CN113849817A - Method and device for detecting pollution vulnerability of JavaScript prototype chain - Google Patents
Method and device for detecting pollution vulnerability of JavaScript prototype chain Download PDFInfo
- Publication number
- CN113849817A CN113849817A CN202111003797.7A CN202111003797A CN113849817A CN 113849817 A CN113849817 A CN 113849817A CN 202111003797 A CN202111003797 A CN 202111003797A CN 113849817 A CN113849817 A CN 113849817A
- Authority
- CN
- China
- Prior art keywords
- function
- taint
- vulnerability
- javascript
- prototype chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012360 testing method Methods 0.000 claims abstract description 73
- 238000001514 detection method Methods 0.000 claims abstract description 27
- 238000005065 mining Methods 0.000 claims abstract description 18
- 230000006870 function Effects 0.000 claims description 107
- 238000011109 contamination Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 4
- 238000010276 construction Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 2
- 238000004458 analytical method Methods 0.000 abstract description 10
- 230000008569 process Effects 0.000 abstract description 8
- 238000005516 engineering process Methods 0.000 abstract description 7
- 230000009286 beneficial effect Effects 0.000 abstract description 4
- 230000000694 effects Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 235000014510 cooky Nutrition 0.000 description 2
- VYZAMTAEIAYCRO-UHFFFAOYSA-N Chromium Chemical compound [Cr] VYZAMTAEIAYCRO-UHFFFAOYSA-N 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005206 flow analysis Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012038 vulnerability analysis Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Computing Systems (AREA)
- Debugging And Monitoring (AREA)
- Test And Diagnosis Of Digital Computers (AREA)
Abstract
The application discloses a method for detecting a JavaScript prototype chain pollution vulnerability, which comprises the following steps: mining a danger function in the user-defined code based on the fuzzy test; then traversing the taint source array, and marking the request parameters contained in the taint source array as taints; analyzing the flow direction of the taint information according to the program path direction, and carrying out taint tracking and vulnerability detection; and then verifying and confirming the detected bugs based on the fuzzy test. The method combines the fuzzy test and the taint analysis technology, can be realized without knowing the internal logic structure of the application program, has high detection speed and high detection efficiency, can quickly find the security vulnerability in the code in the program development process, and is beneficial to improving the quality of the code. The application also discloses a device for detecting the JavaScript prototype chain pollution vulnerability, electronic equipment and a storage medium, and the method has the beneficial effects.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a method and a device for detecting a JavaScript prototype chain pollution vulnerability.
Background
In JavaScript, if a class is to be defined, it needs to be implemented in a manner of defining a "constructor", that is, we define a function, and there is a corresponding class whose name is the function name. Each function object has a proto type attribute that points to the prototype that the constructor instantiates, and when the constructor instantiates an object, it inherits the attributes and methods in the prototype, and all objects have a proto attribute that points to the prototype that created its constructor. Since all properties of JavaScript class are allowed to be publicly accessed and modified, including _ proto _, in an application, if an attacker controls and modifies the _ proto _ property of an object, all objects from the same class, parent and ancestor classes, can be affected, because all JavaScript objects inherit through a prototype chain, inherit the properties of object. Although the vulnerability of JavaScript prototype chain pollution has existed for a long time, the vulnerability gradually draws attention until the last few years, the vulnerability of JavaScript prototype chain pollution can be found to increase continuously by searching a CVE vulnerability library, and the current detection method for the vulnerability is less.
Taint analysis is a technology for tracking and analyzing the flow of taint information in a program, in the vulnerability analysis, the taint analysis technology is used for marking interested data as taint data, and then whether the taint data can affect certain key program operations or not can be known through tracking the information flow direction related to the taint data, so that the program vulnerabilities can be mined. At present, a technology for applying taint analysis to web vulnerability detection exists, the key of the taint analysis technology is to confirm a pollution source and a dangerous function and carry out taint tracking, but for a JavaScript prototype chain pollution vulnerability, a problem that a user-defined code function in JavaScript is difficult to confirm the dangerous function exists.
Disclosure of Invention
The invention provides a method and a device for detecting a JavaScript prototype chain pollution vulnerability.
In order to achieve the purpose, the invention discloses the following technical scheme:
the invention provides a method for detecting a JavaScript prototype chain pollution vulnerability, which comprises the following steps:
mining a danger function in the user-defined code based on the fuzzy test;
traversing the taint source array, and marking the request parameters contained in the taint source array as taints;
analyzing the flow direction of the taint information according to the program path direction, and carrying out taint tracking and vulnerability detection;
and verifying and confirming the detected loopholes based on the fuzzy test.
Based on the above solution, further, before mining the risk function in the user-defined code based on the fuzz test, the method further includes:
and analyzing a taint source of the JavaScript prototype chain pollution vulnerability, and setting functions responsible for receiving user input parameters as taint sources.
Further, the mining of the risk function in the user-defined code based on the fuzzing test comprises the following steps:
constructing a fuzzy test case;
executing a fuzzy test script and judging whether the function has prototype chain pollution;
the function for which prototype chain contamination exists is labeled as a hazard function.
Specifically, in the above step, the executing the fuzzy test script and determining whether the function has prototype chain pollution includes:
compiling a fuzzy test script and introducing a test script file to be tested;
traversing the functions in the extraction script and executing the extracted functions, wherein the function parameters are provided by the fuzzy test case;
and determining whether the function has prototype chain pollution or not according to whether the parameter value specified by the fuzzy test case is transmitted into the prototype chain after the function is executed.
Further, analyzing the flow direction of the taint information according to the program path direction, and performing taint tracking and vulnerability detection, wherein the method comprises the following steps:
analyzing the program code to obtain an intermediate representation of the program code;
analyzing the flow direction of the taint information along the direction of the program path according to the intermediate representation of the program code, and checking whether the taint information received by the program at the taint source is transmitted to a danger function;
if the function passing through in the taint transmission process exists in the danger function array, the function is represented to have a prototype chain pollution vulnerability.
Further, the verifying and confirming the detected vulnerability based on the fuzzy test comprises the following steps:
sending a fuzzy test case at a stain source for the detected loophole;
observing response at a dangerous function point, determining whether the function has prototype chain pollution according to whether parameter values specified by a fuzzy test case are transmitted into the prototype chain after the function is executed,
if yes, checking to confirm that the bug exists.
Another aspect of the present invention provides a device for detecting a contamination vulnerability of a JavaScript prototype chain, where the device includes:
the stain source setting module is used for setting a stain source of the JavaScript prototype chain pollution vulnerability;
the danger function mining module is used for mining the danger function in the user-defined code of the mark user based on the fuzzy test;
the taint marking module is used for traversing the taint source array and marking the request parameters contained in the taint source array as taints;
the vulnerability detection module is used for analyzing the flow direction of the taint information according to the program path direction and carrying out taint tracking and vulnerability detection;
and the bug checking module is used for checking and confirming the detected bugs based on the fuzzy test.
Further, the danger function mining module specifically includes:
the test case construction unit is used for constructing and generating a fuzzy test case;
and the test execution unit is used for executing the fuzzy test script to judge whether the function has prototype chain pollution or not and marking the function with the prototype chain pollution as a dangerous function.
The present invention also provides an electronic device, including: at least one processor, and at least one memory communicatively coupled to the processor;
the memory stores program instructions executable on the processor;
the processor calls the program instructions to execute the steps of the method for detecting the contamination vulnerability of the JavaScript prototype chain according to the first aspect.
Furthermore, the present invention also provides a computer-readable storage medium, on which a computer program is stored, and when being executed by a processor, the computer program implements the steps of the method for detecting a JavaScript prototype chain pollution vulnerability according to the first aspect.
The effect provided in the summary of the invention is only the effect of the embodiment, not all the effects of the invention, and one of the above technical solutions has the following advantages or beneficial effects:
the method for detecting the pollution vulnerability of the JavaScript prototype chain provided by the embodiment of the application excavates a danger function in a user-defined code based on a fuzzy test; then traversing the taint source array, and marking the request parameters contained in the taint source array as taints; analyzing the flow direction of the taint information according to the program path direction, and carrying out taint tracking and vulnerability detection; and then verifying and confirming the detected bugs based on the fuzzy test. The method combines the fuzzy test and the taint analysis technology, can be realized without knowing the internal logic structure of the application program, has high detection speed and high detection efficiency, can quickly find the security vulnerability in the code in the program development process, and is beneficial to improving the quality of the code.
The detection device, the electronic device and the storage medium for the JavaScript prototype chain pollution vulnerability provided by the embodiment of the application can realize the detection method for the JavaScript prototype chain pollution vulnerability and obtain the technical effects.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a flowchart of a method for detecting a contamination vulnerability of a JavaScript prototype chain according to the present application;
FIG. 2 is a flowchart illustrating an implementation of step S2 in FIG. 1;
fig. 3 is a structural diagram of a detection apparatus for a JavaScript prototype chain contamination vulnerability provided by the present application;
fig. 4 is a schematic diagram of a hardware structure of an electronic device provided in the present application.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 shows a schematic flow chart of a method for detecting a JavaScript prototype chain pollution vulnerability, provided by an embodiment of the present invention.
Referring to fig. 1, the method of the present embodiment includes the following steps:
s1, analyzing and determining a taint source of the JavaScript prototype chain pollution vulnerability;
for web application, data input by a user is transmitted to a server through a web request, and web request parameters are user controllable points, namely stain sources; in addition, places that are user-controllable or indirectly controllable, such as files, cookies, databases, etc., are sources of taint. And as the JavaScript prototype chain pollution vulnerability does not relate to information such as files, Cookies and databases, the web request parameters are mainly analyzed, and corresponding to the JavaScript, functions responsible for receiving user input parameters are all stain sources.
S2, mining the danger function in the user-defined code based on the fuzzy test;
in JavaScript application development, in addition to calling functions in an external library, user-defined functions may also store prototype chain pollution. For the called external library function, the danger function can be sorted out through daily collection; and for the user-defined function, whether the function is a dangerous function or not can be confirmed by analyzing the common characteristics of prototype chain pollution by means of a fuzzy test. Fuzz testing is a method of discovering software failures by providing unexpected inputs and monitoring for abnormal results, and is typically an automated or semi-automated process that involves repeatedly manipulating and providing process data to the target software. Specifically, as shown in fig. 2, in this step, the process of confirming the danger function in the user-defined code based on the fuzz test is as follows:
s21, constructing a fuzzy test case;
since prototype chain pollution is mainly due to the fact that an attacker can set the value of _ proto _ and therefore should look for where the value of _ proto _ can be set, or for the operation of which certain objects can control their key names. By analysis, there are three main cases of prototype chain contamination: the object recursion merges merge, object clone, and a function defining attributes through a path, similar to the form: the function (object, path, value). If an attacker can take control of the value of the path, he can set this value to _ proto _. myValue ", and then assign myValue to the prototype of Object.
Based on the above situation, the constructed attack payload principle is to transmit the value of _ proto _ possibly through one, two or three parameters, such as one parameter "_ proto _" { "test":123}, two parameters "_ proto _. test", "123", three parameters "_ proto _", "test", "123", etc., and then combine the number of function parameters and the positions of the parameters to generate the test case.
If there is a merge operation:
the merge function is used for merging objects, and in the merging process, an assigned operation a [ attr ] ═ b [ attr ] exists, so that if the attr is _ proto _, the chain pollution can be prototyped.
Next, the following code was used to test:
let o1={}
let o2=JSON.parse('{"a":1,"__proto__":{"b":2}}')
merge(o1,o2)
console.log(o1.a,o1.b)
o3={}
console.log(o3.b)
the JavaScript creation process of the o2 sets the _ proto _ parameter "_ proto _" { "b":2}, and when the merge operation is executed, the prototype is modified through the _ proto _ so that the new o3 Object also has a b attribute, which indicates that the Object is polluted.
S22, executing a fuzzy test script, and judging whether the function has prototype chain pollution;
js is a JavaScript running environment based on the chrome V8 engine, so that a JavaScript script running fuzz test can be executed by means of the js. The method specifically comprises the following steps: compiling a fuzzy test script, and introducing a js script file to be tested; then, traversing and extracting functions in the script, and executing the extracted functions through nodejs, wherein function parameters are provided by a fuzzy test case; and then, according to whether the parameter values specified by the fuzzy test case are transmitted into the prototype chain after the function is executed, determining whether the function has prototype chain pollution.
And S23, marking the function with prototype chain pollution as a danger function.
According to whether the parameter value specified by the fuzzy test case is transmitted into the prototype chain after the function is executed in step S22, whether the function has prototype chain pollution is determined, and if so, the function is marked as a risk function.
S3, traversing the taint source array, and marking the request parameters contained in the taint source array as taints;
specifically, to record the dirty information, a dirty flag, such as a boolean variable, is usually added to the input variable to indicate whether the variable is dirty or not. And aiming at the request data transmitted by all the web terminals, determining that the request parameters contained in the taint source array are marked as taints by traversing the taint source array. For example, the following code, the sign judges the user login, the input parameter req is marked as dirty, and the result is marked during dirty transmission.
S4, performing stain tracking and flaw detection according to the flow direction of stain information;
in the step, a static taint analysis method based on data flow is adopted, program codes are firstly analyzed to obtain intermediate representation of the program codes, then auxiliary analysis such as control flow analysis is carried out on the program codes on the basis of the intermediate representation to obtain a required control flow graph, call graph and the like, the flow direction of taint information is analyzed along the direction of a program path, and whether taint information received by a program at a taint source point is transmitted to a danger function or not is checked. If the function passing through in the taint transmission process exists in the danger function array, the function is represented to have a prototype chain pollution vulnerability.
S5, verifying and confirming the detected loophole based on the fuzzy test;
in the taint tracking process, due to the fact that data are filtered or coded and decoded, the judgment of taint processing functions is deviated, and the situation of bug misstatement caused by taint marking errors is considered. And for the detected loophole, directly sending an attack load, namely a fuzzy test case, at a stain source, observing a response at a danger function point, determining whether the function has prototype chain pollution according to whether a parameter value specified by the fuzzy test case is transmitted into a prototype chain after the function is executed, and if the function has the prototype chain pollution, checking and determining the function as the loophole.
In summary, according to the method for detecting the contamination vulnerability of the JavaScript prototype chain, by analyzing the contamination vulnerability characteristics of the JavaScript prototype chain, a risk function in the user-defined JavaScript code is mined by using a fuzzy test, and then, by combining a taint analysis technology, the flow of taint information in a program is tracked and analyzed, so that the automatic detection of the contamination vulnerability of the JavaScript prototype chain is realized.
The invention also provides a device for detecting the JavaScript prototype chain pollution vulnerability, which can be used for realizing the automatic detection of the JavaScript prototype chain pollution vulnerability, and the device described below can be correspondingly referred to with the method described above.
Fig. 3 is a schematic diagram illustrating a structure diagram of a detection apparatus for a JavaScript prototype chain pollution vulnerability provided in an embodiment of the present invention.
Referring to fig. 3, the apparatus of the present embodiment includes:
the stain source setting module 1 is used for setting a stain source of the JavaScript prototype chain pollution vulnerability;
the danger function mining module 2 is used for mining the danger function in the user-defined code based on the fuzzy test;
the taint marking module 3 is used for traversing the taint source array and marking the request parameters contained in the taint source array as taints;
the vulnerability detection module 4 is used for analyzing the flow direction of the taint information according to the program path direction and carrying out taint tracking and vulnerability detection;
and the vulnerability checking module 5 is used for checking and confirming the detected vulnerability based on the fuzzy test.
The danger function mining module 2 determines whether the function is a danger function or not by means of a fuzzy test by analyzing the common characteristic of prototype chain pollution aiming at the user-defined function. As a preferred solution, the danger function mining module 2 includes:
the test case construction unit is used for constructing and generating a fuzzy test case;
and the test execution unit is used for executing the fuzzy test script to judge whether the function has prototype chain pollution or not and marking the function with the prototype chain pollution as a dangerous function.
The invention also provides an electronic device, which can be correspondingly referred to with the detection method described above.
Referring to fig. 4, the electronic device of the present embodiment includes an input unit 10, a memory 20, a processor 30, and an output unit 40. The memory 20 stores a program instruction that can be executed on the processor 30, the processor 30 calls the program instruction to execute the method for detecting the JavaScript prototype chain vulnerability in the above embodiments, and the input unit 10, the memory 20, the processor 30, and the output unit 40 may perform data interaction with each other through a communication bus. For the functions implemented by each unit and the combination thereof, and the achieved technical effects, reference may be made to the description of the corresponding parts of the above method embodiments, which are not repeated herein.
In addition, the present invention also provides a computer readable storage medium, where a computer program is stored on the computer readable storage medium, and when the computer program is executed by a processor, the steps of the method for detecting a JavaScript prototype chain pollution vulnerability are implemented. The detailed implementation steps may refer to the above methods, apparatuses, or devices, and are not described herein again.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and it will be apparent to those skilled in the art that any modification, improvement and equivalent substitution made without departing from the principle of the present invention are included in the protection scope of the present invention.
Claims (10)
1. A method for detecting a JavaScript prototype chain pollution vulnerability is characterized by comprising the following steps:
mining a danger function in the user-defined code based on the fuzzy test;
traversing the taint source array, and marking the request parameters contained in the taint source array as taints;
analyzing the flow direction of the taint information according to the program path direction, and carrying out taint tracking and vulnerability detection;
and verifying and confirming the detected loopholes based on the fuzzy test.
2. The method for detecting the JavaScript prototype chain pollution vulnerability according to claim 1, before mining the danger function in the user-defined code based on the fuzz test, further comprising:
and analyzing and determining a taint source of the JavaScript prototype chain pollution vulnerability, and setting functions responsible for receiving user input parameters as taint sources.
3. The method for detecting the JavaScript prototype chain vulnerability in claim 1, wherein the mining the risk function in the user-defined code based on the fuzzing test comprises the following steps:
constructing a fuzzy test case;
executing a fuzzy test script and judging whether the function has prototype chain pollution;
the function for which prototype chain contamination exists is labeled as a hazard function.
4. The method for detecting a JavaScript prototype chain pollution vulnerability according to claim 3, wherein the executing a fuzzy test script to determine whether a function has prototype chain pollution specifically comprises:
compiling a fuzzy test script and introducing a test script file to be tested;
traversing the functions in the extraction script and executing the extracted functions, wherein the function parameters are provided by the fuzzy test case;
and determining whether the function has prototype chain pollution or not according to whether the parameter value specified by the fuzzy test case is transmitted into the prototype chain after the function is executed.
5. The method for detecting the JavaScript prototype chain vulnerability contamination, according to claim 1, wherein the analyzing the flow direction of the taint information according to the program path direction for taint tracking and vulnerability detection comprises the following steps:
analyzing the program code to obtain an intermediate representation of the program code;
analyzing the flow direction of the taint information along the direction of the program path according to the intermediate representation of the program code, and checking whether the taint information received by the program at the taint source is transmitted to a danger function;
if the function passing through in the taint transmission process exists in the danger function array, the function is represented to have a prototype chain pollution vulnerability.
6. The method for detecting the JavaScript prototype chain contamination vulnerability of claim 5, wherein the verifying and confirming the detected vulnerability based on the fuzz test comprises the following steps:
sending a fuzzy test case at a stain source for the detected loophole;
observing response at a dangerous function point, determining whether the function has prototype chain pollution according to whether parameter values specified by a fuzzy test case are transmitted into the prototype chain after the function is executed,
if yes, checking to confirm that the bug exists.
7. The utility model provides a detection apparatus of JavaScript prototype chain pollution vulnerability which characterized in that includes:
the stain source setting module is used for setting a stain source of the JavaScript prototype chain pollution vulnerability;
the danger function mining module is used for mining the danger function in the user-defined code based on the fuzzy test;
the taint marking module is used for traversing the taint source array and marking the request parameters contained in the taint source array as taints;
the vulnerability detection module is used for analyzing the flow direction of the taint information according to the program path direction and carrying out taint tracking and vulnerability detection;
and the bug checking module is used for checking and confirming the detected bugs based on the fuzzy test.
8. The apparatus according to claim 7, wherein the danger function mining module specifically includes:
the test case construction unit is used for constructing and generating a fuzzy test case;
and the test execution unit is used for executing the fuzzy test script to judge whether the function has prototype chain pollution or not and marking the function with the prototype chain pollution as a dangerous function.
9. An electronic device, comprising: at least one processor, and at least one memory communicatively coupled to the processor;
the memory stores program instructions executable on the processor;
the processor calls the program instructions to execute the steps of the method for detecting the JavaScript prototype chain contamination vulnerability of any one of claims 1 to 6.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the steps of the method for detecting a JavaScript prototype chain vulnerability.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111003797.7A CN113849817B (en) | 2021-08-30 | 2021-08-30 | Detection method and device for pollution loopholes of JavaScript prototype chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111003797.7A CN113849817B (en) | 2021-08-30 | 2021-08-30 | Detection method and device for pollution loopholes of JavaScript prototype chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113849817A true CN113849817A (en) | 2021-12-28 |
| CN113849817B CN113849817B (en) | 2023-08-18 |
Family
ID=78976483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111003797.7A Active CN113849817B (en) | 2021-08-30 | 2021-08-30 | Detection method and device for pollution loopholes of JavaScript prototype chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113849817B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114944997A (en) * | 2022-03-24 | 2022-08-26 | 浙江大华技术股份有限公司 | Protocol detection method, protocol detection device and computer readable storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112016096A (en) * | 2020-08-28 | 2020-12-01 | 苏州浪潮智能科技有限公司 | XSS vulnerability auditing method and device |
| CN112632560A (en) * | 2020-12-25 | 2021-04-09 | 苏州浪潮智能科技有限公司 | Web vulnerability confirmation method and device |
-
2021
- 2021-08-30 CN CN202111003797.7A patent/CN113849817B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112016096A (en) * | 2020-08-28 | 2020-12-01 | 苏州浪潮智能科技有限公司 | XSS vulnerability auditing method and device |
| CN112632560A (en) * | 2020-12-25 | 2021-04-09 | 苏州浪潮智能科技有限公司 | Web vulnerability confirmation method and device |
Non-Patent Citations (2)
| Title |
|---|
| MOB604756EBED9F: "小白带你读论文 & Prototype pollution attack in NodeJS", pages 1 - 18, Retrieved from the Internet <URL:https://blog.51cto.com/u_15127538/2699056> * |
| 周驰凯: "基于改进的内存模糊测试 的漏洞挖掘方法研究", 中国优秀硕士学位论文全文数据库 信息科技辑, pages 3 - 4 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114944997A (en) * | 2022-03-24 | 2022-08-26 | 浙江大华技术股份有限公司 | Protocol detection method, protocol detection device and computer readable storage medium |
| CN114944997B (en) * | 2022-03-24 | 2024-02-20 | 浙江大华技术股份有限公司 | Protocol detection method, protocol detection device and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113849817B (en) | 2023-08-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111859375B (en) | Vulnerability detection method and device, electronic equipment and storage medium | |
| US8800042B2 (en) | Secure web application development and execution environment | |
| CN109101815B (en) | Malicious software detection method and related equipment | |
| Pellegrino et al. | jäk: Using dynamic analysis to crawl and test modern web applications | |
| CN112560045A (en) | Application program vulnerability detection method and device, computer equipment and storage medium | |
| Khodayari et al. | {JAW}: Studying client-side {CSRF} with hybrid property graphs and declarative traversals | |
| Huang et al. | UChecker: Automatically detecting php-based unrestricted file upload vulnerabilities | |
| CN115270131A (en) | Java anti-serialization vulnerability detection method and system | |
| Alenezi et al. | Open source web application security: A static analysis approach | |
| CN110059007B (en) | System vulnerability scanning method and device, computer equipment and storage medium | |
| Gauthier et al. | Fast detection of access control vulnerabilities in php applications | |
| US20240160748A1 (en) | Method And System For Data Flow Monitoring To Identify Application Security Vulnerabilities And To Detect And Prevent Attacks | |
| US20140245440A1 (en) | Software Inspection System | |
| CN112016096A (en) | XSS vulnerability auditing method and device | |
| KR101696694B1 (en) | Method And Apparatus For Analysing Source Code Vulnerability By Using TraceBack | |
| CN113779578A (en) | Intelligent confusion method and system for mobile terminal application | |
| CN113726790A (en) | Network attack source identification and blocking method, system, device and medium | |
| Homaei et al. | Athena: A framework to automatically generate security test oracle via extracting policies from source code and intended software behaviour | |
| CN115168847A (en) | Application patch generation method and device, computer equipment and readable storage medium | |
| Khodayari et al. | It’s (dom) clobbering time: Attack techniques, prevalence, and defenses | |
| Wi et al. | Diffcsp: Finding browser bugs in content security policy enforcement through differential testing | |
| Zhu et al. | Detecting privilege escalation attacks through instrumenting web application source code | |
| CN113849817A (en) | Method and device for detecting pollution vulnerability of JavaScript prototype chain | |
| CN113935041A (en) | Vulnerability detection system and method for real-time operating system equipment | |
| CN111291377A (en) | Application vulnerability detection method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |