Web网页漏洞挖掘系统

发布时间：2018-05-06 09:27

本文选题：Web漏洞挖掘 + 爬虫　；参考：《天津大学》2014年硕士论文

【摘要】：在Web2.0时代下，互联网高速发展，网站开发的门槛越来越低，网站的数量也与日俱增，大多数网站存在着诸多Web应用漏洞，据统计，75%的破坏活动是在Web客户端发生的。例如网页木马、SQL注入所导致站点入侵、重要资料被修改或丢失等，日益普及的HTML5开发语言由于缺乏相应的漏洞挖掘工具而潜在大量的Web应用漏洞。针对低门槛情境下Web应用开发现状，本文设计出面向HTML5的多类型网页漏洞挖掘系统，以契合Web开发人员的检测需求。本系统采用网络爬虫、多线程任务调度等技术，实现了SQL注入漏洞检测、恶意链接检测、XSS跨站检测和网页木马检测等各项关键技术，，使漏洞检测更加准确、高效。系统完成的主要工作如下： (1)采用域名递归查询技术实现目标网站的子域查询，在此基础上利用宽度优先遍历和bloom过滤算法实现了高效的网页爬行算法，为后续网页漏洞检测提供依据。 (2)针对恶意链接和恶意脚本代码提出了采用反向域名查询技术和信息熵算法实现有效检测和识别。 (3)系统采用模糊随机测试和注入测试相结合的方法对网页的各种属性进行有效分析，实现了静态网页和动态网页的探测。注入测试主要根据现有安全漏洞的分析，采用渗透测试的方法实现漏洞检测；模糊随机测试根据HTTP协议的组成，针对不同字段构造随机的测试组合，实现漏洞检测挖掘。最后对各检测模块以及集成的系统进行测试，本系统能满足各类已知漏洞的检测，对于提升目标站点的安全级别有着显著的效果。
[Abstract]:In the era of Web2.0, with the rapid development of the Internet, the threshold of website development is getting lower and lower, and the number of websites is also increasing. Most websites have many Web application vulnerabilities. According to statistics, 75% of the damage occurred in the Web client. For example, the site intrusion caused by the SQL injection of the web page Trojan horse, the important data is modified or lost and so on. Because of the lack of the corresponding vulnerability mining tools, the increasingly popular HTML5 development language has a lot of potential Web application vulnerabilities. In view of the current situation of Web application development in low threshold situation, this paper designs a multi-type web page vulnerability mining system to HTML5 in order to meet the needs of Web developers. The system adopts network crawler, multi-thread task scheduling and other key technologies to detect SQL injection vulnerability, malicious link detection, cross-station detection and page Trojan detection, which makes vulnerability detection more accurate and efficient. The main work of the system is as follows: 1) the domain name recursive query technique is used to realize the subdomain query of the target website. On this basis, a highly efficient web crawling algorithm is implemented by using the width-first traversal and bloom filtering algorithm, which provides the basis for the subsequent page vulnerability detection. For malicious link and malicious script code, reverse domain name query technology and information entropy algorithm are proposed to detect and identify effectively. The system adopts the method of combining fuzzy random test and injection test to analyze all kinds of attributes of web pages effectively and realizes the detection of static and dynamic web pages. Injection testing is mainly based on the analysis of existing security vulnerabilities, penetration testing is used to implement vulnerability detection, and fuzzy random testing constructs random test combinations for different fields according to the composition of HTTP protocol to realize vulnerability detection mining. Finally, the detection module and the integrated system are tested, the system can meet the detection of various known vulnerabilities, and has a significant effect on improving the security level of the target site.
【学位授予单位】：天津大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08;TP393.092

【相似文献】