Shulou(Shulou.com)06/01 Report--

Intelligent automation penetration of CDN identification is how, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.

Background:

In the actual security testing process, we often encounter websites that use CDN acceleration. Testing for such sites, in the absence of real IP, there is no need to enter the next step of port scanning, service weak password scanning. So in fully automated intelligent penetration, it is necessary to write a single child plug-in to detect whether the target uses CDN.

Methods:

Previously, to determine whether the target used CDN, the method I often used was to test ping with multiple IP in ping.chinaz.com, and if a large number of different IP were returned, the target used CDN. Then in view of this idea, the implementation of writing the program is to analyze the js call of ping.chinaz.com and simulate the different IP of the target. However, this method is troublesome, and the actual effect is completely dependent on chinaz. Once the service of chinaz is suspended, we become very passive and can no longer use it.

However, according to the analysis principle, different locations resolve to different IP for the same domain name, and the actual difference is that different DNS servers are used, so in fact, as long as we send query requests to different DNS servers around the world, we can achieve the same effect.

In addition to analyzing whether the target uses CDN, we also need to determine which manufacturer's CDN is used by the target. The implementation principle is that customers usually need to set the CNAME value to the address of the CDN service provider when purchasing CDN. We can build a similar CNAME feature library to determine which specific CDN service provider is.

To sum up, according to this idea, we can implement a simple demo to detect whether the target uses CDN.

The code is as follows:

The effect is as follows:

The complexity and uncertainty of the network information system lead to the strong concealment of network security vulnerabilities, and it is more and more difficult to prevent network risks by mining vulnerabilities. The existing vulnerability scanning technology of network information system uses fuzzy testing method to detect all vulnerabilities in the target system, so it is unable to identify the characteristics of the target system and take targeted vulnerability detection measures. and can not be combined to use multiple vulnerabilities to further dig deeper vulnerabilities.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.