CN117040757A - Weblogic password checking method and device - Google Patents

Weblogic password checking method and device Download PDF

Info

Publication number
CN117040757A
CN117040757A CN202311010502.8A CN202311010502A CN117040757A CN 117040757 A CN117040757 A CN 117040757A CN 202311010502 A CN202311010502 A CN 202311010502A CN 117040757 A CN117040757 A CN 117040757A
Authority
CN
China
Prior art keywords
password
plaintext
information
script
extraction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311010502.8A
Other languages
Chinese (zh)
Inventor
安卫杰
贾延昆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN202311010502.8A priority Critical patent/CN117040757A/en
Publication of CN117040757A publication Critical patent/CN117040757A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/26Testing cryptographic entity, e.g. testing integrity of encryption key or encryption algorithm

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a Weblogic password checking method and device, comprising the following steps: acquiring a first target script executed by a Weblogic server; executing a preset password extraction operation to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the Weblogic server in the history script; obtaining a plaintext password corresponding to the password information based on the extraction result; and detecting the weak password of the plaintext password, and outputting a detection result corresponding to the plaintext password. By applying the method provided by the application, the automatic check of the Weblogic password can be realized, and the efficiency of the Weblogic password check is improved.

Description

Weblogic password checking method and device
Technical Field
The application relates to the technical field of computers, in particular to a Weblogic password checking method and device.
Background
Weblogic is an enterprise-level Java EE application server platform (middleware) and provides a password security management mechanism for guaranteeing information security of information systems and software products. User password settings must be completed when weblogic Domain is created. The operation management activities can be used only by user password verification when logging in the Weblgood control console. However, in the operation and maintenance process, the user may not set the Weblogic password strictly according to the security management requirement, if the condition of using the Weblogic plaintext password exists in the operation and maintenance script, the password leakage risk is easy to generate, and if the default user password or the weak password is used, the password is broken by violence to generate the potential safety hazard.
At present, whether the Weblogic password meets the safety standard is determined by a user self-checking mode, but the workload of checking in sequence is larger and the efficiency is lower because of a plurality of users of the Weblogic server.
Disclosure of Invention
In view of the above, the present application provides a method for checking webogic passwords, by which the webogic passwords can be automatically checked for security, and the efficiency of the webogic password checking is improved.
The application also provides a Weblogic password checking device which is used for ensuring the realization and application of the method in practice.
A webogic password checking method comprising:
acquiring a first target script executed by a Weblogic server;
executing a preset password extraction operation to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the Weblogic server in the history script;
obtaining a plaintext password corresponding to the password information based on the extraction result;
and detecting the weak password of the plaintext password, and outputting a detection result corresponding to the plaintext password.
The method, optionally, the obtaining the first target script executed by the Weblogic server includes:
starting a preset searching instruction to obtain each history script executed by the target user on the Weblogic server;
and obtaining shell scripts and/or Python scripts within a preset time period from the historical scripts, wherein the first target scripts at least comprise the shell scripts and/or the Python scripts.
In the above method, optionally, the executing a preset password extraction operation to obtain an extraction result corresponding to the password extraction operation includes:
screening a second target script containing a Weblogic WLST command from the first target script based on preset keywords;
detecting whether the second target script indicates that a key file is used, wherein the key file is used for encrypting the password information;
outputting the extraction result as a first extraction result if the second target script indicates that the key file is used, wherein the first extraction result is used for representing that the password information is non-extractable information;
and if the second target script does not indicate that the key file is used, outputting the extraction result as a second extraction result, wherein the second extraction result is used for representing that the password information is extractable information.
In the above method, optionally, the obtaining, based on the extraction result, a plaintext password corresponding to the password information includes:
if the password information in the second target script is non-extractable information, enabling a decryption tool corresponding to the key file to perform decryption operation, and obtaining a plaintext password corresponding to the password information;
and if the password information in the second target script is extractable information, extracting a plaintext password corresponding to the password information from a preset guide file.
In the above method, optionally, the detecting the weak password of the plaintext password, outputting a detection result corresponding to the plaintext password, includes:
acquiring a preset data dictionary; the data dictionary comprises at least one password rule corresponding to a weak password;
detecting whether the plaintext password is matched with a password rule in the data dictionary;
if the plaintext password is matched with at least one password rule in the data dictionary, outputting a detection result corresponding to the plaintext password as a first detection result, wherein the first detection result is used for representing that the plaintext password is a weak password;
and if the plaintext password is not matched with the password rule in the data dictionary, outputting a detection result corresponding to the plaintext password as a second detection result, wherein the second detection result is used for representing the non-weak password of the plaintext password.
A webogic password checking device comprising:
the first acquisition unit is used for acquiring a first target script executed by the Weblogic server;
the execution unit is used for executing preset password extraction operation to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the webogic server in the history script;
the second acquisition unit is used for acquiring a plaintext password corresponding to the password information based on the extraction result;
and the result output unit is used for carrying out weak password detection on the plaintext password and outputting a detection result corresponding to the plaintext password.
The above apparatus, optionally, the first obtaining unit includes:
the first acquisition subunit is used for enabling a preset searching instruction to acquire each history script executed by the target user on the Weblogic server;
the second obtaining subunit is configured to obtain a shell script and/or a Python script in the history script within a preset time period, where the first target script at least includes the shell script and/or the Python script.
The above apparatus, optionally, the execution unit includes:
a screening subunit, configured to screen, based on a preset keyword, a second target script that includes a Weblogic WLST command from the first target script;
a detection subunit, configured to detect whether the second target script indicates that a key file has been used, where the key file is used to encrypt the cryptographic information;
a first output subunit, configured to output, if the second target script indicates that the key file has been used, the extraction result as a first extraction result, where the first extraction result is used to characterize that the cryptographic information is non-extractable information;
and the second output subunit is used for outputting the extraction result as a second extraction result if the second target script does not indicate that the key file is used, wherein the second extraction result is used for representing that the password information is extractable information.
The above apparatus, optionally, the second obtaining unit includes:
a third obtaining subunit, configured to, if the cryptographic information in the second target script is non-extractable information, enable a decryption tool corresponding to the key file to perform a decryption operation, and obtain a plaintext password corresponding to the cryptographic information;
and the extraction subunit is used for extracting a plaintext password corresponding to the password information from a preset guide file if the password information in the second target script is extractable information.
The above device, optionally, the result output unit includes:
a fourth acquisition subunit, configured to acquire a preset data dictionary; the data dictionary comprises at least one password rule corresponding to a weak password;
a second detection subunit, configured to detect whether the plaintext password matches a password rule in the data dictionary;
the third output subunit is used for outputting a detection result corresponding to the plaintext password as a first detection result if the plaintext password is matched with at least one password rule in the data dictionary, wherein the first detection result is used for representing that the plaintext password is a weak password;
and the fourth output subunit is used for outputting a detection result corresponding to the plaintext password as a second detection result if the plaintext password is not matched with the password rule in the data dictionary, wherein the second detection result is used for representing the plaintext password as a non-weak password.
A storage medium comprising stored instructions, wherein the instructions, when executed, control a device in which the storage medium resides to perform the Weblogic password checking method described above.
An electronic device comprising a memory, and one or more instructions, wherein the one or more instructions are stored in the memory and configured to be executed by the one or more processors to perform the webogic password checking method described above.
Compared with the prior art, the application has the following advantages:
the application provides a Weblogic password checking method, which comprises the following steps: acquiring a first target script executed by a Weblogic server; executing a preset password extraction operation to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the Weblogic server in the history script; obtaining a plaintext password corresponding to the password information based on the extraction result; and detecting the weak password of the plaintext password, and outputting a detection result corresponding to the plaintext password. By applying the method provided by the application, the automatic check of the Weblogic password can be realized, and the efficiency of the Weblogic password check is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for verifying Weblogic passwords according to an embodiment of the application;
FIG. 2 is a flowchart of a method for verifying a Weblogic password according to an embodiment of the present application;
FIG. 3 is a flowchart of a method for verifying a Weblogic password according to an embodiment of the present application;
FIG. 4 is a block diagram of a Weblogic password checking device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In the present disclosure, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions, and the terms "comprise," "include," or any other variation thereof, are intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The application is operational with numerous general purpose or special purpose computing device environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet devices, multiprocessor devices, distributed computing environments that include any of the above devices or devices, and the like.
The embodiment of the application provides a Weblogic password checking method, which can be applied to various system platforms, wherein an execution subject of the method can be a processor of a computer terminal or various mobile devices, and a flow chart of the method is shown in fig. 1, and specifically comprises the following steps:
s101: and acquiring the first target script executed by the Weblogic server.
The Weblogic server responds to the operation instruction of the user and executes the execution script related to the password according to the Weblogic password input by the user. When security checking needs to be performed on a Weblogic password of a target user (Weblogic instance running user), a first target script which is executed by the target user through a Weblogic server is acquired.
The first target script at least comprises a shell script and a Python script executed by the Weblogic server.
It should be further noted that, the shell script and the Python script executed by the Weblogic server encapsulate the Weblogic password of the target user.
Specifically, the specific implementation process of obtaining the first target script executed by the Weblogic server is as follows:
starting a preset searching instruction to obtain each history script executed by the target user on the Weblogic server;
and obtaining shell scripts and/or Python scripts within a preset time period from the historical scripts, wherein the first target scripts at least comprise the shell scripts and/or the Python scripts.
In the application, the search instruction is a preset find command, and the Shell script and/or the python script used in the last period of time (for example, 3 months) of the target user is scanned through the find command. The method comprises the steps of obtaining a history script through a search instruction, and searching a shell script and/or a Python script from the history script.
S102: and executing password extraction operation corresponding to the preset first target script to obtain an extraction result corresponding to the password extraction operation.
The password extraction operation is used for extracting password information of a target user logging in the Weblogic server in the history script to determine the security of the Weblogic password. The password information at least comprises a Weblogic password set by a target user to log on a Weblogic server.
Note that, the Weblogic password in the password information may be a plaintext password or an encrypted password. By performing a password extraction operation, an attempt is made to extract password information from the first target script. If the extraction result is that the password information is successfully extracted, the Weblogic password which represents that the Weblogic password is a plaintext is packaged in the first target script, and the security of the Weblogic password is lower; if the extraction result is that the extraction of the password information fails, the Weblogic password is characterized as non-plaintext and is packaged in the first target script in an encrypted form, and the Weblogic password has higher security.
S103: and obtaining a plaintext password corresponding to the password information based on the extraction result.
It will be appreciated that regardless of whether the Weblogic password is in plaintext in the cryptographic information, the Weblogic password in plaintext, i.e., the plaintext password, is extracted.
S104: and detecting the weak password of the plaintext password, and outputting a detection result corresponding to the plaintext password.
It should be noted that, the weak password refers to a password that uses a password containing only simple numbers and letters as a password of an information system or a software product, and is easily guessed by others or broken by a breaking tool, thereby exposing the information system to risks.
It is understood that whether the plaintext password is a weak password is determined by the detection result. If the detection result is the first detection result, representing that the plaintext password is a weak password, and prompting a target user to modify the plaintext password through the detection result; if the detection result is the second detection result, the characteristic plaintext password is not a weak password, and the plaintext password is determined to be higher in safety.
In the method provided by the embodiment of the application, the first target script executed by the Weblogic server is obtained through the search instruction. The first target script comprises password information of a target user logging in the Weblogic server, and password information in the first target script is tried to be extracted through password extraction operation, so that an extraction result is obtained. And obtaining a plaintext password corresponding to the password information, namely, a Weblogic password of the plaintext according to the extraction result. And carrying out weak password detection on the plaintext password, and outputting a detection result.
By applying the method provided by the embodiment of the application, the automatic inspection of the Weblogic password can be realized, and the inspection efficiency is improved.
Optionally, if the extraction result represents that the password information is successfully extracted, the security of representing the Weblogic password is low, and a prompt message is directly output to prompt the target user to modify the Weblogic password. If the extraction result indicates that the password information is not successfully extracted, the steps S103-S104 can be continued.
In the method provided by the embodiment of the present application, referring to the flow shown in fig. 2, a preset password extraction operation is performed, and an embodiment for obtaining an extraction result corresponding to the password extraction operation includes the following steps:
s201: and screening a second target script containing a Weblogic WLST command from the first target script based on preset keywords.
The keyword is specifically "nmconnect|connect", and a script using Weblogic WLST command (java Weblogic WLST) is selected from the scripts based on the keyword. WLST is a Weblogic scripting tool (WebLogic Scripting Tool) which is a command line scripting interface, the scripting environment is based on the Java script interpreter (Jython), which a system administrator uses to monitor and manage Weblogic Server instances and domains.
S202: detecting whether the second target script indicates that a key file has been used, the key file being used to encrypt the cryptographic information.
Wherein if the second target script indicates that a key file has been used, S203 is performed; if the second target script does not indicate that the key file has been used, S204 is performed.
Specifically, user password information provided by using WLST to connect to a Weblgood Server is extracted from the script based on the keyword "nmConnect|connect".
S203: and outputting the extraction result as a first extraction result.
The first extraction result is used for representing that the password information is non-extractable information in the second target script.
It should be noted that if the password information is non-extractable information, it means that if the second target script is attacked by an illegal user, the password information in the second target script cannot be extracted.
S204: and outputting the extraction result as a second extraction result.
The second extraction result is used for representing that the password information is extractable information in the second target script.
It should be noted that if the password information is extractable information, it is characterized that if the second target script is attacked by an illegal user, the password information in the second target script is easily extracted.
In the method provided by the embodiment of the application, the shell and python scripts used by the target user in the last 3 months are scanned through the find command, the scripts using the Weblogic WLST command (java weblogic.wlst) are screened from the scripts through keyword retrieval, and the user password information provided by using the WLST to connect with the Weblogic Server is extracted from the scripts based on the keyword nmConnect. Since the key file method does not cause leakage of the user password information, the key file is excluded from the key file method, and the other cases are regarded as direct use of the plaintext password information.
Further, a plaintext password corresponding to the password information is obtained based on the extraction result, and the method comprises one of the following steps:
if the password information in the second target script is non-extractable information, enabling a decryption tool corresponding to the key file to perform decryption operation, and obtaining a plaintext password corresponding to the password information;
and if the password information in the second target script is extractable information, extracting a plaintext password corresponding to the password information from a preset guide file.
It should be noted that, if the boot file is a script file corresponding to the second target script or a file for storing the password information, and if the password information characterizes that the Weblogic password is in a plaintext form, the plaintext password may be directly obtained from the boot file to perform weak password checking.
In the method provided by the embodiment of the application, whether the password information is in the form of plaintext or ciphertext is determined according to the extraction result. If the cipher text is the cipher text, the cipher text needs to be decrypted by utilizing the encryption and decryption function of Weblogic to obtain the plain text cipher information so as to carry out further checking and processing.
The specific steps for obtaining the cipher text by decrypting the cipher text information through a Weblogic encryption and decryption tool are as follows:
(1) Validating the Weblogic Domain environment variable, and executing the Weblogic WLST;
(2) Input Domain path information based on commands provided by Weblogic itself: creating encryption and decryption services by weblogic.
(3) Through Weblogic encryption and decryption service function: encryption.
If the password information is plaintext, the plaintext password can be directly extracted from a boot file (boot.
In the embodiment of the application, the security of the password can be further verified by extracting the plaintext password.
In the method provided by the embodiment of the present application, referring to fig. 3, the specific implementation process of performing weak password detection on the plaintext password and outputting the detection result corresponding to the plaintext password includes the following steps:
s301: and acquiring a preset data dictionary.
The data dictionary comprises at least one password rule corresponding to a weak password.
In the application, weblogic default password/weak password information (such as 12345678, abcd1234, webogic 123 and the like) common in daily operation can be collected to be used as a data dictionary for checking the default password/weak password, and the password rule of the data dictionary can also comprise that the password length reaches a preset length and characters in the composed password at least comprise a specified character type.
For example, a password rule that sets a password to a password length of at least 8 bits; the password composition includes numbers, capital letters, lowercase letters, special characters, has independence from the user name, cannot contain the complete character string of the user name, or character strings with changed capital and lowercase.
S302: detecting whether the plaintext password matches a password rule in the data dictionary.
Wherein if the plaintext password matches at least one password rule in the data dictionary, S303 is performed; if the plaintext password does not match the password rule in the data dictionary, S304 is performed.
In the application, whether the plaintext password is a weak password is checked according to the password rule in the data dictionary.
For example, whether the password is a common password is checked, and if the password is 12345678, abcd1234 or weblogic123, the judgment is made; checking the password length, and judging the password to be a weak password if the length is less than 8; checking the user password composition, detecting whether the user password is composed of more than 3 types including numbers, capital letters, lowercase letters and special characters in 4 types, and judging the user password to be a weak password if the user password is not composed of more than 3 types; and checking whether the user password contains user name information, and judging the user password as a weak password if the user password contains user name information.
S303: outputting a detection result corresponding to the plaintext password as a first detection result.
The first detection result is used for representing that the plaintext password is a weak password.
S304: and outputting a detection result corresponding to the plaintext password as a second detection result.
Wherein the second detection result is used for representing the plaintext cipher non-weak password.
In the method provided by the embodiment of the application, the detection range and the content are more comprehensive, besides the condition of using the weak password/default password in the detection, the risk of using the plaintext password in the script is also detected, so that the detection content is more comprehensive. The method and the device can analyze the Weblogic configuration file, accurately obtain the user password information currently used by the Weblogic, and further detect the default password/weak password, and compared with the traditional violent breaking and other invasive inspection methods, the method and the device have the advantages of higher inspection efficiency, more accurate inspection result, safer inspection method and no influence on the operation of the Weblogic instance.
The specific implementation process and derivative manner of the above embodiments are all within the protection scope of the present application.
Corresponding to the method shown in fig. 1, the embodiment of the present application further provides a Weblogic password checking device, which is used for implementing the method shown in fig. 1, and the Weblogic password checking device provided in the embodiment of the present application may be applied to a computer terminal or various mobile devices, and its structural schematic diagram is shown in fig. 4, and specifically includes:
a first obtaining unit 401, configured to obtain a first target script that has been executed by the Weblogic server;
an execution unit 402, configured to execute a preset password extraction operation, to obtain an extraction result corresponding to the password extraction operation, where the password extraction operation is used to extract password information of the target user logging in the webogic server in the history script;
a second obtaining unit 403, configured to obtain a plaintext password corresponding to the password information based on the extraction result;
and the result output unit 404 is configured to perform weak password detection on the plaintext password, and output a detection result corresponding to the plaintext password.
In the device provided by the embodiment of the application, the first target script executed by the Weblogic server is obtained through the search instruction. The first target script comprises password information of a target user logging in the Weblogic server, and password information in the first target script is tried to be extracted through password extraction operation, so that an extraction result is obtained. And obtaining a plaintext password corresponding to the password information, namely, a Weblogic password of the plaintext according to the extraction result. And carrying out weak password detection on the plaintext password, and outputting a detection result.
By applying the device provided by the embodiment of the application, the automatic inspection of the Weblogic password can be realized, and the inspection efficiency is improved.
The apparatus provided in the embodiment of the present application, the first obtaining unit 401 includes:
the first acquisition subunit is used for enabling a preset searching instruction to acquire each history script executed by the target user on the Weblogic server;
the second obtaining subunit is configured to obtain a shell script and/or a Python script in the history script within a preset time period, where the first target script at least includes the shell script and/or the Python script.
The device provided in the embodiment of the present application, the executing unit 402 includes:
a screening subunit, configured to screen, based on a preset keyword, a second target script that includes a Weblogic WLST command from the first target script;
a detection subunit, configured to detect whether the second target script indicates that a key file has been used, where the key file is used to encrypt the cryptographic information;
a first output subunit, configured to output, if the second target script indicates that the key file has been used, the extraction result as a first extraction result, where the first extraction result is used to characterize that the cryptographic information is non-extractable information;
and the second output subunit is used for outputting the extraction result as a second extraction result if the second target script does not indicate that the key file is used, wherein the second extraction result is used for representing that the password information is extractable information.
The second obtaining unit 403 provided in the embodiment of the present application includes:
a third obtaining subunit, configured to, if the cryptographic information in the second target script is non-extractable information, enable a decryption tool corresponding to the key file to perform a decryption operation, and obtain a plaintext password corresponding to the cryptographic information;
and the extraction subunit is used for extracting a plaintext password corresponding to the password information from a preset guide file if the password information in the second target script is extractable information.
The device provided by the embodiment of the present application, the result output unit 404 includes:
a fourth acquisition subunit, configured to acquire a preset data dictionary; the data dictionary comprises at least one password rule corresponding to a weak password;
a second detection subunit, configured to detect whether the plaintext password matches a password rule in the data dictionary;
the third output subunit is used for outputting a detection result corresponding to the plaintext password as a first detection result if the plaintext password is matched with at least one password rule in the data dictionary, wherein the first detection result is used for representing that the plaintext password is a weak password;
and the fourth output subunit is used for outputting a detection result corresponding to the plaintext password as a second detection result if the plaintext password is not matched with the password rule in the data dictionary, wherein the second detection result is used for representing the plaintext password as a non-weak password.
The specific working process of each unit and subunit in the Weblogic password checking device disclosed in the above embodiment of the present application can be referred to the corresponding content in the Weblogic password checking method disclosed in the above embodiment of the present application, and will not be described herein again.
The embodiment of the application also provides a storage medium, which comprises stored instructions, wherein when the instructions run, the equipment where the storage medium is controlled to execute the Weblogic password checking method.
The embodiment of the present application further provides an electronic device, whose structural schematic diagram is shown in fig. 5, specifically including a memory 501, and one or more instructions 502, where the one or more instructions 502 are stored in the memory 501, and configured to be executed by the one or more processors 503, where the one or more instructions 502 perform the following operations:
acquiring a first target script executed by a Weblogic server;
executing a preset password extraction operation to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the Weblogic server in the history script;
obtaining a plaintext password corresponding to the password information based on the extraction result;
and detecting the weak password of the plaintext password, and outputting a detection result corresponding to the plaintext password.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for a system or system embodiment, since it is substantially similar to a method embodiment, the description is relatively simple, with reference to the description of the method embodiment being made in part. The systems and system embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present application without undue burden.
Those of skill would further appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both.
To clearly illustrate this interchangeability of hardware and software, various illustrative components and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A webogic password checking method, comprising:
acquiring a first target script executed by a Weblogic server;
executing a password extraction operation corresponding to a preset first target script to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the Weblogic server in the first target script;
obtaining a plaintext password corresponding to the password information based on the extraction result;
and detecting the weak password of the plaintext password, and outputting a detection result corresponding to the plaintext password.
2. The method of claim 1, wherein the obtaining the first target script that has been executed by the Weblogic server comprises:
starting a preset searching instruction to obtain each history script executed by the target user on the Weblogic server;
and obtaining shell scripts and/or Python scripts within a preset time period from the historical scripts, wherein the first target scripts at least comprise the shell scripts and/or the Python scripts.
3. The method according to claim 1 or 2, wherein the performing a preset password extraction operation to obtain an extraction result corresponding to the password extraction operation includes:
screening a second target script containing a Weblogic WLST command from the first target script based on preset keywords;
detecting whether the second target script indicates that a key file is used, wherein the key file is used for encrypting the password information;
outputting the extraction result as a first extraction result if the second target script indicates that the key file is used, wherein the first extraction result is used for representing that the password information is non-extractable information;
and if the second target script does not indicate that the key file is used, outputting the extraction result as a second extraction result, wherein the second extraction result is used for representing that the password information is extractable information.
4. The method according to claim 3, wherein the obtaining a plaintext password corresponding to the password information based on the extraction result includes:
if the password information in the second target script is non-extractable information, enabling a decryption tool corresponding to the key file to perform decryption operation, and obtaining a plaintext password corresponding to the password information;
and if the password information in the second target script is extractable information, extracting a plaintext password corresponding to the password information from a preset guide file.
5. The method of claim 1, wherein the performing weak password detection on the plaintext cipher, and outputting a detection result corresponding to the plaintext cipher, comprises:
acquiring a preset data dictionary; the data dictionary comprises at least one password rule corresponding to a weak password;
detecting whether the plaintext password is matched with a password rule in the data dictionary;
if the plaintext password is matched with at least one password rule in the data dictionary, outputting a detection result corresponding to the plaintext password as a first detection result, wherein the first detection result is used for representing that the plaintext password is a weak password;
and if the plaintext password is not matched with the password rule in the data dictionary, outputting a detection result corresponding to the plaintext password as a second detection result, wherein the second detection result is used for representing the non-weak password of the plaintext password.
6. A webogic password checking apparatus, comprising:
the first acquisition unit is used for acquiring a first target script executed by the Weblogic server;
the execution unit is used for executing a preset password extraction operation corresponding to the first target script to obtain an extraction result corresponding to the password extraction operation, wherein the password extraction operation is used for extracting password information of the target user logging in the weblog server in the history script;
the second acquisition unit is used for acquiring a plaintext password corresponding to the password information based on the extraction result;
and the result output unit is used for carrying out weak password detection on the plaintext password and outputting a detection result corresponding to the plaintext password.
7. The apparatus of claim 6, wherein the first acquisition unit comprises:
the first acquisition subunit is used for enabling a preset searching instruction to acquire each history script executed by the target user on the Weblogic server;
the second obtaining subunit is configured to obtain a shell script and/or a Python script in the history script within a preset time period, where the first target script at least includes the shell script and/or the Python script.
8. The apparatus according to claim 6 or 7, wherein the execution unit comprises:
a screening subunit, configured to screen, based on a preset keyword, a second target script that includes a Weblogic WLST command from the first target script;
a detection subunit, configured to detect whether the second target script indicates that a key file has been used, where the key file is used to encrypt the cryptographic information;
a first output subunit, configured to output, if the second target script indicates that the key file has been used, the extraction result as a first extraction result, where the first extraction result is used to characterize that the cryptographic information is non-extractable information;
and the second output subunit is used for outputting the extraction result as a second extraction result if the second target script does not indicate that the key file is used, wherein the second extraction result is used for representing that the password information is extractable information.
9. The apparatus of claim 8, wherein the second acquisition unit comprises:
a third obtaining subunit, configured to, if the cryptographic information in the second target script is non-extractable information, enable a decryption tool corresponding to the key file to perform a decryption operation, and obtain a plaintext password corresponding to the cryptographic information;
and the extraction subunit is used for extracting a plaintext password corresponding to the password information from a preset guide file if the password information in the second target script is extractable information.
10. The apparatus of claim 6, wherein the result output unit comprises:
a fourth acquisition subunit, configured to acquire a preset data dictionary; the data dictionary comprises at least one password rule corresponding to a weak password;
a second detection subunit, configured to detect whether the plaintext password matches a password rule in the data dictionary;
the third output subunit is used for outputting a detection result corresponding to the plaintext password as a first detection result if the plaintext password is matched with at least one password rule in the data dictionary, wherein the first detection result is used for representing that the plaintext password is a weak password;
and the fourth output subunit is used for outputting a detection result corresponding to the plaintext password as a second detection result if the plaintext password is not matched with the password rule in the data dictionary, wherein the second detection result is used for representing the plaintext password as a non-weak password.
CN202311010502.8A 2023-08-11 2023-08-11 Weblogic password checking method and device Pending CN117040757A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311010502.8A CN117040757A (en) 2023-08-11 2023-08-11 Weblogic password checking method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311010502.8A CN117040757A (en) 2023-08-11 2023-08-11 Weblogic password checking method and device

Publications (1)

Publication Number Publication Date
CN117040757A true CN117040757A (en) 2023-11-10

Family

ID=88638641

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311010502.8A Pending CN117040757A (en) 2023-08-11 2023-08-11 Weblogic password checking method and device

Country Status (1)

Country Link
CN (1) CN117040757A (en)

Similar Documents

Publication Publication Date Title
USRE46158E1 (en) Methods and systems to detect attacks on internet transactions
CN101272237B (en) Method and system for automatically generating and filling login information
US10659494B2 (en) Method for implementing online anti-phishing
CN104063788B (en) Mobile platform credibility payment system and method
Ma et al. An empirical study of sms one-time password authentication in android apps
CN112131564B (en) Method, device, equipment and medium for encrypting data communication
Alzahrani et al. Randroid: Structural similarity approach for detecting ransomware applications in android platform
CN109284585B (en) Script encryption method, script decryption operation method and related device
CN111163095B (en) Network attack analysis method, network attack analysis device, computing device, and medium
US20100058479A1 (en) Method and system for combating malware with keystroke logging functionality
CN103763104B (en) A kind of method and system of dynamic authentication
KR20170023113A (en) Method and apparatus for protecting application program password of mobile terminal
DK2767922T3 (en) Password Verification System
CN108270561B (en) Data sending method and device and key index generating method and device
CN111163094B (en) Network attack detection method, network attack detection device, electronic device, and medium
CN109818906B (en) Equipment fingerprint information processing method and device and server
CN106161710A (en) A kind of user account safety management system based on smart mobile phone
CN113709181A (en) Website login method, device, equipment and storage medium based on browser plug-in
CN112182614A (en) Dynamic Web application protection system
US20170149777A1 (en) Systems and method for cross-channel device binding
Tong et al. Guardroid: A trusted path for password entry
Amft et al. " We've Disabled MFA for You": An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments
US20090044284A1 (en) System and Method of Generating and Providing a Set of Randomly Selected Substitute Characters in Place of a User Entered Key Phrase
CN117040757A (en) Weblogic password checking method and device
CN113901482A (en) Vulnerability detection method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination