CN104881291A - Control method and device of default browser and terminal - Google Patents
Control method and device of default browser and terminal Download PDFInfo
- Publication number
- CN104881291A CN104881291A CN201510300373.5A CN201510300373A CN104881291A CN 104881291 A CN104881291 A CN 104881291A CN 201510300373 A CN201510300373 A CN 201510300373A CN 104881291 A CN104881291 A CN 104881291A
- Authority
- CN
- China
- Prior art keywords
- function
- default browser
- path
- browser
- process creation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses a control method, a device and a terminal of a default browser, wherein the method comprises the following steps: receiving a process creation request of an application program for calling a browser, and calling a process creation system function of a system according to the request to create a process to be created; intercepting a process creation system function of a system, and acquiring a mapping path loaded by a process to be created by the process creation system function; judging whether the mapping path is the path of a default browser or not; and if not, creating a process handle according to the path of the default browser, creating a process of the default browser according to the process handle, and feeding back the process to the application program so that the application program calls the default browser according to the process. The method creates the system function by calling the process of the system to create the target process, so that kernel codes are executed when the system is called, the whole work is in a kernel state, the permission problem does not exist, the success rate of default browser control is improved, and the system performance is improved.
Description
Technical field
The present invention relates to field of computer technology, particularly relate to a kind of control method of default browser, device and terminal.
Background technology
At present, when user clicks the network address represented in chat tool on chat tool, this network address can be opened by calling system current default browser.But, if system current default browser does not possess website safety measuring ability, then, when the network address opened as user comprises swindle content, the risk of property loss may be brought to user.Therefore, locking one is needed to have the default browser of website safety measuring ability to open the network address represented in chat tool class application program, the risk brought to avoid system default browser to be modified.
In correlation technique, as shown in Figure 1, lock the method for default browser mainly: in RING3 (User space), create a target process with running browser " Abrowser.exe " by function CreateProcess, the mode wherein injected by DLL (Dynamic Link Library, dynamic link library) is by the code of browser " Abrowser.exe " and the data-mapping address space to target process; Afterwards, by HOOK, (one provided in Windows operating system is in order to the system mechanism of " interruption " under replacing DOS, be translated into " hook " or " hook ") to above-mentioned process creation function Createprocess, create target process and link up with running browser " Abrowser.exe " this event; In the process function of HOOK process creation function Createprocess (i.e. HookCreateProcess), judge whether browser " Abrowser.exe " is the default browser locked; If so, then directly call browser Abrowser.exe, if not, then modifying target parameter is the default browser of locking, namely calls the default browser of locking, thus reaches the object of locking default browser.
But Problems existing is: (1) due to be the mode injected by DLL in RING3 (User space) to lock default browser, so may cause injecting unsuccessfully because of Insufficient privilege; (2) target process can revise the internal memory of oneself process, protects oneself not by HOOK, thus can not ensure whether the browser that target process runs is default browser, thus default browser may be caused to lock unsuccessfully.
Summary of the invention
Object of the present invention is intended to solve one of above-mentioned technical matters at least to a certain extent.
For this reason, first object of the present invention is the control method proposing a kind of default browser.The method passes through the process creation system function of calling system to create target process, what make to perform when executive system is called is kernel code, thus makes whole work be in kernel state, so there is not rights concerns, improve the success ratio that default browser controls, improve system performance.
Second object of the present invention is the control device proposing a kind of default browser.
3rd object of the present invention is to propose a kind of terminal.
To achieve these goals, the control method of the default browser of first aspect present invention embodiment, comprise: the process creation request for calling browser receiving application program, and according to the process that the process creation system function of described process creation request call system will create with establishment; Intercept the process creation system function of described system, and obtain the Image Path that process that described process creation system function will create loads; Judge that whether described Image Path is the path of default browser; If judge Image Path not as the path of described default browser, then create process handle according to the path of described default browser; And the process of described default browser is created according to described process handle, and by described progress feedback to described application program, to make described application program default browser according to described process transfer.
The control method of the default browser of the embodiment of the present invention, first can receive the process creation request for calling browser of application program, afterwards can according to the process creation system function of process creation request call system to start to create the process that will create, in the process created, by the Image Path that the process creation system function of Hook Function Hook (hook) system loads with the process intercepted and captured this process creation system function and will create, and judge that whether the Image Path loaded is the path of default browser, if not, then create a process handle according to default browser path, and the process of default browser is created according to this process handle, and by this progress feedback to application program, to make application program according to this process transfer default browser, thus reach the object locking and give tacit consent to and browse, because the process creation system function by calling system is to create target process, make when executive system is called perform be kernel code, thus make whole work be in kernel state, so there is not rights concerns, and do not need DLL to inject target process, decrease the EMS memory occupation to target process, improve system performance.
To achieve these goals, the control device of the default browser of second aspect present invention embodiment, comprising: receiver module, for receiving the process creation request for calling browser of application program; First creation module, for the process that will create with establishment according to the process creation system function of described process creation request call system; Interception module, for intercepting the process creation system function of described system; Acquisition module, the Image Path that the process that will create for obtaining described process creation system function loads; Judge module, for judging that whether described Image Path is the path of default browser; Second creation module, for when judging the path of Image Path not as described default browser, the path according to described default browser creates process handle; And the 3rd creation module, for creating the process of described default browser according to described process handle, and by described progress feedback to described application program, to make described application program default browser according to described process transfer.
The control device of the default browser of the embodiment of the present invention, the process creation request for calling browser of application program is received by receiver module, the process that first creation module will create to start establishment according to the process creation system function of process creation request call system, in the process created, interception module passes through the process creation system function of Hook Function Hook (hook) system to intercept and capture this process creation system function, acquisition module obtains the Image Path that process that this process creation system function will create loads, judge module judges that whether the Image Path loaded is the path of default browser, if not, then the second creation module creates a process handle according to default browser path, and the process of default browser is created according to this process handle, and by this progress feedback to application program, to make application program according to this process transfer default browser, thus reach the object locking and give tacit consent to and browse, because the process creation system function by calling system is to create target process, make when executive system is called perform be kernel code, thus make whole work be in kernel state, so there is not rights concerns, and do not need DLL to inject target process, decrease the EMS memory occupation to target process, improve system performance.
To achieve these goals, the terminal of third aspect present invention embodiment, comprising: housing, processor, storer, circuit board and power circuit, wherein, described circuit board is placed in the interior volume that described housing surrounds, and described processor and described storer are arranged on described circuit board; Described power circuit, for powering for each circuit of described terminal or device; Described storer is used for stores executable programs code; Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described storer, for performing following steps: the process creation request for calling browser receiving application program, and according to the process that the process creation system function of described process creation request call system will create with establishment; Intercept the process creation system function of described system, and obtain the Image Path that process that described process creation system function will create loads; Judge that whether described Image Path is the path of default browser; If judge Image Path not as the path of described default browser, then create process handle according to the path of described default browser; And the process of described default browser is created according to described process handle, and by described progress feedback to described application program, to make described application program default browser according to described process transfer.
The terminal of the embodiment of the present invention, first can receive the process creation request for calling browser of application program, afterwards can according to the process creation system function of process creation request call system to start to create the process that will create, in the process created, by the Image Path that the process creation system function of Hook Function Hook (hook) system loads with the process intercepted and captured this process creation system function and will create, and judge that whether the Image Path loaded is the path of default browser, if not, then create a process handle according to default browser path, and the process of default browser is created according to this process handle, and by this progress feedback to application program, to make application program according to this process transfer default browser, thus reach the object locking and give tacit consent to and browse, because the process creation system function by calling system is to create target process, make when executive system is called perform be kernel code, thus make whole work be in kernel state, so there is not rights concerns, and do not need DLL to inject target process, decrease the EMS memory occupation to target process, improve system performance.
The aspect that the present invention adds and advantage will part provide in the following description, and part will become obvious from the following description, or be recognized by practice of the present invention.
Accompanying drawing explanation
The present invention above-mentioned and/or additional aspect and advantage will become obvious and easy understand from the following description of the accompanying drawings of embodiments, wherein,
Fig. 1 is the process flow diagram of the method for locking default browser of the prior art;
Fig. 2 is the process flow diagram of the control method of default browser according to an embodiment of the invention;
Fig. 3 is the structural representation of the control device of default browser according to an embodiment of the invention;
Fig. 4 is the structural representation of the control device of default browser in accordance with another embodiment of the present invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Be exemplary below by the embodiment be described with reference to the drawings, be intended to for explaining the present invention, and can not limitation of the present invention be interpreted as.
Below with reference to the accompanying drawings the control method of the default browser according to the embodiment of the present invention, device and terminal are described.
Fig. 2 is the process flow diagram of the control method of default browser according to an embodiment of the invention.It should be noted that, in an embodiment of the present invention, default browser can be regarded as the default browser of Subscriber Locked, namely for using the default browser of this locking to open network address in the application.
As shown in Figure 2, the control method of this default browser can comprise:
S201, receives the process creation request for calling browser of application program, and according to the process that the process creation system function of process creation request call system will create with establishment.
For example, be certain chat tool for application program, when user passes through to click with network address " the http://www.xxx.com " that open its displaying in certain chat tool, certain chat tool can come using " http://www.xxx.com " as parameter to send process creation request to system.When receive that certain chat tool sends for call browser process creation request after, can according to the process creation system function of this process creation request call system to start to create the process that will create.
S202, the process creation system function of intercepting system, and the Image Path obtaining that process that process creation system function will create loads.
For example, assumed by default browser is lockBrowser.exe, current browser is Abrowser.exe, in a particular embodiment, when the process creation system function of system starts to create process, can first by the process creation system function of Hook Function intercepting system, wherein, in an embodiment of the present invention, Hook Function is used in when being performed and obtains reflection function, and current browser Abrowser.exe file and file handle hFile thereof can be obtained, this file handle hFile can be imported into NtCreateSection (... hFile) afterwards to video with loading procedure.Then, when Hook Function is performed, Hook Function can obtain Image Path corresponding to this file handle from parameter hFile.
S203, judges that whether Image Path is the path of default browser.
Such as, first can obtain the path of default browser by ObReferenceObjectByHandle function, afterwards, the path of the above-mentioned Image Path that gets and default browser can be compared, whether consistent to judge both paths.
S204, if judge Image Path not as the path of default browser, then create process handle according to the path of default browser, and create the process of default browser according to process handle, and by progress feedback to application program, to make application program according to process transfer default browser.
Particularly, when Image Path is not the path of default browser, need to be redirected.Such as, can using the path of default browser as parameter, NtCreateFile (path of default browser) function is used to open default browser lockBrowser.exe file, obtain corresponding file handle hNewFile, afterwards, can using file handle hNewFile as parameter, call function RealNtCreateSection (hNewFile), to obtain process handle hNewSection.Finally, the process of default browser lockBrowser.exe can be created according to this process handle hNewSection, and by this progress feedback to application program, application program is according to this process transfer default browser lockBrowser.exe.Thus, can reach the object of locking default browser lockBrowser.exe, and make user can use the default browser of locking when application program opens network address, the risk avoiding system browser to be modified, improves security.
S205, if judge that Image Path is the path of default browser, then directly creates the process of default browser, to make application call default browser.
Particularly, when judging that Image Path is the path of default browser, directly can create the process of default browser according to this Image Path, to make application program according to this process transfer default browser.
Further, in one embodiment of the invention, before the process creation system function of intercepting system, the control method of this default browser also can comprise: by SSDT (System Services Descriptor Table, system service descriptor table) in call function address be revised as the address of Hook Function, perform Hook Function to make the process creation system function of system when the process of establishment.
Specifically, in an embodiment of the present invention, first can obtain SSDT, and obtain the function address call number of process creation system function in SSDT.Afterwards, according to the function address call number of process creation system function in SSDT, the call function address in SSDT can be revised as the address of Hook Function, and preserve former call function address, with make the process creation system function of system create process time perform Hook Function, namely complete HOOK.
Wherein, in an embodiment of the present invention, the specific implementation process obtaining the function address call number of process creation system function in SSDT can comprise: first can be obtained the plot in the management of process storehouse of system by system process query function (as ZwQuerySystemInformation).Afterwards, according to transplantable perform bulk PE file structure, the derived table address of plot can be obtained.Then, the function address call number of process creation system function in SSDT can be obtained according to derived table and process creation system function.Such as, this derived table can be enumerated, and enumeration result and process creation system function be carried out contrast to obtain the function address call number of process creation system function in SSDT.
The control method of the default browser of the embodiment of the present invention, first can receive the process creation request for calling browser of application program, afterwards can according to the process creation system function of process creation request call system to start to create the process that will create, in the process created, by the Image Path that the process creation system function of Hook Function Hook (hook) system loads with the process intercepted and captured this process creation system function and will create, and judge that whether the Image Path loaded is the path of default browser, if not, then create a process handle according to default browser path, and the process of default browser is created according to this process handle, and by this progress feedback to application program, to make application program according to this process transfer default browser, thus reach the object locking and give tacit consent to and browse, because the process creation system function by calling system is to create target process, make when executive system is called perform be kernel code, thus make whole work be in kernel state, so there is not rights concerns, and owing to not needing to be injected in target process by DLL injection mode by the code in default browser path and data, because this reducing the EMS memory occupation to target process, improve system performance.
In addition, the invention allows for a kind of control device of default browser.
Fig. 3 is the structural representation of the control device of default browser according to an embodiment of the invention.It should be noted that, in an embodiment of the present invention, default browser can be regarded as the default browser of Subscriber Locked, namely for using the default browser of this locking to open network address in the application.
As shown in Figure 3, the control device of this default browser can comprise: receiver module 10, first creation module 20, interception module 30, acquisition module 40, judge module 50, second creation module 60 and the 3rd creation module 70.
Particularly, receiver module 10 can be used for the process creation request for calling browser receiving application program.First creation module 20 can be used for the process that will create with establishment according to the process creation system function of process creation request call system.For example, be certain chat tool for application program, when user passes through to click with network address " the http://www.xxx.com " that open its displaying in certain chat tool, certain chat tool can come using " http://www.xxx.com " as parameter to send process creation request to system.When receiver module 10 receive that certain chat tool sends for call browser process creation request after, the first creation module 20 can according to the process creation system function of this process creation request call system to start to create the process that will create.
Interception module 30 can be used for the process creation system function of intercepting system.Acquisition module 40 can be used for obtaining the Image Path that process that process creation system function will create loads.
For example, assumed by default browser is lockBrowser.exe, current browser is Abrowser.exe, when the process creation system function of system starts to create process, interception module 30 is by the process creation system function of Hook Function intercepting system, wherein, in an embodiment of the present invention, Hook Function is used in when being performed and obtains reflection function.Acquisition module 40 can obtain current browser Abrowser.exe file and file handle hFile thereof, this file handle hFile can be imported into NtCreateSection (... hFile) afterwards and video with loading procedure.Then, when Hook Function is performed, Hook Function can obtain Image Path corresponding to this file handle from parameter hFile.
Judge module 50 can be used for judging that whether Image Path is the path of default browser.Whether such as, judge module 50 first can obtain the path of default browser by ObReferenceObjectByHandle function, afterwards, the path of the above-mentioned Image Path that gets and default browser can be compared, consistent to judge both paths.
When second creation module 60 is used in and judges the path of Image Path not as default browser, the path according to default browser creates process handle.3rd creation module 70 can be used for the process creating default browser according to process handle, and by progress feedback to application program, to make application program according to process transfer default browser.More specifically, when Image Path is not the path of default browser, need to be redirected.Such as, second creation module 60 can using the path of default browser as parameter, NtCreateFile (path of default browser) function is used to open default browser lockBrowser.exe file, obtain corresponding file handle hNewFile, afterwards, can using file handle hNewFile as parameter, call function RealNtCreateSection (hNewFile), to obtain process handle hNewSection.3rd creation module 70 can create the process of default browser lockBrowser.exe according to this process handle hNewSection, and by this progress feedback to application program, application program is according to this process transfer default browser lockBrowser.exe.Thus, can reach the object of locking default browser lockBrowser.exe, and make user can use the default browser of locking when application program opens network address, the risk avoiding system browser to be modified, improves security.
Further, in one embodiment of the invention, as shown in Figure 4, the control device of this default browser also can comprise modified module 80.Before modified module 80 is used in the process creation system function of interception module 30 intercepting system, the address of Hook Function is revised as in call function address in SSDT, with make the process creation system function of system create process time perform Hook Function.
Specifically, in an embodiment of the present invention, as shown in Figure 4, this modified module 80 can comprise acquiring unit 81 and amendment unit 82.Acquiring unit 81 can be used for obtaining SSDT, and obtains the function address call number of process creation system function in SSDT.Amendment unit 82 can be used for according to the function address call number of process creation system function in SSDT, call function address in SSDT is revised as the address of Hook Function, and preserve former call function address, with make the process creation system function of system create process time perform Hook Function, namely complete HOOK.
Wherein, in an embodiment of the present invention, acquiring unit 81 obtain the specific implementation process of the function address call number of process creation system function in SSDT can be as follows: first can be obtained the plot in the management of process storehouse of system by system process query function (as ZwQuerySystemInformation); Afterwards, according to transplantable perform bulk PE file structure, the derived table address of plot can be obtained; Then, the function address call number of process creation system function in SSDT is obtained according to derived table and process creation system function.Such as, this derived table can be enumerated, and enumeration result and process creation system function be carried out contrast to obtain the function address call number of process creation system function in SSDT.
Further, in one embodiment of the invention, when the 3rd creation module 70 is also used in and judges that Image Path is the path of default browser, the process of default browser is directly created, to make application call default browser.More specifically, the 3rd creation module 70, when judge module 50 judges that Image Path is the path of default browser, directly can create the process of default browser, to make application program according to this process transfer default browser according to this Image Path.
The control device of the default browser of the embodiment of the present invention, the process creation request for calling browser of application program is received by receiver module, the process that first creation module will create to start establishment according to the process creation system function of process creation request call system, in the process created, interception module passes through the process creation system function of Hook Function Hook (hook) system to intercept and capture this process creation system function, acquisition module obtains the Image Path that process that this process creation system function will create loads, judge module judges that whether the Image Path loaded is the path of default browser, if not, then the second creation module creates a process handle according to default browser path, and the process of default browser is created according to this process handle, and by this progress feedback to application program, to make application program according to this process transfer default browser, thus reach the object locking and give tacit consent to and browse, because the process creation system function by calling system is to create target process, make when executive system is called perform be kernel code, thus make whole work be in kernel state, so there is not rights concerns, and do not need DLL to inject target process, decrease the EMS memory occupation to target process, improve system performance.
In addition, the invention allows for a kind of terminal, it should be noted that, in an embodiment of the present invention, it is PC (Personal Computer, personal computer) end that terminal can be understood.This terminal can comprise: housing, processor, storer, circuit board and power circuit, and wherein, circuit board is placed in the interior volume that housing surrounds, and processor and storer are arranged on circuit boards; Power circuit, for powering for each circuit of terminal or device; Storer is used for stores executable programs code; Processor runs the program corresponding with executable program code by reading the executable program code stored in storer, for execution following steps:
S101 ', receives the process creation request for calling browser of application program, and according to the process that the process creation system function of process creation request call system will create with establishment.
S102 ', the process creation system function of intercepting system, and the Image Path obtaining that process that process creation system function will create loads.
S103 ', judges that whether Image Path is the path of default browser.
S104 ', if judge Image Path not as the path of default browser, then creates process handle according to the path of default browser.
S105 ', creates the process of default browser according to process handle, and by progress feedback to application program, to make application program according to process transfer default browser.
The terminal of the embodiment of the present invention, first can receive the process creation request for calling browser of application program, afterwards can according to the process creation system function of process creation request call system to start to create the process that will create, in the process created, by the Image Path that the process creation system function of Hook Function Hook (hook) system loads with the process intercepted and captured this process creation system function and will create, and judge that whether the Image Path loaded is the path of default browser, if not, then create a process handle according to default browser path, and the process of default browser is created according to this process handle, and by this progress feedback to application program, to make application program according to this process transfer default browser, thus reach the object locking and give tacit consent to and browse, because the process creation system function by calling system is to create target process, make when executive system is called perform be kernel code, thus make whole work be in kernel state, so there is not rights concerns, and do not need DLL to inject target process, decrease the EMS memory occupation to target process, improve system performance.
In describing the invention, it is to be appreciated that term " first ", " second " only for describing object, and can not be interpreted as instruction or hint relative importance or the implicit quantity indicating indicated technical characteristic.Thus, be limited with " first ", the feature of " second " can express or impliedly comprise at least one this feature.In describing the invention, the implication of " multiple " is at least two, such as two, three etc., unless otherwise expressly limited specifically.
Describe and can be understood in process flow diagram or in this any process otherwise described or method, represent and comprise one or more for realizing the module of the code of the executable instruction of the step of specific logical function or process, fragment or part, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can not according to order that is shown or that discuss, comprise according to involved function by the mode while of basic or by contrary order, carry out n-back test, this should understand by embodiments of the invention person of ordinary skill in the field.
In flow charts represent or in this logic otherwise described and/or step, such as, the sequencing list of the executable instruction for realizing logic function can be considered to, may be embodied in any computer-readable medium, for instruction execution system, device or equipment (as computer based system, comprise the system of processor or other can from instruction execution system, device or equipment instruction fetch and perform the system of instruction) use, or to use in conjunction with these instruction execution systems, device or equipment.With regard to this instructions, " computer-readable medium " can be anyly can to comprise, store, communicate, propagate or transmission procedure for instruction execution system, device or equipment or the device that uses in conjunction with these instruction execution systems, device or equipment.The example more specifically (non-exhaustive list) of computer-readable medium comprises following: the electrical connection section (electronic installation) with one or more wiring, portable computer diskette box (magnetic device), random access memory (RAM), ROM (read-only memory) (ROM), erasablely edit ROM (read-only memory) (EPROM or flash memory), fiber device, and portable optic disk ROM (read-only memory) (CDROM).In addition, computer-readable medium can be even paper or other suitable media that can print described program thereon, because can such as by carrying out optical scanning to paper or other media, then carry out editing, decipher or carry out process with other suitable methods if desired and electronically obtain described program, be then stored in computer memory.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple step or method can with to store in memory and the software performed by suitable instruction execution system or firmware realize.Such as, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: the discrete logic with the logic gates for realizing logic function to data-signal, there is the special IC of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is that the hardware that can carry out instruction relevant by program completes, described program can be stored in a kind of computer-readable recording medium, this program perform time, step comprising embodiment of the method one or a combination set of.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, also can be that the independent physics of unit exists, also can be integrated in a module by two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.If described integrated module using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.
The above-mentioned storage medium mentioned can be ROM (read-only memory), disk or CD etc.
In the description of this instructions, specific features, structure, material or feature that the description of reference term " embodiment ", " some embodiments ", " example ", " concrete example " or " some examples " etc. means to describe in conjunction with this embodiment or example are contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of above-mentioned term not must for be identical embodiment or example.And the specific features of description, structure, material or feature can combine in one or more embodiment in office or example in an appropriate manner.In addition, when not conflicting, the feature of the different embodiment described in this instructions or example and different embodiment or example can carry out combining and combining by those skilled in the art.
Although illustrate and describe embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, and those of ordinary skill in the art can change above-described embodiment within the scope of the invention, revises, replace and modification.
Claims (13)
1. a control method for default browser, is characterized in that, comprises the following steps:
Receive the process creation request for calling browser of application program, and according to the process that the process creation system function of described process creation request call system will create with establishment;
Intercept the process creation system function of described system, and obtain the Image Path that process that described process creation system function will create loads;
Judge that whether described Image Path is the path of default browser;
If judge Image Path not as the path of described default browser, then create process handle according to the path of described default browser; And
The process of described default browser is created according to described process handle, and by described progress feedback to described application program, to make described application program default browser according to described process transfer.
2. the control method of default browser as claimed in claim 1, it is characterized in that, the process creation system function of the described system of described intercepting, specifically comprises:
Intercepted the process creation system function of described system by Hook Function, wherein, described Hook Function is used for obtaining described Image Path when being performed.
3. the control method of default browser as claimed in claim 2, it is characterized in that, before the process creation system function of the described system of described intercepting, described control method also comprises:
The address of described Hook Function is revised as in call function address in system service descriptor table SSDT, with make the process creation system function of described system create process time perform described Hook Function.
4. the control method of default browser as claimed in claim 3, is characterized in that, described the address of described Hook Function is revised as in call function address in system service descriptor table SSDT, specifically comprises:
Obtain described system service descriptor table SSDT, and obtain the function address call number of described process creation system function in described system service descriptor table SSDT;
According to the function address call number of described process creation system function in described system service descriptor table SSDT, the call function address in described system service descriptor table SSDT is revised as the address of described Hook Function.
5. the control method of default browser as claimed in claim 4, it is characterized in that, the function address call number of described acquisition process creation system function in described system service descriptor table SSDT specifically comprises:
The plot in the management of process storehouse of described system is obtained by system process query function;
According to transplantable perform bulk PE file structure, obtain the derived table address of described plot;
The function address call number of described process creation system function in described system service descriptor table SSDT is obtained according to described derived table and described process creation system function.
6. the control method of default browser as claimed in claim 1, is characterized in that, also comprise:
If judge that Image Path is the path of described default browser, then directly create the process of described default browser, to make default browser described in described application call.
7. a control device for default browser, is characterized in that, comprising:
Receiver module, for receiving the process creation request for calling browser of application program;
First creation module, for the process that will create with establishment according to the process creation system function of described process creation request call system;
Interception module, for intercepting the process creation system function of described system;
Acquisition module, the Image Path that the process that will create for obtaining described process creation system function loads;
Judge module, for judging that whether described Image Path is the path of default browser;
Second creation module, for when judging the path of Image Path not as described default browser, the path according to described default browser creates process handle; And
3rd creation module, for creating the process of described default browser according to described process handle, and by described progress feedback to described application program, to make described application program default browser according to described process transfer.
8. the control device of default browser as claimed in claim 7, is characterized in that, described interception module specifically for:
Intercepted the process creation system function of described system by Hook Function, wherein, described Hook Function is used for obtaining described Image Path when being performed.
9. the control device of default browser as claimed in claim 7, is characterized in that, also comprise:
Modified module, for before the process creation system function of the described system of described intercepting, the address of described Hook Function is revised as in call function address in system service descriptor table SSDT, with make the process creation system function of described system create process time perform described Hook Function.
10. the control device of default browser as claimed in claim 9, it is characterized in that, described modified module comprises:
Acquiring unit, for obtaining described system service descriptor table SSDT, and obtains the function address call number of described process creation system function in described system service descriptor table SSDT;
Amendment unit, for according to the function address call number of described process creation system function in described system service descriptor table SSDT, is revised as the address of described Hook Function by the call function address in described system service descriptor table SSDT.
The control device of 11. default browsers as claimed in claim 10, is characterized in that, described acquiring unit specifically for:
The plot in the management of process storehouse of described system is obtained by system process query function;
According to transplantable perform bulk PE file structure, obtain the derived table address of described plot;
The function address call number of described process creation system function in described system service descriptor table SSDT is obtained according to described derived table and described process creation system function.
The control device of 12. default browsers as claimed in claim 7, it is characterized in that, described 3rd creation module, also for when judging that Image Path is the path of described default browser, directly creates the process of described default browser, to make default browser described in described application call.
13. 1 kinds of terminals, is characterized in that, comprising: housing, processor, storer, circuit board and power circuit, and wherein, described circuit board is placed in the interior volume that described housing surrounds, and described processor and described storer are arranged on described circuit board; Described power circuit, for powering for each circuit of described terminal or device; Described storer is used for stores executable programs code; Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described storer, for execution following steps:
Receive the process creation request for calling browser of application program, and according to the process that the process creation system function of described process creation request call system will create with establishment;
Intercept the process creation system function of described system, and obtain the Image Path that process that described process creation system function will create loads;
Judge that whether described Image Path is the path of default browser;
If judge Image Path not as the path of described default browser, then create process handle according to the path of described default browser; And
The process of described default browser is created according to described process handle, and by described progress feedback to described application program, to make described application program default browser according to described process transfer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510300373.5A CN104881291B (en) | 2015-06-03 | 2015-06-03 | Control method and device of default browser and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510300373.5A CN104881291B (en) | 2015-06-03 | 2015-06-03 | Control method and device of default browser and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104881291A true CN104881291A (en) | 2015-09-02 |
| CN104881291B CN104881291B (en) | 2018-05-25 |
Family
ID=53948798
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510300373.5A Active CN104881291B (en) | 2015-06-03 | 2015-06-03 | Control method and device of default browser and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104881291B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106020880A (en) * | 2016-05-17 | 2016-10-12 | 北京金山安全软件有限公司 | Browser starting method and device and electronic equipment |
| CN106557688A (en) * | 2016-11-17 | 2017-04-05 | 广东欧珀移动通信有限公司 | The method and device of management default application |
| CN106897618A (en) * | 2015-12-21 | 2017-06-27 | 珠海市君天电子科技有限公司 | Webpage access method and device |
| CN107103099A (en) * | 2017-05-26 | 2017-08-29 | 北京金山安全管理系统技术有限公司 | Main browser page return method and device |
| CN107566843A (en) * | 2017-10-09 | 2018-01-09 | 武汉斗鱼网络科技有限公司 | A kind of video decoding process guard method and device |
| CN107729132A (en) * | 2017-10-09 | 2018-02-23 | 武汉斗鱼网络科技有限公司 | A kind of video decoding process guard method and device |
| CN107766351A (en) * | 2016-08-16 | 2018-03-06 | 腾讯科技(深圳)有限公司 | The recognition methods of file directory and device |
| CN108027740A (en) * | 2015-09-24 | 2018-05-11 | 慧与发展有限责任合伙企业 | Process and thread start feature |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101901313A (en) * | 2010-06-10 | 2010-12-01 | 中科方德软件有限公司 | Linux file protection system and method |
| CN102194079A (en) * | 2011-03-18 | 2011-09-21 | 北京思创银联科技股份有限公司 | File access filtering method |
| CN102542182A (en) * | 2010-12-15 | 2012-07-04 | 苏州凌霄科技有限公司 | Device and method for controlling mandatory access based on Windows platform |
| CN103617395A (en) * | 2013-12-06 | 2014-03-05 | 北京奇虎科技有限公司 | Method, device and system for intercepting advertisement programs based on cloud security |
-
2015
- 2015-06-03 CN CN201510300373.5A patent/CN104881291B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101901313A (en) * | 2010-06-10 | 2010-12-01 | 中科方德软件有限公司 | Linux file protection system and method |
| CN102542182A (en) * | 2010-12-15 | 2012-07-04 | 苏州凌霄科技有限公司 | Device and method for controlling mandatory access based on Windows platform |
| CN102194079A (en) * | 2011-03-18 | 2011-09-21 | 北京思创银联科技股份有限公司 | File access filtering method |
| CN103617395A (en) * | 2013-12-06 | 2014-03-05 | 北京奇虎科技有限公司 | Method, device and system for intercepting advertisement programs based on cloud security |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108027740A (en) * | 2015-09-24 | 2018-05-11 | 慧与发展有限责任合伙企业 | Process and thread start feature |
| US11334368B2 (en) | 2015-09-24 | 2022-05-17 | Hewlett Packard Enterprise Development Lp | Process and thread launch features |
| CN106897618A (en) * | 2015-12-21 | 2017-06-27 | 珠海市君天电子科技有限公司 | Webpage access method and device |
| CN106020880A (en) * | 2016-05-17 | 2016-10-12 | 北京金山安全软件有限公司 | Browser starting method and device and electronic equipment |
| CN106020880B (en) * | 2016-05-17 | 2019-05-07 | 珠海豹趣科技有限公司 | A kind of browser starting method, apparatus and electronic equipment |
| CN107766351A (en) * | 2016-08-16 | 2018-03-06 | 腾讯科技(深圳)有限公司 | The recognition methods of file directory and device |
| CN106557688A (en) * | 2016-11-17 | 2017-04-05 | 广东欧珀移动通信有限公司 | The method and device of management default application |
| CN107103099A (en) * | 2017-05-26 | 2017-08-29 | 北京金山安全管理系统技术有限公司 | Main browser page return method and device |
| CN107103099B (en) * | 2017-05-26 | 2021-03-16 | 北京金山安全管理系统技术有限公司 | Browser homepage returning method and device |
| CN107729132A (en) * | 2017-10-09 | 2018-02-23 | 武汉斗鱼网络科技有限公司 | A kind of video decoding process guard method and device |
| CN107566843B (en) * | 2017-10-09 | 2019-07-09 | 武汉斗鱼网络科技有限公司 | A kind of video decoding process guard method and device |
| CN107729132B (en) * | 2017-10-09 | 2019-10-25 | 武汉斗鱼网络科技有限公司 | A kind of video decoding process guard method and device |
| CN107566843A (en) * | 2017-10-09 | 2018-01-09 | 武汉斗鱼网络科技有限公司 | A kind of video decoding process guard method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104881291B (en) | 2018-05-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104881291A (en) | Control method and device of default browser and terminal | |
| US9953161B2 (en) | Method, device and system for processing notification bar message | |
| JP5707542B2 (en) | Encoding labels in values to understand the flow of information | |
| CN109829286B (en) | User authority management system and method for WEB application | |
| CN103177210B (en) | A kind of method implanting dynamic stain analysis module in Android | |
| US10176327B2 (en) | Method and device for preventing application in an operating system from being uninstalled | |
| CN105205413B (en) | A kind of guard method of data and device | |
| CN110928770B (en) | Software testing method, device, system, storage medium and electronic equipment | |
| CN102981874B (en) | Computer processing system and registration table reorientation method | |
| US20190095181A1 (en) | Easy-To-Use Type Of Compile-Time Dependency Injection Method And Device In The Java Platform | |
| US20200175177A1 (en) | Auto-injection of security protocols | |
| CN105631312A (en) | Method and system for processing rogue programs | |
| CN105528251A (en) | Application notification information processing method and device and mobile terminal | |
| CN106325993A (en) | Freezing method of application program and terminal | |
| CN109472127A (en) | Permission processing method, device, using side apparatus and storage medium | |
| CN105404827B (en) | The method, apparatus and system communicated between control application program | |
| CN111880952A (en) | Application program jumping method and device, electronic equipment and storage medium | |
| AlJarrah et al. | The demon is in the configuration: Revisiting hybrid mobile apps configuration model | |
| CN105574406A (en) | Progress monitoring method and device | |
| CN111475763B (en) | Webpage running method and device, storage medium and equipment | |
| CN111026452B (en) | Method and system for remote 32-bit process injection of 64-bit process | |
| CN108959061B (en) | Application function management method, terminal and device | |
| CN112417533A (en) | Anti-screenshot method and device, computer equipment and storage medium | |
| CN111931222A (en) | Application data encryption method, device, terminal and storage medium | |
| Yang et al. | Risk analysis of exposed methods to javascript in hybrid apps |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20181205 Address after: 519030 Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Leopard Technology Co.,Ltd. Address before: 100085 East District, Second Floor, 33 Xiaoying West Road, Haidian District, Beijing Patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. |
|
| TR01 | Transfer of patent right |