[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN106096417A - A kind of Weblogic unserializing vulnerability scanning detection method and instrument - Google Patents

A kind of Weblogic unserializing vulnerability scanning detection method and instrument Download PDF

Info

Publication number
CN106096417A
CN106096417A CN201610382393.6A CN201610382393A CN106096417A CN 106096417 A CN106096417 A CN 106096417A CN 201610382393 A CN201610382393 A CN 201610382393A CN 106096417 A CN106096417 A CN 106096417A
Authority
CN
China
Prior art keywords
vulnerability
leak
module
judge
weblogic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610382393.6A
Other languages
Chinese (zh)
Other versions
CN106096417B (en
Inventor
朱珠
韩世海
张森
张伟
雷娟
景钰文
杨峰
赵长松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electric Power Research Institute of State Grid Chongqing Electric Power Co Ltd
State Grid Corp of China SGCC
State Grid Chongqing Electric Power Co Ltd
Original Assignee
Electric Power Research Institute of State Grid Chongqing Electric Power Co Ltd
State Grid Corp of China SGCC
State Grid Chongqing Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Research Institute of State Grid Chongqing Electric Power Co Ltd, State Grid Corp of China SGCC, State Grid Chongqing Electric Power Co Ltd filed Critical Electric Power Research Institute of State Grid Chongqing Electric Power Co Ltd
Priority to CN201610382393.6A priority Critical patent/CN106096417B/en
Publication of CN106096417A publication Critical patent/CN106096417A/en
Application granted granted Critical
Publication of CN106096417B publication Critical patent/CN106096417B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a kind of Weblogic unserializing vulnerability scanning detection method, first obtain document to be detected;Start weblogic unserializing vulnerability scanning detection instrument;Then document to be detected is carried out vulnerability scanning;Finally judge whether document to be detected exists leak, if it is, the vulnerability information of output main frame;Continue to scan on until the end of scan if it is not, then return step.The Weblogic unserializing vulnerability scanning detection method that the present invention provides, carries out vulnerability scanning, checking based on Java unserializing leak to disposing Weblogic server;Can reach to search in real time, stable, reliably, quickly, easy to install.The server of weblogic can be deployed with whether there is Java unserializing leak by scanning validation, and it is utilized, the most efficiently, reduce manual intervention, it is achieved automatic diagnostic function, provide for security of system and support.

Description

A kind of Weblogic unserializing vulnerability scanning detection method and instrument
Technical field
The present invention relates to information security and webpage framework field, particularly a kind of Weblogic unserializing vulnerability scanning inspection Survey method.
Background technology
WebLogic is a middleware based on JAVAEE framework, WebLogic be for developing, integrated, dispose and manage Manage large-scale distributed Web application, network application and the Java application server of database application.By the dynamic function of Java and The safety of Java Enterprise standard introduce catenet application exploitation, integrated, dispose and manage among. Weblogic is widely used and the industry-by-industry such as telecommunications, finance, electric power, aviation, government.
Java serializing is converted into byte stream object exactly, it is simple to be saved in internal memory, file, data base;Antitone sequence Change i.e. inverse process, is reduced into object by byte stream.If user is inputted by Java application, the most insincere data have done unserializing Process, then assailant can allow unserializing produce unexpected object by structure malice input, and unexpected object exists It is possible to during generation bring arbitrary code to perform.This instrument i.e. utilizes this leak to realize.This type of middleware same Safeguarding and also face increasing challenge, the core of client, crucial system are all deployed in weblogic platform, once occur tight Weight leak or generation emergency, cause being vulnerable to attack, if can not have been resolved in time, consequence is by hardly imaginable.Network Upper same type tool, as a example by WebLogic_EXP, this instrumental function can only carry out validating vulnerability to a target, order performs Etc. function.
Accordingly, it would be desirable to a kind of Weblogic unserializing vulnerability scanning detection method.
Summary of the invention
It is an object of the invention to provide a kind of Weblogic unserializing vulnerability scanning detection method.
It is an object of the invention to be realized by such technical scheme:
A kind of Weblogic unserializing vulnerability scanning detection method that the present invention provides, comprises the following steps:
S1: obtain document to be detected;
S2: start weblogic unserializing vulnerability scanning detection instrument;
S3: document to be detected is carried out vulnerability scanning;
S4: judge whether document to be detected exists leak, if it is, the vulnerability information of output main frame;
S5: continue to scan on until the end of scan if it is not, then return step.
Further, further comprising the steps of:
S61: document to be detected is carried out validating vulnerability;
S62: judge document to be detected whether successful connection, if it is not, then terminate;
S63: if it succeeds, perform order and show result;
S64: judge whether to terminate proof procedure, if it is not, then return step to continue checking;
S65: if it is, disconnect and discharge resource and terminate validating vulnerability.
Further, described vulnerability scanning specifically comprises the following steps that
S301: obtain interface input information;
S302: process input information, generates host address queue and port queue;
S303: initiation parameter, arranges flag information;
S304: judge whether Thread Count reaches the upper limit;
S305: if it is, enter step S327;
S306: if it is not, then newly-built thread, start scanning;
S307: judge whether host address queue is empty, if it is, enter step S326;
S308: if it is not, then obtain destination address from host address queue;
S309: judge whether to scan through all of the port, if it is, return step S307;
S310: if it is not, then obtain target port from port queue;
S311: linking objective server;
S312: judge that connection is the most successful, if it is not, then return step S309;
S313: if it is, upload windows bag;
S314: registration service;
S315: whether report an error, if it is, enter step S318;
S316: if it is not, then remotely perform order to check current active subscriber;
S317: judge that order performs the most successful, if it is not, then enter step S318;
S318: if it is, output host information, confirm to there is leak;
S319: upload liunux bag;
S320: registration service;
S321: judge whether to report an error, if it is, enter step S325;
S322: if it is not, then remotely perform order to check current active subscriber;
S323: judge that order performs the most successful, if it is not, then enter step S325;
S324: if it is, output host information, confirm to there is leak;
S325: disconnect;
S326: thread exits;
S327: judge that thread the most all exits, if it is not, then return step S326;
S328: if it is, terminate.
Present invention also offers a kind of Weblogic unserializing vulnerability scanning detection instrument, including input module, leak Scan module, Hole Detection module, leak judge module and leak output module;
Described input module, is used for obtaining document to be detected;
Described vulnerability scanning module, is used for starting weblogic unserializing vulnerability scanning detection instrument;
Described Hole Detection module, for carrying out vulnerability scanning to document to be detected;
Described leak judge module, is used for judging whether document to be detected exists leak, and exports the vulnerability information of main frame;
Described leak output module, is used for exporting vulnerability scanning information.
The input module of the present embodiment starts vulnerability scanning module by the scan button event response arranged;Described leak Scan module is connected with Hole Detection module;Described Hole Detection module is connected with leak judge module;Leak judge module Structure is input to leak output module output display.
Further, also include that validating vulnerability module, connection detection module and checking confirm module;
Described validating vulnerability module, for carrying out validating vulnerability to document to be detected;And export proof procedure object information;
Described connection detection module, is used for judging document to be detected whether successful connection, and shows connection result;
Described checking confirms module, is used for disconnecting release resource and terminating validating vulnerability.
Connecting button event response to arrange and startup interface, validating vulnerability module is confirmed with checking by connection detection module Module is even.Vulnerability scanning and validating vulnerability module are by the rear destination server all entering connection, subsequently into registration service Journey, and perform system command, finally disconnect.
Further, described vulnerability scanning module realizes Hole Detection process according to following steps:
S301: obtain interface input information;
S302: process input information, generates host address queue and port queue;
S303: initiation parameter, arranges flag information;
S304: judge whether Thread Count reaches the upper limit;
S305: if it is, enter step S327;
S306: if it is not, then newly-built thread, start scanning;
S307: judge whether host address queue is empty, if it is, enter step S326;
S308: if it is not, then obtain destination address from host address queue;
S309: judge whether to scan through all of the port, if it is, return step S307;
S310: if it is not, then obtain target port from port queue;
S311: linking objective server;
S312: judge that connection is the most successful, if it is not, then return step S309;
S313: if it is, upload windows bag;
S314: registration service;
S315: whether report an error, if it is, enter step S318;
S316: if it is not, then remotely perform order to check current active subscriber;
S317: judge that order performs the most successful, if it is not, then enter step S318;
S318: if it is, output host information, confirm to there is leak;
S319: upload liunux bag;
S320: registration service;
S321: judge whether to report an error, if it is, enter step S325;
S322: if it is not, then remotely perform order to check current active subscriber;
S323: judge that order performs the most successful, if it is not, then enter step S325;
S324: if it is, output host information, confirm to there is leak;
S325: disconnect;
S326: thread exits;
S327: judge that thread the most all exits, if it is not, then return step S326;
S328: if it is, terminate.
Owing to have employed technique scheme, present invention have the advantage that:
The Weblogic unserializing vulnerability scanning detection method that the present invention provides, based on Java unserializing leak to portion Administration's Weblogic server carries out vulnerability scanning, checking;This instrument uses Java exploitation, can install at Windows and Linux etc. Have in the system of Java Runtime Environment and run, it is possible to reach to search in real time, stable, reliably, quickly, easy to install.Permissible Scanning validation is deployed with whether the server of weblogic exists Java unserializing leak, and utilizes it, the highest Effect, reduces manual intervention, it is achieved automatic diagnostic function, provides for security of system and supports.
Other advantages, target and the feature of the present invention will be illustrated to a certain extent in the following description, and And to a certain extent, will be apparent to those skilled in the art based on to investigating hereafter, or can To be instructed from the practice of the present invention.The target of the present invention and other advantages can be realized by description below and Obtain.
Accompanying drawing explanation
The accompanying drawing of the present invention is described as follows.
Fig. 1 is the Weblogic unserializing vulnerability scanning detection method flow chart of the present invention.
Fig. 2 is the vulnerability scanning checking detection function call flow schematic diagram of the present invention.
Fig. 3 is the vulnerability scanning flow chart of the present invention.
Detailed description of the invention
The invention will be further described with embodiment below in conjunction with the accompanying drawings.
Embodiment 1
As Figure 1-3, the present embodiment provide a kind of Weblogic unserializing vulnerability scanning detection method, including with Lower step:
S1: obtain document to be detected;
S2: start weblogic unserializing vulnerability scanning detection instrument;
S3: document to be detected is carried out vulnerability scanning;
S4: judge whether document to be detected exists leak, if it is, the vulnerability information of output main frame;
S5: continue to scan on until the end of scan if it is not, then return step.
Further comprising the steps of:
S61: document to be detected is carried out validating vulnerability;
S62: judge document to be detected whether successful connection, if it is not, then terminate;
S63: if it succeeds, perform order and show result;
S64: judge whether to terminate proof procedure, if it is not, then return step to continue checking;
S65: if it is, disconnect and discharge resource and terminate validating vulnerability.
Described vulnerability scanning specifically comprises the following steps that
S301: obtain interface input information;
S302: process input information, generates host address queue and port queue;
S303: initiation parameter, arranges flag information;
S304: judge whether Thread Count reaches the upper limit;
S305: if it is, enter step S327;
S306: if it is not, then newly-built thread, start scanning;
S307: judge whether host address queue is empty, if it is, enter step S326;
S308: if it is not, then obtain destination address from host address queue;
S309: judge whether to scan through all of the port, if it is, return step S307;
S310: if it is not, then obtain target port from port queue;
S311: linking objective server;
S312: judge that connection is the most successful, if it is not, then return step S309;
S313: if it is, upload windows bag;
S314: registration service;
S315: whether report an error, if it is, enter step S318;
S316: if it is not, then remotely perform order whoami;
The order whoami of the present embodiment represents and checks current active subscriber;
S317: judge that order performs the most successful, if it is not, then enter step S318;
S318: if it is, output host information, confirm to there is leak;
S319: upload liunux bag;
S320: registration service;
S321: judge whether to report an error, if it is, enter step S325;
S322: if it is not, then remotely perform order whoami;
S323: judge that order performs the most successful, if it is not, then enter step S325;
S324: if it is, output host information, confirm to there is leak;
S325: disconnect;
S326: thread exits;
S327: judge that thread the most all exits, if it is not, then;
S328: if it is, terminate.
The present embodiment additionally provides a kind of Weblogic unserializing vulnerability scanning detection instrument, including with lower module:
Input module, is used for obtaining document to be detected;
Vulnerability scanning module, is used for starting weblogic unserializing vulnerability scanning detection instrument;
Hole Detection module, for carrying out vulnerability scanning to document to be detected;
Leak judge module, is used for judging whether document to be detected exists leak, and exports the vulnerability information of main frame;
Leak output module, is used for exporting vulnerability scanning information.
Further comprising the steps of:
Validating vulnerability module, for carrying out validating vulnerability to document to be detected;And export proof procedure object information;
Connection detection module, is used for judging document to be detected whether successful connection, and shows connection result;
Checking confirms module, is used for disconnecting release resource and terminating validating vulnerability.
Described vulnerability scanning module realizes Hole Detection process according to following steps:
S301: obtain interface input information;
S302: process input information, generates host address queue and port queue;
S303: initiation parameter, arranges flag information;
S304: judge whether Thread Count reaches the upper limit;
S305: if it is, enter step S327;
S306: if it is not, then newly-built thread, start scanning;
S307: judge whether host address queue is empty, if it is, enter step S326;
S308: if it is not, then obtain destination address from host address queue;
S309: judge whether to scan through all of the port, if it is, return step S307;
S310: if it is not, then obtain target port from port queue;
S311: linking objective server;
S312: judge that connection is the most successful, if it is not, then return step S309;
S313: if it is, upload windows bag;
S314: registration service;
S315: whether report an error, if it is, enter step S318;
S316: if it is not, then remotely perform order whoami;
S317: judge that order performs the most successful, if it is not, then enter step S318;
S318: if it is, output host information, confirm to there is leak;
S319: upload liunux bag;
S320: registration service;
S321: judge whether to report an error, if it is, enter step S325;
S322: if it is not, then remotely perform order whoami;
S323: judge that order performs the most successful, if it is not, then enter step S325;
S324: if it is, output host information, confirm to there is leak;
S325: disconnect;
S326: thread exits;
S327: judge that thread the most all exits, if it is not, then return step S326;
S328: if it is, terminate.
Embodiment 2
As in figure 2 it is shown, the Weblogic unserializing vulnerability scanning detection method that the present embodiment provides, for vulnerability scanning And validating vulnerability: first call the detection of Weblogic unserializing vulnerability scanning implementing procedure principal function, entrance;The most initial Change the Weblogic unserializing vulnerability scanning detection main interface of instrument;Generate Weblogic unserializing vulnerability scanning detection instrument Main interface button;Select vulnerability scanning module thread, or select validating vulnerability module thread;Connection Service device and registration letter Number;Perform command functions;Finally discharge connectivity function.The Weblogic unserializing vulnerability scanning detection many host addresses of support, Multiport vulnerability scanning.Friendly interface, requires low to personnel ability, is suitable for any librarian use, and friendly interface, to personnel ability Require low, be suitable for any librarian use, and support that custom command performs, return scanning result and order by echo text box Perform result, understand scan progress, scanning result and command execution results in time.
Vulnerability scanning specifically comprises the following steps that
(1) input IP address
In " IP address " text box, input needs address or the network segment of scanning, separates, such as with ", ": can between address Input " 192.168.1.2,192.168.1.1,192.168.2.0/24 ".
(2) input port scope
At " port range " place can defeated need scanning port or port range, between port range with "-" connect, port Between separate, such as with ", ": " 232,342,7000-7010 " can be inputted.
(3) input scanning thread
Scanning number of threads can be set at " scanning thread " place.
(4) scanning result echo
Scanning result can be carried out echo, there is leak in those main frames, result is preserved hereof after having scanned.
The method carries out vulnerability scanning to main frame in the range of given network address, support multiaddress, multiport, by address The batch scannings such as section, port range.
Validating vulnerability step is as follows:
(1) input IP address
In " IP address " text box, input needs the host IP address carrying out validating vulnerability.
(2) input port
In " port " text box, input needs the host port carrying out validating vulnerability.
(3) operating system is selected
The OS Type of destination host is selected in " operating system " drop-down list.
(4) order performs
In " order " text box, input needs the order performed, and performs system command by this instrument.
(5) command result echo:
Command execution results is carried out echo, it is judged that whether order runs succeeded.
The method is to determining that main frame carries out validating vulnerability, utilizes and order execution.
Embodiment 3
Destination server is swept by the instrument that the present embodiment is generated by the detection of Weblogic unserializing vulnerability scanning Illustrate as a example by retouching.
1, vulnerability scanning
(1) double-click " run.bat ", start independent research weblogic_unserialize_tool instrument, select " leak Scanning " module;
(2) input scan address scope and port range, sets scanning thread, such as: address realm is " 192.168.56.101,192.168.56.102 ", port range is " 7000-7010 ", and thread is set to 5;
(3) clicking on " scanning " button to be scanned, instrument can show scan progress, and shows the main frame letter that there is leak Breath;
2, validating vulnerability
(1) select " validating vulnerability " module, input destination host information, and select operating system, such as: destination host IP For " 192.168.56.102 ", port is " 7001 ", and operating system is " Windows ";
(2) click a " connect " button and be attached, after successful connection, show relevant information;
(3) clicking on " execution " button after input order, instrument will perform related command, and show execution result, perform " whoami " and " ipconfig " orders.
(4) clicking on "off" button, instrument will be switched off connecting and discharging resource.
Finally illustrating, above example is only in order to illustrate technical scheme and unrestricted, although with reference to relatively The present invention has been described in detail by good embodiment, it will be understood by those within the art that, can be to the skill of the present invention Art scheme is modified or equivalent, and without deviating from objective and the scope of the technical program, it all should be contained in the present invention Claimed scope in the middle of.

Claims (6)

1. a Weblogic unserializing vulnerability scanning detection method, it is characterised in that: comprise the following steps:
S1: obtain document to be detected;
S2: start weblogic unserializing vulnerability scanning detection instrument;
S3: document to be detected is carried out vulnerability scanning;
S4: judge whether document to be detected exists leak, if it is, the vulnerability information of output main frame;
S5: continue to scan on until the end of scan if it is not, then return step.
2. Weblogic unserializing vulnerability scanning detection method as claimed in claim 1, it is characterised in that: also include following Step:
S61: document to be detected is carried out validating vulnerability;
S62: judge document to be detected whether successful connection, if it is not, then terminate;
S63: if it succeeds, perform order and show result;
S64: judge whether to terminate proof procedure, if it is not, then return step to continue checking;
S65: if it is, disconnect and discharge resource and terminate validating vulnerability.
3. Weblogic unserializing vulnerability scanning detection method as claimed in claim 1, it is characterised in that: described leak is swept Retouch and specifically comprise the following steps that
S301: obtain interface input information;
S302: process input information, generates host address queue and port queue;
S303: initiation parameter, arranges flag information;
S304: judge whether Thread Count reaches the upper limit;
S305: if it is, enter step S327;
S306: if it is not, then newly-built thread, start scanning;
S307: judge whether host address queue is empty, if it is, enter step S326;
S308: if it is not, then obtain destination address from host address queue;
S309: judge whether to scan through all of the port, if it is, return step S307;
S310: if it is not, then obtain target port from port queue;
S311: linking objective server;
S312: judge that connection is the most successful, if it is not, then return step S309;
S313: if it is, upload windows bag;
S314: registration service;
S315: whether report an error, if it is, enter step S318;
S316: if it is not, then remotely perform order to check current active subscriber;
S317: judge that order performs the most successful, if it is not, then enter step S318;
S318: if it is, output host information, confirm to there is leak;
S319: upload liunux bag;
S320: registration service;
S321: judge whether to report an error, if it is, enter step S325;
S322: if it is not, then remotely perform order to check current active subscriber;
S323: judge that order performs the most successful, if it is not, then enter step S325;
S324: if it is, output host information, confirm to there is leak;
S325: disconnect;
S326: thread exits;
S327: judge that thread the most all exits, if it is not, then return step S326;
S328: if it is, terminate.
4. a Weblogic unserializing vulnerability scanning detection instrument, it is characterised in that: include input module, vulnerability scanning mould Block, Hole Detection module, leak judge module and leak output module;
Described input module, is used for obtaining document to be detected;
Described vulnerability scanning module, is used for starting weblogic unserializing vulnerability scanning detection instrument;
Described Hole Detection module, for carrying out vulnerability scanning to document to be detected;
Described leak judge module, is used for judging whether document to be detected exists leak, and exports the vulnerability information of main frame;
Described leak output module, is used for exporting vulnerability scanning information.
5. Weblogic unserializing vulnerability scanning detection instrument as claimed in claim 4, it is characterised in that: also include leak Authentication module, connection detection module and checking confirm module;
Described validating vulnerability module, for carrying out validating vulnerability to document to be detected;And export proof procedure object information;
Described connection detection module, is used for judging document to be detected whether successful connection, and shows connection result;
Described checking confirms module, is used for disconnecting release resource and terminating validating vulnerability.
6. Weblogic unserializing vulnerability scanning detection instrument as claimed in claim 4, it is characterised in that: described leak is swept Retouch module according to following steps to realize Hole Detection process:
S301: obtain interface input information;
S302: process input information, generates host address queue and port queue;
S303: initiation parameter, arranges flag information;
S304: judge whether Thread Count reaches the upper limit;
S305: if it is, enter step S327;
S306: if it is not, then newly-built thread, start scanning;
S307: judge whether host address queue is empty, if it is, enter step S326;
S308: if it is not, then obtain destination address from host address queue;
S309: judge whether to scan through all of the port, if it is, return step S307;
S310: if it is not, then obtain target port from port queue;
S311: linking objective server;
S312: judge that connection is the most successful, if it is not, then return step S309;
S313: if it is, upload windows bag;
S314: registration service;
S315: whether report an error, if it is, enter step S318;
S316: if it is not, then remotely perform order to check current active subscriber;
S317: judge that order performs the most successful, if it is not, then enter step S318;
S318: if it is, output host information, confirm to there is leak;
S319: upload liunux bag;
S320: registration service;
S321: judge whether to report an error, if it is, enter step S325;
S322: if it is not, then remotely perform order to check current active subscriber;
S323: judge that order performs the most successful, if it is not, then enter step S325;
S324: if it is, output host information, confirm to there is leak;
S325: disconnect;
S326: thread exits;
S327: judge that thread the most all exits, if it is not, then return step S326;
S328: if it is, terminate.
CN201610382393.6A 2016-06-01 2016-06-01 A kind of Weblogic unserializings vulnerability scanning detection method and tool Active CN106096417B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610382393.6A CN106096417B (en) 2016-06-01 2016-06-01 A kind of Weblogic unserializings vulnerability scanning detection method and tool

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610382393.6A CN106096417B (en) 2016-06-01 2016-06-01 A kind of Weblogic unserializings vulnerability scanning detection method and tool

Publications (2)

Publication Number Publication Date
CN106096417A true CN106096417A (en) 2016-11-09
CN106096417B CN106096417B (en) 2018-10-26

Family

ID=57446866

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610382393.6A Active CN106096417B (en) 2016-06-01 2016-06-01 A kind of Weblogic unserializings vulnerability scanning detection method and tool

Country Status (1)

Country Link
CN (1) CN106096417B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790031A (en) * 2016-12-15 2017-05-31 四川长虹电器股份有限公司 Open port test device and its processing method
CN106993000A (en) * 2017-05-26 2017-07-28 山东浪潮商用系统有限公司 Solve method, Reverse Proxy and the system of unserializing leak
CN107423624A (en) * 2017-04-12 2017-12-01 北京奇虎科技有限公司 terminal system vulnerability scanning method and device
CN108769063A (en) * 2018-06-26 2018-11-06 郑州云海信息技术有限公司 A kind of method and device of automatic detection WebLogic known bugs
CN110276202A (en) * 2019-06-24 2019-09-24 深圳前海微众银行股份有限公司 A kind of detection method and device of unserializing loophole
CN112329024A (en) * 2020-11-17 2021-02-05 国网北京市电力公司 Vulnerability detection method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103581193A (en) * 2013-11-08 2014-02-12 星云融创(北京)信息技术有限公司 Website vulnerability scanning method, device and system
US20150324478A1 (en) * 2012-06-18 2015-11-12 Beijing Qihoo Technology Company Limited Detection method and scanning engine of web pages
CN105320889A (en) * 2015-02-10 2016-02-10 中国移动通信集团广东有限公司 Security detection method and apparatus
CN105429955A (en) * 2015-10-30 2016-03-23 西安四叶草信息技术有限公司 Remote vulnerability detection method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150324478A1 (en) * 2012-06-18 2015-11-12 Beijing Qihoo Technology Company Limited Detection method and scanning engine of web pages
CN103581193A (en) * 2013-11-08 2014-02-12 星云融创(北京)信息技术有限公司 Website vulnerability scanning method, device and system
CN105320889A (en) * 2015-02-10 2016-02-10 中国移动通信集团广东有限公司 Security detection method and apparatus
CN105429955A (en) * 2015-10-30 2016-03-23 西安四叶草信息技术有限公司 Remote vulnerability detection method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郭瑞: "Java反序列化漏洞研究", 《网络安全和信息化》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790031A (en) * 2016-12-15 2017-05-31 四川长虹电器股份有限公司 Open port test device and its processing method
CN107423624A (en) * 2017-04-12 2017-12-01 北京奇虎科技有限公司 terminal system vulnerability scanning method and device
CN107423624B (en) * 2017-04-12 2021-06-01 北京奇虎科技有限公司 Terminal system vulnerability scanning method and device
CN106993000A (en) * 2017-05-26 2017-07-28 山东浪潮商用系统有限公司 Solve method, Reverse Proxy and the system of unserializing leak
CN108769063A (en) * 2018-06-26 2018-11-06 郑州云海信息技术有限公司 A kind of method and device of automatic detection WebLogic known bugs
CN110276202A (en) * 2019-06-24 2019-09-24 深圳前海微众银行股份有限公司 A kind of detection method and device of unserializing loophole
WO2020259390A1 (en) * 2019-06-24 2020-12-30 深圳前海微众银行股份有限公司 Method and apparatus for detecting deserialization vulnerability
CN110276202B (en) * 2019-06-24 2023-10-03 深圳前海微众银行股份有限公司 Method and device for detecting reverse-serialization loopholes
CN112329024A (en) * 2020-11-17 2021-02-05 国网北京市电力公司 Vulnerability detection method and device
CN112329024B (en) * 2020-11-17 2024-07-05 国网北京市电力公司 Vulnerability detection method and device

Also Published As

Publication number Publication date
CN106096417B (en) 2018-10-26

Similar Documents

Publication Publication Date Title
CN106096417A (en) A kind of Weblogic unserializing vulnerability scanning detection method and instrument
CN101662364B (en) Method and system for safe login
CN110933103B (en) Anti-crawler method, device, equipment and medium
CN104579748B (en) The network analysis method and system that SCD is checked online
CN112380510A (en) Information verification method and device, electronic equipment and storage medium
CN108668241B (en) Information reminding method and device, storage medium and electronic equipment
CN103647775B (en) Method and apparatus for registration in webpage
CN105704133A (en) Method, terminal and server for data synchronism
CN102841843B (en) Compatible determination methods and device
CN106709310A (en) Virtual reality system interface login method and device
CN114011079A (en) Cloud game login method and device, electronic equipment and storage medium
CN113836522A (en) Password management method and device of monitoring equipment
CN113778590A (en) Remote assistance method, device, electronic equipment and medium
CN103955466B (en) A kind of method and device for showing document in a browser
CN107944279A (en) BIOS vulnerability scanners and scan method based on UEFI
CN109388917B (en) Hardware equipment authentication method, device, equipment and storage medium
CN108052842B (en) Signature data storage and verification method and device
CN106878018B (en) Operation verification method and device
CN113792285B (en) Nuclear power station service authority control method and device and terminal equipment
CN103685657B (en) Electric terminal method of testing and device
EP3038390B1 (en) Processing method and apparatus for signaling tracing
CN107368731A (en) A kind of method and apparatus for carrying out safety verification
CN113434217A (en) Vulnerability scanning method and device, computer equipment and medium
CN117331722B (en) Multi-input event information processing system
CN112231684B (en) Equipment safety verification method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant