METHOD FOR OBEX PROTOCOL VULNERABILITY DISCOVERY AND SYSTEM THEREOF

摘要

A method and system for Object Exchange (OBEX) protocol vulnerability discovery are provided, which belong to the technical field of software engineering. The method of the present invention includes the following steps: firstly, selecting an object device which communicates via OBEX protocol and establishing the communication connection with the object device, then constructing an abnormal packet based on the weak point of the OBEX protocol of the object device, sending the packet to the object device and receiving the response packet from the object device; judging the status of the object device according to the received response packet, debugging the abnormal packet which triggers the abnormal status of the object device and determining the vulnerability parameter of the OBEX protocol. The system of the present invention includes an abnormal data constructing module, a protocol communicating module and a security vulnerability detection module. The present invention fills the domestic and foreign gaps in the field of OBEX protocol vulnerability discovery, avoids massive economic damage caused by the OBEX protocol vulnerability, and is important to the information security of country.