摘要
针对Web应用中反射型XSS检测效率较低、误报率较高的问题,提出一种基于AST分析和Fuzzing的反射型XSS漏洞识别模型。通过发送探针载荷请求目标Web页面,根据AST语法树解析结果,初步判定该Web页面存在反射型XSS漏洞的可能性。再根据探针载荷回显位置确认该页面中可疑XSS注入点,选择对应的逃逸技术和逃逸行为生成初始攻击载荷。将初始攻击载荷与绕过规则库相结合,生成攻击向量库,对可疑注入点进行Fuzzing,以确认是否存在反射型XSS漏洞。实验结果表明,相较于Burp Suite和AWVS,在相同漏洞环境中,此模型检测时平均请求次数较少。在保证较低误报率的同时,有较高的检测效率。
In view of the low detection efficiency and high false alarm rate of reflected XSS in Web applications,a reflected XSS vulnerability identification model based on AST analysis and Fuzzing is proposed.By sending the probe payload to request the target Web page,and according to the analysis result of the AST syntax tree,it is preliminarily determined that the Web page has the possibility of reflected XSS vulnerabilities.Then we confirm the suspicious XSS injection point in the Web page according to the echo position of the probe payload,and select the corresponding escape technology and escape behavior to generate the initial attack payload.The initial attack load is combined with the bypass rule library to generate an attack vector library,and fuzz the suspiciousinjection points to confirm whether there is a reflected XSS vulnerability.Experimental results show that compared with the Burp Suite and AWVS,in the same vulnerability environment,the average number of requests during detection is less.Itensuresa low false alarm rate,andhas a high detection efficiency.
作者
郭晓军
闫宇辰
吴志浩
GUO Xiaojun;YAN Yuchen;WU Zhihao(School of Information Engineering,Xizang Minzu University,Xianyang 712082,Shaanxi,China;Key Laboratory of Optical Information Processing and Visualization Technology of Tibet Autonomous Region,Xizang Minzu University,Xianyang 712082,Shaanxi,China)
出处
《实验室研究与探索》
CAS
北大核心
2022年第10期49-53,共5页
Research and Exploration In Laboratory
基金
西藏自治区自然科学基金项目(XZ2019ZRG-36(Z))
西藏民族大学项目(324011810216,324042000709)。
