CN116244195B - PHP ras module hook stability test method and device - Google Patents
PHP ras module hook stability test method and device Download PDFInfo
- Publication number
- CN116244195B CN116244195B CN202310175159.6A CN202310175159A CN116244195B CN 116244195 B CN116244195 B CN 116244195B CN 202310175159 A CN202310175159 A CN 202310175159A CN 116244195 B CN116244195 B CN 116244195B
- Authority
- CN
- China
- Prior art keywords
- test
- traversing
- test result
- module
- php
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3692—Test management for test results analysis
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The application discloses a PHP ras module hook stability test method and device, comprising the following steps: constructing a PHP sample file, and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function; closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a first traversal test result; opening the PHP ras module to obtain a second traversal test result; comparing the first traversing test result with the second traversing test result, if the first traversing test result and the second traversing test result are the same, judging that the ras module is normal in function, and if the first traversing test result and the second traversing test result are different, judging that the ras module is abnormal in function. The method and the device have the advantages that the functions of all the hook point modules are traversed quickly, more scene coverage automation can be realized, the judgment granularity of the result is higher, and automatic assertion of the result can be realized.
Description
Technical Field
The application relates to the technical field of software testing, in particular to a PHP ras module hook stability testing method and device.
Background
For business systems developed based on the php language, there may be some web vulnerabilities that are currently exploited. The php ras module is mainly used for effectively detecting and intercepting some potential attacks and risks suffered by the service system when the service system is running, and the php ras module is mainly used for detecting and intercepting by a key-point hoo k technology. It is the hook at run-time that is likely to destroy business functions due to the key modules and key functions of the business system. Based on this, all hook tests of php ras are particularly important.
In the existing test method, method 1: the manual mode is adopted, verification of some scenes is carried out according to sample samples constructed in advance aiming at different hook points, and whether a module of the injected hook operates normally is checked; the more hook points, the more versions may require multiple regression testing, which can make the labor costs in testing high. Method 2: based on the automatic triggering of the sample and the verification of the result, the automation is more in order to verify whether the automatic triggering execution and reporting risk of the sample or the interception event is correct or not, and the quick triggering traversal can play an effective role for the full hook point; however, since the input of parameters is based on whether the sample risk is intercepted and reported, no finer granularity attention has an effect on the output of the function of the hook, and therefore, the automation is insufficient in the verification of whether the hook point affects the service function.
In the prior art, the test is time-consuming, and the constructed test scene is more based on the link detection logic triggered and reported by the sample, but the real service system is possibly various when being taken into the function of the hook, so that the coverage rate of the test scene related to the hook point is possibly insufficient, and the on-line risk is brought.
Disclosure of Invention
The application aims to provide a method and a device for testing the hook stability of a PHP (PHP) module, which can rapidly traverse the functions of all the hook modules, realize automation of more scene coverage, realize higher judgment granularity of results and realize automatic assertion of the results, meet test requirements, expose potential problems in advance and improve the safety of a system.
In order to solve the technical problems, a first aspect of the embodiment of the present application provides a method for testing hook stability of a PHP rasp module, which includes the following steps:
constructing a PHP sample file, and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function;
closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a first traversal test result;
opening the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a second traversal test result;
comparing the first traversing test result with the second traversing test result, if the first traversing test result and the second traversing test result are the same, judging that the ras module is normal in function, and if the first traversing test result and the second traversing test result are different, judging that the ras module is abnormal in function.
Further, the obtaining the sample url list and the parameter fuzzy list of the test sample according to the waiting function includes:
constructing a test sample according to a waiting function, wherein the test sample comprises: command execution, character string processing and file processing;
starting the ngix, storing the test sample to an html directory of the ngix, configuring the ngix and reloading;
constructing a parameter fuzzy base library according to the points to be hook, wherein the base library comprises: type, length, boundary value, null value, special character, chinese;
samples in the test samples are identified and a sample url list is updated.
Further, the performing the test sample by the traversal to obtain a first traversal test result includes:
executing the test sample according to the generation parameters;
executing input parameters and output results, wherein the input parameters are parameters generated according to fuzzy, and the output results are processed by a hook function;
and judging whether the test sample is traversed, if so, executing the step of opening the PHP rasp module, and if not, continuing executing the next test sample.
Further, the performing the test sample by the traversing obtains a second traversing test result, including:
executing the test sample according to the generation parameters;
executing input parameters and output results, wherein the input parameters are parameters generated according to fuzzy, and the output results are processed by a hook function;
and judging whether the test sample is traversed, if so, executing the step of comparing the first traversing test result with the second traversing test result, and if not, continuing executing the next test sample.
Further, the comparing the first traversal test result with the second traversal test result includes:
automatically comparing the first traversing test result with the second traversing test result to obtain a comparison result text;
judging whether the first traversing test result and the second traversing test result are the same according to the comparison result text, if yes, judging that the ras module is normal in function, and if not, judging that the ras module is abnormal in function, and automatically sending an alarm notification.
Accordingly, a second aspect of the embodiment of the present application provides a device for testing hook stability of a PHP rasp module, comprising:
the information acquisition module is used for constructing a PHP sample file and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function;
the first test module is used for closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a first traversal test result;
the second test module is used for opening the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a second traversal test result;
and the function judging module is used for comparing the first traversing test result with the second traversing test result, judging that the ras module is normal in function if the first traversing test result is the same as the second traversing test result, and judging that the ras module is abnormal in function if the first traversing test result is different from the second traversing test result.
Further, the information acquisition module includes:
a sample construction unit for constructing a test sample according to a waiting function, the test sample comprising: command execution, character string processing and file processing;
the package testing method comprises a package loading unit, a test sample loading unit and a test sample loading unit, wherein the package loading unit is used for starting package, storing the test sample into an html directory of the package, configuring the package and reloading the package;
the parameter construction unit is used for constructing a parameter fuzzy base library according to the points to be hook, and the base library comprises: type, length, boundary value, null value, special character, chinese;
a list updating unit for identifying samples in the test samples and updating a sample url list.
Further, the first test module includes:
a first test unit for executing the test sample according to the generation parameters;
the first storage unit is used for executing input parameters and output results to be stored in the first text, wherein the input parameters are parameters generated according to fuzzy, and the output results are results processed by a hook function;
and the first control unit is used for judging whether the test sample is traversed, if yes, executing the step of opening the PHP rasp module, and if not, continuing executing the next test sample.
Further, the second test module includes:
a second test unit for executing the test sample according to the generation parameters;
the second storage unit is used for executing input parameters and output results to be stored in a second text, wherein the input parameters are parameters generated according to fuzzy, and the output results are results processed by a hook function;
and the second control unit is used for judging whether the test sample is traversed, if so, executing the step of comparing the first traversing test result with the second traversing test result, and if not, continuing executing the next test sample.
Further, the function determination module includes:
the diff processing unit is used for automatically comparing the first traversing test result with the second traversing test result to obtain a comparison result text;
and the function judging unit is used for judging whether the first traversing test result and the second traversing test result are the same according to the comparison result text, judging that the ras module is normal in function if the first traversing test result and the second traversing test result are the same, judging that the ras module is abnormal in function if the first traversing test result and the second traversing test result are different, and automatically sending an alarm notification.
Accordingly, a third aspect of the embodiment of the present application provides an electronic device, including: at least one processor; and a memory coupled to the at least one processor; the memory stores instructions executable by the one processor, and the instructions are executed by the one processor, so that the at least one processor executes the PHP ras module hook stability testing method.
Accordingly, a fourth aspect of embodiments of the present application provides a computer-readable storage medium having stored thereon computer instructions that, when executed by a processor, implement the above-described method for testing the hook stability of a PHP rasp module.
The technical scheme provided by the embodiment of the application has the following beneficial technical effects:
the method has the advantages that the functions of all the hook point modules are traversed rapidly, more scene coverage automation can be realized, the judgment granularity of the result is higher, automatic assertion of the result can be realized, the test requirement is met, potential problems are exposed in advance, and the safety of the system is improved.
Drawings
FIG. 1 is a flow chart of a method for testing hook stability of a PHP ras module provided by an embodiment of the present application;
FIG. 2 is a logic diagram of a PHP ras module hook stability test method according to an embodiment of the present application;
FIG. 3 is a block diagram of a PHP ras module hook stability test device according to an embodiment of the present application;
FIG. 4 is a block diagram of an information acquisition module provided by an embodiment of the present application;
FIG. 5 is a block diagram of a first test module provided by an embodiment of the present application;
FIG. 6 is a block diagram of a second test module provided by an embodiment of the present application;
fig. 7 is a block diagram of a function determination module according to an embodiment of the present application.
Reference numerals:
1. the device comprises an information acquisition module 11, a sample construction unit 12, an nginx loading unit 13, a parameter construction unit 14, a list updating unit 2, a first test module 21, a first test unit 22, a first storage unit 23, a first control unit 3, a second test module 31, a second test unit 32, a second storage unit 33, a second control unit 4, a function judging module 41, a diff processing unit 42 and a function judging unit.
Detailed Description
The objects, technical solutions and advantages of the present application will become more apparent by the following detailed description of the present application with reference to the accompanying drawings. It should be understood that the description is only illustrative and is not intended to limit the scope of the application. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the present application.
Referring to fig. 1 and 2, a first aspect of the present application provides a method for testing hook stability of a PHP rasp module, comprising the following steps:
and S100, constructing a PHP sample file, and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function.
And step S200, closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzz list to obtain a first traversal test result.
And step S300, opening a PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzz list to obtain a second traversal test result.
Step S400, comparing the first traversing test result with the second traversing test result, if the first traversing test result and the second traversing test result are the same, judging that the ras module is normal in function, and if the first traversing test result and the second traversing test result are different, judging that the ras module is abnormal in function.
The testing method quickly traverses the functions of all the hook point modules, can realize automation of more scene coverage, has higher fine granularity for judging the result and can realize automatic assertion of the result, thereby meeting the testing requirement, exposing potential problems in advance and improving the safety of the system. And when the function is input in the same way, the test scheme of the automatic diff of the output result can meet the test requirements and can better expose the potential problems in advance.
In addition, the fuzzy base library is automatically generated by utilizing python script according to the types of parameters (such as integer, character string, bool type, list and the like), the lengths of the parameters (such as boundary values of 1 to maximum length and the like), whether the parameters are null or not and the parameters (including Chinese and other special characters) in the dimensions.
Specifically, in step S100, a sample url list and a parameter fusion list of a test sample are obtained according to a waiting hook function, and the method specifically includes the following steps:
step S110, constructing a test sample according to the waiting function, wherein the test sample comprises: command execution, string processing, file processing.
And step S120, starting the nginx, storing the test sample into an html directory of the nginx, configuring the nginx and reloading the nginx.
Step S130, constructing a parameter fuzzy base library according to the points to be hook, wherein the base library comprises: type, length, boundary value, null value, special character, chinese.
Step S140, identifying samples in the test samples and updating the sample url list.
Specifically, in step S200, the step of performing the test sample to obtain a first traversal test result specifically includes the following steps:
step S210, executing the test sample according to the generation parameters.
In step S220, the input parameters and the output result are stored in the first text (not_object. Log file). Wherein the input parameters are parameters generated according to fuzzy, and the output result is processed by the hoo k function
Step S230, judging whether the test sample is traversed, if yes, executing the step of opening the PHP ras p module, if not, continuing executing the next test sample.
Specifically, in step S300, performing the test sample in a traversing manner to obtain a second traversing test result includes:
step S310, executing the test sample according to the generated parameters.
In step S320, the input parameters and the output result of the execution are stored in a second text (object. Lo g file). Wherein the input parameters are parameters generated according to fuzzy, and the output result is processed by a hook function
Step S330, judging whether the test sample is traversed, if yes, executing the step of comparing the first traversing test result with the second traversing test result, and if not, continuing executing the next test sample.
Further, in step S400, comparing the first traversal test result with the second traversal test result includes:
step S410, the first traversing test result and the second traversing test result are automatically compared, and a comparison result text (diif. Log) is obtained.
Step S420, judging that the first traversing test result and the second traversing test result are the same according to the comparison result text (dif. Log), judging that the ras module is normal in function if the first traversing test result and the second traversing test result are the same, judging that the ras module is abnormal in function if the first traversing test result and the second traversing test result are different, and automatically sending an alarm notification.
The technical scheme can realize the test automation of the whole php ras phook point, the coverage of a test scene of a hook module is improved by using a parameter fuzzy test method, and the problems are automatically found by using the automatic diff of the starting ra sp and the starting ra sp.
Accordingly, referring to fig. 3, a second aspect of the embodiment of the present application provides a device for testing the hook stability of a PHP ras module, comprising:
the information acquisition module 1 is used for constructing a PHP sample file and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function;
the first test module 2 is used for closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a first traversal test result;
the second test module 3 is used for opening the PHP rasp module, traversing and executing the test sample according to the test sample url list and the parameter fuzzy list to obtain a second traversing test result;
and the function judging module 4 is used for comparing the first traversing test result with the second traversing test result, judging that the ras module is normal in function if the first traversing test result is the same as the second traversing test result, and judging that the ras module is abnormal in function if the second traversing test result is different from the first traversing test result.
Further, referring to fig. 4, the information acquisition module 1 includes:
a sample construction unit 11 for constructing a test sample according to the waiting function, the test sample comprising: command execution, character string processing and file processing;
the nginx loading unit 12 is used for starting the nginx, storing the test sample into an html directory of the nginx, configuring the nginx and reloading the test sample;
a parameter construction unit 13, configured to construct a parameter fuzzy base library according to the points to be hook, where the base library includes: type, length, boundary value, null value, special character, chinese;
a list updating unit 14 for identifying samples in the test samples and updating the sample url list.
Further, referring to fig. 5, the first test module 2 includes:
a first test unit 21 for executing test samples according to the generation parameters;
a first storage unit 22, configured to execute an input parameter and an output result, where the input parameter is a parameter generated according to fuzzy, and the output result is a result processed by a hook function, and store the output result in a first text;
the first control unit 23 is configured to determine whether the test sample has been traversed, if yes, execute the step of opening the PHP rasp module, and if not, continue executing the next test sample.
Further, referring to fig. 6, the second test module 3 includes:
a second test unit 31 for executing a test sample according to the generation parameters;
a second storage unit 32 for storing an input parameter and an output result to be executed to a second text, wherein the input parameter is a parameter generated according to fuzzy, and the output result is a result processed by a hook function;
and a second control unit 33, configured to determine whether the test sample has been traversed, and if so, perform a step of comparing the first traversing test result with the second traversing test result, and if not, continue to perform the next test sample.
Further, referring to fig. 7, the function determination module 4 includes:
a diff processing unit 41 for automatically comparing the first traversal test result and the second traversal test result to obtain (dif.log);
and a function judging unit 42 for judging that the ras module is normal according to the (dif. Log) judgment result, if the first traversing test result is the same as the second traversing test result, judging that the ras module is abnormal if the first traversing test result is different from the second traversing test result, and automatically sending an alarm notification.
Accordingly, a third aspect of the embodiment of the present application provides an electronic device, including: at least one processor; and a memory coupled to the at least one processor; the memory stores instructions executable by the one processor, and the instructions are executed by the one processor, so that the at least one processor executes the PHP ras module hook stability testing method.
Accordingly, a fourth aspect of embodiments of the present application provides a computer-readable storage medium having stored thereon computer instructions that, when executed by a processor, implement the above-described method for testing the hook stability of a PHP rasp module.
The embodiment of the application aims to protect a PHP ras module hook stability test method and device, and has the following effects:
the method has the advantages that the functions of all the hook point modules are traversed rapidly, more scene coverage automation can be realized, the judgment granularity of the result is higher, automatic assertion of the result can be realized, the test requirement is met, potential problems are exposed in advance, and the safety of the system is improved.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical aspects of the present application and not for limiting the same, and although the present application has been described in detail with reference to the above embodiments, it should be understood by those of ordinary skill in the art that: modifications and equivalents may be made to the specific embodiments of the application without departing from the spirit and scope of the application, which is intended to be covered by the claims.
Claims (8)
1. The PHP ras module hook stability test method is characterized by comprising the following steps:
constructing a PHP sample file, and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function;
closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a first traversal test result;
opening the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a second traversal test result;
comparing the first traversing test result with the second traversing test result, if the first traversing test result and the second traversing test result are the same, judging that the ras module is normal in function, and if the first traversing test result and the second traversing test result are different, judging that the ras module is abnormal in function;
the method for obtaining the sample url list and the parameter fuzzy list of the test sample according to the waiting hook function comprises the following steps:
constructing a test sample according to a waiting function, wherein the test sample comprises: command execution, character string processing and file processing;
starting the ngix, storing the test sample to an html directory of the ngix, configuring the ngix and reloading;
constructing a parameter fuzzy base library according to the points to be hook, wherein the base library comprises: type, length, boundary value, null value, special character, chinese;
samples in the test samples are identified and a sample url list is updated.
2. The PHP rasp module hook stability test method of claim 1, wherein the traversing the test sample results in a first traversal test result comprising:
executing the test sample according to the generation parameters;
executing input parameters and output results, wherein the input parameters are parameters generated according to fuzzy, and the output results are processed by a hook function;
and judging whether the test sample is traversed, if so, executing the step of opening the PHP rasp module, and if not, continuing executing the next test sample.
3. The PHP rasp module hook stability test method of claim 1, wherein the traversing the test sample results in a second traversal test result comprising:
executing the test sample according to the generation parameters;
executing input parameters and output results, wherein the input parameters are parameters generated according to fuzzy, and the output results are processed by a hook function;
and judging whether the test sample is traversed, if so, executing the step of comparing the first traversing test result with the second traversing test result, and if not, continuing executing the next test sample.
4. The PHP rasp module hook stability test method of any one of claims 1-3, wherein said comparing said first traversal test result with said second traversal test result comprises:
automatically comparing the first traversing test result with the second traversing test result to obtain a comparison result text;
judging whether the first traversing test result and the second traversing test result are the same according to the comparison result text, judging that the ras module is normal in function if the first traversing test result and the second traversing test result are the same, judging that the ras module is abnormal in function if the first traversing test result and the second traversing test result are different, and automatically sending an alarm notification.
5. A PHP rasp module hook stability testing device, comprising:
the information acquisition module is used for constructing a PHP sample file and acquiring a test sample url list and a parameter fuzzy list in the PHP sample file according to a waiting function;
the first test module is used for closing the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a first traversal test result;
the second test module is used for opening the PHP rasp module, and performing traversal on the test sample according to the test sample url list and the parameter fuzzy list to obtain a second traversal test result;
the function judging module is used for comparing the first traversing test result with the second traversing test result, judging that the ras module is normal in function if the first traversing test result is the same as the second traversing test result, and judging that the ras module is abnormal in function if the first traversing test result is different from the second traversing test result;
the information acquisition module includes:
a sample construction unit for constructing a test sample according to a waiting function, the test sample comprising: command execution, character string processing and file processing;
the package testing method comprises a package loading unit, a test sample loading unit and a test sample loading unit, wherein the package loading unit is used for starting package, storing the test sample into an html directory of the package, configuring the package and reloading the package;
the parameter construction unit is used for constructing a parameter fuzzy base library according to the points to be hook, and the base library comprises: type, length, boundary value, null value, special character, chinese;
a list updating unit for identifying samples in the test samples and updating a sample url list.
6. The PHP rasp module hook stability test apparatus of claim 5, wherein the first test module comprises:
a first test unit for executing the test sample according to the generation parameters;
the first storage unit is used for executing input parameters and output results to be stored in the first text, wherein the input parameters are parameters generated according to fuzzy, and the output results are results processed by a hook function;
and the first control unit is used for judging whether the test sample is traversed, if yes, executing the step of opening the PHP rasp module, and if not, continuing executing the next test sample.
7. The PHP rasp module hook stability test apparatus of claim 5, wherein the second test module comprises:
a second test unit for executing the test sample according to the generation parameters;
the second storage unit is used for executing input parameters and output results to be stored in a second text, wherein the input parameters are parameters generated according to fuzzy, and the output results are results processed by a hook function;
and the second control unit is used for judging whether the test sample is traversed, if so, executing the step of comparing the first traversing test result with the second traversing test result, and if not, continuing executing the next test sample.
8. The PHP rasp module hook stability test apparatus of any one of claims 5-7, wherein the function determination module comprises:
the diff processing unit is used for automatically comparing the first traversing test result with the second traversing test result to obtain a comparison result text;
and the function judging unit is used for judging whether the first traversing test result and the second traversing test result are the same according to the comparison result text, judging that the ras module is normal in function if the first traversing test result and the second traversing test result are the same, judging that the ras module is abnormal in function if the first traversing test result and the second traversing test result are different, and automatically sending an alarm notification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310175159.6A CN116244195B (en) | 2023-02-27 | 2023-02-27 | PHP ras module hook stability test method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310175159.6A CN116244195B (en) | 2023-02-27 | 2023-02-27 | PHP ras module hook stability test method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116244195A CN116244195A (en) | 2023-06-09 |
CN116244195B true CN116244195B (en) | 2023-09-22 |
Family
ID=86632763
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310175159.6A Active CN116244195B (en) | 2023-02-27 | 2023-02-27 | PHP ras module hook stability test method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116244195B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112199284A (en) * | 2020-10-10 | 2021-01-08 | 广州华多网络科技有限公司 | Program automation testing method and corresponding device, equipment and medium |
CN112286828A (en) * | 2020-12-24 | 2021-01-29 | 支付宝(杭州)信息技术有限公司 | Testing method and system for intelligent contracts of block chains |
CN114443502A (en) * | 2022-02-21 | 2022-05-06 | 北京高途云集教育科技有限公司 | Stability testing method and device based on application program |
US20220335630A1 (en) * | 2018-01-29 | 2022-10-20 | Philipp K. Lang | Augmented reality guidance for dental procedures |
CN115599645A (en) * | 2022-10-13 | 2023-01-13 | 安芯网盾(北京)科技有限公司(Cn) | Method and device for testing stability of linux drive module |
-
2023
- 2023-02-27 CN CN202310175159.6A patent/CN116244195B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220335630A1 (en) * | 2018-01-29 | 2022-10-20 | Philipp K. Lang | Augmented reality guidance for dental procedures |
CN112199284A (en) * | 2020-10-10 | 2021-01-08 | 广州华多网络科技有限公司 | Program automation testing method and corresponding device, equipment and medium |
CN112286828A (en) * | 2020-12-24 | 2021-01-29 | 支付宝(杭州)信息技术有限公司 | Testing method and system for intelligent contracts of block chains |
CN114443502A (en) * | 2022-02-21 | 2022-05-06 | 北京高途云集教育科技有限公司 | Stability testing method and device based on application program |
CN115599645A (en) * | 2022-10-13 | 2023-01-13 | 安芯网盾(北京)科技有限公司(Cn) | Method and device for testing stability of linux drive module |
Also Published As
Publication number | Publication date |
---|---|
CN116244195A (en) | 2023-06-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10243679B2 (en) | Vulnerability detection | |
CN105069355B (en) | The static detection method and device of webshell deformations | |
CN108459954B (en) | Application program vulnerability detection method and device | |
US9438617B2 (en) | Application security testing | |
CN109101815B (en) | Malicious software detection method and related equipment | |
CN105631341B (en) | Blind detection method and device for vulnerability | |
CN113114680B (en) | Detection method and detection device for file uploading vulnerability | |
Scalco et al. | On the feasibility of detecting injections in malicious npm packages | |
JP6282217B2 (en) | Anti-malware system and anti-malware method | |
CN110851352A (en) | Fuzzy test system and terminal equipment | |
CN110365641A (en) | Cross-site scripting attack leak detection method, equipment and computer-readable medium | |
CN111859399A (en) | Vulnerability detection method and device based on oval | |
CN107103243B (en) | Vulnerability detection method and device | |
EP2107484A2 (en) | A method and device for code audit | |
KR101228902B1 (en) | Cloud Computing-Based System for Supporting Analysis of Malicious Code | |
CN113919841A (en) | Block chain transaction monitoring method and system based on static characteristics and dynamic instrumentation | |
CN113935041A (en) | Vulnerability detection system and method for real-time operating system equipment | |
CN116244195B (en) | PHP ras module hook stability test method and device | |
CN116881921A (en) | AFL-based binary command injection vulnerability detection method and system | |
CN112003824A (en) | Attack detection method and device and computer readable storage medium | |
US11880470B2 (en) | System and method for vulnerability detection in computer code | |
Avancini et al. | Circe: A grammar-based oracle for testing cross-site scripting in web applications | |
CN111666216B (en) | Intelligent contract analysis method and device | |
CN114691197A (en) | Code analysis method and device, electronic equipment and storage medium | |
CN117195241B (en) | Firmware vulnerability detection method, device and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |