Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Code injection detection method and device, electronic equipment and readable storage medium

A technology of code injection and detection method, which is applied in the field of code injection detection method, electronic equipment and readable storage medium, and device, which can solve problems such as easy bypass and achieve the effect of improving security

Pending Publication Date: 2022-05-13
安徽华云安科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the purpose of this application is to provide a code injection detection method, device, electronic equipment and readable storage medium, which will help to solve the problem that the detection of deformed PHP code injection is easy to bypass to a certain extent, and improve the performance on the server. data security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Code injection detection method and device, electronic equipment and readable storage medium
  • Code injection detection method and device, electronic equipment and readable storage medium
  • Code injection detection method and device, electronic equipment and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0082] To facilitate the understanding of this embodiment, a code injection detection method disclosed in the embodiment of the present application is firstly introduced in detail. Wherein, the method is applied to the server. figure 1 shows a flow chart of a code injection detection method provided by an embodiment of the present application, as shown in figure 1 shown, including the following steps:

[0083] S101: Obtain a specified field in the HTTP traffic generated when the client accesses the server, so as to use the specified field as a character string to be detected.

[0084] S102: Use the first decoding method to first decode the character string to be detected, and use the first decoding result as the first character string; the encoding method corresponding to the first decoding method is the first encoding method.

[0085] S103: Use the second decoding method to perform the second decoding on the first character string, and use the second decoding result as the ...

Embodiment 2

[0136] Based on the same technical concept, the embodiment of the present application also provides a code injection detection device, image 3 A schematic structural diagram of a code injection detection device provided by an embodiment of the present application is shown, as shown in image 3 As shown, the device includes:

[0137] The first obtaining module 301 is used to obtain the specified field in the HTTP flow generated when the client accesses the server, so as to use the specified field as a character string to be detected;

[0138] The first decoding module 302 is configured to use a first decoding method to first decode the character string to be detected, and use the first decoding result as the first character string; the encoding method corresponding to the first decoding method is the first encoding Way;

[0139] The second decoding module 303 is configured to use a second decoding method to perform a second decoding on the first character string, and use the s...

Embodiment 3

[0169] Based on the same technical concept, the embodiment of the present application also provides an electronic device, Figure 4 shows a schematic structural diagram of an electronic device provided by an embodiment of the present application, as shown in Figure 4 As shown, the electronic device 400 includes: a processor 401, a memory 402, and a bus 403. The memory stores machine-readable instructions executable by the processor. When the electronic device is running, the processor 401 communicates with the memory 402 through the bus 403. , the processor 401 executes machine-readable instructions to execute the method steps in Embodiment 1.

[0170] Refer to the description of Embodiment 1 for specific implementation method steps and principles, which will not be described in detail here.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a code injection detection method and device, electronic equipment and a readable storage medium, and the method comprises the steps: obtaining a to-be-detected character string in HTTP traffic generated when a user side accesses a server; decoding the character string to be detected by using a first decoding mode to obtain a first character string; decoding the first character string by using a second decoding mode to obtain a second character string; a first coding mode corresponding to the first decoding mode and a second coding mode corresponding to the second decoding mode are two different coding modes bypassing regular expression detection; decoding the second character string by using a third decoding mode corresponding to the to-be-detected character string to obtain a third character string; performing PHP code semantic escape on the third character string to generate a target feature string; and if the target feature string exists in the PHP code injection semantic feature library, determining that the access is PHP code injection. Through the method, the security of the data on the server can be improved.

Description

technical field [0001] The present application relates to the field of computer technology, in particular to a code injection detection method, device, electronic equipment and readable storage medium. Background technique [0002] PHP code injection is a type of RCE (Remote Code Execution) attack, which means that the application program is not strictly filtered, and the attacker can inject code into the server through the client for remote execution to realize remote control of the server. Therefore, in order to prevent attackers from injecting PHP code into the server when accessing the server through the client, the server needs to perform code injection detection on the HTTP traffic generated when the client accesses the server to determine whether there is code injection in the HTTP traffic. [0003] In the prior art, code injection detection is usually carried out in two ways, characteristic string detection and regular expression detection. Among them, characteristic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40H04L67/02
CPCH04L63/1408H04L63/1416H04L63/1466H04L67/02
Inventor 陈勇马维士刘加瑞
Owner 安徽华云安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products