CN103559445A - Application-program interactive control method and device - Google Patents
Application-program interactive control method and device Download PDFInfo
- Publication number
- CN103559445A CN103559445A CN201310551694.3A CN201310551694A CN103559445A CN 103559445 A CN103559445 A CN 103559445A CN 201310551694 A CN201310551694 A CN 201310551694A CN 103559445 A CN103559445 A CN 103559445A
- Authority
- CN
- China
- Prior art keywords
- application program
- described application
- clist
- parameter
- command list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an application-program interactive control method and an application-program interactive control device. The method comprises the following steps of starting an application program through a system inlet; interacting with the application program according to a preset command list, wherein the command list comprises a function and/or a parameter; obtaining the executing result of the application program. In the scheme provided by the invention, the interactive-type control of the application program is automatically realized by simulating the using process of a user, so that the interaction of the application program in starting and executing processes and the user can be automatically realized; manual participation is not needed, so that the executing efficiency is improved, and the cost is saved to a large degree.
Description
Technical field
The present invention relates to computer realm, be specifically related to a kind of application program interaction control method and device.
Background technology
In graphical interfaces operating system, in a lot of applications, exist and need the application program in automatic start up system, and application program is automatically performed, the application of analyzing or utilizing to obtain the execution result of described application program.But most of application programs all need to carry out alternately with user in graphical interfaces operating system, need user to carry out number order or input some parameters etc. just to make this application program complete execution.But call the control program of a large amount of these class application programs for needs, if at every turn all by the corresponding order of input manually and parameter, efficiency can be very low, and unusual consumes resources.
The similar control program of carrying above has utilization in a lot of fields, as the security protection of the test of software product or system etc.When software product testing, a large amount of subroutines that test procedure comprises by starting software product, and input the required order of these subroutines or parameter is carried out these subroutines, and the execution result that obtains subroutine is analyzed.And in the security protection of system, for the security of test application, need to start this application program and carry out this application program, and detect according to its execution result.
In security protection detects, can often touch the rogue programs such as various virus, wooden horse or attack tool or malice sample.Wherein virus is characterised in that attack computing machine, causes the situations such as system performance reduction or system crash; And wooden horse is characterised in that the account data of stealing subscriber computer user; Attack tool is characterised in that: a class is destroyed for the preferential scope of appointment in system, consequently causes system unstable or carry out and cannot use; An other class is for the securing software existing in system, comprises that antivirus software attacks, and can break through the defense system of securing software, and virus or the wooden horse of its follow-up subsidiary other can be entered in user computer smoothly.This series ofly can move virus, wooden horse or attack tool etc. and system is damaged to or the damnous executable program of computer user is all referred to as rogue program or maliciously carries out sample in system.
These rogue programs or malice sample great majority are all to provide with order line form, all need by carrying out with the mode of user interactions in its implementation.And for this class rogue program or malice sample, when carrying out safety detection, due to cannot be by obtaining its source code, and executions of modifying as required, be therefore difficult to detect and judge its security by robotization.For example, after rogue program or malice sample start, need user to input the parameters such as the window handle of appointment or process pid and could continue execution backward.
And at present common most of operating systems, do not have a kind of solution of maturation, can realize and replying with the automatic and interactive of application program, and obtain the execution result of this application program.In the graph user interface system that Windows system is representative as take, by order line, be redirected mode and can only solve sub-fraction and there is no the mutual application program implementation of a large number of users, cannot realize the simulation of a large amount of interactive responses modes in application program implementation.
In addition, in command line system, as Except script is provided in Unix system, by some order in this Except script, can in the command line interface of application program place, add necessary information, complete the execution of this application program; Each Expect has operated in addition, and operation result all will be kept in home environment variable $ expect_out.This allows script collect these information and feed back, and also allows to send corresponding instruction according to present case simultaneously.
What but the expect script of Unix system was used is all the instrument based on Unix, and cannot or be difficult to be transplanted to graphical interfaces operating system as in Windows, and Expect robotization control command row instrument be not suitable for graphic user interface operating system.
Summary of the invention
For solving the above-mentioned problems in the prior art, the invention provides a kind of application program interaction control method and device thereof that is applicable to graphic user interface.
According to an aspect of the present invention, it provides a kind of application program interaction control method, comprising:
By system entry, start described application program;
According to default command list (CLIST) and described application program, carry out alternately, described command list (CLIST) comprises function and/or parameter;
Obtain the execution result of described application program.
Optionally, described command list (CLIST) provides by the form of configuration file or parameter.
Optionally, in the method, according to command list (CLIST), according to certain time interval, to described application program, provide corresponding function and/or parameter to realize mutual with described application program.
Optionally, the comprising alternately of described and described application program: obtain the handle of window or the ID of process, and offer the respective function in command list (CLIST), to realize mutual with described application program.
Optionally, by Simulation of keyboard input, start described application program, to described application program, function and/or parameter be provided, to function, provide the handle of window or the ID of process.
Optionally, after described application program is complete, by calling system copy command, obtain the execution result of described application program.
Optionally, after obtaining the execution result of described application program, the result of obtaining by preset standard analysis is to determine whether described application program runs succeeded, and described preset standard at least comprises: in system, whether registration table is modified, whether file is modified and whether file permission is modified.
According to a further aspect in the invention, it also provides a kind of application program interaction control device, comprising:
Start module 701, it starts described application program by system entry;
Optionally, described command list (CLIST) provides by the form of configuration file or parameter.
Optionally, described interactive module 702 is according to command list (CLIST), according to certain time interval, to described application program, provides corresponding function and/or parameter to realize mutual with described application program.
Optionally, the comprising alternately of described and described application program: obtain the handle of window or the ID of process, and offer the respective function in command list (CLIST), to realize mutual with described application program.
Optionally, described interactive module 702 is started described application program, to described application program, function and/or parameter is provided, to function, provides the handle of window or the ID of process by Simulation of keyboard input.
Optionally, described result acquisition module 703, after described application program is complete, obtains the execution result of described application program by calling system copy command.
Optionally, described result acquisition module 703 is after obtaining the execution result of described application program, the result of also obtaining by preset standard analysis is to determine whether described application program runs succeeded, and described preset standard at least comprises: in system, whether registration table is modified, whether file is modified and whether file permission is modified.
Such scheme provided by the invention is by the use procedure of analog subscriber, automatically realize the interactive responses with application program, to realize automatic startup and the execution of application program, this make application program start and implementation in can robotization the realizing alternately of user, and without artificial participation, without user, manually input order or the parameter that application program needs in startup and implementation, this utmost point has improved execution efficiency, provides cost savings to a great extent again.In addition, the automatic startup of such scheme application programs provided by the invention and execution are carried out under analog subscriber use state, and this mode independently exists control program and this application program of starting application program, and the form with sub-parent process does not exist.For example, in safety detection application, control program starts after rogue program or malice sample, can by other security protection instrument, is not used as the parent process of rogue program or malice sample and be blocked.
Those skilled in the art are to be understood that, such scheme provided by the invention is not only applicable in the automatic test of Windows system, product and the safety detection of product, and it is applicable to any graphical interfaces operating system and needs in graphical interfaces operating system carry out in application that automatic interaction replys with application program.
In order to better understand technological means of the present invention, and can be implemented according to the content of instructions, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention, describe in detail.
Accompanying drawing explanation
Fig. 1 is application program interaction control method process flow diagram in the present invention;
Fig. 2 starts the graphical schematic diagram of cmd command Window in Windows system at " RUN " window;
Fig. 3 is the concrete methods of realizing process flow diagram that starts cmd command Window under Windows system;
Fig. 4 (a)~Fig. 4 (b) is the schematic diagram that the illustrational rogue program of the present invention is pointed out input process Id and shown execution result in cmd command Window;
Fig. 5 (a)~Fig. 5 (b) is the graphical schematic diagram that obtains application program execution result under Windows operating system;
Fig. 6 obtains the method flow diagram of System menu under Windows system;
Fig. 7 is the functional block diagram of application program interaction control device in the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with specific embodiment, and with reference to accompanying drawing, the present invention is described in further detail.
Fig. 1 shows the process flow diagram of a kind of application program interaction control method provided by the invention.As shown in Figure 1, this application program interaction control method comprises:
Step 101: start described application program by system entry;
Step 102: carry out alternately according to default command list (CLIST) and described application program, described command list (CLIST) comprises function and/or parameter;
Step 103: the execution result that obtains described application program.
Included above-mentioned each step of application program interaction control method that the Windows system of take below proposes as example detailed description the present invention, those skilled in the art should know, the method is not limited only to Windows system, and it is also applicable to other any graphic interface system.
Step 101: start described application program by system entry.The control program of carrying out the method starts this application program as the system entry order that test procedure can provide by operating system.
First, in Windows system, the api routine simulating hand providing by system is opened cmd command Window.
Fig. 2 shows the graphical schematic diagram that starts cmd command Window in Windows system at " RUN " window.As shown in Figure 2, control program can have been adjusted " RUN " window by the Hotkey of simulation Win+R, and in opening path, inputs cmd, and control program analog subscriber mouse is clicked " the determining " on this " RUN " window, starts cmd command Window.Certainly control program also can directly start cmd command Window by system interface, but the former can allow the process of cmd command window start up in the subprocess mode of explorer rather than start in the mode of control program subprocess.Because having under the environment of securing software, if cmd process starts as the subprocess mode of control program, securing software is tackled it when detecting this application program for malice sample, and in the time of interception, can be that control program is tackled in the lump its parent process, so likely will cause follow-up operation all can lose efficacy.
Fig. 3 shows the concrete methods of realizing process flow diagram that starts cmd command Window under Windows system.As shown in Figure 3, the method comprises:
Step 1011: recall " RUN " window by calling system api interface " keybd_event " input keyboard pseudo code " VK_LWIN+R ";
Step 1012: calling system api interface " FindWindow & EnumChildWindows " is searched the handle " hedit " of the input frame of window " ClassName=Eidt ", obtain the input frame handle on " RUN " window, then calling system api interface " SendMessage " sends message number " WM_SETTEXT " to this handle " hedit ", its parameter is " cmd ", i.e. simulating hand operation is to described input frame input " cmd ";
Step 1013: calling system api interface " FindWindow & EnumChildWindows " is searched the button handle " hbtn " of window " WindowsName=' determines ' ", obtain the confirming button handle on " RUN " window, and calling system api interface " PostMessage " sends BN_CLICKED message to handle " hbtn ", i.e. simulating hand click confirming button;
Step 1014: in a time-out time 5s, poll calling system api interface " FindWindow ", searches the handle of window " ClassName=ConsoleWindowClass ", searches cmd command Window.
Secondly, in the cmd command Window of opening, start application program.Can be by the complete trails of the application program that analog input will be carried out in cmd command Window, and the analog input carriage return character, application program started.If the startup of this application program needs input parameter, in input complete trails, need to input corresponding command parameter, such as: x.exe/start or rundll32x.dll etc.
Just can under Window system, automatically start any application by the way, and can select Starting mode that the application program that starts is started as the subroutine of explorer rather than the subroutine of carrying out the control program of the method, this control program while avoiding the application program that started by rogue program of take is tackled by security tool.It will be appreciated by those skilled in the art that in other graphical user interfaces, can start application program by similar mode.
Step 102: carry out alternately according to default command list (CLIST) and described application program, described command list (CLIST) comprises function and/or parameter.
Alternatively, described command list (CLIST) provides by the form of configuration file or parameter.
In the embodiment of the present invention, first, need to obtain in advance input function and/or the parameter of interactive portion in application program implementation, and form command list (CLIST) according to obtained function and/or parameter, described command list (CLIST) can provide by the form of configuration file or parameter.
Suppose that paramlist is described command list (CLIST), can provide by following form:
myprogram(obj.exe,paramlist,timeout)
Wherein, obj.exe is application program, and paramlist is the command list (CLIST) needing in reciprocal process to application program input, and length is any.The formal definition of paramlist is a list, it is content-defined is some functions and/or list, its form is as follows: [(fun1, * param1), (fun2, * param2), ...], fun1 wherein, fun2 are power function, param is the input parameter that this power function is corresponding, length is any, and certain described power function also can not need corresponding input parameter.In the reciprocal process with application program, can remove to carry out corresponding fun (* param) by traveling through whole paramlist, realize the interactive function with application program.
Alternatively, in the embodiment of the present invention, according to command list (CLIST), according to certain time interval, to described application program, provide corresponding function and/or parameter to realize mutual with described application program.In above-mentioned example, timeout is interval input time of each power function and/or parameter in reciprocal process, and this time interval can arrange as required, and its default value is all 1s.The form of timeout can be a numeral or a list in addition, if digital, represent that in paramlist, every step operation all unifies to use a time-out time, if a list represents that the time-out time setting of every step operation in paramlist independently arranges separately.
Alternatively, in the reciprocal process with described application program, by obtaining the handle of described application window or the ID of process, and offer respective function and/or parameter in command list (CLIST), to realize mutual with described application program.
For example, control program can remove to carry out corresponding power function fun (* param) by traveling through whole command list (CLIST) paramlist, realizes the interactive function with application program.When in mutual, application program need to be obtained the window handle of certain Dynamic Generation, or to catch certain special processing ID be PID, control program first searches by the power function fun in command list (CLIST) paramlist window handle or the process ID needing, and then obtained window handle or process ID is offered to fun function in described command list (CLIST) to realize mutual with described application program.
Alternatively, except the startup of application program, to described application program, function and/or parameter are provided, to function, provide the handle of window or the ID of process to complete by Simulation of keyboard input.
Just as previously mentioned, start application program open cmd command Window by calling system entrance and Simulation of keyboard input when starting application program after.And after application program launching, also can to cmd command Window, input corresponding window handle or process ID and described application program by Simulation of keyboard input and carry out alternately.
For example, after starting the rogue program of a kill_notepad.exe, it points out the pid of input notepad in cmd command Window.Fig. 4 (a)~Fig. 4 (b) shows the schematic diagram that this rogue program is pointed out input process Id and shown execution result in cmd command Window.As shown in Fig. 4 (a) and Fig. 4 (b), carry out the control program of the inventive method according to default command list (CLIST) paramlist=[(startnotepad, " notepad.exe ")], call startnotepad function and start a notepad.exe process, the pid of now cmd command Window prompting input notepad, the PID that supposes notepad.exe is " 1420 ", now control program Simulation of keyboard input is to cmd window input " 1420 ", and simulate enter key, so far complete reciprocal process one time.Kill_notepad.exe program obtains continuing to carry out after input parameter, if also have other mutual, according to the time interval, then carries out corresponding function function, repeats above-mentioned reciprocal process, until all reciprocal process completes.
Step 103: the execution result that obtains described application program.Alternatively, after described application program is complete, by calling system copy command, obtain the execution result of described application program.In the preferred embodiment of the present invention, by cmd command Window, obtain result.
Fig. 5 (a)~Fig. 5 (b) shows the graphical schematic diagram that obtains application program execution result under Windows operating system.For example, after kill_notepad.exe rogue program finishes, by system api interface, find the window handle hwnd of cmd command Window, then according to this window handle, calculate the position on cmd command Window heading hurdle, calling system APIGetWindowRect obtains the coordinate of window handle hwnd, and its rreturn value is designated as (left, top, right, bottom), for representing the coordinate position in the upper left corner and the lower right corner of cmd command Window.According to left, the coordinate of top is offset, if side-play amount is (x, y)=(268,42), calculate position=(left+x, the top+y) that click by right key of simulation and find one with respect to the coordinate of desktop, a certain position on this coordinate points cmd command Window title block, the position that also simulation is clicked by right key.As shown in Fig. 5 (a), on this position, by simulation points right click, recalling System menu " editor "--> " choosing entirely ", now all the elements of cmd command Window are all selected.As shown in Fig. 5 (b), at same position simulation points right click, recall that System menu " editor "--> " copies ", by chosen content replication in system shear plate.Afterwards, control program can, by the content in reading system shear plate, obtain the various object informations that rogue program returns.
Fig. 6 shows the method flow diagram that obtains System menu under Windows system.As shown in Figure 6, it comprises:
Step 1031: obtain top-level window handle list hwndlistl all in system by system api interface EnumChildWindows;
Step 1032: on assigned address, (left+x as mentioned above, top+y) position, it is a certain position on the title block of cmd command Window, by system api interface mouse_event, transmit MOUSEEVENTF_RIGHTDOWN & MOUSEEVENTF_RIGHTUP parameter, with the operation of clicking by right key of analog mouse.This process can be in a time-out time (acquiescence 5s), waits for the newly-increased window handle that obtains a ClassName=#32768.Its procurement process is that each calling system api interface EnumChildWindows obtains top-level window handle list hwndlist2 all in a system, calculate itself and the difference set of top-level window handle list hwndlistl before, and in this difference set, search whether there is a window handle ClassName=#32768, can find the window handle hwnd of popup menu;
Step 1033: the window handle hwnd of popup menu is converted to menu handle hmenu by system api interface GetMenu, and according to menu handle hmenu calling system api interface GetMenuItemCount, obtain the number of all menu items in this menu, then calling system api interface GetMenuItemInfo travels through each menu item, obtain its Word message, and find its Word message for the menu item of " editor ", and return to the position (x of this Edit menu item, y), so recurrence continues to search " choosing entirely " menu item, can complete the search procedure of right-click menu, finally by coordinate (x corresponding to respective menu items obtaining, y), analog mouse is clicked.
Alternatively, after obtaining the execution result of described application program, the result of obtaining by preset standard analysis is to determine whether running succeeded of described application program.
After application program is complete, the execution result obtaining by analysis, to determine whether the execution result of this application program is expected results.This deterministic process can, by setting in advance some standards, be determined by execution result and the preset standard of application program described in comparative analysis.For example,, in safety detection, in order to judge whether described application program is rogue program, and preset standard can be set at least comprise: in system, whether registration table is modified, whether file is modified and whether file permission is modified.If its execution result meets in this preset standard at least one, just can tentatively suppose that it is rogue program, carry out again afterwards next step operation, and how to operate as for next step, with summary of the invention of the present invention, do not contact directly, at this, just introduce no longer in detail.
The said method that the present invention is proposed be take the applications such as Windows system and safety detection and is illustrated as example, but those skilled in the art should know, said method provided by the invention is not limited only to the fields such as Windows system and safety detection, and it is applicable to any graphical user interface and any needs start automatically and the application of executive utility.
In sum, the invention provides a kind of application program interaction control method, it starts application program by system entry, and carry out alternately according to default command list (CLIST) and application program, in reciprocal process, by analog subscriber, input function and/or the parameter that application program need to provide, and after application program is complete, obtain its execution result, described execution result is carried out to analyzing and processing.The startup of application programs in the method, to application program provide function and/parameter, obtain application program execution result etc. and all by users such as analog subscriber keyboard or mouse clicks, operate to realize, make started application program and current control program process independently each other, to prevent that the insecurity of application program from affecting the execution of control program.This method makes to be called possibility with the automatic interaction of application program in graphical user interface, and has saved a large amount of human resources, has improved to a great extent execution efficiency, for some application provides convenience as product test and safety detection etc.
It should be noted that, for embodiment of the method, for simple description, therefore it is all expressed as to a series of combination of actions, but those skilled in the art should know, the application is not subject to the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in instructions all belongs to preferred embodiment, and related action and module might not be that the application is necessary.
Fig. 7 shows the functional block diagram of a kind of application program interaction control device of the present invention's proposition.As shown in Figure 7, this device comprises:
The included above-mentioned modules of application program interaction control device that the Windows system of still take below proposes as example detailed description the present invention, those skilled in the art should know, this device is not limited only to Windows system, and it is also applicable to other any graphic interface system.
First, in Windows system, the api routine simulating hand providing by system is opened cmd command Window.
Alternatively, starting module 701 can adjust " RUN " window by the Hotkey of Win+R, and in opening path, inputs cmd.exe, starts module 701 simulations and clicks " the determining " on this " RUN " window, starts cmd command Window.Certainly start module 701 and also can directly start cmd command Window by system interface, but the former can allow the process of cmd command window start up in the subprocess mode of explorer rather than start in the mode of this application program interaction control device subprocess.Because having under the environment of securing software, if cmd process starts as the subprocess mode of application program interaction control device, securing software is tackled it when detecting this application program for malice sample, and in the time of interception, can be that the process that application program interaction control device is corresponding is tackled in the lump its parent process, so likely will cause follow-up operation all can lose efficacy.
Secondly, start module 701 and start application program in the cmd command Window of opening.Can be by the complete trails of the application program that analog input will be carried out in cmd command Window, and the analog input carriage return character, application program started.If the startup of this application program needs input parameter, in input complete trails, need to input corresponding command parameter, such as: x.exe/start or rundll32x.dll etc.
Just can under Window system, automatically start any application by the way, and can select Starting mode that the application program that starts is started as the subroutine of explorer rather than with the subroutine of application program interaction control device, this application program interaction control device while avoiding the application program that started by rogue program of take is tackled by security tool.It will be appreciated by those skilled in the art that in other graphical user interfaces, can start application program by similar mode.
Alternatively, described command list (CLIST) offers interactive module 702 by the form of configuration file or parameter.
In the embodiment of the present invention, first, need to obtain in advance input function and/or the parameter of interactive portion in application program implementation, and form command list (CLIST) according to obtained function and/or parameter, described command list (CLIST) can offer by the form of configuration file or parameter interactive module 702.
Suppose that paramlist is described command list (CLIST), can provide by following form:
myprogram(obj.exe,paramlist,timeout)
Wherein, obj.exe is application program, and paramlist is the command list (CLIST) needing in reciprocal process to application program input, and length is any.The formal definition of paramlist is a list, it is content-defined is some functions and/or list, its form is as follows: [(fun1, * param1), (fun2, * param2), ...], fun1 wherein, fun2 are power function, param is the input parameter that this power function is corresponding, length is any, and certain described power function also can not need corresponding input parameter.In the reciprocal process with application program, interactive module 702 can remove to carry out corresponding power function fun (* param) by traveling through whole paramlist, realizes the interactive function with application program.
Alternatively, in the embodiment of the present invention, interactive module 702, according to command list (CLIST), provides corresponding function and/or parameter to realize mutual with described application program according to certain time interval to described application program.In above-mentioned example, timeout is interval input time of each power function and/or parameter in reciprocal process, and this time interval can arrange as required, and its default value is all 1s.The form of timeout can be a numeral or a list in addition, if digital, represent that in paramlist, every step operation all unifies to use a time-out time, if a list represents that the time-out time setting of every step operation in paramlist independently arranges separately.
Alternatively, in the reciprocal process with described application program, described interactive module 702 is by obtaining the handle of described application window or the ID of process, and offers respective function and/or parameter in command list (CLIST), to realize mutual with described application program.
For example, interactive module 702 can remove to carry out corresponding power function fun (* param) by traveling through whole command list (CLIST) paramlist, realizes the interactive function with target program.When application program in mutual need to be obtained the window handle of certain Dynamic Generation, or to catch certain special processing ID be PID, interactive module 702 first searches by the power function fun in command list (CLIST) paramlist window handle or the process ID needing, and then obtained window handle or process ID is offered to fun function in described command list (CLIST) to realize mutual with described application program.
Alternatively, except starting module 701, start application program, interactive module 702 provides function and/or parameter, to function, provides the handle of window or the ID of process to complete by Simulation of keyboard input to described application program.
Just as previously mentioned, start after module 701 is opened cmd human window by calling system entrance and Simulation of keyboard input when starting application program and start application program.And after application program launching, interactive module 702 also can be inputted corresponding window handle or process ID and described application program to cmd command Window by Simulation of keyboard input and carry out alternately.
For example, start module 701 after starting the rogue program of a kill_notepad.exe, this rogue program is pointed out the pid of input notepad in cmd command Window.Fig. 3 shows this rogue program and in cmd command Window, points out the schematic diagram of input process Id.As shown in Figure 3, interactive module 702 is according to default command list (CLIST) paramlist=[(startnotepad, " notepad.exe ")], call startnotepad function and start a notepad.exe process, the pid of now cmd command Window prompting input notepad, supposes that the PID of notepad.exe is " 1420 ", and now interactive module 702 Simulation of keyboard inputs are to cmd window input " 1420 ", and simulate enter key, so far complete reciprocal process one time.Kill_notepad.exe program obtains continuing to carry out after input parameter, if also have other mutual, according to the time interval, then carries out corresponding function function, repeats above-mentioned reciprocal process, until all reciprocal process completes.
For example, after kill_notepad.exe rogue program finishes, result acquisition module 703 finds the window handle hwnd of cmd command Window by system api interface, then according to this window handle, calculate the position on cmd command Window heading hurdle, calling system APIGetWindowRect obtains the coordinate of window handle hwnd, and its rreturn value is designated as (left, top, right, bottom), for representing the coordinate position in the upper left corner and the lower right corner of cmd command Window.According to left, the coordinate of top is offset, if side-play amount is (x, y)=(268,42), calculate position=(left+x, the top+y) that click by right key of simulation and find one with respect to the coordinate of desktop, a certain position on this coordinate points cmd command Window title block, the position that also simulation is clicked by right key.As shown in Fig. 4 (a), on this position, by simulation points right click, recalling System menu " editor "--> " choosing entirely ", now all the elements of cmd command Window are all selected.As shown in Fig. 4 (b), at same position simulation points right click, recall that System menu " editor "--> " copies ", by chosen content replication in system shear plate.Afterwards, result acquisition module 703 can, by the content in reading system shear plate, obtain the various object informations that rogue program returns.
Alternatively, result acquisition module 703 is after obtaining the execution result of described application program, and the result of also obtaining by preset standard analysis is to determine whether running succeeded of described application program.
After application program is complete, the execution result that result acquisition module 703 obtains by analysis, to determine whether the execution result of this application program is expected results.This deterministic process can, by setting in advance some standards, be determined by execution result and the preset standard of application program described in comparative analysis.For example,, in safety detection, in order to judge whether described application program is rogue program, and preset standard can be set at least comprise: in system, whether registration table is modified, whether file is modified and whether file permission is modified.If its execution result meets in this preset standard at least one, just can tentatively suppose that it is rogue program, carry out again afterwards next step operation, and how to operate as for next step, with summary of the invention of the present invention, do not contact directly, at this, just introduce no longer in detail.
Because described device embodiment is substantially corresponding to the embodiment of the method shown in earlier figures 1, therefore not detailed part in the description of the present embodiment can, referring to the related description in previous embodiment, just not repeat at this.
Method described in b11, according to Claim 8-9 any one, it is characterized in that, comprising alternately of described and described application program: obtain the handle of window or the ID of process, and offer the respective function in command list (CLIST), to realize mutual with described application program.
Method described in b12, according to Claim 8-9 any one, it is characterized in that, described interactive module (702) is started described application program, to described application program, function and/or parameter is provided, to function, provides the handle of window or the ID of process by Simulation of keyboard input.
Method described in b13, according to Claim 8-9 any one, is characterized in that, described result acquisition module (703), after described application program is complete, obtains the execution result of described application program by calling system copy command.
Method described in b14, according to Claim 8-9 any one, it is characterized in that, described result acquisition module (703) is after obtaining the execution result of described application program, the result of also obtaining by preset standard analysis is to determine whether described application program runs succeeded, and described preset standard at least comprises: in system, whether registration table is modified, whether file is modified and whether file permission is modified.
The such scheme that the present invention proposes can be used in numerous general or special purpose computingasystem environment or configuration.For example: personal computer, server computer, handheld device or portable set, plate equipment, multicomputer system, the system based on microprocessor, Set Top Box, programmable consumer-elcetronics devices, network PC, small-size computer, mainframe computer, comprise distributed computing environment of above any system or equipment etc.
The present invention can describe in the general context of the computer executable instructions of being carried out by computing machine, for example program module.Usually, program module comprises the routine carrying out particular task or realize particular abstract data type, program, object, assembly, data structure etc.Also can in distributed computing environment, put into practice the application, in these distributed computing environment, by the teleprocessing equipment being connected by communication network, be executed the task.In distributed computing environment, program module can be arranged in the local and remote computer-readable storage medium that comprises memory device.
Finally, also it should be noted that, in this article, relational terms such as the first and second grades is only used for an entity or operation to separate with another entity or operational zone, and not necessarily requires or imply and between these entities or operation, have the relation of any this reality or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thereby the process, method, article or the equipment that make to comprise a series of key elements not only comprise those key elements, but also comprise other key elements of clearly not listing, or be also included as the intrinsic key element of this process, method, article or equipment.The in the situation that of more restrictions not, the key element being limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment that comprises described key element and also have other identical element.
Above-described specific embodiment; object of the present invention, technical scheme and beneficial effect are further described; be understood that; the foregoing is only specific embodiments of the invention; be not limited to the present invention; within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (10)
1. an application program interaction control method, comprising:
By system entry, start described application program;
According to default command list (CLIST) and described application program, carry out alternately, described command list (CLIST) comprises function and/or parameter;
Obtain the execution result of described application program.
2. method according to claim 1, is characterized in that, described command list (CLIST) provides by the form of configuration file or parameter.
3. according to the method described in claim 1-2 any one, it is characterized in that, according to command list (CLIST), according to certain time interval, to described application program, provide corresponding function and/or parameter to realize mutual with described application program.
4. according to the method described in claim 1-2 any one, it is characterized in that the comprising alternately of described and described application program: obtain the handle of window or the ID of process, and offer the respective function in command list (CLIST), to realize mutual with described application program.
5. according to the method described in claim 1-2 any one, it is characterized in that, by Simulation of keyboard input, start described application program, to described application program, function and/or parameter be provided, to function, provide the handle of window or the ID of process.
6. according to the method described in claim 1-2 any one, it is characterized in that, after described application program is complete, by calling system copy command, obtain the execution result of described application program.
7. according to the method described in claim 1-2 any one, it is characterized in that, after obtaining the execution result of described application program, the result of obtaining by preset standard analysis is to determine whether described application program runs succeeded, and described preset standard at least comprises: in system, whether registration table is modified, whether file is modified and whether file permission is modified.
8. an application program interaction control device, is characterized in that, comprising:
Start module (701), it starts described application program by system entry;
Interactive module (702), it carries out alternately according to default command list (CLIST) and described application program, and described command list (CLIST) comprises function and/or parameter;
Result acquisition module (703), it obtains the execution result of described application program.
9. device according to claim 8, is characterized in that, described command list (CLIST) provides by the form of configuration file or parameter.
10. the device described according to Claim 8-9 any one, it is characterized in that, described interactive module (702) is according to command list (CLIST), according to certain time interval, to described application program, provides corresponding function and/or parameter to realize mutual with described application program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310551694.3A CN103559445B (en) | 2013-11-07 | 2013-11-07 | A kind of application program interaction control method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310551694.3A CN103559445B (en) | 2013-11-07 | 2013-11-07 | A kind of application program interaction control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103559445A true CN103559445A (en) | 2014-02-05 |
| CN103559445B CN103559445B (en) | 2018-03-02 |
Family
ID=50013691
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310551694.3A Active CN103559445B (en) | 2013-11-07 | 2013-11-07 | A kind of application program interaction control method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103559445B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104123080A (en) * | 2014-07-15 | 2014-10-29 | 东莞市微云系统科技有限公司 | Automation file dragging method |
| CN104820638A (en) * | 2015-04-17 | 2015-08-05 | 中国电子科技集团公司第四十一研究所 | Embedded whole machine automatic testing method |
| CN105204908A (en) * | 2015-09-30 | 2015-12-30 | 北京金山安全软件有限公司 | Application program package stopping method and device and electronic equipment |
| CN106131804A (en) * | 2016-06-21 | 2016-11-16 | 广东欧珀移动通信有限公司 | A kind of notification message processing method and equipment |
| CN106598395A (en) * | 2016-12-20 | 2017-04-26 | 北京小米移动软件有限公司 | Method and device for executing task |
| CN107291532A (en) * | 2016-03-31 | 2017-10-24 | 富士施乐实业发展(中国)有限公司 | The automated execution method and device of application program |
| CN107368380A (en) * | 2017-09-05 | 2017-11-21 | 深圳市兆驰数码科技股份有限公司 | The method for sending message under Windows systems to any window |
| CN108255549A (en) * | 2017-12-18 | 2018-07-06 | 深圳市双翼科技股份有限公司 | Server program visual control method and device |
| CN108256323A (en) * | 2016-12-29 | 2018-07-06 | 武汉安天信息技术有限责任公司 | A kind of detection method and device for phishing application |
| CN109522066A (en) * | 2018-10-08 | 2019-03-26 | 广州坚和网络科技有限公司 | In a kind of information list can interactive graphics (IG) methods of exhibiting |
| CN109558257A (en) * | 2017-09-26 | 2019-04-02 | 南京南瑞继保电气有限公司 | A kind of application process guard method based on order line |
| CN111221605A (en) * | 2019-11-18 | 2020-06-02 | 杭州安恒信息技术股份有限公司 | Method and device for controlling Windows host based on RDP (remote desktop protocol) |
| CN111448552A (en) * | 2017-09-29 | 2020-07-24 | 爱维士软件有限责任公司 | Observation and classification of device events |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040049544A1 (en) * | 2002-09-05 | 2004-03-11 | Hitachi, Ltd. | In-context launch management method, system therefor, and computer-readable storage medium |
| CN100520718C (en) * | 2007-09-28 | 2009-07-29 | 华为技术有限公司 | Script order registration method, method and device for calling source program code |
| CN101950289A (en) * | 2007-07-09 | 2011-01-19 | 孟智平 | Method and system for webpage semantics |
| CN102262573A (en) * | 2011-06-20 | 2011-11-30 | 奇智软件(北京)有限公司 | Operating system (OS) start-up protecting method and device |
| CN102455936A (en) * | 2010-11-25 | 2012-05-16 | 中标软件有限公司 | Trunk quick allocation method |
-
2013
- 2013-11-07 CN CN201310551694.3A patent/CN103559445B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040049544A1 (en) * | 2002-09-05 | 2004-03-11 | Hitachi, Ltd. | In-context launch management method, system therefor, and computer-readable storage medium |
| CN101950289A (en) * | 2007-07-09 | 2011-01-19 | 孟智平 | Method and system for webpage semantics |
| CN100520718C (en) * | 2007-09-28 | 2009-07-29 | 华为技术有限公司 | Script order registration method, method and device for calling source program code |
| CN102455936A (en) * | 2010-11-25 | 2012-05-16 | 中标软件有限公司 | Trunk quick allocation method |
| CN102262573A (en) * | 2011-06-20 | 2011-11-30 | 奇智软件(北京)有限公司 | Operating system (OS) start-up protecting method and device |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104123080A (en) * | 2014-07-15 | 2014-10-29 | 东莞市微云系统科技有限公司 | Automation file dragging method |
| CN104820638A (en) * | 2015-04-17 | 2015-08-05 | 中国电子科技集团公司第四十一研究所 | Embedded whole machine automatic testing method |
| CN105204908A (en) * | 2015-09-30 | 2015-12-30 | 北京金山安全软件有限公司 | Application program package stopping method and device and electronic equipment |
| CN105204908B (en) * | 2015-09-30 | 2019-06-14 | 北京金山安全软件有限公司 | Application program package stopping method and device and electronic equipment |
| CN107291532A (en) * | 2016-03-31 | 2017-10-24 | 富士施乐实业发展(中国)有限公司 | The automated execution method and device of application program |
| CN106131804A (en) * | 2016-06-21 | 2016-11-16 | 广东欧珀移动通信有限公司 | A kind of notification message processing method and equipment |
| CN106598395A (en) * | 2016-12-20 | 2017-04-26 | 北京小米移动软件有限公司 | Method and device for executing task |
| CN108256323A (en) * | 2016-12-29 | 2018-07-06 | 武汉安天信息技术有限责任公司 | A kind of detection method and device for phishing application |
| CN107368380A (en) * | 2017-09-05 | 2017-11-21 | 深圳市兆驰数码科技股份有限公司 | The method for sending message under Windows systems to any window |
| CN109558257A (en) * | 2017-09-26 | 2019-04-02 | 南京南瑞继保电气有限公司 | A kind of application process guard method based on order line |
| CN111448552A (en) * | 2017-09-29 | 2020-07-24 | 爱维士软件有限责任公司 | Observation and classification of device events |
| CN111448552B (en) * | 2017-09-29 | 2023-12-01 | 爱维士软件有限责任公司 | Observation and classification of device events |
| CN108255549A (en) * | 2017-12-18 | 2018-07-06 | 深圳市双翼科技股份有限公司 | Server program visual control method and device |
| CN108255549B (en) * | 2017-12-18 | 2021-07-06 | 深圳市双翼科技股份有限公司 | Server program visual control method and device |
| CN109522066A (en) * | 2018-10-08 | 2019-03-26 | 广州坚和网络科技有限公司 | In a kind of information list can interactive graphics (IG) methods of exhibiting |
| CN111221605A (en) * | 2019-11-18 | 2020-06-02 | 杭州安恒信息技术股份有限公司 | Method and device for controlling Windows host based on RDP (remote desktop protocol) |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103559445B (en) | 2018-03-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103559445A (en) | Application-program interactive control method and device | |
| Azim et al. | Targeted and depth-first exploration for systematic testing of android apps | |
| Joorabchi et al. | Reverse engineering iOS mobile applications | |
| CN109408102B (en) | Version comparison method and device, household electrical appliance and network equipment | |
| CN102053911A (en) | Automated testing method and system based on Android and mobile terminal | |
| CN103984626B (en) | A kind of method and device for generating test case script | |
| Arnatovich et al. | A comparison of android reverse engineering tools via program behaviors validation based on intermediate languages transformation | |
| Wang et al. | Automatic Android GUI traversal with high coverage | |
| Chang et al. | An android behavior-based malware detection method using machine learning | |
| US10705858B2 (en) | Automatic import of third party analytics | |
| Du et al. | TraceGen: User activity emulation for digital forensic test image generation | |
| US20200379736A1 (en) | Services integration in an integrated development environment | |
| van der Merwe et al. | Generation of library models for verification of android applications | |
| CN115455329A (en) | B/S architecture cross-platform cross-multi-terminal RPA designer system and implementation method | |
| CN114995816A (en) | Business process configuration method and device, electronic equipment and readable storage medium | |
| Liñán et al. | Automated extraction of augmented models for android apps | |
| KR20210045122A (en) | Apparatus and method for generating test input a software using symbolic execution | |
| Ngo et al. | Automated, cost-effective, and update-driven app testing | |
| Mahmud et al. | Analyzing the impact of API changes on Android apps | |
| Liu et al. | RealDroid: Large-Scale Evasive Malware Detection on" Real Devices" | |
| CN115509913A (en) | Software automation test method, device, machine readable medium and equipment | |
| Ghaleb | The role of open source software in program analysis for reverse engineering | |
| Esbjörnsson | ANDROID GUI TESTING: A comparative study of open source Android GUI testing frameworks | |
| Michaels et al. | Mobile test suite generation via combinatorial sequences | |
| Reiss et al. | Code bubbles: A practical working-set programming environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220725 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |