Detection method and detection device for file uploading vulnerability
The invention provides a method for detecting file uploading vulnerabilities, and belongs to the field of information security. The method comprises the following steps: acquiring an access request of a website; when the access request is a file uploading request, constructing at least one vulnerabi...
Saved in:
Main Authors | , , , |
---|---|
Format | Patent |
Language | Chinese English |
Published |
13.07.2021
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The invention provides a method for detecting file uploading vulnerabilities, and belongs to the field of information security. The method comprises the following steps: acquiring an access request of a website; when the access request is a file uploading request, constructing at least one vulnerability attack message based on the access request; sending the vulnerability attack message to the website to obtain a test response message fed back by the website for the vulnerability attack message, and comparing the test response message with an original response message, wherein the original response message is a response message fed back by the website for the access request; and when the comparison result represents that the difference between the test response message and the original response message meets a predetermined condition, determining that the website has vulnerabilities. The embodiment of the invention further provides a detection device for the file uploading vulnerability, electronic equipment |
---|---|
Bibliography: | Application Number: CN202110397528 |