CN115659348A - Rapid penetration test method and test device for mobile equipment - Google Patents
Rapid penetration test method and test device for mobile equipment Download PDFInfo
- Publication number
- CN115659348A CN115659348A CN202211182572.7A CN202211182572A CN115659348A CN 115659348 A CN115659348 A CN 115659348A CN 202211182572 A CN202211182572 A CN 202211182572A CN 115659348 A CN115659348 A CN 115659348A
- Authority
- CN
- China
- Prior art keywords
- test
- function module
- test function
- result
- executing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a rapid penetration testing method and a testing device for mobile equipment, which relate to the technical field of equipment testing, and the method comprises the following steps: judging whether the mobile equipment is subjected to primary penetration test; in the case where the mobile device is a primary penetration test: executing test environment detection operation to obtain first environment detection information; determining a test function module based on the first environment detection information; executing corresponding penetration test operation based on the test function module to generate a corresponding first test result; in the case that the mobile device is a non-primary penetration test: executing test environment detection operation to obtain second environment detection information; judging whether the test environment changes or not based on the second environment detection information; under the condition that the testing environment is determined to be changed, determining an updated functional module corresponding to the testing environment; and executing corresponding penetration test operation based on the updated functional module to generate a second test result.
Description
Technical Field
The invention relates to the technical field of equipment testing, in particular to a rapid penetration testing method and a rapid penetration testing device for mobile equipment.
Background
With the continuous development of communication technology, display technology, processing technology and other technologies, mobile devices are widely applied to various aspects of people's life, and with the continuous popularization of intelligent mobile devices, more and more user data are stored on the intelligent devices and more functions closely related to the interests of people, such as payment functions, are provided, so that the security requirements on the mobile devices are higher and higher.
In order to ensure the safety of the mobile device, the mobile device needs to be subjected to a safety test before being used, for example, a safety penetration test is performed on the mobile device. In the existing security test field, there is no unified standard for performing security test on mobile devices, often an enterprise manager performs a targeted penetration test on the mobile devices related to self operation or operation, and a commonly used penetration test method includes: the port security of the device is tested, the fraud of the mobile device is tested, and the security verification method based on the device fingerprint is used, however, in the application process of the existing testing method, technical personnel find that the following technical problems exist:
in the existing penetration testing method, technicians need to determine corresponding testing strategies in advance according to the actual conditions of enterprises and configure corresponding testing rules, so that on one hand, a large amount of early-stage workload is caused for the technicians, the working efficiency is reduced, and the testing cost is greatly improved; on the other hand, the penetration test is often performed only once or performed only once within a very long time period, so that the test effectiveness and real-time performance are poor, however, the security of the mobile device may change at any time due to frequent use by people in daily life, and thus the existing penetration test method cannot meet the actual requirements of users.
Disclosure of Invention
In order to solve the technical problems in the prior art, embodiments of the present invention provide a rapid penetration test method and a test apparatus for a mobile device, which automatically match corresponding test function modules when a penetration test is performed in the mobile device, and execute the corresponding penetration test according to test environment change information of the mobile device, thereby greatly improving test efficiency, reducing test computation, and meeting actual test requirements of users.
In order to achieve the above object, an embodiment of the present invention provides a rapid penetration testing method for a mobile device, where the method includes: judging whether the mobile equipment is subjected to a primary penetration test; in the case where the mobile device is a primary penetration test: executing test environment detection operation to obtain first environment detection information; determining a test function module based on the first environment detection information; executing corresponding penetration test operation based on the test function module to generate a corresponding first test result; in the case that the mobile device is a non-primary penetration test: executing test environment detection operation to obtain second environment detection information; judging whether the test environment changes or not based on the second environment detection information; under the condition that the testing environment is determined to be changed, determining an updated functional module corresponding to the testing environment; and executing corresponding penetration test operation based on the updated functional module to generate a second test result.
Preferably, the first environment detection information includes a plurality of detection information, and the determining a test function module based on the first environment detection information includes: acquiring a preset test function library, wherein the test function library comprises a plurality of test function modules; sequentially matching each piece of detection information with the test function module in the preset test function library to obtain a first matching result; and determining a corresponding test function module based on the first matching result.
Preferably, the test function module comprises a system test function module, a port test function module, a peripheral intercommunication test function module, a data reading/storing test function module, a fraud application installation test function module, an authority management test function module and a process management test function module,
the executing the corresponding penetration test operation based on the test function module to generate a corresponding first test result includes: executing a system vulnerability testing operation based on the system testing functional module to generate a vulnerability scanning result; executing port test operation based on the port test function module to generate a port scanning result; executing peripheral intercommunication test operation based on the peripheral intercommunication test function module to generate an intercommunication test result; executing data read-write test operation based on the data read/storage test function module to generate a read-write test result; executing application installation test operation based on the fraudulent application installation test function module to generate an application installation test result; executing authority acquisition test operation based on the authority management test function module to generate an authority acquisition test result; executing process management test operation based on the process management test function module to generate a process management test result; generating a first test result based on the vulnerability scanning result, the port scanning result, the intercommunication test result, the read-write test result, the application installation test result, the permission acquisition test result and the process management test result.
Preferably, the mobile device is connected to a cloud server, and the determining a test function module based on the first environment detection information includes: uploading the first environment detection information to the cloud server; and acquiring first feedback information of the cloud server aiming at the first environment detection information, wherein the first feedback information comprises a test function module matched with each detection information, and the test function module in the first feedback information is updated and maintained by the cloud server in real time.
Preferably, the determining an updated functional module corresponding to the test environment includes: acquiring at least one change information of the test environment based on the second environment detection information; sequentially matching each piece of change information with the test function module in the preset test function library to obtain a matching function module; judging whether the cloud server has update information aiming at the matching function module; if so, updating the matching functional module based on the updating information to obtain an updated functional module; otherwise, the matching function module is used as an updated function module.
Correspondingly, the invention also provides a rapid penetration testing device of the mobile equipment, which comprises: the judging unit is used for judging whether the mobile equipment is subjected to the primary penetration test; a primary test unit for, in case the mobile device is a primary penetration test: executing test environment detection operation to obtain first environment detection information; determining a test function module based on the first environment detection information; executing corresponding penetration test operation based on the test function module to generate a corresponding first test result; a non-primary test unit to, if the mobile device is a non-primary penetration test: executing test environment detection operation to obtain second environment detection information; judging whether the test environment changes or not based on the second environment detection information; under the condition that the testing environment is determined to be changed, determining an updated functional module corresponding to the testing environment; and executing corresponding penetration test operation based on the updated functional module to generate a second test result.
Preferably, the first environment detection information includes a plurality of detection information, and the determining a test function module based on the first environment detection information includes: acquiring a preset test function library, wherein the test function library comprises a plurality of test function modules; sequentially matching each piece of detection information with the test function module in the preset test function library to obtain a first matching result; and determining a corresponding test function module based on the first matching result.
Preferably, the test function module includes a system test function module, a port test function module, a peripheral intercommunication test function module, a data reading/storing test function module, a fraud application installation test function module, an authority management test function module, and a process management test function module, and the executing a corresponding penetration test operation based on the test function module generates a corresponding first test result, including: executing a system vulnerability testing operation based on the system testing function module to generate a vulnerability scanning result; executing port test operation based on the port test function module to generate a port scanning result; executing peripheral intercommunication test operation based on the peripheral intercommunication test function module to generate an intercommunication test result; executing data read-write test operation based on the data read/storage test function module to generate a read-write test result; executing application installation test operation based on the fraudulent application installation test function module to generate an application installation test result; executing authority acquisition test operation based on the authority management test function module to generate an authority acquisition test result; executing process management test operation based on the process management test function module to generate a process management test result; generating a first test result based on the vulnerability scanning result, the port scanning result, the intercommunication test result, the read-write test result, the application installation test result, the permission acquisition test result and the process management test result.
Preferably, the mobile device is connected to a cloud server, and the determining a test function module based on the first environment detection information includes: uploading the first environment detection information to the cloud server; and acquiring first feedback information of the cloud server for the first environment detection information, wherein the first feedback information comprises a test function module matched with each detection information, and the test function module in the first feedback information is updated and maintained by the cloud server in real time.
Preferably, the determining an updated functional module corresponding to the test environment includes: acquiring at least one change information of the test environment based on the second environment detection information; sequentially matching each piece of change information with the test function module in the preset test function library to obtain a matching function module; judging whether the cloud server has update information aiming at the matching function module; if so, updating the matching functional module based on the updating information to obtain an updated functional module; otherwise, the matching function module is used as an updated function module.
Through the technical scheme provided by the invention, the invention at least has the following technical effects:
each test content involved in the penetration test process is packaged into a corresponding test function module in advance, and when the penetration test is carried out subsequently, only the test environment of the mobile equipment needs to be detected, the corresponding test function module is automatically matched, and manual pre-configuration is not needed any more, so that the workload of technicians is greatly reduced, and the working efficiency is improved;
furthermore, in each test after the initial penetration test, the corresponding test function module is called to execute the corresponding penetration test only according to the change condition of the test environment instead of performing the integral penetration test at each time, so that the test workload is greatly reduced, the hardware requirement on the mobile equipment is reduced, the high-frequency penetration test of a user is operated, and the safe use requirement of the user is met.
Additional features and advantages of embodiments of the invention will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the embodiments of the invention without limiting the embodiments of the invention. In the drawings:
fig. 1 is a flowchart of a specific implementation of a rapid penetration testing method for a mobile device according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating a specific implementation of determining a test function module based on first environment detection information in a rapid penetration test method for a mobile device according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a rapid penetration testing apparatus of a mobile device according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating embodiments of the invention, are given by way of illustration and explanation only, not limitation.
The terms "system" and "network" in embodiments of the present invention may be used interchangeably. The "plurality" means two or more, and in view of this, the "plurality" may also be understood as "at least two" in the embodiments of the present invention. "and/or" describes the association relationship of the associated object, indicating that there may be three relationships, for example, a and/or B, which may indicate: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" generally indicates that the preceding and following related objects are in an "or" relationship, unless otherwise specified. In addition, it should be understood that the terms first, second, etc. in the description of the embodiments of the invention are used for distinguishing between the descriptions and are not intended to indicate or imply relative importance or order to be construed.
Referring to fig. 1, an embodiment of the present invention provides a method for rapid penetration testing of a mobile device, where the method includes:
s10) judging whether the mobile equipment is subjected to primary penetration test;
in the case where the mobile device is a primary penetration test:
s21) executing test environment detection operation to obtain first environment detection information;
s22) determining a test function module based on the first environment detection information;
s23) executing corresponding penetration test operation based on the test function module to generate a corresponding first test result;
when the mobile device is a non-primary penetration test or the current time from a previous penetration test reaches a preset time interval:
s31) executing test environment detection operation to obtain second environment detection information;
s32) judging whether the test environment changes or not based on the second environment detection information;
s33) determining an updated functional module corresponding to the test environment under the condition that the test environment is determined to be changed;
s34) executing corresponding penetration test operation based on the updated functional module, and generating a second test result.
In one possible embodiment, in order to implement a fast and accurate penetration test for a mobile device, before performing the penetration test, it is first determined whether the mobile device is an initial penetration test, for example, by generating a corresponding test log after performing the penetration test, and before performing the penetration test each time, by searching whether the penetration test log exists, and determining whether the penetration test is the initial penetration test and the test content of the previous penetration test according to the penetration test log.
In the first embodiment, the penetration test log is not found in the mobile device, and therefore it is determined as an initial penetration test, a test environment detection operation is immediately performed, and corresponding first environment detection information is obtained, for example, when the current test environment is outside the mobile device, because many information of the mobile device cannot be directly obtained, the test may be performed in a black box test manner, and therefore, by detecting whether system version information, port information, data reading/storing rule information, external application installation rule information, and peripheral intercommunication configuration information supported by the mobile device of the mobile device can be obtained, specifically, if it is determined that the system version number of the mobile device can be obtained, the penetration test corresponding to the system version can be performed, so that the pertinence and accuracy of the penetration test are improved, and corresponding first environment detection information is generated.
In the second embodiment, after the time that the user manually starts the penetration test or the current penetration test reaches a preset time interval from the previous penetration test, the penetration test is prepared to be performed again, and meanwhile, the penetration log stored in the mobile device is searched, so that the current penetration test is determined to be the non-primary penetration test, and therefore, the test environment detection is performed again, for example, the current test environment is inside the mobile device, and since many pieces of information of the mobile device can be directly acquired, the test can be performed in a white box test manner, for example, by detecting whether system version information, port information, authority management information, process management rules, data reading/storing rule information, and internal application installation rule information of the mobile device are acquired, and corresponding second environment detection information is generated.
At this time, the corresponding test function module is further matched according to the environment detection information.
Referring to fig. 2, in an embodiment of the present invention, the determining the test function module based on the first environment detection information includes:
s221) acquiring a preset test function library, wherein the test function library comprises a plurality of test function modules;
s222) matching each piece of detection information with the test function module in the preset test function library in sequence to obtain a first matching result;
s223) determining a corresponding test function module based on the first matching result.
In a possible implementation manner, after a test environment detection operation of an initial penetration test is performed, first environment detection information obtained includes system version information, port information, external application installation rule information, and peripheral intercommunication configuration information supported by a mobile device, and then a preset test function library is obtained, for example, the preset test function library is packaged in advance for a technician and stored in the mobile device, and is directly called when used, the preset test function library includes a plurality of test function modules, and then each piece of detection information is sequentially matched with the plurality of test function modules, and a first matching result is obtained.
In an embodiment of the present invention, the test function module includes a system test function module, a port test function module, a peripheral intercommunication test function module, a data reading/storing test function module, a fraud application installation test function module, an authority management test function module, and a process management test function module, and the executing a corresponding penetration test operation based on the test function module to generate a corresponding first test result includes: executing a system vulnerability testing operation based on the system testing functional module to generate a vulnerability scanning result; executing port test operation based on the port test function module to generate a port scanning result; executing peripheral intercommunication test operation based on the peripheral intercommunication test function module to generate an intercommunication test result; executing data read-write test operation based on the data read/storage test function module to generate a read-write test result; executing application installation test operation based on the fraudulent application installation test function module to generate an application installation test result; executing authority acquisition test operation based on the authority management test function module to generate an authority acquisition test result; executing process management test operation based on the process management test function module to generate a process management test result; generating a first test result based on the vulnerability scanning result, the port scanning result, the intercommunication test result, the read-write test result, the application installation test result, the permission acquisition test result and the process management test result.
Specifically, in this embodiment, the system test function module, the port test function module, the peripheral intercommunication test function module, and the fraud application installation test function module may be matched according to the first environment detection information, so that a corresponding penetration test operation is performed according to the function module, and a corresponding first test result is generated.
However, in the case of non-primary penetration test, since the operating environment of the mobile device may change at any time, the test environment detection operation needs to be performed again, and corresponding second environment detection information is obtained.
In a second embodiment, in the second environment detection information, it is determined that the system version number of the mobile device has changed, and therefore it is determined that the test environment has changed, and the functional module for performing the penetration test needs to be updated, for example, a technician uploads a new system test functional module again according to a new system version number, and executes a corresponding system vulnerability test operation only based on the new system test functional module, generates a new vulnerability scanning result, and generates a second test result according to the new vulnerability scanning result.
In the embodiment of the invention, the corresponding penetration test function module is automatically matched according to the test environment of the mobile equipment, and the manual configuration of technicians is not needed, so that the consumption of human resources is greatly reduced, and the test cost is reduced;
on the other hand, after the initial penetration test is executed, when the penetration test is executed next time, according to the change of the actual operation environment of the mobile equipment, only the updated test function module is obtained to perform the penetration test operation again, so that the calculation amount required by the penetration test is greatly reduced, the load requirement on the mobile equipment is reduced, the user is allowed to perform the penetration test at any time according to the requirement, the instantaneity and the effectiveness of the penetration test are greatly improved, and the actual requirement is met.
However, in the actual application process, the change of the test environment may not be limited to the change of the mobile device itself, but is related to the change of the external environment, and if the test function module is stored in the mobile device offline, the test function module cannot change along with the development change of the external technology, so that the latest function test module cannot be obtained at any time, that is, the penetration test cannot be performed by the latest function test module packaged based on the latest technology change, and thus the actual requirement cannot be met.
In order to solve the above technical problem, in an embodiment of the present invention, the connecting the mobile device to a cloud server, and determining the test function module based on the first environment detection information includes: uploading the first environment detection information to the cloud server; and acquiring first feedback information of the cloud server aiming at the first environment detection information, wherein the first feedback information comprises a test function module matched with each detection information, and the test function module in the first feedback information is updated and maintained by the cloud server in real time.
For example, in one possible implementation, after test environment detection is performed and corresponding first environment detection information is obtained, the first environment detection information is uploaded to a cloud server, the cloud server matches the first environment detection information with a test function library which is kept up-to-date in real time, obtains a corresponding matching result, and generates corresponding first feedback information, and after the mobile device obtains the first feedback information, a test function module which is matched with each piece of detection information is extracted from the first feedback information, and a penetration test operation is performed.
In the embodiment of the invention, the mobile equipment is connected with the cloud server, and the latest test function module is obtained from the cloud server instead of calling a fixed test function library stored locally when the penetration test is required, so that the space of the mobile equipment is prevented from being occupied; on the other hand, the test function module is ensured to be latest, so that the test result of the penetration test is the most accurate result, and the actual requirements of users are met.
However, in the practical application process, whether the penetration test method normally operates or not depends completely on whether network communication is reliable, once network communication is abnormal, no penetration test can be performed, and the mobile device may cause network communication abnormality (for example, weak wireless signals, device failure, defaulting, and the like) due to various reasons, so that the method is further improved in order to ensure that the penetration test can be performed under any condition and ensure the accuracy of the penetration test as much as possible.
In this embodiment of the present invention, the determining the updated functional module corresponding to the test environment includes: acquiring at least one change information of the test environment based on the second environment detection information; sequentially matching each piece of change information with the test function module in the preset test function library to obtain a matching function module; judging whether the cloud server has update information for the matching function module; if so, updating the matching functional module based on the updating information to obtain an updated functional module; otherwise, the matching function module is used as an updated function module.
In a possible implementation manner, after the second environment detection information is obtained, the second environment detection information is compared with the first environment detection information, if the second environment detection information is different from the first environment detection information, it may be determined that the test environment has changed, at this time, at least one piece of change information of the test environment is extracted from the second environment detection information, for example, in this embodiment, a system version number and port information of the mobile device have changed, so that the two pieces of change information are matched with a preset test function library stored locally, and a matching function module is obtained, at this time, it is further determined whether update information for the matching function module exists in the cloud server, for example, when communication with the cloud server is in a problem and the update information cannot be obtained, the matching function module may be directly used as an updated function module to perform a penetration test, so as to achieve an offline test purpose; if the communication with the cloud server is normal, and the update information for the matching function module is obtained in the cloud server, for example, in one case, 2 versions of the matching function module have been updated in the cloud server, so that the matching function module is updated according to the update information, for example, the matching function module is replaced by the latest version of the function module to obtain an updated function module, and at this time, the penetration test is performed according to the updated function module, so that the most accurate penetration test operation can be realized.
In the embodiment of the invention, the function module related to the penetration test is updated in real time based on the cloud server, and the related function module is compared with the function module in the cloud server when the penetration test is required each time, so that the technical effect that the penetration test can be carried out by the latest function module in each penetration test is realized, and meanwhile, even if the network communication is abnormal, the off-line penetration test operation can be executed based on the prior function module, so that the normal penetration test requirement is met, and the actual requirement of a user is met.
The following describes a rapid penetration testing apparatus for a mobile device according to an embodiment of the present invention with reference to the accompanying drawings.
Referring to fig. 3, based on the same inventive concept, an embodiment of the present invention provides a rapid penetration testing apparatus for a mobile device, the apparatus including: the judging unit is used for judging whether the mobile equipment is subjected to the primary penetration test; a primary test unit for, in case the mobile device is a primary penetration test: executing test environment detection operation to obtain first environment detection information; determining a test function module based on the first environment detection information; executing corresponding penetration test operation based on the test function module to generate a corresponding first test result; a non-primary test unit, configured to, in a case that the mobile device is a non-primary penetration test: executing test environment detection operation to obtain second environment detection information; judging whether the test environment changes or not based on the second environment detection information; under the condition that the testing environment is determined to be changed, determining an updated functional module corresponding to the testing environment; and executing corresponding penetration test operation based on the updated functional module to generate a second test result.
In an embodiment of the present invention, the determining the test function module based on the first environment detection information includes: acquiring a preset test function library, wherein the test function library comprises a plurality of test function modules; sequentially matching each piece of detection information with the test function module in the preset test function library to obtain a first matching result; and determining a corresponding test function module based on the first matching result.
In an embodiment of the present invention, the test function module includes a system test function module, a port test function module, a peripheral intercommunication test function module, a data reading/storing test function module, a fraud application installation test function module, an authority management test function module, and a process management test function module, and the executing a corresponding penetration test operation based on the test function module to generate a corresponding first test result includes: executing a system vulnerability testing operation based on the system testing functional module to generate a vulnerability scanning result; executing port test operation based on the port test function module to generate a port scanning result; executing peripheral intercommunication test operation based on the peripheral intercommunication test function module to generate an intercommunication test result; executing data read-write test operation based on the data read/storage test function module to generate a read-write test result; executing application installation test operation based on the fraud application installation test function module to generate an application installation test result; executing authority acquisition test operation based on the authority management test function module to generate an authority acquisition test result; executing process management test operation based on the process management test function module to generate a process management test result; generating a first test result based on the vulnerability scanning result, the port scanning result, the intercommunication test result, the read-write test result, the application installation test result, the permission acquisition test result and the process management test result.
In an embodiment of the present invention, the connecting the mobile device to a cloud server, and determining a test function module based on the first environment detection information includes: uploading the first environment detection information to the cloud server; and acquiring first feedback information of the cloud server for the first environment detection information, wherein the first feedback information comprises a test function module matched with each detection information, and the test function module in the first feedback information is updated and maintained by the cloud server in real time.
In this embodiment of the present invention, the determining the updated functional module corresponding to the test environment includes: acquiring at least one change information of the test environment based on the second environment detection information; sequentially matching each piece of change information with the test function module in the preset test function library to obtain a matching function module; judging whether the cloud server has update information aiming at the matching function module; if so, updating the matching functional module based on the updating information to obtain an updated functional module; otherwise, the matching function module is used as an updated function module.
Further, an embodiment of the present invention also provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the method of the present invention.
Although the embodiments of the present invention have been described in detail with reference to the accompanying drawings, the embodiments of the present invention are not limited to the details of the above embodiments, and various simple modifications can be made to the technical solutions of the embodiments of the present invention within the technical idea of the embodiments of the present invention, and the simple modifications all belong to the protection scope of the embodiments of the present invention.
It should be noted that the various features described in the above embodiments may be combined in any suitable manner without departing from the scope of the invention. In order to avoid unnecessary repetition, the embodiments of the present invention do not describe every possible combination.
Those skilled in the art will understand that all or part of the steps in the method according to the above embodiments may be implemented by a program, which is stored in a storage medium and includes several instructions to enable a single chip, a chip, or a processor (processor) to execute all or part of the steps in the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In addition, any combination of various different implementation manners of the embodiments of the present invention is also possible, and the embodiments of the present invention should be considered as disclosed in the embodiments of the present invention as long as the combination does not depart from the spirit of the embodiments of the present invention.
Claims (10)
1. A method for rapid penetration testing of a mobile device, the method comprising:
judging whether the mobile equipment is subjected to primary penetration test;
in the case where the mobile device is a primary penetration test:
executing test environment detection operation to obtain first environment detection information;
determining a test function module based on the first environment detection information;
executing corresponding penetration test operation based on the test function module to generate a corresponding first test result;
in the case that the mobile device is a non-primary penetration test:
executing test environment detection operation to obtain second environment detection information;
judging whether the test environment changes or not based on the second environment detection information;
under the condition that the testing environment is determined to be changed, determining an updated functional module corresponding to the testing environment;
and executing corresponding penetration test operation based on the updated functional module to generate a second test result.
2. The method of claim 1, wherein the first environmental detection information comprises a plurality of detection information, and wherein determining a test function module based on the first environmental detection information comprises:
acquiring a preset test function library, wherein the test function library comprises a plurality of test function modules;
sequentially matching each piece of detection information with the test function module in the preset test function library to obtain a first matching result;
and determining a corresponding test function module based on the first matching result.
3. The method of claim 1, wherein the test function modules include a system test function module, a port test function module, a peripheral intercommunication test function module, a data read/store test function module, a rogue application installation test function module, an authority management test function module, and a process management test function module,
the executing the corresponding penetration test operation based on the test function module to generate a corresponding first test result includes:
executing a system vulnerability testing operation based on the system testing functional module to generate a vulnerability scanning result;
executing port test operation based on the port test function module to generate a port scanning result;
executing peripheral intercommunication test operation based on the peripheral intercommunication test function module to generate an intercommunication test result;
executing data read-write test operation based on the data read/storage test function module to generate a read-write test result;
executing application installation test operation based on the fraudulent application installation test function module to generate an application installation test result;
executing authority acquisition test operation based on the authority management test function module, and generating an authority acquisition test result;
executing process management test operation based on the process management test function module to generate a process management test result;
and generating a first test result based on the bug scanning result, the port scanning result, the intercommunication test result, the read-write test result, the application installation test result, the permission acquisition test result and the process management test result.
4. The method of claim 2, wherein the mobile device is connected to a cloud server, and wherein determining a test function module based on the first environmental detection information comprises:
uploading the first environment detection information to the cloud server;
and acquiring first feedback information of the cloud server aiming at the first environment detection information, wherein the first feedback information comprises a test function module matched with each detection information, and the test function module in the first feedback information is updated and maintained by the cloud server in real time.
5. The method of claim 4, wherein determining the updated functional module corresponding to the test environment comprises:
acquiring at least one change information of the test environment based on the second environment detection information;
sequentially matching each piece of change information with the test function module in the preset test function library to obtain a matching function module;
judging whether the cloud server has update information aiming at the matching function module;
if so, updating the matching functional module based on the updating information to obtain an updated functional module;
otherwise, the matching function module is used as an updated function module.
6. A rapid penetration testing apparatus for a mobile device, the apparatus comprising:
the judging unit is used for judging whether the mobile equipment is subjected to the primary penetration test;
a primary test unit for, in case the mobile device is a primary penetration test: executing test environment detection operation to obtain first environment detection information; determining a test function module based on the first environment detection information; executing corresponding penetration test operation based on the test function module to generate a corresponding first test result;
a non-primary test unit to, if the mobile device is a non-primary penetration test: executing test environment detection operation to obtain second environment detection information; judging whether the test environment changes or not based on the second environment detection information; under the condition that the testing environment is determined to be changed, determining an updated functional module corresponding to the testing environment; and executing corresponding penetration test operation based on the updated functional module to generate a second test result.
7. The apparatus of claim 6, wherein the first environment detection information comprises a plurality of detection information, and wherein determining a test function module based on the first environment detection information comprises:
acquiring a preset test function library, wherein the test function library comprises a plurality of test function modules;
sequentially matching each piece of detection information with the test function module in the preset test function library to obtain a first matching result;
and determining a corresponding test function module based on the first matching result.
8. The apparatus of claim 6, wherein the test function modules comprise a system test function module, a port test function module, a peripheral intercommunication test function module, a data read/store test function module, a fraud application installation test function module, an authority management test function module, and a process management test function module,
the executing the corresponding penetration test operation based on the test function module to generate a corresponding first test result includes:
executing a system vulnerability testing operation based on the system testing functional module to generate a vulnerability scanning result;
executing port test operation based on the port test function module to generate a port scanning result;
executing peripheral intercommunication test operation based on the peripheral intercommunication test function module to generate an intercommunication test result;
executing data read-write test operation based on the data read/storage test function module to generate a read-write test result;
executing application installation test operation based on the fraudulent application installation test function module to generate an application installation test result;
executing authority acquisition test operation based on the authority management test function module to generate an authority acquisition test result;
executing process management test operation based on the process management test function module to generate a process management test result;
generating a first test result based on the vulnerability scanning result, the port scanning result, the intercommunication test result, the read-write test result, the application installation test result, the permission acquisition test result and the process management test result.
9. The apparatus of claim 7, wherein the mobile device is connected to a cloud server, and wherein determining the test function module based on the first environment detection information comprises:
uploading the first environment detection information to the cloud server;
and acquiring first feedback information of the cloud server aiming at the first environment detection information, wherein the first feedback information comprises a test function module matched with each detection information, and the test function module in the first feedback information is updated and maintained by the cloud server in real time.
10. The apparatus of claim 9, wherein determining an updated functional module corresponding to the test environment comprises:
acquiring at least one change information of the test environment based on the second environment detection information;
sequentially matching each piece of change information with the test function module in the preset test function library to obtain a matching function module;
judging whether the cloud server has update information aiming at the matching function module;
if so, updating the matching functional module based on the updating information to obtain an updated functional module;
otherwise, the matching function module is used as an updated function module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211182572.7A CN115659348A (en) | 2022-09-27 | 2022-09-27 | Rapid penetration test method and test device for mobile equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211182572.7A CN115659348A (en) | 2022-09-27 | 2022-09-27 | Rapid penetration test method and test device for mobile equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115659348A true CN115659348A (en) | 2023-01-31 |
Family
ID=84985600
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211182572.7A Pending CN115659348A (en) | 2022-09-27 | 2022-09-27 | Rapid penetration test method and test device for mobile equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115659348A (en) |
-
2022
- 2022-09-27 CN CN202211182572.7A patent/CN115659348A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110417778B (en) | Access request processing method and device | |
| RU2601148C1 (en) | System and method for detecting anomalies when connecting devices | |
| US20220050765A1 (en) | Method for processing logs in a computer system for events identified as abnormal and revealing solutions, electronic device, and cloud server | |
| CN111881452A (en) | Safety test system for industrial control equipment and working method thereof | |
| CN108234426B (en) | APT attack warning method and APT attack warning device | |
| KR102230441B1 (en) | Method, Device and program for generating security action report based on the results of the security vulnerability assessment | |
| CN112733147A (en) | Equipment safety management method and system | |
| CN112565244B (en) | Active risk monitoring method, system and equipment for website projects | |
| CN113904910A (en) | Intelligent asset discovery method and device based on operation and maintenance system | |
| CN113132393A (en) | Abnormality detection method, abnormality detection device, electronic apparatus, and storage medium | |
| CN115659348A (en) | Rapid penetration test method and test device for mobile equipment | |
| CN115643044A (en) | Data processing method, device, server and storage medium | |
| CN113297583B (en) | Vulnerability risk analysis method, device, equipment and storage medium | |
| CN112329021B (en) | Method and device for checking application loopholes, electronic device and storage medium | |
| CN115361203A (en) | Vulnerability analysis method based on distributed scanning engine | |
| CN114462030A (en) | Privacy policy processing and evidence obtaining method, device, equipment and storage medium | |
| WO2019056545A1 (en) | Test machine automation management method and apparatus, device, and storage medium | |
| CN114416507A (en) | Communication behavior monitoring method and device, computer equipment and storage medium | |
| CN113672453A (en) | Display page monitoring method and device, electronic equipment and storage medium | |
| CN112699369A (en) | Method and device for detecting abnormal login through stack backtracking | |
| CN111176975A (en) | Test method, device, equipment and computer readable storage medium | |
| CN117007898B (en) | Method and device for testing aging state of target electronic speed regulator | |
| CN114499998B (en) | Security protection method, device, electronic equipment and storage medium | |
| CN107463842A (en) | SQL injection audit or means of defence and device based on database protocol | |
| KR102230438B1 (en) | Real-time inspection system and method for vulnerable assets using dashboard |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |