| This thesis focuses on the research of Web application vulnerability analysis.Firstly,the principle and main challenges of Web application vulnerability analysis technology are analyzed.Then,the key techniques for Web vulnerability analysis are investigated: vulnerable code location and vulnerability automatic verification technology which specific to the most threatening command execution vulnerabilities in PHP Web applications.The main work and innovations of this thesis as follows:1.In response to the problems of over-reliance on prior knowledge and weak interprocess analysis ability in current static analysis methods of Web applications,a method of locating vulnerable codes of Web applications based on taint analysis is proposed,which perform taint analysis on Web applications at the level of opcodes and finally output relevant information of vulnerable codes.This method can locate more potential command execution vulnerabilities in Web applications.2.In view of low-utilization seeds and low feedback information in current Web application fuzzing technology,a method of Web application vulnerabilities automated verification technology based on directed fuzzing is proposed.Directed by vulnerable code information which generated by static analysis technology,this mehtod performs source code instrumentation on the target web application.Then,the seed mutation mechanism in the existing fuzzing methods are improved to quickly mutate effective seeds,which can more easily bypass checkpoints on the propagation path of vulnerable code taint,and finally generate Po C that can execute into vulnerable code areas and trigger vulnerabilities.3.Design and implement a prototype system ELVIRA for automatic vulnerability analysis of Web applications based on static and dynamic combination,and the experiment show that ELVIRA can perform vulnerability analysis automatically and find unknown vulnerabilities in actual Web applications. |
PDF Full Text Request