Disclosure of Invention
The invention aims to overcome the defects in the prior art, and provides a client security detection method and device based on an Android platform Unity3D game, so as to solve the problems that the client test coverage is not perfect and the test efficiency is not high in the prior art.
In order to achieve the above object, the present invention adopts the following technical means.
Firstly, the invention provides a client security detection method based on an Android platform Unity3D game, which comprises the following steps: acquiring a process identifier of a game process to be detected; according to the process identifier, an auxiliary test command set dynamic library and an interface server dynamic library are loaded to a process corresponding to the process identifier; and the interface client sends the test command provided by the auxiliary test command set dynamic library to the process through the interface server dynamic library.
In the method of the present invention, the method further includes exporting the test command provided by sending the auxiliary test command set dynamic library to the process as an external log file.
In the above method of the present invention, the dynamic library of auxiliary test command sets includes a command to read a program set of a game.
In the method of the present invention, the dynamic library of auxiliary test command sets includes a command for searching for game class instances.
Further, in the above method of the present invention, the dynamic library of auxiliary test command sets includes a command for calling a method of the game class instance.
Further, in the above method of the present invention, the dynamic library of auxiliary test command sets includes commands for reading and writing attributes and fields of the game class instance.
Still further, in the above method of the present invention, the attributes and fields read and written to the game class instance during the test are exported as an external log file.
Secondly, the invention provides a client security detection device based on an Android platform Unity3D game, which comprises the following modules: the monitoring module is used for acquiring a process identifier of a game process to be detected; the injection module is used for loading an auxiliary test command set dynamic library and an interface server dynamic library into a process corresponding to the process identifier according to the process identifier; and the sending module is used for sending the test command provided by the auxiliary test command set dynamic library to the process by the interface client through the interface server dynamic library.
In the above apparatus of the present invention, the apparatus further includes an export module, configured to export the test command provided by the dynamic library of the auxiliary test command set sent to the process as an external log file.
In the above device of the present invention, the dynamic library of auxiliary test command sets injected by the injection module includes a command to read a program set of a game.
In the above device of the present invention, the dynamic library of auxiliary test command sets injected by the injection module includes a command for looking up a game class instance.
Further, in the above device of the present invention, the dynamic library of the auxiliary test command set injected by the injection module includes a command for calling a method of the game class instance.
Further, in the above apparatus of the present invention, the dynamic library of auxiliary test command sets injected by the injection module includes commands for reading and writing the attributes and fields of the game class instance.
Still further, in the above apparatus of the present invention, the export module further exports the attributes and fields read from and written to the game class instance during the test process as an external log file.
Finally, the present invention also provides a computer readable storage medium having stored thereon computer instructions. The instructions when executed by the processor implement the steps of a method as in any one of the preceding.
The invention has the beneficial effects that: the coverage of numerical value memory security detection and logic security detection of the client is perfected, and the detection efficiency is improved.
Detailed Description
The conception, the specific structure and the technical effects of the present invention will be clearly and completely described in conjunction with the embodiments and the accompanying drawings to fully understand the objects, the schemes and the effects of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The same reference numbers will be used throughout the drawings to refer to the same or like parts.
Referring to a flowchart of an embodiment shown in fig. 1, a client security detection method based on an Android platform Unity3D game provided by the invention includes the following steps: acquiring a process identifier of a game process to be detected; according to the process identifier, an auxiliary test command set dynamic library and an interface server dynamic library are loaded to a process corresponding to the process identifier; and the interface client sends the test command provided by the auxiliary test command set dynamic library to the process through the interface server dynamic library.
In an embodiment of the present invention, before starting the test, a command set for implementing various auxiliary test functions and a command set for issuing commands to the interface server are compiled and generated into an auxiliary test command set dynamic library and an interface server dynamic library respectively for subsequent process injection operations. Wherein the auxiliary test command set dynamic library can be created based on objects (Type) encapsulating assemblies, modules and types provided by the C # reflection mechanism. Specifically, the reflection dynamically creates instances of the types within the game to be detected and invokes its methods or accesses its fields and properties by binding the types to, or retrieving the types from, existing objects. When an instance of an in-game type uses an attribute, the attribute may be accessed through a C # reflection mechanism. And the tester directly sends the command provided by the auxiliary test command set dynamic library to the game process to be tested based on the interface connection of the client and the operation interface of the client, and executes the test case.
Referring to fig. 2, a flowchart of another embodiment of a client security detection method proposed by the present invention is shown, in which a test command provided by sending an auxiliary test command set dynamic library to a process is exported as an external log file. The tester can verify the specific execution condition of the test case based on the external log file. For example, whether the execution steps described by the test case are completely covered; or in the process of executing the test, whether the game to be detected has the throwing abnormity or not is detected, so that the test process is interrupted, and the like. The log file may also be further used for regression testing.
Referring to fig. 3, which is a schematic diagram of a dynamic library injection process of the client security detection method provided by the present invention, in an embodiment of the present invention, after obtaining a process identifier of a game process to be detected, ptrace may be used to associate the game process to be detected, and further a process register and a process stack corresponding to the process identifier are obtained and saved. By modifying the process registers (e.g., executing a pre-written segment of shellcode), the auxiliary test command set dynamic library and the interface server dynamic library are loaded. And finally, according to the process register and the process stack which are stored in the front, restoring the game process register and the process stack to be detected and disassociating the process to be detected by the prace, so that the process to be detected continues to normally run to execute subsequent formal test work. After the interface client and the interface server are connected, a command can be sent to the interface server through the interface server dynamic library. The commands sent to the interface service may include commands for testing provided by a dynamic library of auxiliary test command sets.
Object class objects inherited from the Unity3D engine can be looked up due to the provided APIs of the Unity3D engine. Thus, in conjunction with the API provided by the Unity3D engine and the C # reflection mechanism, the helper test command set dynamic library may provide commands that:
● reading the assembly (assets) of the game to be tested;
● finding class instances (instances) within the game to be tested;
● view and/or modify properties (property) and fields (field) of an instance;
● call method of the instance;
for use by test personnel during the performance of the test.
For example, since in the Unity3D engine, the Camera class (Camera) decides the picture displayed by the game, and the object Unity engine in Unity3D inherits the object class object from Unity3D engine. Thus, a tester can use the dynamic library of auxiliary test command set to search the unitine camera class instance to perform specific game value memory security check and logic security check.
Specifically, in an embodiment of the present invention, after establishing a connection between an interface client and an interface server, the interface client searches for a unit engine category instance of a game to be tested based on a command provided by an auxiliary test command set dynamic library, after establishing a connection between the interface client and the interface server, the process corresponding to a process identifier to which the auxiliary test command set dynamic library and the interface server dynamic library are loaded; then the interface client sends out a command of modifying the position attribute of the instance of the UnityEngine, Camera class, and the height of the game picture is adjusted so as to simulate the abnormal condition caused by malicious modification of the client; and finally, confirming whether the client is safe or not by detecting whether the camera position can be automatically restored after being modified.
Further, in the above-described embodiments of the present invention, the attributes and fields read and written to the game class instance during the testing process are exported as an external log file. Specifically, the test case may be designed to read the attributes and fields of the game class instance before modification, then modify the attributes and fields of the game class instance, and read the attributes and fields of the game class instance before modification again after modification. And exporting the attributes and the fields read and written in the game class instances in the three operations as an external log file, and comparing whether the attributes and the fields of the game class instances read in the previous and next operations are the same to obtain a conclusion of safety.
Referring to fig. 4, a block diagram of an embodiment of a client security detection device according to the present invention is shown, and the present invention further provides a client security detection device based on an Android platform Unity3D game, including the following blocks: the monitoring module is used for acquiring a process identifier of a game process to be detected; the injection module is used for loading an auxiliary test command set dynamic library and an interface server dynamic library into a process corresponding to the process identifier according to the process identifier; and the sending module is used for sending the test command provided by the auxiliary test command set dynamic library to the process by the interface client through the interface server dynamic library.
In an embodiment of the invention, before starting the test, a command set for realizing various auxiliary test functions and a command set for sending commands to the interface server are respectively compiled and generated into an auxiliary test command set dynamic library and an interface server dynamic library, and the injection module is injected into the game process to be tested. Wherein the auxiliary test command set dynamic library can be created based on objects (Type) encapsulating assemblies, modules and types provided by the C # reflection mechanism. Specifically, the reflection dynamically creates instances of the types within the game to be detected and invokes its methods or accesses its fields and properties by binding the types to, or retrieving the types from, existing objects. When an instance of an in-game type uses an attribute, the attribute may be accessed through a C # reflection mechanism. And the tester directly sends the command provided by the auxiliary test command set dynamic library to the game process to be tested based on the interface connection of the client and the operation interface of the client, and executes the test case.
Referring to fig. 5, a block diagram of another embodiment of a client security detection apparatus according to the present invention is shown, in which the module further includes an export module, configured to export, as an external log file, a test command provided by sending an auxiliary test command set dynamic library to a process. The tester can verify the specific execution condition of the test case based on the external log file. For example, whether the execution steps described by the test case are completely covered; or in the process of executing the test, whether the game to be detected has the throwing abnormity or not is detected, so that the test process is interrupted, and the like. The log file may also be further used for regression testing.
In an embodiment of the present invention, after the monitoring module obtains the process identifier of the game process to be detected, the injection module may use ptrace to associate the game process to be detected, and further obtain and store the process register and the process stack corresponding to the process identifier. By modifying the process registers (e.g., executing a pre-written segment of shellcode), the auxiliary test command set dynamic library and the interface server dynamic library are loaded. And finally, according to the process register and the process stack which are stored in the front, restoring the game process register and the process stack to be detected and disassociating the process to be detected by the prace, so that the process to be detected continues to normally run to execute subsequent formal test work. After the interface client and the interface server are connected, the sending module can send a command to the interface server through the interface server dynamic library. The commands sent to the interface service may include commands for testing provided by a dynamic library of auxiliary test command sets.
Object class objects inherited from the Unity3D engine can be looked up due to the provided APIs of the Unity3D engine. Thus, in conjunction with the API provided by the Unity3D engine and the C # reflection mechanism, the helper test command set dynamic library may provide commands that:
● reading the assembly (assets) of the game to be tested;
● finding class instances (instances) within the game to be tested;
● view and/or modify properties (property) and fields (field) of an instance;
● call method of the instance;
for use by test personnel during the performance of the test.
For example, since in the Unity3D engine, the Camera class (Camera) decides the picture displayed by the game, and the object Unity engine in Unity3D inherits the object class object from Unity3D engine. Thus, a tester can use the dynamic library of auxiliary test command set to search the unitine camera class instance to perform specific game value memory security check and logic security check.
Specifically, in an embodiment of the present invention, after establishing a connection between an interface client and an interface server, the interface client searches for a unit engine category instance of a game to be tested based on a command provided by an auxiliary test command set dynamic library, after establishing a connection between the interface client and the interface server, the process corresponding to a process identifier to which the auxiliary test command set dynamic library and the interface server dynamic library are loaded; then the interface client sends out a command of modifying the position attribute of the instance of the UnityEngine, Camera class, and the height of the game picture is adjusted so as to simulate the abnormal condition caused by malicious modification of the client; and finally, confirming whether the client is safe or not by detecting whether the camera position can be automatically restored after being modified.
Further, in the above embodiment of the present invention, the export module may also export the attributes and fields read from and written to the game class instance during the test process as an external log file. Specifically, the test case may be designed to read the attributes and fields of the game class instance before modification, then modify the attributes and fields of the game class instance, and read the attributes and fields of the game class instance before modification again after modification. And exporting the attributes and the fields read and written in the game class instances in the three operations as an external log file, and comparing whether the attributes and the fields of the game class instances read in the previous and next operations are the same to obtain a conclusion of safety.
While the present invention has been described in considerable detail and with particular reference to a few illustrative embodiments thereof, it is not intended to be limited to any such details or embodiments or any particular embodiments, but it is to be construed as effectively covering the intended scope of the invention by providing a broad, potential interpretation of such claims in view of the prior art with reference to the appended claims. Furthermore, the foregoing describes the invention in terms of embodiments foreseen by the inventor for which an enabling description was available, notwithstanding that insubstantial modifications of the invention, not presently foreseen, may nonetheless represent equivalent modifications thereto.