SSRF Vulnerability Attack and Prevention Based on PHP

机译：SSRF漏洞攻击和基于PHP的预防

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper firstly introduced the SSRF and the reason of its formation, and a simple demonstration with PHP codes was made. Then, four attack types of SSRF and their combination with other WEB vulnerabilities were introduced and analyzed. And then, the introduction of two kinds of SSRF preventive measures was made and the general defense flow chart was listed. Web security is an important field of Network Space Security, while SSRF is also one of the top 10 vulnerabilities in web security. So, its analysis is of practical significance.

机译：本文首先介绍了SSRF和其形成的原因，并进行了简单的PHP代码演示。然后，引入并分析了四种攻击类型的SSRF及其与其他Web漏洞的组合。然后，提出了两种SSRF预防措施，并列出了一般防御流程图。 Web安全性是网络空间安全性的重要领域，而SSRF也是Web安全性中的十大漏洞之一。因此，其分析具有实际意义。

著录项

来源
《International Conference on Communications, Information System and Computer Engineering》|2019年|xxv 715 p. :|共4页
会议地点
作者
Haibo Luo;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算技术、计算机技术;
关键词
Servers; Protocols; IP networks; Uniform resource locators; XML; Libraries; Fingerprint recognition;

机译：服务器;协议;IP网络;统一资源定位器;XML;图书馆;指纹识别;

相似文献

外文文献
中文文献
专利

1. TAP: A static analysis model for PHP vulnerabilities based on token and deep learning technology [J] . Yong Fang, Shengjun Han, Cheng Huang, PLoS One . 2019,第11期

机译：点击：基于令牌和深度学习技术的PHP漏洞静态分析模型
2. An Agent Based Intelligent Dynamic Vulnerability Analysis Framework for Critical SQLIA Attacks: Intelligent SQLIA Vulnerability Analyzer Agent [J] . Jeya Mala Dharmalingam, M Eswaran International Journal of Intelligent Information Technologies . 2018,第3期

机译：基于代理的智能动态漏洞分析框架，用于关键SQLIA攻击：智能SQLIA漏洞分析仪代理
3. A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities [J] . Golnaz Elahi, Eric Yu, Nicola Zannone Requirements Engineering . 2010,第1期

机译：以漏洞为中心的需求工程框架：基于漏洞分析安全攻击，对策和需求
4. SSRF Vulnerability Attack and Prevention Based on PHP [C] . Haibo Luo 2019 International Conference on Communications, Information System and Computer Engineering . 2019

机译：基于PHP的SSRF漏洞攻击与防范
5. Network-Based Detection and Prevention System Against DNS-Based Attacks [D] . Mohammed, Yasir Faraj. 2021

机译：基于网络的基于DNS攻击的检测和预防系统
6. TAP: A static analysis model for PHP vulnerabilities based on token and deep learning technology [O] . Yong Fang, Shengjun Han, Cheng Huang, 2019

机译：点击：基于令牌和深度学习技术的PHP漏洞静态分析模型
7. A vulnerability-centric requirements engineering framework : Analyzing security attacks, countermeasures, and requirements based on vulnerabilities [O] . Elahi, G, Yu, E, Zannone, N Nicola 2010

机译：以漏洞为中心的需求工程框架：基于漏洞分析安全攻击，对策和需求
8. Transition-Metal Derivatives of Phosphinophosphazenes: X-Ray Crystal Structuresof N3P3Cl4PhPPh2, N3P3Cl4PhPPh2.Cr(CO)5, and N3P3Cl4PhPPh2.Ru3(CO)11 [R] . Allcock, H. R., Manners, I., Mang, M. N., 1990

机译：磷杂磷腈的过渡金属衍生物：N3p3Cl4phpph2，N3p3Cl4phpph2.Cr（CO）5和N3p3Cl4phpph2.Ru3（CO）11的X射线晶体结构

SSRF Vulnerability Attack and Prevention Based on PHP

摘要

著录项

相似文献

相关主题

期刊订阅