CN113973014A - Method, device and equipment for monitoring weak password vulnerability of network equipment - Google Patents
Method, device and equipment for monitoring weak password vulnerability of network equipment Download PDFInfo
- Publication number
- CN113973014A CN113973014A CN202111241264.2A CN202111241264A CN113973014A CN 113973014 A CN113973014 A CN 113973014A CN 202111241264 A CN202111241264 A CN 202111241264A CN 113973014 A CN113973014 A CN 113973014A
- Authority
- CN
- China
- Prior art keywords
- target network
- network equipment
- weak password
- address information
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 75
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000013507 mapping Methods 0.000 claims abstract description 46
- 238000012806 monitoring device Methods 0.000 claims abstract description 12
- 238000012545 processing Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 9
- 238000001514 detection method Methods 0.000 claims description 3
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000005336 cracking Methods 0.000 description 1
- 230000002354 daily effect Effects 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The application discloses a monitoring method for a weak password vulnerability of network equipment, which comprises the steps of acquiring address information of target network equipment by adopting a network space mapping system, sending a login request to the target network equipment by utilizing the address information of the target network equipment and a preset weak password, and determining that the target network equipment has the weak password vulnerability if the target network equipment is successfully logged in. The user can realize the address retrieval and the weak password vulnerability positioning of the target network equipment in large batch only by providing the keywords of the target network equipment, thereby greatly relieving the working pressure of workers in the network equipment weak password vulnerability monitoring task and effectively realizing the monitoring of the weak password vulnerability of the large-scale network equipment. The application also discloses a monitoring device, equipment and a computer readable storage medium for the weak password vulnerability of the network equipment, and the monitoring device, the equipment and the computer readable storage medium have the beneficial effects.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for monitoring a weak password vulnerability of a network device.
Background
Weak password (password) generally refers to a password that is easily guessed by others or broken by a cracking tool, such as a password that contains only simple numbers and letters. Such passwords are easily broken by others, exposing the user's computer to risk and thus not recommended for use by the user.
Internet services are indispensable for many organizations and individuals, and network devices such as routers, firewalls, load balancers and the like supporting the services play a fundamental and important role. However, such a large number of basic network devices also have weak password vulnerabilities, and the unresolved weak password vulnerabilities will cause huge loss of business during daily use or significant activities such as network protection. The network equipment with the weak password is detected in time, the risk of secret change and avoidance of the weak password equipment is avoided, and the network equipment is an important topic of network safety. However, under the current situation of huge and widely distributed network devices in the network, no effective measures are taken to find the weak password devices existing in the network, and no mention is made to monitor the devices which may be temporarily exposed on the internet in real time.
How to monitor the weak password vulnerability of large-scale network equipment is a technical problem to be solved by technical personnel in the field.
Disclosure of Invention
The application aims to provide a method, a device, equipment and a computer readable storage medium for monitoring the weak password vulnerability of network equipment, which are used for effectively monitoring the weak password vulnerability of large-scale network equipment.
In order to solve the above technical problem, the present application provides a method for monitoring a weak password vulnerability of a network device, including:
inputting keywords of target network equipment into a network space mapping system to acquire address information of the target network equipment;
sending a login request to the target network equipment by using the address information of the target network equipment and a preset weak password;
and if the target network equipment is successfully logged in, determining that the target network equipment has a weak password vulnerability.
Optionally, the inputting a preset keyword of the target network device into the network space mapping system to obtain the address information of the target network device specifically includes:
inputting preset keywords of the target network equipment into a built-in grammar corresponding to the network space mapping system to obtain a constructed query statement;
and inputting the constructed query statement into the network space mapping system to acquire the address information of the target network equipment.
Optionally, the inputting a preset keyword of the target network device into the network space mapping system to obtain the address information of the target network device specifically includes:
inputting preset keywords of the target network equipment into a plurality of network space mapping systems respectively, and acquiring address information of the target network equipment, which is obtained by inquiring of each network space mapping system;
and carrying out duplicate removal processing on the address information of the target network equipment.
Optionally, the keyword of the target network device specifically includes a geographic location of the target network device and a type of the target network device.
Optionally, the sending a login request to the target network device by using the address information of the target network device and a preset weak password specifically includes:
if the target network equipment is the network equipment searched for the first time, respectively sending a login request to the target network equipment by using all the weak passwords in a preset weak password library and address information of the target network equipment;
if the target network equipment is not the network equipment searched for the first time, removing the weak password adopted in a preset period from a monitoring scheme of the target network equipment, and respectively sending a login request to the target network equipment by using the remaining weak password in the weak password library and the address information of the target network equipment.
Optionally, the sending a login request to the target network device by using the address information of the target network device and a preset weak password specifically includes:
generating a uniform resource positioning system for logging in a firewall of the target network equipment according to the JS object numbered musical notation of the address information of the target network equipment output by the network space mapping system;
and sending a login request to the target network equipment by using the uniform resource positioning system and the weak password.
Optionally, the method further includes:
and when the target network equipment is determined to have the weak password vulnerability, displaying the equipment name of the target network equipment and the address information of the target network equipment on a monitoring interface.
In order to solve the above technical problem, the present application further provides a monitoring apparatus for a weak password vulnerability of a network device, including:
the query unit is used for inputting keywords of target network equipment into a network space mapping system and acquiring address information of the target network equipment;
the detection unit is used for sending a login request to the target network equipment by utilizing the address information of the target network equipment and a preset weak password; and if the target network equipment is successfully logged in, determining that the target network equipment has a weak password vulnerability.
In order to solve the above technical problem, the present application further provides a monitoring device for a weak password vulnerability of a network device, including:
the storage is used for storing instructions, and the instructions comprise the steps of any one of the above monitoring methods for the weak password vulnerability of the network equipment;
a processor to execute the instructions.
In order to solve the above technical problem, the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the method for monitoring a weak password vulnerability of a network device as described in any one of the above.
The monitoring method for the weak password vulnerability of the network equipment, provided by the application, comprises the steps of acquiring address information of the target network equipment by adopting a network space mapping system, sending a login request to the target network equipment by utilizing the address information of the target network equipment and a preset weak password, and determining that the target network equipment has the weak password vulnerability if the target network equipment is successfully logged in. The user can realize the address retrieval and the weak password vulnerability positioning of the target network equipment in large batch only by providing the keywords of the target network equipment, thereby greatly relieving the working pressure of workers in the network equipment weak password vulnerability monitoring task and effectively realizing the monitoring of the weak password vulnerability of the large-scale network equipment.
The application also provides a monitoring device, equipment and a computer readable storage medium for the weak password vulnerability of the network equipment, which have the beneficial effects and are not repeated herein.
Drawings
For a clearer explanation of the embodiments or technical solutions of the prior art of the present application, the drawings needed for the description of the embodiments or prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a method for monitoring a weak password vulnerability of a network device according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a monitoring apparatus for a weak password vulnerability of a network device according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a monitoring device for a weak password vulnerability of a network device according to an embodiment of the present application.
Detailed Description
The core of the application is to provide a method, a device, equipment and a computer readable storage medium for monitoring the weak password vulnerability of network equipment, which are used for effectively monitoring the weak password vulnerability of large-scale network equipment.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Example one
Fig. 1 is a flowchart of a method for monitoring a weak password vulnerability of a network device according to an embodiment of the present application.
As shown in fig. 1, a method for monitoring a weak password vulnerability of a network device provided in an embodiment of the present application includes:
s101: inputting the keywords of the target network equipment into a network space mapping system to acquire the address information of the target network equipment.
S102: and sending a login request to the target network equipment by using the address information of the target network equipment and a preset weak password.
S103: and if the target network equipment is successfully logged in, determining that the target network equipment has a weak password vulnerability.
If monitoring of the weak password vulnerability of the network equipment in the internet is to be realized, the address of the target network equipment needs to be acquired first, so that the target network equipment to be monitored is positioned. In practical application, an issuer of the network device is responsible for batch monitoring of the issued network devices, and timely notifying a network device user when finding a weak password vulnerability.
The network space is an artificial space constructed on various information communication technology infrastructures including the internet, a telecommunication network, an internet of things, a sensor network, various computer systems and an industrial internet, and is used for supporting people to perform various activities related to information communication technologies in the space. A cyberspace mapping system is a system for describing network nodes and network connectivity relationships of devices on a cyberspace. Existing cyberspace mapping systems include maps, foma, zoomeye, and the like.
In a specific implementation, for step S101, keywords of the target network device input by the monitoring personnel or archived historically may be received, so that the network space mapping system locates the target network device through the keywords, that is, the monitoring object of the monitoring scheme provided in this embodiment.
To implement the automated execution of step S101, the cyberspace mapping system is deployed in advance, and a script is designed to invoke the cyberspace mapping system and input the keywords of the target network device. The type of the keyword of the target network device may be designed according to the network space mapping system and the monitoring requirement, for example, the keyword of the target network device may specifically include the geographic location of the target network device and the type of the target network device.
Depending on the monitoring requirements, either timed monitoring (e.g., performed once at zero time of day) or real-time monitoring (e.g., performed once every hour) may be set. In order to reduce the working pressure of monitoring personnel, an automatic monitoring scheme is deployed in advance, and keywords and corresponding execution time of target network equipment are set, for example, the target network equipment in the area A is monitored once at zero point every day, and the target network equipment in the area B is monitored once every hour. Since the new target network device is not frequently added, when the automatic monitoring scheme is deployed, the frequency of executing step S101 may be less than the frequency of executing step S102, for example, in a certain monitoring, the subsequent steps are directly executed along with the address information of the target network device searched by the network space mapping system last time.
In order to improve the success rate of address search, before executing step S101, the method for monitoring a weak password vulnerability of a network device according to the embodiment of the present application may further include: judging whether the keywords of the target network equipment are legal or not; if yes, entering step 101; otherwise, sending an input illegal prompt.
To avoid the file being too large, the address information may be loaded step by step, for example, step S102 is executed once every time the address information of the preset target network device is loaded.
For steps S102 and S103, after acquiring the address information of the target network device, an attempt is made to log in the target network device using a pre-constructed weak password. The pre-constructed weak password may include an initial password (e.g., admin) of the target network device, a password composed of simple numbers and/or letters (e.g., 123456), etc., or an associated password (e.g., a password composed of a birthday, an identification number) generated based on the user identity information of the target network device, if available. Multiple weak passwords may be tried for the same target network device; login with different weak passwords may be attempted for different target network devices. And if the target network equipment can be accessed in the pre-constructed weak password, confirming that the target network equipment has a weak password vulnerability.
In order to increase the detection probability of the weak password vulnerability, the weak password library can be updated regularly. In practical applications, if a large number of weak passwords are tried to log in the target network device, the monitoring workload is huge. Step S102: sending the login request to the target network device by using the address information of the target network device and the preset weak password may specifically include:
if the target network equipment is the network equipment searched for the first time, respectively sending a login request to the target network equipment by using all weak passwords in a preset weak password library and address information of the target network equipment;
if the target network equipment is not the network equipment searched for the first time, removing the weak password adopted in the preset period from the monitoring scheme of the target network equipment, and respectively sending a login request to the target network equipment by using the rest weak passwords in the weak password library and the address information of the target network equipment.
In specific implementation, all pre-constructed weak passwords can be used for trying to access target network equipment which is searched for the first time, if the target network equipment cannot be logged in, the weak passwords can be removed from a monitoring scheme for the target network equipment, and a new weak password is used for trying to access the target network equipment after a subsequent weak password library is updated; for security reasons, it is also possible to try again to log in the target network device with the used weak password after a certain time (preset period) has elapsed. Or a portion of the weak password may be randomly selected from a pre-constructed total of weak passwords to attempt to access the target network device.
In order to facilitate a monitoring person to find a weak password vulnerability of a monitoring area in time, the monitoring method for a weak password vulnerability of a network device provided by the embodiment of the present application may further include: and when the target network equipment is determined to have the weak password vulnerability, displaying the equipment name of the target network equipment and the address information of the target network equipment on the monitoring interface. The monitoring interface can be presented through a display interface of a personal terminal where a monitoring person is located, can also be presented through a large screen of a monitoring center, and can present target network equipment with weak password vulnerability in a mode of highlighting in network topology.
In order to make up for the weak password vulnerability as soon as possible, the monitoring method for the weak password vulnerability of the network device provided by the embodiment of the present application may further include: and when the target network equipment is determined to have the weak password vulnerability, sending a secret change prompt to a user of the target network equipment.
The monitoring method for the weak password vulnerability of the network equipment provided by the embodiment of the application adopts a network space mapping system to obtain the address information of the target network equipment, then sends a login request to the target network equipment by using the address information of the target network equipment and a preset weak password, and if the target network equipment is successfully logged in, the target network equipment is determined to have the weak password vulnerability. The user can realize the address retrieval and the weak password vulnerability positioning of the target network equipment in large batch only by providing the keywords of the target network equipment, thereby greatly relieving the working pressure of workers in the network equipment weak password vulnerability monitoring task and effectively realizing the monitoring of the weak password vulnerability of the large-scale network equipment.
Example two
In the above embodiments, the address information of the target network device is acquired by the cyberspace mapping system. The existing network space mapping systems comprise a map, a fosa, a zoomeye and the like, all of which have own search syntax, and a script for calling the network space mapping systems and inputting keywords of target network equipment is designed in advance according to the types of the network space mapping systems.
Therefore, in the embodiment of the present application, step S101 in fig. 1: inputting preset keywords of target network equipment into a network space mapping system, and acquiring address information of the target network equipment, wherein the method specifically comprises the following steps:
inputting preset keywords of target network equipment into a built-in grammar corresponding to a network space mapping system to obtain a constructed query statement;
and inputting the constructed query statement into a network space mapping system to acquire the address information of the target network equipment.
In the above embodiments, the keywords of the target network device may specifically include the geographic location of the target network device and the type of the target network device, for example, the keyword of the target network device is "zhejiang-hangzhou-tianqing han horse USG firewall", the read address information is "zhejiang-hangzhou", and the read type is "tianqing han horse USG firewall".
And designing a built-in grammar aiming at the type of the network space mapping system in advance, wherein the built-in grammar is used for converting keywords of the target network equipment into query statements of the network space mapping system. Specifically, the input address information of the target network device may be read first, the address information of the target network device is added to the built-in grammar, the type (device name, etc.) of the input target network device is read, the corresponding keyword library is obtained, and the obtained keywords are added to the built-in grammar one by one to obtain the constructed query statement. And then calling a Software Development Kit (SDK) of the network space mapping system, and inputting the constructed query statement to perform batch query.
The pre-designed built-in grammar can be in the following format:
"-m" or "model" representing a network device model number query;
"-c", i.e., "city", represents a city-level regional query;
"-p", or "provice", represents a provincial region query.
The sumap is a global network space super radar mainly based on multi-dimensional network space mapping capability, and query statements of the sumap comprise the following contents:
province:"province";
city:"city";
data:"keyword"。
then construct a query statement according to the input keywords of the target network device, for example:
inputting: -PZhejiang-c Hangzhou-m Tian Qinghanma USG firewall,
constructing a grammar: provice: "Zhejiang" & & data: "v2ray" & & city: "keyword";
wherein, the keyword is read from the built-in keyword library.
The query statement for the fosa includes the following:
region="province";
city="city";
body="keyword"。
then construct a query statement according to the input keywords of the target network device, for example:
inputting: -PZhejiang-c Hangzhou-m Tian Qinghanma USG firewall,
constructing a grammar: region ═ Zhejiang "& & city! "Hangzhou" & & body ═ keyword ";
wherein, the keyword is read from the built-in keyword library.
The zoomery's query statement includes the following:
subdivisions:"zhejiang";
city="city"。
then construct a query statement according to the input keywords of the target network device, for example:
inputting: -PZhejiang-c Hangzhou-m Tian Qinghanma USG firewall,
constructing a grammar: subdivisions: "zhejiang" + "firewall" + city: "hangzhou";
wherein, the keyword is read from the built-in keyword library.
In order to accurately obtain address information of the target network device, inputting preset keywords of the target network device into a network space mapping system, and obtaining the address information of the target network device, the method specifically may include: respectively inputting preset keywords of target network equipment into a plurality of network space mapping systems, and acquiring address information of the target network equipment, which is obtained by inquiring of each network space mapping system; and carrying out duplicate removal processing on the address information of the target network equipment.
The cyberspace mapping system includes but is not limited to maps, foma, and zoomeye, among others. After the address information of all the target network devices is obtained through searching, the repeated address information is subjected to deduplication processing, and then step S102 is executed, so that repeated login requests are avoided being generated.
EXAMPLE III
The target network device may include a router, a firewall, a load balancer, etc., and different network devices have different access modes. On the basis of the foregoing embodiment, in the monitoring method for a weak password vulnerability of a network device provided in the embodiment of the present application, step S102: sending a login request to the target network device by using the address information of the target network device and a preset weak password, which may specifically include:
generating a Uniform Resource Locator (URL) for logging in a firewall of the target network equipment according to a JS object numbered notation (json) of the address information of the target network equipment output by the network space mapping system;
and sending a login request to the target network equipment by using the uniform resource positioning system and the weak password.
On the basis of the above detailed description of the embodiments corresponding to the method for monitoring the weak password vulnerability of the network device, the application also discloses a device, a device and a computer readable storage medium for monitoring the weak password vulnerability of the network device corresponding to the method.
EXAMPLE III
Fig. 2 is a schematic structural diagram of a monitoring apparatus for a weak password vulnerability of a network device according to an embodiment of the present application.
As shown in fig. 2, a monitoring apparatus for a weak password vulnerability of a network device according to an embodiment of the present application includes:
the query unit 201 is configured to input a keyword of a target network device into a network space mapping system, and acquire address information of the target network device;
a detecting unit 202, configured to send a login request to a target network device by using address information of the target network device and a preset weak password; and if the target network equipment is successfully logged in, determining that the target network equipment has a weak password vulnerability.
Further, the monitoring apparatus for a weak password vulnerability of a network device provided in the embodiment of the present application may further include:
and the display unit is used for displaying the equipment name of the target network equipment and the address information of the target network equipment on the monitoring interface when the weak password vulnerability of the target network equipment is determined.
Since the embodiments of the apparatus portion and the method portion correspond to each other, please refer to the description of the embodiments of the method portion for the embodiments of the apparatus portion, which is not repeated here.
Example four
Fig. 3 is a schematic structural diagram of a monitoring device for a weak password vulnerability of a network device according to an embodiment of the present application.
As shown in fig. 3, the monitoring device for a weak password vulnerability of a network device provided in the embodiment of the present application includes:
a memory 310, configured to store instructions, where the instructions include the steps of the method for monitoring a weak password vulnerability of a network device according to any one of the above embodiments;
a processor 320 for executing the instructions.
Processor 320 may include one or more processing cores, such as a 3-core processor, an 8-core processor, and so forth. The processor 320 may be implemented in at least one hardware form of a digital Signal processing (dsp), a Field-Programmable Gate Array (FPGA), a Programmable Logic Array (pla), or a digital Signal processing (dsp). The processor 320 may also include a main processor and a coprocessor, where the main processor is a processor for Processing data in an awake state, and is also called a central Processing unit (cpu); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 320 may be integrated with an image processor GPU (graphics Processing unit), which is responsible for rendering and drawing the content that the display screen needs to display. In some embodiments, processor 320 may also include an Artificial Intelligence (AI) (artificial intelligence) processor for processing computational operations related to machine learning.
Memory 310 may include one or more computer-readable storage media, which may be non-transitory. Memory 310 may also include high speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In this embodiment, the memory 310 is at least used for storing a computer program 311, wherein after the computer program 311 is loaded and executed by the processor 320, the relevant steps in the method for monitoring a weak password vulnerability of a network device disclosed in any of the foregoing embodiments can be implemented. In addition, the resources stored by the memory 310 may also include an operating system 312, data 313, and the like, and the storage may be transient storage or persistent storage. The operating system 312 may be Windows, among others. Data 313 may include, but is not limited to, data involved in the above-described methods.
In some embodiments, the monitoring device for weak password vulnerabilities of network devices may further include a display 330, a power source 340, a communication interface 350, an input-output interface 360, a sensor 370, and a communication bus 380.
Those skilled in the art will appreciate that the architecture shown in FIG. 3 does not constitute a limitation of a monitoring device for network device weak password vulnerabilities, and may include more or fewer components than those shown.
The monitoring device for the weak password vulnerability of the network device provided by the embodiment of the application comprises the memory and the processor, and when the processor executes the program stored in the memory, the monitoring method for the weak password vulnerability of the network device can be realized, and the effect is the same as that of the monitoring method.
EXAMPLE five
It should be noted that the above-described embodiments of the apparatus and device are merely illustrative, for example, the division of modules is only one division of logical functions, and there may be other divisions when actually implementing, for example, a plurality of modules or components may be combined or integrated into another system, or some features may be omitted or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or modules, and may be in an electrical, mechanical or other form. Modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present application may be integrated into one processing module, or each of the modules may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
The integrated module, if implemented in the form of a software functional module and sold or used as a separate product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium and executes all or part of the steps of the methods described in the embodiments of the present application, or all or part of the technical solutions.
To this end, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements the steps of the monitoring method for the weak password vulnerability of the network device.
The computer-readable storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory ROM (Read-Only Memory), a random Access Memory ram (random Access Memory), a magnetic disk, or an optical disk.
The computer program contained in the computer-readable storage medium provided in this embodiment can implement the steps of the method for monitoring a weak password vulnerability of a network device as described above when being executed by a processor, and the effect is the same as above.
The method, the apparatus, the device and the computer-readable storage medium for monitoring the weak password vulnerability of the network device provided by the present application are described in detail above. The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device, the apparatus and the computer-readable storage medium disclosed in the embodiments correspond to the method disclosed in the embodiments, so that the description is simple, and the relevant points can be referred to the description of the method. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. A method for monitoring a weak password vulnerability of network equipment is characterized by comprising the following steps:
inputting keywords of target network equipment into a network space mapping system to acquire address information of the target network equipment;
sending a login request to the target network equipment by using the address information of the target network equipment and a preset weak password;
and if the target network equipment is successfully logged in, determining that the target network equipment has a weak password vulnerability.
2. The monitoring method according to claim 1, wherein the inputting a preset keyword of a target network device into a network space mapping system to obtain address information of the target network device specifically includes:
inputting preset keywords of the target network equipment into a built-in grammar corresponding to the network space mapping system to obtain a constructed query statement;
and inputting the constructed query statement into the network space mapping system to acquire the address information of the target network equipment.
3. The monitoring method according to claim 1, wherein the inputting a preset keyword of a target network device into a network space mapping system to obtain address information of the target network device specifically includes:
inputting preset keywords of the target network equipment into a plurality of network space mapping systems respectively, and acquiring address information of the target network equipment, which is obtained by inquiring of each network space mapping system;
and carrying out duplicate removal processing on the address information of the target network equipment.
4. The monitoring method of claim 1, wherein the keywords of the target network device specifically include a geographic location of the target network device and a type of the target network device.
5. The monitoring method according to claim 1, wherein the sending a login request to the target network device using the address information of the target network device and a preset weak password specifically comprises:
if the target network equipment is the network equipment searched for the first time, respectively sending a login request to the target network equipment by using all the weak passwords in a preset weak password library and address information of the target network equipment;
if the target network equipment is not the network equipment searched for the first time, removing the weak password adopted in a preset period from a monitoring scheme of the target network equipment, and respectively sending a login request to the target network equipment by using the remaining weak password in the weak password library and the address information of the target network equipment.
6. The monitoring method according to claim 1, wherein the sending a login request to the target network device using the address information of the target network device and a preset weak password specifically comprises:
generating a uniform resource positioning system for logging in a firewall of the target network equipment according to the JS object numbered musical notation of the address information of the target network equipment output by the network space mapping system;
and sending a login request to the target network equipment by using the uniform resource positioning system and the weak password.
7. The monitoring method of claim 1, further comprising:
and when the target network equipment is determined to have the weak password vulnerability, displaying the equipment name of the target network equipment and the address information of the target network equipment on a monitoring interface.
8. A monitoring device for weak password vulnerability of network equipment is characterized by comprising:
the query unit is used for inputting keywords of target network equipment into a network space mapping system and acquiring address information of the target network equipment;
the detection unit is used for sending a login request to the target network equipment by utilizing the address information of the target network equipment and a preset weak password; and if the target network equipment is successfully logged in, determining that the target network equipment has a weak password vulnerability.
9. A monitoring device for weak password vulnerability of network equipment is characterized by comprising:
a memory for storing instructions, the instructions comprising the steps of the method for monitoring a network device for weak password vulnerabilities of any one of claims 1 to 7;
a processor to execute the instructions.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method for monitoring a network device for weak password vulnerabilities as claimed in any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111241264.2A CN113973014B (en) | 2021-10-25 | 2021-10-25 | Method, device and equipment for monitoring weak password loopholes of network equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111241264.2A CN113973014B (en) | 2021-10-25 | 2021-10-25 | Method, device and equipment for monitoring weak password loopholes of network equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113973014A true CN113973014A (en) | 2022-01-25 |
| CN113973014B CN113973014B (en) | 2024-04-26 |
Family
ID=79588350
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111241264.2A Active CN113973014B (en) | 2021-10-25 | 2021-10-25 | Method, device and equipment for monitoring weak password loopholes of network equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113973014B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090113551A1 (en) * | 2007-10-24 | 2009-04-30 | Jong Moon Lee | Device and method for inspecting network equipment for vulnerabilities using search engine |
| CN107645510A (en) * | 2017-10-19 | 2018-01-30 | 北京知道创宇信息技术有限公司 | A kind of computational methods and computing device of regional safety prevention ability |
| CN111488581A (en) * | 2020-03-26 | 2020-08-04 | 杭州迪普科技股份有限公司 | Weak password vulnerability detection method and device, electronic equipment and computer readable medium |
| CN111967018A (en) * | 2020-07-30 | 2020-11-20 | 国网福建省电力有限公司 | Method for automatically detecting Tomcat known vulnerability |
| CN112115478A (en) * | 2020-08-24 | 2020-12-22 | 国网福建省电力有限公司 | Method and system for automatically detecting known loopholes of ActiveMQ |
| CN112131577A (en) * | 2020-09-25 | 2020-12-25 | 杭州安恒信息技术股份有限公司 | Vulnerability detection method, device and equipment and computer readable storage medium |
| CN112995352A (en) * | 2019-12-17 | 2021-06-18 | 北京白帽汇科技有限公司 | IPv6 network space mapping system and mapping method based on traffic analysis |
-
2021
- 2021-10-25 CN CN202111241264.2A patent/CN113973014B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090113551A1 (en) * | 2007-10-24 | 2009-04-30 | Jong Moon Lee | Device and method for inspecting network equipment for vulnerabilities using search engine |
| CN107645510A (en) * | 2017-10-19 | 2018-01-30 | 北京知道创宇信息技术有限公司 | A kind of computational methods and computing device of regional safety prevention ability |
| CN112995352A (en) * | 2019-12-17 | 2021-06-18 | 北京白帽汇科技有限公司 | IPv6 network space mapping system and mapping method based on traffic analysis |
| CN111488581A (en) * | 2020-03-26 | 2020-08-04 | 杭州迪普科技股份有限公司 | Weak password vulnerability detection method and device, electronic equipment and computer readable medium |
| CN111967018A (en) * | 2020-07-30 | 2020-11-20 | 国网福建省电力有限公司 | Method for automatically detecting Tomcat known vulnerability |
| CN112115478A (en) * | 2020-08-24 | 2020-12-22 | 国网福建省电力有限公司 | Method and system for automatically detecting known loopholes of ActiveMQ |
| CN112131577A (en) * | 2020-09-25 | 2020-12-25 | 杭州安恒信息技术股份有限公司 | Vulnerability detection method, device and equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113973014B (en) | 2024-04-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210326885A1 (en) | Method and Apparatus of Identifying a Transaction Risk | |
| Costin et al. | A {Large-scale} analysis of the security of embedded firmwares | |
| KR20180129850A (en) | Method and device for outputting risk information and building risk information | |
| CN109474640B (en) | Malicious crawler detection method and device, electronic equipment and storage medium | |
| CN108090351B (en) | Method and apparatus for processing request message | |
| CN109246064A (en) | Safe access control, the generation method of networkaccess rules, device and equipment | |
| CN112165462A (en) | Attack prediction method and device based on portrait, electronic equipment and storage medium | |
| CN111651751B (en) | Security event analysis report generation method and device, storage medium and equipment | |
| CN110704816B (en) | Interface cracking recognition method, device, equipment and storage medium | |
| KR20190138037A (en) | An information retrieval system using knowledge base of cyber security and the method thereof | |
| CN113642025A (en) | Interface data processing method, device, equipment and storage medium | |
| CN116319077A (en) | Network attack detection method and device, equipment, storage medium and product | |
| CN113973014A (en) | Method, device and equipment for monitoring weak password vulnerability of network equipment | |
| CN109040089B (en) | Network policy auditing method, equipment and computer readable storage medium | |
| CN115470489A (en) | Detection model training method, detection method, device and computer readable medium | |
| CN114969819A (en) | Data asset risk discovery method and device | |
| CN114666140A (en) | Method, device, computer equipment and medium for accessing form | |
| CN113886864A (en) | Database risk detection method and device, electronic equipment and storage medium | |
| CN113553370A (en) | Abnormality detection method, abnormality detection device, electronic device, and readable storage medium | |
| US10949232B2 (en) | Managing virtualized computing resources in a cloud computing environment | |
| CN108650251B (en) | Display processing method and device for network security comprehensive situation awareness data | |
| CN109784053B (en) | Method and device for generating filter rule, storage medium and electronic device | |
| CN111160738A (en) | Event processing method and device, storage medium and electronic device | |
| CN111897490A (en) | Method and device for deleting data | |
| CN111723400A (en) | JS sensitive information leakage detection method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |