Computer Engineering and Applications ›› 2020, Vol. 56 ›› Issue (19): 114-119.DOI: 10.3778/j.issn.1002-8331.1907-0090

Previous Articles     Next Articles

Server Side Request Forgery Vulnerability Detection System with Graph Traversal Algorithm

YIN Hongji, CHEN Wei   

  1. College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210023, China
  • Online:2020-10-01 Published:2020-09-29



  1. 南京邮电大学 计算机学院,南京 210023


In view of the Web application system based on PHP language, a method for detecting and exploiting server side request forgery vulnerabilities based on graph traversal algorithm is proposed. By constructing abstract syntax tree of PHP files, the data flow information of each file is obtained, and global code property graph can be constructed by transfer and dependency relationship in the data flow. The generated code property graph is analyzed by graph traversal algorithm, and the transfer path graph of taint variable is obtained. Finally, the function information in the path graph is analyzed by constraint solving method to detect server side request forgery vulnerabilities and generate available attack vectors. The experimental results show that compared with the traditional static audit method, this detection method can find the server side request forgery vulnerabilities well, and can automatically generate bypassing and available attack payloads.

Key words: abstract syntax tree, code property graph, taint analysis, Server Side Request Forgery(SSRF), constraint solving



关键词: 抽象语法树, 代码属性图, 污点分析, 服务端请求伪造, 约束求解