CN-121997345-A - Vulnerability availability verification method and device and electronic equipment

Abstract

The invention discloses a vulnerability availability verification method, device and electronic equipment, which are used for solving the technical problems that the existing research cannot automatically generate or optimize attack verification scripts for specific vulnerabilities, cannot automatically evaluate the validity of the scripts, and therefore, whether the vulnerabilities can be utilized in a real environment or not is difficult to accurately judge. The method comprises the steps of obtaining a function to be tested, obtaining a vulnerability path affecting the execution state of the function to be tested from a preset intelligent contract, obtaining deployment parameters of the intelligent contract and the intelligent contract, inputting the intelligent contract, the deployment parameters and the vulnerability path into a pre-trained large language model to generate an attack utilization verification script, executing the attack utilization verification script, judging triggerability of a vulnerability corresponding to the vulnerability path according to an execution result to obtain a trigger result, performing profit analysis on the attack utilization verification script to obtain a profit result, and judging whether the vulnerability can be utilized according to the trigger result and the profit result.

Inventors

• NAN YUHONG
• ZHANG JINGWEN
• YE MINGXI
• XIAO YUMING
• ZHENG ZIBIN

Assignees

• 中山大学

Dates

Publication Date

20260508

Application Date

20260130

Claims (10)

1. 1. A vulnerability availability verification method, comprising: Obtaining a function to be tested, and obtaining a vulnerability path affecting the execution state of the function to be tested from a preset intelligent contract; Acquiring an intelligent contract and deployment parameters of the intelligent contract, inputting the intelligent contract, the deployment parameters and the vulnerability path into a pre-trained large language model, and generating an attack utilization verification script; executing the attack utilization verification script, and carrying out triggerability judgment on the loopholes corresponding to the loophole paths according to the execution result to obtain a trigger result; Performing profit analysis on the attack by using a verification script to obtain a profit result; And judging whether the vulnerability can be utilized according to the triggering result and the profit result.
2. 2. The method according to claim 1, wherein the step of obtaining the function to be tested and obtaining the vulnerability path affecting the execution state of the function to be tested from a preset smart contract comprises: Acquiring a function to be tested, and acquiring a state reading set and a state writing set of the function to be tested; Generating a state dependency relationship model according to the state read set and the state write set; Retrieving an entry function set influencing the execution state of the function to be tested according to the state dependency relation model, wherein the entry function set comprises a plurality of entry functions; Judging whether each entry function has a permission control modifier or not; if yes, determining the entry function with the permission control modifier as a restricted entry function, and removing the restricted entry function from the entry function set to obtain a vulnerability path affecting the execution state of the function to be tested.
3. 3. The method of claim 1, wherein the step of executing the attack utilization verification script and performing triggerability judgment on the vulnerability corresponding to the vulnerability path according to the execution result to obtain a trigger result includes: executing the attack utilization verification script to obtain a final instruction of the system; Carrying out validity verification on the attack by using a verification script according to the final instruction of the system; If the verification is passed, recording an attack call chain, an execution stack state and a PC state change; and detecting whether to trigger the loopholes corresponding to the preset trigger rules according to the attack call chain, the execution stack state and the PC state change to obtain a trigger result.
4. 4. A method according to claim 3, wherein the step of executing the attack uses a validation script to derive the system final instructions comprises: and executing the attack utilization verification script in a preset virtual machine according to a preset execution flow to obtain a final instruction of the system.
5. 5. The method of claim 1, wherein the step of profit analysis of the attack using a validation script results in a profit result comprises: acquiring asset changes of an attacker before and after executing the attack utilization verification script according to the execution result; And determining a profit result according to the asset transition.
6. 6. The method of claim 1, wherein the step of determining whether the vulnerability is available based on the trigger result and the profit result comprises: when the triggering result is triggering vulnerability and the profit obtaining result is obtaining profit, judging that the vulnerability is in an available state; when the triggering result is triggering vulnerability and the profit result is no profit, judging that the vulnerability cannot be utilized; when the triggering result is an un-triggered vulnerability and the profit result is a gain, judging that the vulnerability can not be utilized; and when the triggering result is an un-triggered vulnerability and the profit result is a non-profit within the preset timeout period, judging that the vulnerability cannot be utilized.
7. 7. The method as recited in claim 1, further comprising: when the attack fails to execute by using the verification script, collecting a complete byte code sequence in the execution process, and acquiring semantic information causing the execution failure; determining an execution path of the attack using the verification script according to the complete byte code sequence; locating the code position of the execution failure and the function position of the execution failure according to the execution path and the semantic information; Identifying a failure core statement and an objective function corresponding to the failure core statement at the code position and the function position, and determining a failure reason; Acquiring an execution context of a failed core statement; and updating the attack utilization verification script according to the failure core statement, the failure reason and the execution context to obtain an updated script.
8. 8. The method as recited in claim 1, further comprising: When the attack is completed by using the verification script and the execution of the attack is unsuccessful, the vulnerability is triggered or the attack profit is realized, the vulnerability type and the attack script failure stage are obtained; And acquiring primitive operations corresponding to the vulnerability type and the attack script failure stage, and performing enhanced optimization on the attack utilization verification script by adopting the primitive operations to obtain an updated script.
9. 9. A vulnerability availability verification apparatus, comprising: a loophole path acquisition module for acquiring the function to be tested, obtaining a vulnerability path affecting the execution state of the function to be tested from a preset intelligent contract; The attack utilization verification script generation module is used for acquiring intelligent contracts and deployment parameters of the intelligent contracts, inputting the intelligent contracts, the deployment parameters and the vulnerability paths into a pre-trained large language model, and generating attack utilization verification scripts; The triggerability judging module is used for executing the attack utilization verification script, and carrying out triggerability judgment on the loopholes corresponding to the loophole paths according to the execution result to obtain a trigger result; The profit analysis module is used for carrying out profit analysis on the attack by using the verification script to obtain profit results; And the availability judging module is used for judging whether the vulnerability can be utilized according to the triggering result and the profit result.
10. 10. An electronic device, the device comprising a processor and a memory: The memory is used for storing program codes and transmitting the program codes to the processor; the processor is configured to perform the vulnerability availability verification method of any one of claims 1-8 according to instructions in the program code.

Description

Vulnerability availability verification method and device and electronic equipment Technical Field The present invention relates to the field of vulnerability detection technologies, and in particular, to a vulnerability availability verification method and device, and an electronic device. Background The main reason why the current mainstream intelligent contract vulnerability detection tools generally face the problem of excessively high false positive rate is that most of the tools stay on the level of 'potential vulnerability pattern recognition', whether the vulnerability has triggerable preconditions in the real-chain environment cannot be further judged, and whether the vulnerability can cause practical and observable security influence cannot be verified. In the absence of comprehensive assessment of contract operating state, external dependencies, and multi-transaction execution sequences, tools tend to directly determine "theoretically potentially risky code segments" as vulnerabilities, resulting in a large number of false positives that are not available, reproducible, or of limited impact in an actual attack scenario. This inability to distinguish between "defects" and "exploitable and substantial hazards" has become a core bottleneck that limits the engineering utility and risk assessment accuracy of intelligent contract vulnerability detection tools. Intelligent contract vulnerability availability verification refers to constructing an attack transaction sequence based on contract source codes, on-chain states and transaction contexts in a simulated real environment (such as a test network or audit environment), verifying whether certain types of vulnerabilities (such as reentry, access control errors, price predictor manipulation, arithmetic/authorization flaws, etc.) can be actually triggered, and producing quantifiable security consequences (such as funds being transferred). The method not only focuses on whether the loopholes exist or not, but also emphasizes that the preconditions, the required rights/resources and economic benefit boundaries can be definitely utilized, thereby providing an evidence chain for risk classification, restoration strategy selection and post-restoration regression verification. Existing vulnerability availability analysis includes intelligent contract exploit generation based on program analysis and intelligent contract exploit generation based on a large language model. However, the above scheme has the following problems: 1. The existing research cannot automatically generate or optimize an attack verification script aiming at a specific vulnerability, so that the generated script is difficult to cover the real preconditions and execution sequences required by vulnerability triggering, and therefore, the vulnerability availability cannot be accurately and systematically estimated. 2. The validity of the attack script cannot be automatically verified by the existing research, so that whether the script can successfully trigger the vulnerability in the real execution environment or not cannot be judged, the expected safety influence is generated, and the evaluation accuracy is affected. Disclosure of Invention The invention provides a vulnerability availability verification method, device and electronic equipment, which are used for solving the technical problems that the existing research cannot automatically generate or optimize attack verification scripts for specific vulnerabilities, cannot automatically evaluate the validity of the scripts, and therefore, whether the vulnerabilities can be utilized in a real environment or not is difficult to accurately judge. The invention provides a vulnerability availability verification method, which comprises the following steps: Obtaining a function to be tested, and obtaining a vulnerability path affecting the execution state of the function to be tested from a preset intelligent contract; Acquiring an intelligent contract and deployment parameters of the intelligent contract, inputting the intelligent contract, the deployment parameters and the vulnerability path into a pre-trained large language model, and generating an attack utilization verification script; executing the attack utilization verification script, and carrying out triggerability judgment on the loopholes corresponding to the loophole paths according to the execution result to obtain a trigger result; Performing profit analysis on the attack by using a verification script to obtain a profit result; And judging whether the vulnerability can be utilized according to the triggering result and the profit result. Optionally, the step of obtaining the function to be tested and obtaining the vulnerability path affecting the execution state of the function to be tested from a preset intelligent contract includes: Acquiring a function to be tested, and acquiring a state reading set and a state writing set of the function to be tested; Generating a state depe