CN114417359B - Rebound mode determining method, device, equipment and storage medium - Google Patents
Rebound mode determining method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN114417359B CN114417359B CN202210083272.7A CN202210083272A CN114417359B CN 114417359 B CN114417359 B CN 114417359B CN 202210083272 A CN202210083272 A CN 202210083272A CN 114417359 B CN114417359 B CN 114417359B
- Authority
- CN
- China
- Prior art keywords
- rebound
- mode
- candidate
- keyword
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 238000012795 verification Methods 0.000 claims abstract description 91
- 230000000875 corresponding effect Effects 0.000 claims description 55
- 230000004044 response Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 12
- 230000015654 memory Effects 0.000 claims description 11
- 230000002596 correlated effect Effects 0.000 claims description 6
- 230000008569 process Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 241000700605 Viruses Species 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
The application provides a rebound mode determining method, a rebound mode determining device, rebound mode determining equipment and a storage medium, wherein the method comprises the following steps: acquiring first vulnerability information of a target host; determining at least one first target keyword in the first vulnerability information; determining a first candidate rebound mode from the acquired plurality of rebound modes; when the preset keywords carried by the first rebound mode in the rebound modes exist in at least one first target keyword, the first rebound mode is used as a first candidate rebound mode; after a first verification result corresponding to the first candidate rebound mode is obtained, judging whether the first verification result is verification success or not, and if so, taking the first candidate rebound mode as a target rebound mode for rebounding the target host; by the aid of the method, labor workload is reduced, and determination efficiency of rebound modes is improved.
Description
Technical Field
The present invention relates to the field of computer security technologies, and in particular, to a method, an apparatus, a device, and a storage medium for determining a rebound manner.
Background
The loophole on the host refers to the defect existing in the specific implementation of hardware, software and protocol related to the host or the system security policy, and is a channel utilized when a hacker, a virus Trojan or the like attacks the host, and in order to check the loophole in advance and make up for the loophole in time, a means of simulating the attack of the hacker, the virus Trojan or the like is generally used for checking the loophole at present.
When checking the loopholes on a certain host, selecting a rebound mode suitable for the host from a plurality of acquired rebound modes, in the prior art, sequentially using each rebound mode in the plurality of rebound modes to rebound the host, and sending the rebound result to a user so as to enable the user to verify the result, and when the user verifies that the result is correct, taking the rebound mode as the rebound mode suitable for the host; but this process requires multiple bounce modes to bounce the host, and requires the user to determine the result obtained after each of the numerous bounce modes bounces, which not only results in a large amount of manual effort, but also results in a low determination efficiency of the bounce modes.
Disclosure of Invention
In view of this, the embodiments of the present application provide a method, apparatus, device, and storage medium for determining a rebound manner, so as to reduce the workload of manpower and improve the determination efficiency of the rebound manner.
Mainly comprises the following aspects:
in a first aspect, an embodiment of the present application provides a method for determining a rebound manner, including:
acquiring first vulnerability information of a target host; the first vulnerability information is first response information fed back by the target host aiming at the received first request;
determining at least one first target keyword in the first vulnerability information; wherein the first target keyword is a keyword existing in a keyword library, the keyword library comprises a plurality of keywords used for representing programming language identification and a plurality of keywords used for representing global wide area network web components;
determining a first candidate rebound mode from the acquired plurality of rebound modes; when a preset keyword carried by a first rebound mode in the rebound modes exists in the at least one first target keyword, the first rebound mode is used as the first candidate rebound mode; the preset keywords carried by the rebound mode comprise programming language keywords and/or web component keywords annotated in advance for the rebound mode, wherein the rebound mode refers to a mode of rebounding a shell of a computer shell;
After a first verification result corresponding to the first candidate rebound mode is obtained, judging whether the first verification result is verification success or not, and if so, taking the first candidate rebound mode as a target rebound mode for rebounding the target host; the first verification result is obtained after the user verifies the first rebound result; the first bounce result is obtained by bouncing the target host using the first candidate bounce mode.
Optionally, the determining the first candidate rebound mode from the acquired plurality of rebound modes includes:
in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode according to the sequence of the priority of the rebound modes from high to low until the at least one first target keyword is judged to comprise the preset keyword carried in the rebound mode;
and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as the first candidate rebound mode.
Optionally, the rebound style determining method further includes:
If the first candidate rebound mode does not exist in the rebound modes, repeating the following steps until the second candidate rebound mode and/or the repetition number of times in each rebound mode is determined to reach the preset number of times:
acquiring second vulnerability information of the target host; the second vulnerability information is second response information fed back by the target host aiming at the received second request;
determining at least one second target keyword in the second vulnerability information; wherein the second target keyword is a keyword existing in the keyword library;
determining the second candidate rebound style from each of the rebound styles; and when the preset keywords carried by the second rebound mode in the rebound modes exist in the at least one second target keyword, taking the second rebound mode as the second candidate rebound mode.
Optionally, if the first verification result is verification failure, the rebound manner determining method further includes:
when an instruction for representing continuous matching is received, starting from the next rebound mode of the first candidate rebound mode in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode or not according to the sequence of the priority of the rebound mode from high to low until judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode; wherein, the next rebound mode of the first candidate rebound mode is as follows: a rebound mode having a priority lower than the priority of the first candidate rebound mode and adjacent to the priority of the first candidate rebound mode;
When judging that the at least one first target keyword comprises a preset keyword carried in a rebound mode, taking the rebound mode as a third candidate rebound mode;
after a second verification result corresponding to the third candidate rebound mode is obtained, judging whether the second verification result is verification success or not, and if so, taking the third candidate rebound mode as the target rebound mode; the second verification result is obtained after the user verifies the second rebound result; the second bounce result is obtained by bouncing the target host using the third candidate bounce mode.
Optionally, before sequentially judging whether the at least one first target keyword includes a preset keyword carried in the rebound mode according to the order of the priority of the rebound mode from high to low, the rebound mode determining method further includes:
calculating the ratio of the matching success times corresponding to each rebound mode to the total matching times corresponding to the rebound mode;
determining the priority of each rebound mode according to the corresponding ratio of each rebound mode; wherein the ratio is positively correlated with the priority.
Optionally, the rebound style determining method further includes:
if the first verification result is verification success, updating the matching success times corresponding to the first candidate rebound mode.
In a second aspect, an embodiment of the present application provides a rebound manner determining apparatus, including:
the acquisition module is used for acquiring first vulnerability information of the target host; the first vulnerability information is first response information fed back by the target host aiming at the received first request;
the first determining module is used for determining at least one first target keyword in the first vulnerability information; wherein the first target keyword is a keyword existing in a keyword library, the keyword library comprises a plurality of keywords used for representing programming language identification and a plurality of keywords used for representing global wide area network web components;
the second determining module is used for determining a first candidate rebound mode from the acquired plurality of rebound modes; when a preset keyword carried by a first rebound mode in the rebound modes exists in the at least one first target keyword, the first rebound mode is used as the first candidate rebound mode; the preset keywords carried by the rebound mode comprise programming language keywords and/or web component keywords annotated in advance for the rebound mode, wherein the rebound mode refers to a mode of rebounding a shell of a computer shell;
The first judging module is used for judging whether the first verification result is verification success or not after obtaining the first verification result corresponding to the first candidate rebound mode, and if so, taking the first candidate rebound mode as a target rebound mode for rebounding the target host; the first verification result is obtained after the user verifies the first rebound result; the first bounce result is obtained by bouncing the target host using the first candidate bounce mode.
Optionally, the second determining module is configured to, when determining the first candidate rebound mode from the acquired plurality of rebound modes, specifically:
in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode according to the sequence of the priority of the rebound modes from high to low until the at least one first target keyword is judged to comprise the preset keyword carried in the rebound mode;
and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as the first candidate rebound mode.
Optionally, the rebound style determining device further includes:
the circulation module is used for repeatedly executing the following steps if the first candidate rebound mode does not exist in the plurality of rebound modes until the second candidate rebound mode and/or the repetition number of times in each rebound mode are determined to reach the preset number of times:
acquiring second vulnerability information of the target host; the second vulnerability information is second response information fed back by the target host aiming at the received second request;
determining at least one second target keyword in the second vulnerability information; wherein the second target keyword is a keyword existing in the keyword library;
determining the second candidate rebound style from each of the rebound styles; and when the preset keywords carried by the second rebound mode in the rebound modes exist in the at least one second target keyword, taking the second rebound mode as the second candidate rebound mode.
Optionally, the rebound style determining device further includes:
the second judging module is used for judging whether the at least one first target keyword contains a preset keyword carried in a rebound mode or not in sequence according to the sequence of the priority of the rebound mode from the next rebound mode of the first candidate rebound mode in the rebound modes when the first verification result is verification failure and an instruction for representing continuous matching is received, until the at least one first target keyword is judged to contain the preset keyword carried in the rebound mode; wherein, the next rebound mode of the first candidate rebound mode is as follows: a rebound mode having a priority lower than the priority of the first candidate rebound mode and adjacent to the priority of the first candidate rebound mode;
The third determining module is used for taking the rebound mode as a third candidate rebound mode when judging that the at least one first target keyword contains the preset keyword carried in the rebound mode;
the third judging module is used for judging whether the second verification result is verification success or not after obtaining the second verification result corresponding to the third candidate rebound mode, and if so, taking the third candidate rebound mode as the target rebound mode; the second verification result is obtained after the user verifies the second rebound result; the second bounce result is obtained by bouncing the target host using the third candidate bounce mode.
Optionally, the rebound style determining device further includes:
the computing module is used for computing the ratio of the matching success times corresponding to the rebound modes to the matching total times corresponding to the rebound modes for each rebound mode before judging whether the at least one first target keyword contains the preset keyword carried by the rebound modes according to the sequence from high to low of the priority of the rebound modes;
a fourth determining module, configured to determine a priority of each rebound mode according to a ratio value corresponding to each rebound mode; wherein the ratio is positively correlated with the priority.
Optionally, the rebound style determining device further includes:
and the updating module is used for updating the matching success times corresponding to the first candidate rebound mode if the first verification result is verification success.
In a third aspect, an embodiment of the present application provides a computer device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the steps of the bounce mode determination method according to any one of the first aspects when the processor executes the computer program.
In a fourth aspect, embodiments of the present application provide a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the bounce mode determination method according to any one of the first aspects above.
The technical scheme provided by the embodiment of the application can comprise the following beneficial effects:
according to the rebound mode determining method provided by the embodiment of the invention, the first candidate rebound mode is determined in a plurality of acquired rebound modes according to at least one first target keyword determined from first vulnerability information of the target host (namely, the preset keyword carried by the first candidate rebound mode exists in at least one first target keyword), then a user verifies the correctness of a first rebound result obtained after the first candidate rebound mode rebounds the target host, if the first rebound mode is correct, the first candidate rebound mode is used as the target rebound mode suitable for the target host, in the process, each rebound mode in a plurality of rebound modes is not required to be used for rebounding the host, and the user does not need to verify the correctness of the rebound result corresponding to each rebound mode in a plurality of rebound modes, so that the determination process of the rebound modes is simplified, the manual workload is reduced, and the determination efficiency of the rebound modes is improved.
In order to make the above objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered limiting the scope, and that other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for determining a rebound style according to a first embodiment of the present application;
FIG. 2 is a flow chart of another method for determining a rebound style provided in accordance with one embodiment of the present application;
fig. 3 is a schematic structural diagram of a rebound style determining device according to a second embodiment of the present application;
fig. 4 shows a schematic structural diagram of a computer device according to a third embodiment of the present application.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, which are generally described and illustrated in the figures herein, may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, as provided in the accompanying drawings, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, are intended to be within the scope of the present application.
The embodiment of the application provides a rebound manner determining method, device, equipment and storage medium, and the method, the device and the storage medium are described below through the embodiment.
Example 1
Fig. 1 shows a flowchart of a rebound style determination method according to an embodiment of the present application, and as shown in fig. 1, the rebound style determination method may be implemented by:
step S101: acquiring first vulnerability information of a target host; the first vulnerability information is first response information fed back by the target host for the received first request.
Specifically, the target host refers to a tested host in the host vulnerability detection process, and the master control server sends an HTTP (Hyper Text Transfer Protocol ) request to the target host in the vulnerability detection process of the target host, that is: the first request, the first response information including the header and the body returned by the target host for the first request is received, namely: first vulnerability information.
Step S102: determining at least one first target keyword in the first vulnerability information; wherein the first target keyword is a keyword existing in a keyword library, the keyword library including a plurality of keywords for representing programming language identifications and a plurality of keywords for representing global wide area network web components.
In particular, the programming language identifier is used to represent the programming language (development language) used by the vulnerability information, so the keywords used to represent the programming language identifier can indicate the programming language used by the vulnerability information, such as: keywords c++, JAVA, GO, etc.; the above-mentioned Web (World Wide Web) component refers to an encapsulation entity that encapsulates data and methods of the Web, so keywords used to represent the Web component can indicate the identity of the Web component used by the vulnerability information, such as: webogic; presetting a plurality of keywords, and forming a keyword library by the preset keywords, wherein the preset keywords comprise a plurality of keywords used for representing programming languages and a plurality of keywords used for representing web components; based on the keyword library, after the first vulnerability information is obtained, the first vulnerability information (i.e., the header and the body) is composed of a plurality of keywords, so that at least one first target keyword can be determined in the first vulnerability information, for the first target keyword, the same keyword as the first target keyword (i.e., the first target keyword exists in the keyword library) exists in the keyword library, and among the plurality of keywords included in the vulnerability information, the first target keyword is the keyword existing in the keyword library.
It should be noted that, the determined first target keyword is used to represent the environment (i.e., the programming language and/or web component used by the first vulnerability information) where the vulnerability on the target host (i.e., the vulnerability indicated by the first vulnerability information) exists.
For example, the first vulnerability information is "id: the keywords in the keyword library include: PHP, JAVA, GO, C ++ and root; the first target keyword determined in the first vulnerability information is root.
It should be noted that, the expression mode of the programming language identifier may be set according to the actual situation, and may be a programming language name, for example: java, C, python, etc., may also be numerals, such as: 1,2,3, wherein 1 is used to represent Java,2 is used to represent C, and 3 is used to represent Python; or may be a special word (or field) of a programming language, not specifically limited herein; for a description of the identification of the web component, refer to the description of the identification of the programming language, and will not be described in detail herein.
Step S103: determining a first candidate rebound mode from the acquired plurality of rebound modes; when a preset keyword carried by a first rebound mode in the rebound modes exists in the at least one first target keyword, the first rebound mode is used as the first candidate rebound mode; the preset keywords carried by the rebound mode comprise programming language keywords and/or web component keywords annotated to the rebound mode in advance, wherein the rebound mode refers to a mode of rebounding a shell of a computer shell.
Specifically, the above-mentioned rebound modes are modes of rebound shells (computer shell layer) (for example, the script of rebound shells) to obtain a plurality of rebound modes, wherein the plurality of rebound modes comprise the collected existing common rebound modes and rebound modes edited by users, after the plurality of rebound modes are obtained, keywords can be annotated in advance for each rebound mode, and for each rebound mode, the annotated keywords (i.e. the preset keywords carried by the rebound mode) are used for representing the use environment of the rebound mode (i.e. programming language and/or web component used by the rebound mode), so the rebound modes can be programming language keywords, web component keywords, programming language keywords and web component keywords can be simultaneously included, and the rebound modes are not particularly limited; after annotating the keywords for each rebound mode, determining a first candidate rebound mode from the rebound modes according to each rebound mode in the rebound modes, the preset keywords carried by each rebound mode and the determined at least one first target keyword.
In the implementation, for each of the obtained multiple rebound modes, if the same keyword as the preset keyword carried by the rebound mode exists in the determined at least one first target keyword (i.e., when the preset keyword carried by the rebound mode exists in the determined at least one first target keyword), the rebound mode is the first rebound mode and is also the first candidate rebound mode, and the use environment of the first candidate rebound mode determined by the mode exists in the environment where the vulnerability (the vulnerability indicated by the first vulnerability information) on the host (i.e., the preset keyword carried by the first candidate rebound mode exists in the at least one first target keyword), which is beneficial to providing the user with the rebound result with a higher verification success rate (i.e., the first rebound result corresponding to the first candidate rebound mode).
It should be noted that the at least one first target keyword may be the same as the preset keyword carried in the first candidate rebound manner, or may include the preset keyword carried in the first candidate rebound manner, and is not specifically limited again.
It should be noted that, the first candidate rebound method may include each determined first rebound method, and may be the first determined first rebound method, which is not specifically limited herein.
The first candidate rebound modes described above may include each of the determined first rebound modes, the plurality of rebound modes including: the method comprises a rebound mode 1, a rebound mode 2 and a rebound mode 3, wherein preset keywords carried by the rebound mode 1 are Java, preset keywords carried by the rebound mode 2 are Java and Windows, keywords carried by the rebound mode 3 are C and webogic, at least one first target keyword is determined to comprise Java, windows and webogic, in the process of determining a first candidate rebound mode, the preset keywords Java carried by the rebound mode 1 exist in at least one first target keyword, the rebound mode 1 is a first rebound mode, the preset keywords Java and Windows carried by the rebound mode 2 also exist in at least one first target keyword, so that the rebound mode 2 is also a first rebound mode, and only webogic exists in at least one first target keyword in the preset keywords carried by the rebound mode 3, so that the rebound mode 3 is not the first rebound mode; since the rebound style 1 and the rebound style 2 are both the determined first rebound style, both the rebound style 1 and the rebound style 2 are regarded as the first candidate rebound style.
It should be noted that, for the description of the keywords of the programming language, refer to the description of the keywords for representing the marks of the programming language, and the description is not repeated here; for the description of the web component keywords, refer to the description of the keywords for representing the web component, and will not be described herein.
Step S104: after a first verification result corresponding to the first candidate rebound mode is obtained, judging whether the first verification result is verification success or not, and if so, taking the first candidate rebound mode as a target rebound mode for rebounding the target host; the first verification result is obtained after the user verifies the first rebound result; the first bounce result is obtained by bouncing the target host using the first candidate bounce mode.
Specifically, after determining the first candidate rebound manner, the master control server may rebound the target host shell (i.e. rebound the target host) by using the first candidate rebound manner to obtain a first rebound result, where the first rebound result is related information obtained from the target host, such as: relevant information of logged-in users of the target host; after the first rebound result is obtained, the first rebound result can be displayed on a graphical user interface, or the first rebound result is sent to a client of a user, so that the user verifies the correctness of the first rebound result to obtain a first verification result, and if the user verifies that the first rebound result is correct, the first verification result is successful in verification; if the user verifies that the first rebound result is wrong, the first verification result is verification failure; after verifying the correctness of the first rebound result, the user returns a first verification result to the main control server, and after obtaining the first verification result, the main control server judges whether the first verification result is successful, if so, the first rebound target host can obtain the correct first rebound result by using the first candidate rebound mode, so that the first candidate rebound mode is used as the target rebound mode for rebounding the target host.
According to the method for determining the rebound mode provided by the figure 1, the first candidate rebound mode is determined in a plurality of acquired rebound modes according to at least one first target keyword determined from first vulnerability information of the target host (namely, the preset keywords carried by the first candidate rebound mode exist in at least one first target keyword), then a user verifies the correctness of a first rebound result obtained after the first candidate rebound mode rebounds the target host, if the first rebound mode is correct, the first candidate rebound mode is used as the target rebound mode suitable for the target host, in the process, each rebound mode in a plurality of rebound modes does not need to be used for rebounding the host, and the user does not need to verify the correctness of the rebound result corresponding to each rebound mode in the plurality of rebound modes, so that the determination process of the rebound mode is simplified, the manual workload is reduced, and the determination efficiency of the rebound mode is improved.
In another possible embodiment, if the first verification result is that the verification is successful, a log record is generated, where the log record at least includes: the target bounce mode (i.e., the first candidate bounce mode), the first bounce result, and the first verification result.
In a possible embodiment, the above step S103 may be implemented by:
in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode according to the sequence of the priority of the rebound modes from high to low until the at least one first target keyword is judged to comprise the preset keyword carried in the rebound mode; and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as the first candidate rebound mode.
Specifically, in the obtained plurality of rebound modes, each rebound mode corresponds to a priority, whether the preset keyword carried by each rebound mode exists in the at least one first target keyword is sequentially judged according to the order of the priority of each rebound mode from high to low (namely, whether the at least one first target keyword contains the preset keyword carried by each rebound mode is sequentially judged, namely, whether each rebound mode is a first rebound mode is sequentially judged), when the first rebound mode is judged, the judging operation is stopped, and the first rebound mode is determined to be a first candidate rebound mode.
Illustrating: the several rebound modes include: the method comprises the following steps of a rebound mode 1, a rebound mode 2 and a rebound mode 3, wherein the priority of the rebound mode 1 is higher than that of the rebound mode 2, the priority of the rebound mode 2 is higher than that of the rebound mode 3, preset keywords carried by the rebound mode 1 are Java, the preset keywords carried by the rebound mode 2 are Java and Windows, the keywords carried by the rebound mode 3 are C and webogic, at least one first target keyword determined comprises Java, windows and webogic, in the process of determining a first candidate rebound mode, whether the rebound mode 1 is the first rebound mode is judged firstly, and the preset keywords Java carried by the rebound mode 1 exist in at least one first target keyword, so that the rebound mode 1 is the first rebound mode; since the rebound style 1 is the first rebound style determined, the judgment operation is stopped, and the rebound style 1 is taken as the first candidate rebound style.
In a possible implementation manner, when executing the above step S103, if the first candidate rebound manner does not exist in the plurality of rebound manners, the following steps S201 to S203 are repeatedly executed until it is determined in each rebound manner that the second candidate rebound manner and/or the number of repetitions reaches the preset number of times:
Step S201: acquiring second vulnerability information of the target host; the second vulnerability information is second response information fed back by the target host for the received second request.
Step S202: determining at least one second target keyword in the second vulnerability information; wherein the second target keyword is a keyword existing in the keyword library.
Step S203: determining the second candidate rebound style from each of the rebound styles; and when the preset keywords carried by the second rebound mode in the rebound modes exist in the at least one second target keyword, taking the second rebound mode as the second candidate rebound mode.
Specifically, when the step S103 is executed, when the target preset keyword exists in the preset keywords carried by each of the acquired plurality of rebound modes, the first candidate rebound mode does not exist in the plurality of rebound modes; the target preset keyword is a preset keyword which does not exist in the at least one first target keyword, namely: the keywords which are the same as the target preset keywords cannot be found in the at least one first target keywords; if the first candidate rebound mode cannot be found in the rebound modes, the following operations based on the first candidate rebound mode cannot be performed, so the following steps S201 to S203 need to be performed until the second candidate rebound mode can be determined in the rebound modes, or the repetition number reaches the preset number (i.e., the repetition number is greater than or equal to the preset number):
For the description of step S201, refer to the description of step S101, and the description is not repeated here, and it should be noted that the second request may be the same as or different from the first request; in the case where the first request is the same as the second request, the second response information may be the same as or different from the first response information; in the case where the first request and the second request are different, the second response information may be the same as or different from the first response information, so the obtained second vulnerability information may be the same as or different from the first vulnerability information, which is not specifically limited herein. For the description of step S202, refer to the description of step S102, and the description thereof is omitted herein; note that, since the second vulnerability information may be the same or different from the first vulnerability information, the determined second target keyword may be the same or different from the first target keyword, which is not specifically limited herein. For the description of step S203, refer to the description of S103, and the description is omitted here.
If the second candidate rebound mode is determined in the rebound modes, after a third verification result corresponding to the second candidate rebound mode is obtained, judging whether the third verification result is verification success, and if so, taking the second candidate rebound mode as a target rebound mode for rebound of the target host; the third verification result is obtained after the user verifies the third reflecting result; the third bounce result is obtained by bouncing the target host using the second candidate bounce mode. The specific description refers to the above description of step S104, and will not be repeated here.
In another possible implementation manner, if the number of repetitions reaches the preset number, the second candidate rebound mode is not determined in the rebound modes, and a prompt message is displayed on the graphical user interface, where the prompt message is used for prompting that the rebound mode for rebounding the target host does not exist in the rebound modes.
In a possible implementation manner, fig. 2 shows a flowchart of another rebound style determining method provided in an embodiment of the present application, as shown in fig. 2, when executing the step S104, if the first verification result is verification failure, the rebound style determining method may further be implemented by the following steps:
step S301: when an instruction for representing continuous matching is received, starting from the next rebound mode of the first candidate rebound mode in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode or not according to the sequence of the priority of the rebound mode from high to low until judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode; wherein, the next rebound mode of the first candidate rebound mode is as follows: a rebound style having a priority lower than and adjacent to the priority of the first candidate rebound style.
Step S302: and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as a third candidate rebound mode.
Step S303: after a second verification result corresponding to the third candidate rebound mode is obtained, judging whether the second verification result is verification success or not, and if so, taking the third candidate rebound mode as the target rebound mode; the second verification result is obtained after the user verifies the second rebound result; the second bounce result is obtained by bouncing the target host using the third candidate bounce mode.
Specifically, if the first verification result is verification failure, it is indicated that the first rebound result obtained after the target host is rebounded by the first rebound manner is wrong, that is: the first rebound mode is invalid, if an instruction for indicating continuous matching is received, the rebound mode for the rebound target host needs to be redetermined from the acquired rebound modes, in order to improve the efficiency of determining the rebound mode for the rebound target host, whether each rebound mode is the first rebound mode or not can be sequentially judged from the next rebound mode of the first candidate rebound mode according to the order of the priority of the rebound modes from high to low (namely, whether at least one first target keyword contains a preset keyword carried by each rebound mode or not is sequentially judged), and in the judging process, when the first rebound mode is obtained by the first judgment, the judging operation is stopped, and the first rebound mode is used as a third candidate rebound mode. For a next bounce mode of the first candidate bounce mode of the plurality of bounce modes, the next bounce mode has a lower priority than the first candidate bounce mode and the next bounce mode has a priority adjacent to the first candidate bounce mode.
Illustrating: the rebound modes comprise the following steps in sequence from high priority to low priority: rebound style 1, rebound style 2, rebound style 3, rebound style 4, rebound style 5, rebound style 6 and rebound style 7, wherein the first candidate rebound style is rebound style 3, then the next rebound style of the first candidate rebound style is rebound style 4, when executing the judging process, starting from rebound style 4, firstly judging whether the preset keyword carried by rebound style 4 exists in at least one first target keyword, if not; judging whether the preset keywords carried in the rebound mode 5 exist in at least one first target keyword or not, and if not, judging whether the preset keywords exist in the at least one first target keyword; if the preset keyword carried by the rebound mode 6 does not exist, judging whether the preset keyword exists in at least one first target keyword, if so, determining that the rebound mode 6 is the first determined first rebound mode, and taking the rebound mode 6 as a third candidate rebound mode.
After the third candidate rebound mode is obtained, the description of step S303 is referred to the description of step S104, and will not be repeated here.
It should be noted that, the instruction for indicating that the matching is continued may be automatically sent by the master server or may be sent by the user side, which is not limited herein. If the instruction is automatically sent by the main control server, the main control server can firstly judge whether the number of the candidate rebound modes in the rebound modes is larger than the preset number, and if so, send an instruction for indicating continuous matching, wherein the candidate rebound modes comprise at least one rebound mode with lower priority than the first candidate rebound mode in the rebound modes. If the instruction is sent by the user side, a prompt control may be displayed on the image user interface or sent to the user side, where the prompt control includes: a text indicating that the first bounce mode is invalid, a first control for causing the user to determine to continue to match the bounce mode, and a second control for causing the user to cancel to continue to match the bounce mode, and when the user selects the first control in the prompt control, sending an instruction for representing continuous matching to the main control server.
In a possible implementation manner, before sequentially judging whether the at least one first target keyword includes the preset keyword carried in the rebound manner according to the order of the priority of the rebound manner from high to low, the rebound manner determining method may further be implemented by:
and calculating the ratio of the matching success times corresponding to each rebound mode to the total matching times corresponding to the rebound mode aiming at each rebound mode.
Determining the priority of each rebound mode according to the corresponding ratio of each rebound mode; wherein the ratio is positively correlated with the priority.
Specifically, before sequentially judging whether at least one first target keyword includes a preset keyword carried by each rebound mode according to the order of the priority of the rebound modes from high to low, determining the priority of each rebound mode in a plurality of rebound modes, and obtaining the total matching times and the successful matching times corresponding to each rebound mode in the plurality of rebound modes, wherein the total matching times corresponding to the rebound mode are used for indicating and judging whether at least one first target keyword includes the preset keyword carried by the rebound mode, so that after judging whether at least one first target keyword includes the preset keyword carried by the rebound mode each time, the total matching times corresponding to the rebound mode is added by one, and the successful matching times corresponding to the rebound mode are used for indicating the times taking the rebound mode as the target rebound mode, namely: and acquiring a verification result corresponding to the rebound mode, wherein the verification result is the number of successful verification.
In specific implementation, for each rebound mode, after the total number of matches corresponding to the rebound mode and the number of matches corresponding to the rebound mode are obtained, calculating the ratio of the number of matches corresponding to the rebound mode to the number of matches corresponding to the rebound mode, thereby obtaining the ratio corresponding to each rebound mode, and then determining the priority of each rebound mode according to the size of the ratio corresponding to each rebound mode, wherein for each rebound mode, the larger the ratio corresponding to the rebound mode is, the higher the priority of the rebound mode is, namely: the ratio is positively correlated with the priority.
The expression form of the priority of each rebound style may be set according to the actual situation, for example, the higher the priority is, the more the arrangement order of each rebound style is; the higher the priority, the larger the value in the annotation carried by the rebound mode; the present invention is not particularly limited herein.
In a possible implementation manner, when executing the step S104, if the first verification result is that the verification is successful, the number of matching successes corresponding to the first candidate rebound manner is updated.
Specifically, for each rebound mode of a plurality of rebound modes, after judging whether at least one first target keyword contains a preset keyword carried by the rebound mode each time, adding one to the total matching times corresponding to the rebound mode, namely: updating the total matching times corresponding to the rebound mode; if the rebound mode is the first candidate rebound mode and the verification result (i.e. the first verification result) corresponding to the rebound mode (i.e. the first candidate rebound mode) is verification success, adding one to the number of matching successes corresponding to the rebound mode (i.e. the first candidate rebound mode), namely: the number of matching successes corresponding to the rebound style (first candidate rebound style) is updated.
Example two
Fig. 3 is a schematic structural diagram of a rebound style determining device according to a second embodiment of the present application, as shown in fig. 3, the rebound style determining device includes:
an obtaining module 401, configured to obtain first vulnerability information of a target host; the first vulnerability information is first response information fed back by the target host aiming at the received first request;
a first determining module 402, configured to determine at least one first target keyword in the first vulnerability information; wherein the first target keyword is a keyword existing in a keyword library, the keyword library comprises a plurality of keywords used for representing programming language identification and a plurality of keywords used for representing global wide area network web components;
A second determining module 403, configured to determine a first candidate rebound manner from the acquired plurality of rebound manners; when a preset keyword carried by a first rebound mode in the rebound modes exists in the at least one first target keyword, the first rebound mode is used as the first candidate rebound mode; the preset keywords carried by the rebound mode comprise programming language keywords and/or web component keywords annotated in advance for the rebound mode, wherein the rebound mode refers to a mode of rebounding a shell of a computer shell;
a first judging module 404, configured to judge whether the first verification result is verification success after obtaining a first verification result corresponding to the first candidate rebound method, and if so, use the first candidate rebound method as a target rebound method for rebounding the target host; the first verification result is obtained after the user verifies the first rebound result; the first bounce result is obtained by bouncing the target host using the first candidate bounce mode.
In a possible embodiment, the second determining module 403 is configured, when configured to determine the first candidate rebound mode from the acquired plurality of rebound modes, to:
In the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode according to the sequence of the priority of the rebound modes from high to low until the at least one first target keyword is judged to comprise the preset keyword carried in the rebound mode;
and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as the first candidate rebound mode.
In a possible embodiment, the rebound style determining means further comprises:
the circulation module is used for repeatedly executing the following steps if the first candidate rebound mode does not exist in the plurality of rebound modes until the second candidate rebound mode and/or the repetition number of times in each rebound mode are determined to reach the preset number of times:
acquiring second vulnerability information of the target host; the second vulnerability information is second response information fed back by the target host aiming at the received second request;
determining at least one second target keyword in the second vulnerability information; wherein the second target keyword is a keyword existing in the keyword library;
Determining the second candidate rebound style from each of the rebound styles; and when the preset keywords carried by the second rebound mode in the rebound modes exist in the at least one second target keyword, taking the second rebound mode as the second candidate rebound mode.
In a possible embodiment, the rebound style determining means further comprises:
the second judging module is used for judging whether the at least one first target keyword contains a preset keyword carried in a rebound mode or not in sequence according to the sequence of the priority of the rebound mode from the next rebound mode of the first candidate rebound mode in the rebound modes when the first verification result is verification failure and an instruction for representing continuous matching is received, until the at least one first target keyword is judged to contain the preset keyword carried in the rebound mode; wherein, the next rebound mode of the first candidate rebound mode is as follows: a rebound mode having a priority lower than the priority of the first candidate rebound mode and adjacent to the priority of the first candidate rebound mode;
The third determining module is used for taking the rebound mode as a third candidate rebound mode when judging that the at least one first target keyword contains the preset keyword carried in the rebound mode;
the third judging module is used for judging whether the second verification result is verification success or not after obtaining the second verification result corresponding to the third candidate rebound mode, and if so, taking the third candidate rebound mode as the target rebound mode; the second verification result is obtained after the user verifies the second rebound result; the second bounce result is obtained by bouncing the target host using the third candidate bounce mode.
In a possible embodiment, the rebound style determining means further comprises:
the computing module is used for computing the ratio of the matching success times corresponding to the rebound modes to the matching total times corresponding to the rebound modes for each rebound mode before judging whether the at least one first target keyword contains the preset keyword carried by the rebound modes according to the sequence from high to low of the priority of the rebound modes;
A fourth determining module, configured to determine a priority of each rebound mode according to a ratio value corresponding to each rebound mode; wherein the ratio is positively correlated with the priority.
In a possible embodiment, the rebound style determining means further comprises:
and the updating module is used for updating the matching success times corresponding to the first candidate rebound mode if the first verification result is verification success.
The apparatus provided by the embodiments of the present application may be specific hardware on a device or software or firmware installed on a device, etc. The device provided in the embodiments of the present application has the same implementation principle and technical effects as those of the foregoing method embodiments, and for a brief description, reference may be made to corresponding matters in the foregoing method embodiments where the device embodiment section is not mentioned. It will be clear to those skilled in the art that, for convenience and brevity, the specific operation of the system, apparatus and unit described above may refer to the corresponding process in the above method embodiment, which is not described in detail herein.
Example III
The embodiment of the present application further provides a computer device 500, fig. 4 shows a schematic structural diagram of a computer device provided in the third embodiment of the present application, and as shown in fig. 4, the device includes a memory 501, a processor 502, and a computer program stored in the memory 501 and capable of running on the processor 502, where the memory 501 and the processor 502 are communicatively connected through a bus, and the processor 502 implements the rebound manner determining method when executing the computer program.
Specifically, the memory 501 and the processor 502 can be general-purpose memories and processors, which are not limited herein, and when the processor 502 runs a computer program stored in the memory 501, the steps of the method for determining a rebound mode can be executed, so that the problems of high manual workload and low determination efficiency of the rebound mode in the prior art are solved.
Example IV
The embodiments of the present application also provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the rebound style determination method described above.
Specifically, the storage medium can be a general storage medium, such as a mobile disk, a hard disk, etc., and when the computer program on the storage medium is executed, the steps of the above-mentioned method for determining the rebound mode can be executed, so that the problems of high manual workload and low efficiency in determining the rebound mode in the prior art are solved.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The above-described apparatus embodiments are merely illustrative, for example, the division of the units is merely a logical function division, and there may be other manners of division in actual implementation, and for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some communication interface, device or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments provided in the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It should be noted that: like reference numerals and letters in the following figures denote like items, and thus once an item is defined in one figure, no further definition or explanation of it is required in the following figures, and furthermore, the terms "first," "second," "third," etc. are used merely to distinguish one description from another and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the foregoing examples are merely specific embodiments of the present application, and are not intended to limit the scope of the present application, but the present application is not limited thereto, and those skilled in the art will appreciate that while the foregoing examples are described in detail, the present application is not limited thereto. Any person skilled in the art may modify or easily conceive of the technical solution described in the foregoing embodiments, or make equivalent substitutions for some of the technical features within the technical scope of the disclosure of the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the corresponding technical solutions. Are intended to be encompassed within the scope of this application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A method of determining a rebound style, comprising:
acquiring first vulnerability information of a target host; the first vulnerability information is first response information fed back by the target host aiming at the received first request;
determining at least one first target keyword in the first vulnerability information; wherein the first target keyword is a keyword existing in a keyword library, the keyword library comprises a plurality of keywords used for representing programming language identification and a plurality of keywords used for representing global wide area network web components;
determining a first candidate rebound mode from the acquired plurality of rebound modes; when a preset keyword carried by a first rebound mode in the rebound modes exists in the at least one first target keyword, the first rebound mode is used as the first candidate rebound mode; the preset keywords carried by the rebound mode comprise programming language keywords and/or web component keywords annotated in advance for the rebound mode, wherein the rebound mode refers to a mode of rebounding a shell of a computer shell;
after a first verification result corresponding to the first candidate rebound mode is obtained, judging whether the first verification result is verification success or not, and if so, taking the first candidate rebound mode as a target rebound mode for rebounding the target host; the first verification result is obtained after the user verifies the first rebound result; the first bounce result is obtained by bouncing the target host using the first candidate bounce mode.
2. The method for determining a rebound style as claimed in claim 1, wherein said determining a first candidate rebound style from among the acquired plurality of rebound styles comprises:
in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode according to the sequence of the priority of the rebound modes from high to low until the at least one first target keyword is judged to comprise the preset keyword carried in the rebound mode;
and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as the first candidate rebound mode.
3. The rebound style determination method of claim 1, wherein the rebound style determination method further comprises:
if the first candidate rebound mode does not exist in the rebound modes, repeating the following steps until the second candidate rebound mode and/or the repetition number of times in each rebound mode is determined to reach the preset number of times:
acquiring second vulnerability information of the target host; the second vulnerability information is second response information fed back by the target host aiming at the received second request;
Determining at least one second target keyword in the second vulnerability information; wherein the second target keyword is a keyword existing in the keyword library;
determining the second candidate rebound style from each of the rebound styles; and when the preset keywords carried by the second rebound mode in the rebound modes exist in the at least one second target keyword, taking the second rebound mode as the second candidate rebound mode.
4. The rebound style determination method of claim 1, wherein if the first verification result is a verification failure, the rebound style determination method further comprises:
when an instruction for representing continuous matching is received, starting from the next rebound mode of the first candidate rebound mode in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode or not according to the sequence of the priority of the rebound mode from high to low until judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode; wherein, the next rebound mode of the first candidate rebound mode is as follows: a rebound mode having a priority lower than the priority of the first candidate rebound mode and adjacent to the priority of the first candidate rebound mode;
When judging that the at least one first target keyword comprises a preset keyword carried in a rebound mode, taking the rebound mode as a third candidate rebound mode;
after a second verification result corresponding to the third candidate rebound mode is obtained, judging whether the second verification result is verification success or not, and if so, taking the third candidate rebound mode as the target rebound mode; the second verification result is obtained after the user verifies the second rebound result; the second bounce result is obtained by bouncing the target host using the third candidate bounce mode.
5. The rebound style determination method as set forth in claim 2, wherein before sequentially judging whether the at least one first target keyword contains a preset keyword carried in the rebound style in order of priority of the rebound style from high to low, the rebound style determination method further comprises:
calculating the ratio of the matching success times corresponding to each rebound mode to the total matching times corresponding to the rebound mode;
determining the priority of each rebound mode according to the corresponding ratio of each rebound mode; wherein the ratio is positively correlated with the priority.
6. The rebound style determination method of claim 1, wherein the rebound style determination method further comprises:
if the first verification result is verification success, updating the matching success times corresponding to the first candidate rebound mode.
7. A rebound style determination apparatus, comprising:
the acquisition module is used for acquiring first vulnerability information of the target host; the first vulnerability information is first response information fed back by the target host aiming at the received first request;
the first determining module is used for determining at least one first target keyword in the first vulnerability information; wherein the first target keyword is a keyword existing in a keyword library, the keyword library comprises a plurality of keywords used for representing programming language identification and a plurality of keywords used for representing global wide area network web components;
the second determining module is used for determining a first candidate rebound mode from the acquired plurality of rebound modes; when a preset keyword carried by a first rebound mode in the rebound modes exists in the at least one first target keyword, the first rebound mode is used as the first candidate rebound mode; the preset keywords carried by the rebound mode comprise programming language keywords and/or web component keywords annotated in advance for the rebound mode, wherein the rebound mode refers to a mode of rebounding a shell of a computer shell;
The first judging module is used for judging whether the first verification result is verification success or not after obtaining the first verification result corresponding to the first candidate rebound mode, and if so, taking the first candidate rebound mode as a target rebound mode for rebounding the target host; the first verification result is obtained after the user verifies the first rebound result; the first bounce result is obtained by bouncing the target host using the first candidate bounce mode.
8. The rebound style determination device of claim 7, wherein the second determination module, when configured to determine a first candidate rebound style from among the acquired plurality of rebound styles, is specifically configured to:
in the plurality of rebound modes, sequentially judging whether the at least one first target keyword comprises a preset keyword carried in the rebound mode according to the sequence of the priority of the rebound modes from high to low until the at least one first target keyword is judged to comprise the preset keyword carried in the rebound mode;
and when judging that the at least one first target keyword comprises the preset keyword carried in the rebound mode, taking the rebound mode as the first candidate rebound mode.
9. Computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the rebound style determination method according to any of the preceding claims 1-6 when the computer program is executed.
10. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program when executed by a processor performs the steps of the rebound style determination method of any of the preceding claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210083272.7A CN114417359B (en) | 2022-01-24 | 2022-01-24 | Rebound mode determining method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210083272.7A CN114417359B (en) | 2022-01-24 | 2022-01-24 | Rebound mode determining method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114417359A CN114417359A (en) | 2022-04-29 |
| CN114417359B true CN114417359B (en) | 2024-03-29 |
Family
ID=81277110
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210083272.7A Active CN114417359B (en) | 2022-01-24 | 2022-01-24 | Rebound mode determining method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114417359B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9350748B1 (en) * | 2013-12-16 | 2016-05-24 | Amazon Technologies, Inc. | Countering service enumeration through optimistic response |
| US10298598B1 (en) * | 2013-12-16 | 2019-05-21 | Amazon Technologies, Inc. | Countering service enumeration through imposter-driven response |
| CN110768951A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Method and device for verifying system vulnerability, storage medium and electronic device |
| CN113449298A (en) * | 2020-03-24 | 2021-09-28 | 百度在线网络技术(北京)有限公司 | Detection method, device, equipment and medium for rebounding shell process |
-
2022
- 2022-01-24 CN CN202210083272.7A patent/CN114417359B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9350748B1 (en) * | 2013-12-16 | 2016-05-24 | Amazon Technologies, Inc. | Countering service enumeration through optimistic response |
| US10298598B1 (en) * | 2013-12-16 | 2019-05-21 | Amazon Technologies, Inc. | Countering service enumeration through imposter-driven response |
| CN110768951A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Method and device for verifying system vulnerability, storage medium and electronic device |
| CN113449298A (en) * | 2020-03-24 | 2021-09-28 | 百度在线网络技术(北京)有限公司 | Detection method, device, equipment and medium for rebounding shell process |
Non-Patent Citations (1)
| Title |
|---|
| 徐其望 ; 陈震杭 ; 彭国军 ; 张焕国 ; .一种基于预警信息的漏洞自动化快速防护方法.信息安全学报.2020,(01),全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114417359A (en) | 2022-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11038917B2 (en) | System and methods for building statistical models of malicious elements of web pages | |
| CN102955908B (en) | Create the method and apparatus that rhythm password and carrying out according to rhythm password is verified | |
| US9430640B2 (en) | Cloud-assisted method and service for application security verification | |
| US8751184B2 (en) | Transaction based workload modeling for effective performance test strategies | |
| CN107896219B (en) | Method, system and related device for detecting website vulnerability | |
| CN107566392B (en) | Detection method for error reporting type SQL injection, proxy server and storage medium | |
| CN114266050B (en) | Cross-platform malicious software countermeasure sample generation method and system | |
| US20140150099A1 (en) | Method and device for detecting malicious code on web pages | |
| CN110830234A (en) | User traffic distribution method and device | |
| JP2008299540A (en) | Inspection device and inspection program for web service providing system | |
| CN109492403B (en) | Vulnerability detection method and device | |
| CN114417359B (en) | Rebound mode determining method, device, equipment and storage medium | |
| CN112600864A (en) | Verification code verification method, device, server and medium | |
| CN108256327B (en) | File detection method and device | |
| CN113438225B (en) | Vehicle-mounted terminal vulnerability detection method, system, equipment and storage medium | |
| CN109214184A (en) | A kind of Android reinforcement application program general automated shelling method and apparatus | |
| CN112732676B (en) | Block chain-based data migration method, device, equipment and storage medium | |
| EP3306511A1 (en) | System and methods of detecting malicious elements of web pages | |
| CN114510717A (en) | ELF file detection method and device and storage medium | |
| CN114640484A (en) | Network security countermeasure method and device and electronic equipment | |
| CN112800185B (en) | Method and device for generating and matching text of interface node in mobile terminal | |
| CN108446228A (en) | Detect method, apparatus, equipment and the computer readable storage medium of installation kit | |
| CN110177096A (en) | Client certificate method, apparatus, medium and calculating equipment | |
| CN111694588A (en) | Engine upgrade detection method and device, computer equipment and readable storage medium | |
| CN115086436B (en) | inter-API parameter verification method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |