Identifying webpages accessible by unauthorized users via URL guessing or network sniffing

Identifying webpages accessible by unauthorized users via URL guessing or network sniffing

A computer-implemented method includes: generating a first list of uniform resource locators (URLs) available on a page when accessed using privileged credentials; storing one or more first URL outputs associated with the first list of URLs including the content of webpages accessed using the privil...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Walker, Keith R, Bender, Michael, Shute, Michael P, Nachman, David E
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A computer-implemented method includes: generating a first list of uniform resource locators (URLs) available on a page when accessed using privileged credentials; storing one or more first URL outputs associated with the first list of URLs including the content of webpages accessed using the privileged credentials; generating a second list of URLs when accessed using non-privileged credentials; generating a third list of URLs, wherein the third list of URLs includes URLs included in the first list of URLs and not included in the second list of URLs; storing a second URL output including content of a webpage mapped to a particular URL in the third list of URLs when the particular URL is accessed using the non-privileged credentials; determining that the second URL output matches a particular first URL output associated with the particular URL; and outputting an alert identifying that the webpage is accessible by an unauthorized user.