced functions, such as adding identifiers and the like, so as to facilitate the production of the detection report.
In this embodiment, by scanning the port of the device to be detected, the exposed target port that is easily attacked and is in the open state is determined, and on the basis, the corresponding POC detection program is searched from the database, and the detection program is run to detect whether the device to be detected has a system bug. According to the scheme, vulnerability detection is carried out from a system level, and omission existing in the prior art that detection is carried out only from a software level is avoided.
In addition, whether the adb function exists in the equipment to be tested is detected, and when the adb function exists, the working state of the adb function is determined. Therefore, when the working state of the adb function is the running state, prompt information can be generated in time to inform a user, and the risk that the equipment to be tested is subsequently attacked is avoided.
Fig. 7 is a block diagram of functional modules of a vulnerability detection apparatus 110 according to an embodiment of the present disclosure, which is applied to the electronic device. The apparatus comprises a scanning module 111, an obtaining module 112 and a detecting module 113.
The scanning module 111 is configured to scan multiple ports of a device under test, and determine a target port in an open state among the multiple ports.
In the present embodiment, the description of the scanning module 111 may refer to the detailed description of step S110 shown in fig. 2, that is, step S110 may be performed by the scanning module 111.
An obtaining module 112, configured to obtain a corresponding target detection program from a plurality of pre-stored detection programs according to the port information of the target port.
In the present embodiment, the description of the obtaining module 112 may refer to the detailed description of step S120 shown in fig. 2, that is, step S120 may be performed by the obtaining module 112.
The detection module 113 is configured to run the target detection program to detect whether a system bug exists in the device to be detected.
In the present embodiment, the description of the detection module 113 may refer to the detailed description of step S130 shown in fig. 2, that is, step S130 may be performed by the detection module 113.
In a possible implementation manner, the detection module 113 may be further configured to:
detecting whether a set program exists in the equipment to be detected, wherein the set program is a network debugging function adb program;
and when the set program exists in the equipment to be tested, acquiring the working state of the set program.
In a possible implementation manner, the detection module 113 may be specifically configured to determine the operating state of the setting program by:
adding the IP address of the equipment to be tested to a prestored connecting tool with the set program;
and operating the connecting tool to detect whether the connecting tool is successfully connected to the equipment to be tested, and if the connecting tool is successfully connected to the equipment to be tested, determining the working state of the set program to be the operating state.
In a possible implementation manner, the vulnerability detection apparatus 110 may further include a generation module, where the generation module may be configured to:
and generating a detection report according to the port information of the target port, the obtained detection result and the working state, wherein the format of the detection report is a hypertext markup language (HTML) format.
In a possible implementation manner, the scanning module 111 may specifically be configured to determine the target port by:
for each port in a plurality of ports of the equipment to be tested, running a pre-compiled connecting program to connect the ports;
and if the port is successfully connected within the set connection duration, determining that the port is a target port in an open state.
In a possible implementation manner, the detection module 113 may specifically be configured to detect whether a system bug exists by:
running the target detection program through a pre-stored detection tool to obtain a running result;
when the operation result represents that the operation is successful, determining that the equipment to be detected has a system bug corresponding to the detection program;
and when the operation result represents that the operation fails, determining that the equipment to be detected does not have a system bug corresponding to the detection program.
In a possible implementation manner, the detection module 113 may specifically be configured to:
setting a vulnerability detection type and a vulnerability detection mode;
and running the target detection program through a pre-stored detection tool under the vulnerability detection type and the vulnerability detection mode to obtain a corresponding running result.
For the parts not described in detail in the above description of the vulnerability detection apparatus 110, reference may be made to the relevant description of the vulnerability detection method in the above embodiments, which is not described herein again.
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by the processor 130, the steps of the vulnerability detection method are performed.
To sum up, the vulnerability detection method, the vulnerability detection device, the electronic device and the computer-readable storage medium provided by the embodiment of the application determine a target port in an open state by scanning a plurality of ports of a device to be detected, and then obtain a corresponding target detection program from a plurality of pre-stored detection programs according to port information of the target port, wherein the target detection program is a vulnerability concept verification POC program. And finally, detecting whether the equipment to be detected has a system bug or not by operating the target detection program. In the scheme, the port is scanned and the corresponding vulnerability concept verification program is operated to detect whether the equipment has the system vulnerability or not, so that the vulnerability condition on the system level can be successfully detected, and the subsequent attacked phenomenon caused by the vulnerability on the system level of the equipment is avoided.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A vulnerability detection method, the method comprising:
scanning a plurality of ports of equipment to be tested, and determining a target port in an open state in the plurality of ports;
acquiring a corresponding target detection program in a plurality of prestored detection programs according to the port information of the target port, wherein the target detection program is a POC (point of sale) program for verifying the concept of the vulnerability;
and running the target detection program to detect whether the equipment to be detected has a system bug.
2. The vulnerability detection method of claim 1, wherein the method further comprises:
detecting whether a set program exists in the equipment to be detected, wherein the set program is a network debugging function adb program;
and when the set program exists in the equipment to be tested, acquiring the working state of the set program.
3. The vulnerability detection method of claim 2, wherein the method further comprises:
and generating a detection report according to the port information of the target port, the obtained detection result and the working state, wherein the format of the detection report is a hypertext markup language (HTML) format.
4. The vulnerability detection method of claim 1, wherein the step of scanning a plurality of ports of a device under test and determining a target port in an open state among the plurality of ports comprises:
for each port in a plurality of ports of the equipment to be tested, running a pre-compiled connecting program to connect the ports;
and if the port is successfully connected within the set connection duration, determining that the port is a target port in an open state.
5. The vulnerability detection method according to claim 1, wherein the step of running the target detection program to detect whether the device under test has a system vulnerability comprises:
running the target detection program through a pre-stored detection tool to obtain a running result;
if the operation result represents that the operation is successful, determining that the equipment to be detected has a system bug corresponding to the detection program;
and if the operation result represents that the operation fails, determining that the equipment to be detected does not have a system bug corresponding to the detection program.
6. The vulnerability detection method of claim 5, wherein the step of running the target detection program through a pre-stored detection tool to obtain a running result comprises:
setting a vulnerability detection type and a vulnerability detection mode;
and running the target detection program through a pre-stored detection tool under the vulnerability detection type and the vulnerability detection mode to obtain a corresponding running result.
7. The vulnerability detection method according to claim 2, wherein the step of determining the working state of the set program when the set program exists in the device under test comprises:
adding the IP address of the equipment to be tested to a prestored connecting tool with the set program;
and operating the connecting tool to detect whether the connecting tool is successfully connected to the equipment to be tested, and if the connecting tool is successfully connected to the equipment to be tested, determining the working state of the set program to be the operating state.
8. A vulnerability detection apparatus, the apparatus comprising:
the device comprises a scanning module, a processing module and a processing module, wherein the scanning module is used for scanning a plurality of ports of equipment to be tested and determining a target port in an open state in the plurality of ports;
the acquisition module is used for acquiring a corresponding target detection program from a plurality of pre-stored detection programs according to the port information of the target port;
and the detection module is used for operating the target detection program to detect whether the equipment to be detected has a system bug.
9. An electronic device comprising one or more storage media and one or more processors in communication with the storage media, the one or more storage media storing processor-executable machine-executable instructions that, when executed by the electronic device, are executed by the processors to perform the vulnerability detection methods of any of claims 1-7.
10. A computer-readable storage medium having stored thereon machine-executable instructions which, when executed, implement the vulnerability detection method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011460526.XA CN112507344A (en) | 2020-12-11 | 2020-12-11 | Vulnerability detection method and device, electronic equipment and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011460526.XA CN112507344A (en) | 2020-12-11 | 2020-12-11 | Vulnerability detection method and device, electronic equipment and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112507344A true CN112507344A (en) | 2021-03-16 |
Family
ID=74972383
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011460526.XA Pending CN112507344A (en) | 2020-12-11 | 2020-12-11 | Vulnerability detection method and device, electronic equipment and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112507344A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113158195A (en) * | 2021-04-09 | 2021-07-23 | 上海碳泽信息科技有限公司 | Distributed vulnerability scanning method and system based on POC script |
| CN113420303A (en) * | 2021-07-14 | 2021-09-21 | 广东电网有限责任公司广州供电局 | Port scanning-based substation host security vulnerability detection method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819758A (en) * | 2017-11-03 | 2018-03-20 | 北京知道未来信息技术有限公司 | A kind of IP Camera leak remote detecting method and device |
| CN108833687A (en) * | 2018-05-29 | 2018-11-16 | 努比亚技术有限公司 | Terminal prot open method, terminal and computer readable storage medium |
| CN111010405A (en) * | 2019-12-30 | 2020-04-14 | 上海电子信息职业技术学院 | SaaS-based website security monitoring system |
| CN111382016A (en) * | 2018-12-28 | 2020-07-07 | 成都鼎桥通信技术有限公司 | Method and device for connecting test terminal and computer |
-
2020
- 2020-12-11 CN CN202011460526.XA patent/CN112507344A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819758A (en) * | 2017-11-03 | 2018-03-20 | 北京知道未来信息技术有限公司 | A kind of IP Camera leak remote detecting method and device |
| CN108833687A (en) * | 2018-05-29 | 2018-11-16 | 努比亚技术有限公司 | Terminal prot open method, terminal and computer readable storage medium |
| CN111382016A (en) * | 2018-12-28 | 2020-07-07 | 成都鼎桥通信技术有限公司 | Method and device for connecting test terminal and computer |
| CN111010405A (en) * | 2019-12-30 | 2020-04-14 | 上海电子信息职业技术学院 | SaaS-based website security monitoring system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113158195A (en) * | 2021-04-09 | 2021-07-23 | 上海碳泽信息科技有限公司 | Distributed vulnerability scanning method and system based on POC script |
| CN113158195B (en) * | 2021-04-09 | 2022-10-11 | 上海碳泽信息科技有限公司 | Distributed vulnerability scanning method and system based on POC script |
| CN113420303A (en) * | 2021-07-14 | 2021-09-21 | 广东电网有限责任公司广州供电局 | Port scanning-based substation host security vulnerability detection method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109255234B (en) | Processing method, device, medium and electronic equipment of machine learning model | |
| US9767290B2 (en) | Autonomous reasoning system for vulnerability analysis | |
| US20120191963A1 (en) | BIOS Updating System, BIOS Updating Method, and Related Computer Program Product | |
| CN112507344A (en) | Vulnerability detection method and device, electronic equipment and computer readable storage medium | |
| US20180075233A1 (en) | Systems and methods for agent-based detection of hacking attempts | |
| CN107483510B (en) | Method and device for improving attack detection accuracy of Web application layer | |
| US11055416B2 (en) | Detecting vulnerabilities in applications during execution | |
| JP5198154B2 (en) | Fault monitoring system, device, monitoring apparatus, and fault monitoring method | |
| CN109948338B (en) | Android application sensitive path triggering method based on static analysis | |
| CN106648762B (en) | Method and device for building development environment | |
| CN109657475A (en) | Code vulnerabilities check method, apparatus, equipment and storage medium | |
| CN110851352A (en) | Fuzzy test system and terminal equipment | |
| CN112685745A (en) | Firmware detection method, device, equipment and storage medium | |
| CN112016092A (en) | TPM (trusted platform Module) -server-based asset information multilayer protection device and method | |
| WO2015195125A1 (en) | Install runtime agent for security test | |
| Liu et al. | IFIZZ: Deep-state and efficient fault-scenario generation to test IoT firmware | |
| CN111428233A (en) | Security analysis method for embedded equipment firmware | |
| US10289510B1 (en) | Intelligent platform management interface functional fuzzer | |
| US20230315620A1 (en) | System and Method for Diagnosing a Computing Device in Safe Mode | |
| CN115051824B (en) | Vertical override detection method, system, equipment and storage medium | |
| CN113572826B (en) | Device information binding method and system and electronic device | |
| CN114297088A (en) | Method, device, equipment and medium for testing front end vue frame assembly | |
| CN113656291A (en) | Dynamic calling method for software script engine | |
| CN114253814A (en) | Game server pressure testing method and device | |
| CN113591141B (en) | Firmware mirror image file refreshing verification method, system and terminal based on fuzzy test |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |