专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130227698A1 VULNERABILITY-DIAGNOSIS DEVICE 有权
标题翻译：脆弱性诊断装置
公开(公告)号：US20130227698A1
公开(公告)日：2013-08-29
申请号：US13884444
申请日：2011-11-10
申请人： Tomohiro Taniguchi , Hideyuki Majima , Takahiro Tokue , Takashi Ohkusa , Masashi Tabata , Shintaro Ueda
发明人： Tomohiro Taniguchi , Hideyuki Majima , Takahiro Tokue , Takashi Ohkusa , Masashi Tabata , Shintaro Ueda
IPC分类号： H04L29/06
CPC分类号： H04L63/1433 , G06F21/554 , G06F21/577 , G06F21/6227
摘要： To diagnose vulnerabilities such as SQL injection, even for web-server devices that change the content of responses to requests in accordance with prescribed conditions. A normal-response collection means (10) transmits a normal request (REQN), accompanied by a registered user ID and password, a plurality of times. Said normal-response collection means (10) receives a plurality of responses (RESN) (hereafter “normal responses”) from a web server in response to the normal requests. A common-region extraction means (12) extracts a common region from the plurality of normal responses. An abnormal-response collection means (18) performs SQL injection on the web server, receives the response (RESA) (hereafter “abnormal response”), and records same in a storage unit (16). A determination means (14) determines that the web server has a vulnerability if the normal responses and the abnormal response are the same in the common region.
摘要翻译：要诊断诸如SQL注入之类的漏洞，即使是根据规定条件更改请求响应内容的Web服务器设备。正常响应收集装置（10）多次发送附有注册用户ID和密码的正常请求（REQN）。所述正常响应收集装置（10）响应于正常请求从web服务器接收多个响应（RESN）（以下称为“正常响应”）。公共区域提取装置（12）从多个正常响应中提取公共区域。异常响应收集装置（18）在Web服务器上执行SQL注入，接收响应（RESA）（以下称为“异常响应”），并将其记录在存储单元（16）中。如果正常响应和异常响应在公共区域中相同，则确定装置（14）确定web服务器具有脆弱性。

2. 发明授权

US08918887B2 Vulnerability-diagnosis device 有权
标题翻译：漏洞诊断设备
公开(公告)号：US08918887B2
公开(公告)日：2014-12-23
申请号：US13884444
申请日：2011-11-10
申请人： Tomohiro Taniguchi , Hideyuki Majima , Takahiro Tokue , Takashi Ohkusa , Masashi Tabata , Shintaro Ueda
发明人： Tomohiro Taniguchi , Hideyuki Majima , Takahiro Tokue , Takashi Ohkusa , Masashi Tabata , Shintaro Ueda
IPC分类号： G06F21/00 , H04L29/06 , G06F21/55 , G06F21/62 , G06F21/57
CPC分类号： H04L63/1433 , G06F21/554 , G06F21/577 , G06F21/6227
摘要： To diagnose vulnerabilities such as SQL injection, even for web-server devices that change the content of responses to requests in accordance with prescribed conditions. A normal-response collection means (10) transmits a normal request (REQN), accompanied by a registered user ID and password, a plurality of times. Said normal-response collection means (10) receives a plurality of responses (RESN) (hereafter “normal responses”) from a web server in response to the normal requests. A common-region extraction means (12) extracts a common region from the plurality of normal responses. An abnormal-response collection means (18) performs SQL injection on the web server, receives the response (RESA) (hereafter “abnormal response”), and records same in a storage unit (16). A determination means (14) determines that the web server has a vulnerability if the normal responses and the abnormal response are the same in the common region.
摘要翻译：要诊断诸如SQL注入之类的漏洞，即使是根据规定条件更改响应请求的Web服务器设备。正常响应收集装置（10）多次发送附有注册用户ID和密码的正常请求（REQN）。所述正常响应收集装置（10）响应于正常请求从web服务器接收多个响应（RESN）（以下称为“正常响应”）。公共区域提取装置（12）从多个正常响应中提取公共区域。异常响应收集装置（18）在Web服务器上执行SQL注入，接收响应（RESA）（以下称为“异常响应”），并将其记录在存储单元（16）中。如果正常响应和异常响应在公共区域中相同，则确定装置（14）确定web服务器具有脆弱性。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式