发明名称 |
METHOD FOR FINDING AND PROVING VULNERABILITY IN ACTIVEX CONTROL AND APPARATUS AND METHOD FOR IDENTIFYING ACTIVEX CONTROL |
摘要 |
<p>A method for checking/providing vulnerability of ActiveX control, and a device and the method for identifying the same are provided to check/prove the vulnerability of the ActiveX control, which is installed by a predetermined website or installed with a predetermined program, from identification to reverse engineering. A main module stores all registry information under an HKEY_CLASSES_ROOT CLSID registry, and identifies COM having a difference by comparing stored registry information with the registry information before/after installation of the predetermined program. A test module checks over whether the COM having the difference provides an IDispathc or IDispathcEx interface. The test module continuously performs a task by executing again the other test module if the test module is abnormally terminated while performing an interface checking task.</p> |
申请公布号 |
KR20070092403(A) |
申请公布日期 |
2007.09.13 |
申请号 |
KR20060022484 |
申请日期 |
2006.03.10 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
KIM, SU YONG;SOHN, KI WOOK |
分类号 |
G06F9/44;G06F9/06 |
主分类号 |
G06F9/44 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|