CN115189924B - OAuth2.0 open redirection vulnerability detection method and system - Google Patents
OAuth2.0 open redirection vulnerability detection method and system Download PDFInfo
- Publication number
- CN115189924B CN115189924B CN202210712266.3A CN202210712266A CN115189924B CN 115189924 B CN115189924 B CN 115189924B CN 202210712266 A CN202210712266 A CN 202210712266A CN 115189924 B CN115189924 B CN 115189924B
- Authority
- CN
- China
- Prior art keywords
- callback
- parameter
- api interface
- uri
- parameters
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 36
- 238000000034 method Methods 0.000 claims abstract description 37
- 230000008569 process Effects 0.000 claims abstract description 14
- 230000004044 response Effects 0.000 claims abstract description 11
- 238000013475 authorization Methods 0.000 claims description 43
- 230000000694 effects Effects 0.000 abstract description 3
- 230000002265 prevention Effects 0.000 abstract description 3
- 239000008186 active pharmaceutical agent Substances 0.000 description 47
- 238000002474 experimental method Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000004088 simulation Methods 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 235000010627 Phaseolus vulgaris Nutrition 0.000 description 1
- 244000046052 Phaseolus vulgaris Species 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
A detection method and a system for OAuth2.0 open redirection holes are characterized in that the method comprises the following steps: step 1, detecting URI fields in an API interface of a third party authorized by OAuth2.0, and finding and recording all callback parameters related to the URI fields; step 2, based on a predefined callback parameter table, matching the types of all callback parameters acquired in the step 1, and replacing the parameter values of the callback parameters based on the matching result; and step 3, simulating a user request to call the API interface with the parameter replacement, and detecting the loopholes in the API interface based on the response result of the call. The method is simple and has good effect, and the problem that the URI parameters are modified in the open redirection process can be fundamentally detected, so that the remedy and the prevention of the loopholes are realized.
Description
Technical Field
The invention relates to the field of integrated circuits, in particular to a detection method and a detection system of OAuth2.0 open type redirection holes.
Background
Currently, in a complex network ecosystem centering on an open platform, a RESTful API is a main type of Web API, however, the RESTful API has a serious security threat on an authorization mode based on OAuth2.0 protocol. When integrating various internet services based on the Web by using the Web API, various integration services are generally presented, which have complex design and implementation scenarios in terms of functions and protocol flows. It is this complexity that makes the original various Web systems a new security threat to boundary interactions. In the prior art, web API vulnerability discovery is mainly focused on logic vulnerability discovery. The security problems with RESTful APIs are mainly: the interface is abused to consume system resources, data leakage, falsify/tamper data, applications are imitated, etc.
OAuth2.0 protocol is a protocol intended to provide an open standard for authorization. It allows the user to allow the third party application limited access to data stored by the user at other applications without exposing the third party application to information such as his own user name and password. With OAuth2.0 becoming one of the most popular frameworks, more and more websites employ OAuth2.0 protocols for authorization to provide resource services. One of the most common uses is authorization for third party logging. When a user accesses a website and selects to log in with a third party account, the website redirects the website to the server where the third party account is located, and the user provides his account password to pass the authentication of the third party account server and agree to the authorization. After the third party authorization server successfully verifies the identity of the user, an authorization code is issued and the user is redirected to the website, and then the website can request the token by means of the authorization code, so that the resources of the third party account of the user are accessed. However, even with OAuth protocol, the RESTful API still has problems such as redirect_uri bypassing or being attacked and modified. When the redirect uri generates a bypassed event, the OAuth token is hijacked, and further the serious problem of hijacking of the user account occurs.
Currently, the mainstream redirect_uri anomaly detection method can only realize detection by using an open redirection vulnerability decoy user to access the URL of a certain trusted site and redirect the URL to a new site. In the detection method, whether the new website is legal or not is detected finally, so that whether the open redirection function is abnormal or not is judged.
However, this method cannot fundamentally determine the security of the open redirection method. Specifically, if the attacker modifies the parameter direction of the callback uri, forging a callback uri as the address of the attacker and sending the forged user authorization link to the target user. Then, after the target user clicks on this fake link and authorizes the login, the server will issue the user's credentials to the attacker who can then utilize the user's account on this login. In the prior art, for this modification mode, there is also a more threatening attack method, and an attacker can obtain an unused authorization code by modifying redirect_uri in the process of logging in through an API by using a third party. At this time, the attacker may not modify redirect_uri to the address of the attacker, but modify redirect_uri to the uri address in another third-party website that is homologous to the original address in order to attack the third-party website, thereby implementing the attack. In this case, only whether the website address is legal or not is considered, and the threat to the website caused by the modification of the parameters in redirect_uri cannot be sufficiently prevented or avoided.
Aiming at the problems, the invention provides a novel OAuth2.0 open type redirection vulnerability detection method and system.
Disclosure of Invention
In order to solve the defects existing in the prior art, the invention aims to provide a detection method and a detection system for OAuth2.0 open type redirection loopholes, which are used for detecting URI fields in an API interface, searching URI callback parameters, modifying URIs according to the type and the replacement method of preset callback parameters, and realizing loophole detection in the API interface through new user requests.
The invention adopts the following technical scheme.
The invention relates to a detection method of OAuth2.0 open redirection holes, which comprises the following steps: step 1, detecting URI fields in an API interface of a third party authorized by OAuth2.0, and finding and recording all callback parameters related to the URI fields; step 2, based on a predefined callback parameter table, matching all types of callback parameters acquired in the step 1, and replacing parameter values of the callback parameters based on a matching result; and step 3, simulating a user request to call the API interface with the parameter replacement, and detecting the loopholes in the API interface based on the called response result.
Preferably, all callback parameters at least include a redirect_uri parameter and a destination parameter.
Preferably, the predefined callback parameter table not only comprises the predefined callback parameter type, but also comprises the matching relation between related parameters in the API interface and the callback parameter type and the matching relation between the callback parameter type and the replacement parameter value.
Preferably, in step 2, the parameter value of the callback parameter is replaced based on the matching relationship between the callback parameter type and the replacement parameter value in the callback parameter table.
Preferably, the user generating the user request is an authorized user of the platform and allows access to an authorized third party based on oauth 2.0; the user requests a call corresponding to the API interface of the authorized third party that implements the parameter substitution.
Preferably, the platform is a platform for realizing authorized access of the third party application based on oauth2.0, wherein the platform comprises an oauth2.0 server.
Preferably, when the called response result is inconsistent with the response result before replacing the parameter value, it is determined that the parameter value is replaced, and a bug exists in the API interface.
Preferably, the authorization code in the user request is obtained by the following steps: intercepting HTTP traffic based on ARP attack, and resolving plaintext authorization code from the HTTP traffic; alternatively, HTTP REFERER is counterfeited to obtain the authorization code; alternatively, HTTP traffic is intercepted based on burppsuite to obtain unused authorization codes.
The second aspect of the present invention relates to a detection system for oauth2.0 open type redirection holes, wherein the system is implemented by adopting the detection method for oauth2.0 open type redirection holes as described in the first aspect of the present invention.
Compared with the prior art, the OAuth2.0 open redirection vulnerability detection method and system provided by the invention have the beneficial effects that the URI callback parameters can be searched by detecting the URI field in the API interface, the URI is modified according to the type and the replacement method of the preset callback parameters, and the vulnerability detection in the API interface is realized through a new user request. The method is simple and has good effect, and the problem that the URI parameters are modified in the open redirection process can be fundamentally detected, so that the remedy and the prevention of the loopholes are realized.
Drawings
Fig. 1 is a schematic diagram of steps of a detection method of oauth2.0 open redirection holes according to the present invention.
Detailed Description
The present application is further described below with reference to the accompanying drawings. The following examples are only for more clearly illustrating the technical solutions of the present invention and are not intended to limit the scope of protection of the present application.
Fig. 1 is a schematic diagram of steps of a detection method of oauth2.0 open redirection holes according to the present invention. As shown in fig. 1, a method for detecting oauth2.0 open redirection holes includes steps 1 to 3.
And step 1, detecting a URI field in an API interface of a third party authorized by OAuth2.0, and finding and recording all callback parameters related to the URI field.
Firstly, in the method of the present invention, in order to modify the specific value content of the callback parameters related to the URI field, it is necessary to first determine which callback parameters exist in the API interface.
In particular, in the prior art, a mode of cooperation of an open platform and a third party is mostly adopted to realize various internet services. The business realized by the cooperation mode can simplify the complexity of the third party application code writing process, and in addition, the user in the open platform can be fully imported into the third party application. For an open platform, various customized services can be provided for users more conveniently.
Typically, the open platform will make API rules and provide API interfaces for third party applications to call, thereby enabling the service to be turned on and the user to access.
However, due to the limited security of the API interface, the mainstream open platform today basically implements authentication of the user and processing of the request of the user to access the third party application by means of oauth 2.0. The method of the invention is aimed at detecting the risk in this process.
Specifically, in order to access the third party application, the user obtains an authorization code from the open platform, so as to obtain a redirection address or field sent to the open platform by the third party application, namely redirect_uri, wherein uri refers to a uniform resource identifier (Uniform Resource Identifier). In the process, when the user's client side calls back the uri, if the parameter content in the uri is tampered, the response result of the user call back may be abnormal.
Therefore, in the invention, in order to detect whether the parameter content in the uri is tampered, the uri tampering process is simulated, thereby realizing the detection of the loophole. In order to simulate the tampering process of parameters in uri, in step 1 of the present invention, all callback parameters in uri of the API interface are extracted first. In the invention, the extraction of callback parameters can be realized by adopting a scanner commonly used in the prior art.
Preferably, all callback parameters at least include a redirect_uri parameter and a destination parameter.
In the invention, the content of various callback parameters can be determined according to the content of an API interface provided by an open platform. But in general, the uri may include a redirect_uri, which is a website address parameter redirected, and a destination address parameter destination of intrusion detection, which is a callback parameter related to the redirect.
And 2, matching all types of callback parameters acquired in the step 1 based on a predefined callback parameter table, and replacing parameter values of the callback parameters based on a matching result.
Preferably, the predefined callback parameter table not only comprises the predefined callback parameter type, but also comprises the matching relation between related parameters in the API interface and the callback parameter type and the matching relation between the callback parameter type and the replacement parameter value.
It should be noted that, the callback parameter table in the present invention may be stored in the form of txt file. In the file, not only all callback parameters contained in various API interfaces of the open platform are included, but also the types of various callback parameters are included, and if the callback parameters are found, the preset parameter values of the callback parameters can be replaced.
In addition, the name of the callback parameter, the API interface to which the callback parameter belongs, the callback parameter type and the preset parameter value for replacement can be recorded in a one-to-one correspondence mode. Therefore, the callback parameter list can be used for replacing the value in the subsequent callback parameters and the detection method of the invention.
Preferably, in step 2, the parameter value of the callback parameter is replaced based on the matching relationship between the callback parameter type and the replacement parameter value in the callback parameter table.
In the invention, the substitution of parameter values in different callback parameters is formally realized based on the corresponding relation recorded in the txt file.
And step 3, simulating a user request to call the API interface with the parameter replacement, and detecting the loopholes in the API interface based on the called response result.
In the invention, after the replacement of the parameter value in the callback parameter is completed, the detection of the loophole can be realized.
Preferably, the user generating the user request is an authorized user of the platform and allows access to an authorized third party based on oauth 2.0; the user requests a call corresponding to the API interface of the authorized third party that implements the parameter substitution.
In the invention, the user request is simulated firstly, and the user request can be a real user of a third-party platform or can be the simulation of the real user realized by adopting the method in the prior art. In the case of a simulation of a real user, the present invention requires that the open platform first obtain the authorization code given to the user.
Through the user's authorization code, the user may request the open platform to enable a connection between the client and the third party application. In the process of connecting the third party platform, the user can use the callback parameters provided by the open platform, and if the callback parameters are replaced, the website fed back to the user by the open platform is problematic, at least different from the website before the callback parameters are replaced. This difference is not limited to addresses of different sources, but also includes different addresses under the source.
Preferably, the platform is a platform for realizing authorized access of the third party application based on oauth2.0, wherein the platform comprises an oauth2.0 server. The platform described herein, i.e., the open platform above, includes at least oauth2.0 servers to enable access by third party applications.
Preferably, when the called response result is inconsistent with the response result before replacing the parameter value, it is determined that the parameter value is replaced, and a bug exists in the API interface.
Preferably, the authorization code in the user request is obtained by the following steps: intercepting HTTP traffic based on ARP attack, and resolving plaintext authorization code from HTTP traffic; alternatively, HTTP REFERER is counterfeited to obtain an authorization code; alternatively, HTTP traffic is intercepted based on burppsuite to obtain unused authorization codes.
In the present invention, in order to achieve the simulation of the user request, the acquisition of the authorization code may be achieved in a plurality of different manners. In the process of acquiring the authorization code, one or more modes of acquiring the authorization code can be adopted to realize that the simulated request of the non-real user is accepted by the open platform.
If the method of the invention finds that the related uri parameters in the API interface are changed, the modified parameters, as well as related information, such as modified content, corresponding API interface and the like, can be recorded into a database, and the subsequent improvement on the safety of the API interface is prepared.
In one embodiment of the invention, 6 service platform providers capable of providing third party logging are selected for experiments, namely Tengxun QQ, weChat, xinlang microblog, baidu, man and bean cotyledon. Pre-screening was performed in the chinese web site of the first 500, with 233 web sites implementing the third party logging service for the 6 open platforms described above. Therefore, in the embodiment of the invention, account hijacking attack experiments are carried out based on the 233 websites.
The authorization hijacking experiment needs to meet the following conditions:
(1) Whether redirect_uri is modifiable is determined during the detection process based on the OAuth Callback module of the automated scanning system.
(2) In the invention, the authorization code is obtained by intercepting HTTP traffic or inserting pictures. In the way of intercepting the HTTP traffic stealing authorization code, when the parameter value of redirect_uri is modified to a website that uses the HTTP protocol to communicate, an attacker intercepts any traffic sent to the target site on the same lan through ARP (Address Resolution Protocol ) attack, so as to resolve the authorization code from the intercepted traffic. In the picture-inserting mode, a website accessing a picture-inserting website sends two requests, and an attacker can send a request for inserting a remote picture and send the request to a remote server, so that an authorization code is obtained through a reference. In addition, because the authorization code and the current session have a binding relation, the invention can intercept the flow by using burpasite, thereby obtaining an unused authorization code, and then reconstruct a new request by using the authorization code to judge whether the login can be successfully performed.
This is because various callback parameters in the API interface, such as redirect _ uri, can be modified, most of the time because developers do not severely limit the authorized jump directory in developing the API interface. When redirect_uri can be modified by an attacker, the attacker will typically modify the jump address to a website using HTTP protocol, so theoretically the ratio of API interfaces where the attacker can obtain the authorization code is about the same as the ratio of API interfaces where OAuth Callback holes exist. In addition, the main reason that the website can embed remote pictures is that the website does not set the source of the foreign pictures.
After the automatic vulnerability scanning framework is realized, an OAuth call back detection module is utilized to detect some websites, and in this embodiment, the inventor successfully discovers that the redirect_uri of the RESTful API of the third party login of many websites can be modified, so as to discover that some websites have the risk of account hijacking. In addition, the embodiment can also realize two different operation modes of OAuth Callback scanning, one is directly operated through a command line, and the other is operated through a Web interface. Finally, the method of the invention not only realizes the detection of whether the current RESTful API has the loopholes when the developer develops the RESTful API, but also realizes the loopholes detection of the on-line API interface, thereby greatly improving the safety of the API interface and reducing unnecessary loss.
Tables 1 and 2 show the results of the above examples. As shown in Table 1, most 68.67% of websites in the prior art have holes in OAuth Callback, and meanwhile, the websites can be easily obtained by an attacker to obtain the authorization code of the user. In addition, 12.87% of websites can be obtained by attackers by embedding remote pictures, and in addition, about 60% of users have the problem that the authorization codes are not bound with the current session. In summary, the number of websites that obtain authorization codes according to various different manners and are implemented and completed by an attacker to account for hijacking attacks is about 45.49% of all websites, which is still very large. Therefore, the vulnerability detection method can enable the open platform or the third party application website to timely discover the problems and the code vulnerabilities generated in the authorization process, thereby realizing the repair and improvement of the vulnerabilities.
| Category(s) | Web site number/number ratio |
| There is OAuth Callback vulnerability | 160/68.67% |
| Capable of obtaining authorization code | 160/68.67% |
| Capable of embedding remote pictures | 30/12.87% |
| The authorization code is unbound to the current session | 139/59.66% |
| Can accomplish account hijacking attack | 106/45.49% |
TABLE 1 Redirect uri detection results for 233 websites
In addition, the invention analyzes different open platforms, namely 6 different service providers, and discovers the degree to which callback parameters in an API interface provided by the service providers can be modified. Wherein only callback parameters of two service providers are not modified by the detection method of the invention, and other four platforms can be modified. In addition, popularity data refers to the extent to which these platforms are accessed by the top-ranked 500 website of the present invention in the form of third parties.
| Service provider | Popularity of | Callback uri modifiable degree |
| Platform A | 211/90.56% | 0 |
| Platform B | 146/62.67% | 38/26.03% |
| Platform C | 192/82.40% | 143/74.47% |
| Platform D | 10/4.29% | 5/50.00% |
| Platform E | 13/5.58% | 9/69.23% |
| Platform F | 9/3.86% | 0 |
Table 2 6 platform account hijack analysis results
Compared with the prior art, the OAuth2.0 open redirection vulnerability detection method and system provided by the invention have the beneficial effects that the URI callback parameters can be searched by detecting the URI field in the API interface, the URI is modified according to the type and the replacement method of the preset callback parameters, and the vulnerability detection in the API interface is realized through a new user request. The method is simple and has good effect, and the problem that the URI parameters are modified in the open redirection process can be fundamentally detected, so that the remedy and the prevention of the loopholes are realized.
While the applicant has described and illustrated the embodiments of the present invention in detail with reference to the drawings, it should be understood by those skilled in the art that the above embodiments are only preferred embodiments of the present invention, and the detailed description is only for the purpose of helping the reader to better understand the spirit of the present invention, and not to limit the scope of the present invention, but any improvements or modifications based on the spirit of the present invention should fall within the scope of the present invention.
Claims (7)
1. A method for detecting oauth2.0 open redirection holes, the method comprising the steps of:
step 1, detecting URI fields in an API interface of a third party authorized by OAuth2.0, and finding and recording all callback parameters related to the URI fields;
step 2, based on a predefined callback parameter table, matching the types of all callback parameters acquired in the step 1, and replacing the parameter values of the callback parameters based on the matching result;
the pre-defined callback parameter list comprises a pre-defined callback parameter type, a matching relation between related parameters in an API interface and the callback parameter type and a matching relation between the callback parameter type and a replacement parameter value;
replacing the parameter value of the callback parameter based on the matching relation between the callback parameter type and the replacement parameter value in the callback parameter table;
step 3, simulating a user request to call the API interface with the parameter replaced, and detecting the loopholes in the API interface based on the called response result;
and 4, recording the modified uri parameters and the corresponding API interface in the vulnerability detection process into a database, and taking the detection result as the basis for improving the API interface.
2. The method for detecting oauth2.0 open redirection holes in claim 1, wherein:
the callback parameters at least comprise a redirect_uri parameter and a destination parameter.
3. The method for detecting oauth2.0 open redirection holes in claim 2, wherein:
generating an authorized user of the platform as a user requested by the user, and allowing the access to an authorized third party to be realized based on oauth 2.0;
the user requests a call to the API interface, which corresponds to the authorized third party, that implements the parameter replacement.
4. The method for detecting oauth2.0 open redirection holes in claim 3, wherein:
the platform is a platform for realizing the authorized access of the third party application based on oauth2.0, wherein the platform comprises an oauth2.0 server.
5. The method for detecting oauth2.0 open redirection holes in claim 4, wherein:
and when the response result of the call is inconsistent with the response result before the parameter value is replaced, judging that the parameter value is replaced, and judging that the vulnerability exists in the API interface.
6. The method for detecting oauth2.0 open redirection holes in claim 5, wherein:
the authorization code in the user request is obtained in the following manner:
intercepting HTTP traffic based on ARP attack, and resolving plaintext authorization code from the HTTP traffic; or,
counterfeiting HTTP REFERER to obtain the authorization code; or,
HTTP traffic is intercepted based on burpsuite to obtain an unused authorization code.
7. An oauth2.0 open redirection vulnerability detection system, which is characterized in that:
the system is implemented using a detection method of oauth2.0 open redirection holes as described in any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210712266.3A CN115189924B (en) | 2022-06-22 | 2022-06-22 | OAuth2.0 open redirection vulnerability detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210712266.3A CN115189924B (en) | 2022-06-22 | 2022-06-22 | OAuth2.0 open redirection vulnerability detection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115189924A CN115189924A (en) | 2022-10-14 |
| CN115189924B true CN115189924B (en) | 2024-03-29 |
Family
ID=83515330
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210712266.3A Active CN115189924B (en) | 2022-06-22 | 2022-06-22 | OAuth2.0 open redirection vulnerability detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115189924B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
| CN104881603A (en) * | 2014-02-27 | 2015-09-02 | 腾讯科技(深圳)有限公司 | Method and apparatus for detecting webpage redirection vulnerabilities |
| CN110266669A (en) * | 2019-06-06 | 2019-09-20 | 武汉大学 | A kind of Java Web frame loophole attacks the method and system of general detection and positioning |
| CN110472414A (en) * | 2019-07-23 | 2019-11-19 | 中国平安人寿保险股份有限公司 | Detection method, device, terminal device and the medium of system vulnerability |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010105184A2 (en) * | 2009-03-13 | 2010-09-16 | Breach Security , Inc. | A method and apparatus for phishing and leeching vulnerability detection |
| US10387656B2 (en) * | 2016-03-21 | 2019-08-20 | Checkmarx Ltd. | Integrated interactive application security testing |
-
2022
- 2022-06-22 CN CN202210712266.3A patent/CN115189924B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104881603A (en) * | 2014-02-27 | 2015-09-02 | 腾讯科技(深圳)有限公司 | Method and apparatus for detecting webpage redirection vulnerabilities |
| CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
| CN110266669A (en) * | 2019-06-06 | 2019-09-20 | 武汉大学 | A kind of Java Web frame loophole attacks the method and system of general detection and positioning |
| CN110472414A (en) * | 2019-07-23 | 2019-11-19 | 中国平安人寿保险股份有限公司 | Detection method, device, terminal device and the medium of system vulnerability |
Non-Patent Citations (1)
| Title |
|---|
| OAuth 2.0授权协议常见安全问题及修复建议;邱永哲;;无线互联科技(第07期);第45-47页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115189924A (en) | 2022-10-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3424178B1 (en) | Deterministic reproduction of client/server computer state or output sent to one or more client computers | |
| US8370407B1 (en) | Systems providing a network resource address reputation service | |
| CN106998551B (en) | Method, system, device and terminal for application access authentication | |
| US7680815B2 (en) | Image array authentication system | |
| JP6559694B2 (en) | Automatic SDK acceptance | |
| Li et al. | Analysing the Security of Google’s implementation of OpenID Connect | |
| Zeller et al. | Cross-site request forgeries: Exploitation and prevention | |
| AU2002252371B2 (en) | Application layer security method and system | |
| US7313691B2 (en) | Internet site authentication service | |
| US6965939B2 (en) | Method and apparatus for processing requests in a network data processing system based on a trust association between servers | |
| JP4405248B2 (en) | Communication relay device, communication relay method, and program | |
| US9712532B2 (en) | Optimizing security seals on web pages | |
| US9325731B2 (en) | Identification of and countermeasures against forged websites | |
| CN107634967B (en) | CSRFtoken defense system and method for CSRF attack | |
| US20130031213A1 (en) | Obtaining and assessing objective data relating to network resources | |
| US11770385B2 (en) | Systems and methods for malicious client detection through property analysis | |
| JP2019528509A (en) | System and method for detecting online fraud | |
| WO2018014808A1 (en) | Network attack behaviour detection method and apparatus | |
| US20130007882A1 (en) | Methods of detecting and removing bidirectional network traffic malware | |
| US20130007870A1 (en) | Systems for bi-directional network traffic malware detection and removal | |
| US20110131635A1 (en) | Client-side prevention of cross-site request forgeries | |
| US20110289575A1 (en) | Directory authentication method for policy driven web filtering | |
| CN105187430A (en) | Reverse proxy server, reverse proxy system and reverse proxy method | |
| CN109361685A (en) | Method and device for preventing malicious request | |
| JP2009003559A (en) | Computer system for single sign-on server, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |