摘要
准确获取Web服务器及其承载的应用的类型及版本对Web站点的安全测试有重要意义.针对Web服务器Banner易被修改,提出使用黑盒测试方法对主流Web服务器进行分析,进而选取可有效防止Banner欺骗的Web服务器指纹;针对Web应用关键字易被删除,提出使用源码审计方法对主流开源Web应用进行分析,进而选取与其功能相关的Web应用指纹,并构建Web指纹库.在此基础上,设计并实现Web指纹识别工具——Web Eye.实验结果表明,与主流工具相比,Web Eye能更快速准确地识别Web服务器及应用,并具有良好的可扩展性.
It is very important to accurately acquire information of the web server and deployed application for website security testing. Since the web server' s Banner was apt to be modified, we used the black-box testing method to analyze major web servers, and then selected web server' s fingerprint which could prevent Banner cheating. Since the web application' s keywords were apt to be deleted, we used the source code audit method to analyze major web applications, and then selected web application' s fingerprint, which was associated with its function, and built a web fingerprint database. Furthermore, a web fingerprint identifying tool WebEye was designed and implemented. Experimental results show that WebEye faster and more accurately identifies the web server and application than similar tools, and it has good sealablity.
出处
《中国科学院大学学报(中英文)》
CSCD
北大核心
2016年第5期679-685,共7页
Journal of University of Chinese Academy of Sciences
基金
国家自然科学基金(61572460
61272481)
信息安全国家重点实验室开放课题基金(2015-MS-06)
360项目资助
