Method and device for detecting permanent type cross site scripting vulnerability
The invention provides a method for detecting a permanent type cross site scripting vulnerability. The method comprises the following steps: sending a test request packet including a test scripting code to a webpage server; storing the test scripting code in the webpage server in a manner of corresp...
Saved in:
| Main Author | |
|---|---|
| Format | Patent |
| Language | English |
| Published |
29.04.2015
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | The invention provides a method for detecting a permanent type cross site scripting vulnerability. The method comprises the following steps: sending a test request packet including a test scripting code to a webpage server; storing the test scripting code in the webpage server in a manner of corresponding to a webpage; sending an access request for accessing the webpage to the webpage server; receiving an access response packet returned by the webpage server according to the access request; if the access response packet includes the test scripting code, executing the test scripting code, and sending vulnerability information according to the test scripting code. According to the method provided by the invention, if the access response packet includes the test scripting code, the permanent type cross site scripting vulnerability exists, and the test scripting code is executed, so that the vulnerability information can be sent according to the test scripting code. The whole detection process is automatically realized, and the detection efficiency is high. The invention further provides a device for detecting the permanent type cross site scripting vulnerability. |
|---|---|
| AbstractList | The invention provides a method for detecting a permanent type cross site scripting vulnerability. The method comprises the following steps: sending a test request packet including a test scripting code to a webpage server; storing the test scripting code in the webpage server in a manner of corresponding to a webpage; sending an access request for accessing the webpage to the webpage server; receiving an access response packet returned by the webpage server according to the access request; if the access response packet includes the test scripting code, executing the test scripting code, and sending vulnerability information according to the test scripting code. According to the method provided by the invention, if the access response packet includes the test scripting code, the permanent type cross site scripting vulnerability exists, and the test scripting code is executed, so that the vulnerability information can be sent according to the test scripting code. The whole detection process is automatically realized, and the detection efficiency is high. The invention further provides a device for detecting the permanent type cross site scripting vulnerability. |
| Author | ZHU YANGJUN |
| Author_xml | – fullname: ZHU YANGJUN |
| BookMark | eNqNyksKwjAURuEMdOBrD9cFCNW2OJaiOFEQnJeY_NVAvAnJtdDdK-ICHJ0z-KZqxIExUZcT5BEsabZk0TsD6kL6rMCI4ztFpKdmsJAMEWRSyJmyE1A2ycWv6V-ekfTNeSfDXI077TMWv87U8rC_NscVYmiRozZgSNuc10VVb8t6U-zKf8wbNZE59g |
| ContentType | Patent |
| DBID | EVB |
| DatabaseName | esp@cenet |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Medicine Chemistry Sciences Physics |
| ExternalDocumentID | CN104573520A |
| GroupedDBID | EVB |
| ID | FETCH-epo_espacenet_CN104573520A3 |
| IEDL.DBID | EVB |
| IngestDate | Fri Jul 19 17:13:15 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-epo_espacenet_CN104573520A3 |
| Notes | Application Number: CN20131468933 |
| OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20150429&DB=EPODOC&CC=CN&NR=104573520A |
| ParticipantIDs | epo_espacenet_CN104573520A |
| PublicationCentury | 2000 |
| PublicationDate | 20150429 |
| PublicationDateYYYYMMDD | 2015-04-29 |
| PublicationDate_xml | – month: 04 year: 2015 text: 20150429 day: 29 |
| PublicationDecade | 2010 |
| PublicationYear | 2015 |
| RelatedCompanies | TENCENT (SHENZHEN) CO., LTD |
| RelatedCompanies_xml | – name: TENCENT (SHENZHEN) CO., LTD |
| Score | 2.9837759 |
| Snippet | The invention provides a method for detecting a permanent type cross site scripting vulnerability. The method comprises the following steps: sending a test... |
| SourceID | epo |
| SourceType | Open Access Repository |
| SubjectTerms | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| Title | Method and device for detecting permanent type cross site scripting vulnerability |
| URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20150429&DB=EPODOC&locale=&CC=CN&NR=104573520A |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LS8NAEB5qfd60KlofrCC5BWPMo3sIYjcJRUhapUpvJbtJQZFtMKniv3d2Sa0XvS27YUgGvpkvOy-AS3Ft5X5OuTnruY7pIEMwqe0hrpA6oHfgPZqpQuEk9QZPzv3EnbTgdVkLo_uEfurmiIgogXivtb0uV5dYoc6trK74C27Nb-NxEBrN3zGyG7SvRtgPotEwHDKDsYClRvqohty6PpIN624N1pFG-woN0XNfVaWUv11KvAsbI5Qm6z1oFbID22w5ea0DW0kT8O7Aps7QFBVuNiis9uEh0WOfSSZzkhcK6gSpJy5VQABdESmVuZUonKgbVqI9IVFhYtIYCXzmY_GmGk7r3NivA7iIozEbmPiW0x-VTFm6-qCbQ2jLuSyOgHAr8yh1C8vLXCejglqu4HyGnAFtibCzY-j-Laf73-EJ7Cj1qjiKTU-hXb8vijN0xzU_13r8BuEUj1c |
| link.rule.ids | 230,309,783,888,25576,76876 |
| linkProvider | European Patent Office |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LS8NAEB5qfdSbVkXrawXJLRhrNukegthNQ9UmrVKlt5JNUlBkG2yq-O-dXVLrRW_LbhiSgW_my84L4Dy5tFI3ZcKctKht2sgQTNZ0EFdIHdA7iBaLVaFwGDndJ_tuREcVeF3Uwug-oZ-6OSIiKkG8F9pe58tLLF_nVs4uxAtuTa-Doecb5d8xshu0r4bf9jqDvt_nBucej4zoUQ25pS6SDetmBVaRYrsKDZ3ntqpKyX-7lGAL1gYoTRbbUMlkHWp8MXmtDhthGfCuw7rO0ExmuFmicLYDD6Ee-0ximZI0U1AnSD1xqQIC6IpIrsytROFE3bAS7QmJChOT0kjgMx_zN9VwWufGfu3CWdAZ8q6Jbzn-UcmYR8sPutqDqpzKbB-IsGKHMZpZTkztmCXMookQE-QMaEuSZnwAjb_lNP47PIVadxj2xr3b6P4QNpWqVUylyY6gWrzPs2N0zYU40Tr9BsZTkko |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=Method+and+device+for+detecting+permanent+type+cross+site+scripting+vulnerability&rft.inventor=ZHU+YANGJUN&rft.date=2015-04-29&rft.externalDBID=A&rft.externalDocID=CN104573520A |