CN104809403A - Root-preventing white screen method - Google Patents

Root-preventing white screen method Download PDF

Info

Publication number
CN104809403A
CN104809403A CN201410035179.4A CN201410035179A CN104809403A CN 104809403 A CN104809403 A CN 104809403A CN 201410035179 A CN201410035179 A CN 201410035179A CN 104809403 A CN104809403 A CN 104809403A
Authority
CN
China
Prior art keywords
step
white screen
root
su
device
Prior art date
Application number
CN201410035179.4A
Other languages
Chinese (zh)
Inventor
庞潼川
程树欣
苏小智
王永辉
赵挺
Original Assignee
红板凳科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 红板凳科技股份有限公司 filed Critical 红板凳科技股份有限公司
Priority to CN201410035179.4A priority Critical patent/CN104809403A/en
Publication of CN104809403A publication Critical patent/CN104809403A/en

Links

Abstract

The invention provides a root-preventing white screen method. The root-preventing white screen method comprises the following steps: step 1, starting up equipment; step 2, scanning and detecting the authorities of all Su files in a system partition; step 3, if the authorities of the su files are detected to be rwsr-xr-x, skipping to step 5; or skipping to step 4; step 4, if the authorities of the su files are detected to be rwxr-sr-x, existing SISGID, and skipping to step 5; or skipping to step 6; step 5, carrying out white screen prevention on the equipment; step 6, if the authorities of the su files are rwxr-xr-x, and completing the white screen prevention. According to the root-preventing white screen method provided by the invention, equipments instantly enter the white screen state to carry out safety protection if the equipment is discovered to be broken, so as to prevent user information from being leaked or prevent the safety of financial transactions on the equipment from being affected.

Description

一种防Root的白屏方法 An anti-white screen method Root

技术领域 FIELD

[0001] 本发明涉及通信设备的软件安全技术,更具体地涉及一种基于Android操作系统的通信设备的防Root的白屏方法。 [0001] The present invention relates to a communication device software security technology, and more particularly, to a method of black and white communication device based Android operating system preventing the Root.

背景技术 Background technique

[0002] Android是一种基于Linux的自由及开放源代码的操作系统,Root是Linux操作系统中拥有最高操作权限的用户,在Android中也是如此。 [0002] Android is a Linux-based free and open source operating system, Root is the user Linux operating system has the highest operating authority, the same is true in Android. 基于Android操作系统的通信设备在出厂时默认是屏蔽Root用户的,这样可以防止用户操作不慎造成软件系统瘫痪或是个人信息泄露,同时能起到保护通信设备的作用。 Communication devices based on the Android operating system's default at the factory is shielded Root user, which can prevent users from inadvertently operating system failures caused by software or disclosure of personal information, and can play a role in protecting communications equipment. 恶意获取Android设备的Root用户权限后可对通信设备的软件系统进行恶意的读写操作,进行病毒植入,或是对文件增删改查,监控用户操做。 Can be acquired after a malicious user permissions Root Android device system software read and write operations of the communication device malicious viruses implantation, or the file CRUD, monitoring user operations done.

[0003] 基于Android操作系统框架的智能设备在市场上的普及率越来越高。 [0003] Based on the Android operating system smart device penetration in the framework of the market is increasing. 针对于相关设备的破解程序也越来越多。 Crackers for in the relevant equipment is also increasing. 由于Root权限的功能过于强大,获取Root后,木马病毒会利用Root权限的空荡肆意攻击系统,导致用户不必要的手机安全威胁。 Since the function Root privileges are too strong, after acquiring Root, Root privileges Trojans will make use of the empty indiscriminate attacks on the system, resulting in unnecessary user mobile security threats. 同时隐私泄露,系统不稳定也会伴随出现。 While the loss of privacy, the system will be accompanied by instability occurs. 然而市场上众多的基于Android操作系统的设备对此却没有做任何防范和处理。 However, many on the market based on Android operating system, this device did not do any prevention and treatment.

发明内容 SUMMARY

[0004] 本发明的目的是提供一种防Root的白屏方法,用来保护用户信息,保护通信设备安全。 [0004] The object of the present invention is to provide a method of preventing Root white screen, for protecting user information, secure communication device. 当检测到通信设备被Root提权后就锁定通信设备的输入设备。 When the communication device is detected after the locking Root provide the right input device communication device.

[0005] 本发明所述防Root的白屏方法,包括以下步骤: [0005] The method of the present invention, the black and white anti-Root, comprising the steps of:

[0006] 步骤一、设备开机; [0006] Step a device is turned on;

[0007] 步骤二、在system分区下进行扫描检测所有su文件的权限; [0007] Step II su permissions Scan all files in the system partition;

[0008] 步骤三、如检测到所述su文件权限为rwsr-xr-x,存在S ISUID,此权限涉及系统安全,则跳转至步骤五;否则跳转至步骤四; [0008] Step three, as detected by the su file permissions rwsr-xr-x, the presence of S ISUID, this relates to system security privileges, the process advances to step five; otherwise, skip to step four;

[0009] 步骤四、如检测到所述su文件权限为rwxr-sr-x,存在S ISGID,此权限涉及系统安全,则跳转至步骤五;否则进入步骤六; [0009] Step 4 is detected as the file permissions su rwxr-sr-x, the presence of S ISGID, this relates to system security privileges, the process advances to step five; otherwise, proceed to step six;

[0010] 步骤五、将所述设备进行白屏防范; [0010] Step 5 against the white screen device;

[0011] 步骤六,结束检测程序。 [0011] Step 6 ends the detection procedure.

[0012] 优选地,所述白屏防范指的是锁住所述设备的输入输出装置,将所述设备屏幕显示白色或是其他颜色,阻止用户进行输入输出数据。 [0012] Preferably, the locking means that black and white against the device input and output device, the device displays a white screen, or other colors, preventing the user inputs and outputs data.

[0013] 优选地,所述输入输出装置包括按键、屏幕、USB接口。 [0013] Preferably, the output means comprises a key input, a screen, USB interface.

[0014] 在其中一个实施例汇中,本发明所述防Root的白屏方法包括以下步骤: [0014] In one embodiment, sink, the method of the present invention, the black and white anti-Root comprises the steps of:

[0015] 步骤一、设备开机。 [0015] Step a device is turned on.

[0016] 步骤二、在system分区下进行扫描,检测所有su文件的权限。 [0016] Step two, the system partition is scanned in the detection of all su file permissions. Linux操作系统中用来切换用户的一个命令,在操作系统中以文件形式存在,将此文件提权后可将当前用户切换至root,破解程序会修改此文件重新植入。 Linux operating system is used to switch a user's command, exists in the form of files in the operating system can be switched right after this document to the current user to root, crackers will modify this file to re-implantation. 不同的破解程序文件放置的位置不同,但都会放在system分区下,只有在此分区下破解程序才能成功执行用户切换指令,因此需要在system分区下进行扫描。 Different different crack program files placed in position, but will be placed in the system partition, only under the partition cracking program can successfully perform user switching instruction, and therefore need to be scanned in the system partition.

[0017] 步骤三/四、非破解的su文件权限为rwxr-xr-x破解的su文件权限为rwsr-sr-x,从左到右的两个s 分别是SUID (Set User ID)和SGID(Set Group ID),两个权限涉及系统安全。 [0017] Step three / four, non-crack su file permissions rwxr-xr-x crack su file permissions rwsr-sr-x, from left to right are two s SUID (Set User ID) and SGID (Set Group ID), two rights involved in system security. 这两个权限的作用:让本来没有相应权限的用户运行这个程序时,可以访问他没有权限访问的资源。 The role of these two privileges: allowing users that do not have the appropriate permissions When you run this program, you can access he did not have permission to access the resource. 其中如果存在一个或是两个s就说明存在破解进入步骤五。 Wherein if there is one or two s to specify the presence of cracks proceeds to step five. 其中所述rwxr-xr-x中,r表示可读,可以读出文件的内容,w表示可写,可以修改文件的内容,X表示可执行,可运行这个程序,没有权限的位置用-表示。 Wherein said in rwxr-xr-x, r represents readable, read out the contents of the file, W represents write, can modify the contents of the file, X represents an executable, the program can be run, without permission position represented by - . 完整的文件权限分三组,从左到右分别是用户权限,用户组权限和其他人权限,分别由rwx组成。 Complete file permissions divided into three groups, from left to right user permissions, user groups and others permissions permissions, respectively, by rwx components.

[0018] 步骤五、将设备白屏进行安全防范,白屏防范主要指的是锁住设备的输入输出装置例如按键,屏幕,USB等,将所述设备屏幕显示白色或是其他颜色,阻止用户进行输入输出任何数据。 [0018] Step five, the security device for black and white, black and white against mainly refers to input-output device such as a key lock device, a screen, USB, etc., the device displays a white screen, or other colors, preventing users any data input and output.

[0019] 步骤六,结束检测程序。 [0019] Step 6 ends the detection procedure.

[0020] 本发明所述防Root的白屏方法在当发现设备被破解时即刻进入白屏状态进行安全防范,防止用户信息泄露或影响设备上金融交易的安全性。 [0020] The method of the present invention, the anti-Root in black and white when the equipment is found to be cracked white screen state immediately access security to prevent leakage of user information or affect the security of financial transactions on the device.

附图说明 BRIEF DESCRIPTION

[0021] 图1为本发明其中一个实施例所述防Root的白屏方法的流程示意图。 [0021] FIG. 1 wherein a schematic flow diagram of an embodiment of the black and white Root prevention method of the present invention.

具体实施方式 Detailed ways

[0022] 下面结合附图对本发明做进一步的详细说明,以令本领域技术人员参照说明书文字能够据以实施。 [0022] DRAWINGS further detailed description of the present invention, in order to make those skilled in the art with reference to the description text can be implemented accordingly.

[0023] 如图所示,本发明所述防Root的白屏方法包括以下步骤: [0023] As shown, the method of the present invention, the black and white anti-Root comprises the steps of:

[0024] 步骤一、设备开机。 [0024] Step a device is turned on.

[0025] 步骤二、在system分区下进行扫描,检测所有su文件的权限。 [0025] Step two, the system partition is scanned in the detection of all su file permissions. 获取su文件的权限。 Get Permissions su file.

[0026] 步骤三、如所述su文件权限为破解的su文件权限为rwsr-xr-x,其中s是SUID (Set User ID),该权限涉及系统安全。 [0026] Step (3) If the crack su su file permissions for the file permissions rwsr-xr-x, where s is the SUID (Set User ID), which relates to system security authority. 其作用是:让本来没有相应权限的用户运行这个程序时,可以访问他没有权限访问的资源。 Its role is: When you allow users that do not have the appropriate permissions to run the program, he did not have access to the resources access. 如果存在S ISUID就说明存在破解进入步骤五;否则进入步骤四。 If there is S ISUID it shows the presence of cracks into the Step Five; otherwise, proceed to Step four.

[0027] 步骤四、如所述su文件权限为破解的su文件权限为rwxr-sr-x,其中s是SGID (Set Group ID),该权限涉及系统安全。 [0027] Step 4 as the crack su su file permissions file permissions rwxr-sr-x, wherein s is SGID (Set Group ID), which relates to system security authority. 其作用是:让本来没有相应权限的用户运行这个程序时,可以访问他没有权限访问的资源。 Its role is: When you allow users that do not have the appropriate permissions to run the program, he did not have access to the resources access. 如果存在S ISGID就说明存在破解进入步骤五;否则进入步骤六。 If there is S ISGID it shows the presence of cracks into the Step Five; otherwise, proceed to Step six.

[0028] 步骤五、将设备白屏进行安全防范,白屏防范主要指的是锁住设备的输入输出装置例如按键,屏幕,USB等,将所述设备屏幕显示白色,阻止用户进行输入输出任何数据。 [0028] Step five, the security device for black and white, black and white against mainly refers to input-output device such as a key lock device, a screen, USB, etc., the device displays a white screen, the user input and output to prevent any data.

[0029] 步骤六,如所述su文件权限为rwxr-xr-x,其中所述rwxr-xr-x中,r表示可读,可以读出文件的内容,W表示可写,可以修改文件的内容,X表示可执行,可运行这个程序,没有权限的位置用-表示。 [0029] Step six, su as the file permissions rwxr-xr-x, wherein in rwxr-xr-x, r represents read, the file can be read out, W represents a write, the file can be modified content, X for executable, you can run the program without permission position represented by -. 完整的文件权限分三组,从左到右分别是用户权限,用户组权限和其他人权限,分别由rwx组成。 Complete file permissions divided into three groups, from left to right user permissions, user groups and others permissions permissions, respectively, by rwx components. 结束检测程序。 The end of the testing procedures.

[0030] 尽管本发明的实施方案已公开如上,但其并不仅仅限于说明书和实施方式中所列运用,它完全可以被适用于各种适合本发明的领域,对于熟悉本领域的人员而言,可容易地实现另外的修改,因此在不背离权利要求及等同范围所限定的一般概念下,本发明并不限于特定的细节和这里示出与描述的图例。 [0030] While the embodiments of the present invention have been disclosed above, but its use is not limited to the description set forth and described embodiments, which can be applied to various fields suitable for the present invention, for the person skilled in the art , can be easily realized a further modification, thus without departing from the generic concept claims and equivalents as defined by the scope of the present invention is not limited to the specific details shown and described herein with legend.

Claims (3)

1.一种防Root的白屏方法,其特征在于,包括以下步骤: 步骤一、设备开机; 步骤二、在system分区下进行扫描检测所有su文件的权限; 步骤三、如检测到所述SU文件权限为rwsr-xr-x,即存在S ISUID,此权限涉及系统安全,则跳转至步骤五;否则跳转至步骤四; 步骤四、如检测到所述su文件权限为rwxr-sr-x,即存在S ISGID,此权限涉及系统安全,则跳转至步骤五;否则进入步骤六; 步骤五、将所述设备进行白屏防范; 步骤六、结束检测程序。 1. A method of preventing Root white screen, the method comprising the following steps: a device is turned on; Step two, su permissions Scan all files in the system partition; Step three, as detected by the SU file permissions rwsr-xr-x, i.e., the presence of S iSUID, this relates to system security privileges, the process advances to step five; otherwise, skip to step four; step 4 is detected as the file permissions su rwxr-sr- x, i.e., the presence of S ISGID, this relates to system security privileges, the process advances to step five; otherwise, proceed to step six; step 5 against the white screen device; step 6 ends the detection procedure.
2.如权利要求1所述防Root的白屏方法,其特征在于,所述白屏防范指的是锁住所述设备的输入输出装置,将所述设备屏幕显示白色或是其他颜色,阻止用户进行输入输出数据。 As claimed in claim 1 of the anti-Root white screen method, wherein said prevention means that black and white locking the device input and output device, the device displays a white screen, or other colors, preventing user input and output data.
3.如权利要求2所述防Root的白屏方法,其特征在于,所述输入输出装置包括按键、屏幕、USB接口。 The method of preventing the white screen 2 of Root claim, wherein said output means comprises a key input, a screen, USB interface.
CN201410035179.4A 2014-01-24 2014-01-24 Root-preventing white screen method CN104809403A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410035179.4A CN104809403A (en) 2014-01-24 2014-01-24 Root-preventing white screen method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410035179.4A CN104809403A (en) 2014-01-24 2014-01-24 Root-preventing white screen method

Publications (1)

Publication Number Publication Date
CN104809403A true CN104809403A (en) 2015-07-29

Family

ID=53694216

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410035179.4A CN104809403A (en) 2014-01-24 2014-01-24 Root-preventing white screen method

Country Status (1)

Country Link
CN (1) CN104809403A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017114344A1 (en) * 2015-12-31 2017-07-06 北京金山安全软件有限公司 Root virus removal method and apparatus, and electronic device
CN107368738A (en) * 2017-06-06 2017-11-21 百富计算机技术(深圳)有限公司 Anti-Root method and device for intelligent equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1947447A (en) * 2004-02-20 2007-04-11 诺基亚公司 System and method for limiting mobile device functionality
CN102081710A (en) * 2010-12-14 2011-06-01 中国石油集团川庆钻探工程有限公司 Authority setting method and authority control method
CN102981835A (en) * 2012-11-02 2013-03-20 福州博远无线网络科技有限公司 Android application program permanent Root permission acquiring method
CN103324887A (en) * 2013-07-05 2013-09-25 百度在线网络技术(北京)有限公司 Mobile terminal, security defense device thereof and security defense method thereof
CN103473502A (en) * 2013-09-16 2013-12-25 惠州Tcl移动通信有限公司 Method and system for acquiring Root rights of android-based mobile terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1947447A (en) * 2004-02-20 2007-04-11 诺基亚公司 System and method for limiting mobile device functionality
CN102081710A (en) * 2010-12-14 2011-06-01 中国石油集团川庆钻探工程有限公司 Authority setting method and authority control method
CN102981835A (en) * 2012-11-02 2013-03-20 福州博远无线网络科技有限公司 Android application program permanent Root permission acquiring method
CN103324887A (en) * 2013-07-05 2013-09-25 百度在线网络技术(北京)有限公司 Mobile terminal, security defense device thereof and security defense method thereof
CN103473502A (en) * 2013-09-16 2013-12-25 惠州Tcl移动通信有限公司 Method and system for acquiring Root rights of android-based mobile terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017114344A1 (en) * 2015-12-31 2017-07-06 北京金山安全软件有限公司 Root virus removal method and apparatus, and electronic device
CN107368738A (en) * 2017-06-06 2017-11-21 百富计算机技术(深圳)有限公司 Anti-Root method and device for intelligent equipment

Similar Documents

Publication Publication Date Title
Shabtai et al. Google android: A comprehensive security assessment
Hashizume et al. An analysis of security issues for cloud computing
Jin et al. Code injection attacks on html5-based mobile apps: Characterization, detection and mitigation
Bishop et al. Defining the insider threat
JP6484255B2 (en) Host attestation, including trusted execution environment
CN103403669B (en) App becomes so secure method and apparatus to prevent damage to a method app
US8099596B1 (en) System and method for malware protection using virtualization
CN102509055B (en) Mobile terminal and method for hiding programs of mobile terminal
KR20140057467A (en) System and method for securing virtual computing environments
Jain et al. Addressing security and privacy risks in mobile applications
KR20140108445A (en) Apparatus and method for analysing a permission of application for mobile device and detecting risk
CN104156644B (en) A multi-system entry method, apparatus and a terminal
CN101588360A (en) Associated equipment and method for internal network security management
CN104484607A (en) Universal method and universal system for performing safety testing on Android application programs
US8694781B1 (en) Techniques for providing hardware security module operability
WO2007011816A2 (en) An improved means for protecting computers from malicious software
CN103390026A (en) Mobile intelligent terminal security browser and working method thereof
CN103813334A (en) Right control method and right control device
Sommestad et al. SCADA system cyber security—A comparison of standards
CN103164643B (en) A method of and apparatus by hardware anti-debugging
Fernandes et al. Android ui deception revisited: Attacks and defenses
CN104850768A (en) Access control method and device on the basis of application security level
US10318746B2 (en) Provable traceability
CN103020515B (en) Application program execution permission control method for operating system
US9514313B2 (en) Techniques for secure data extraction in a virtual or cloud environment

Legal Events

Date Code Title Description
C06 Publication
EXSB Decision made by sipo to initiate substantive examination
WD01