CN104881291B - Control method and device of default browser and terminal - Google Patents

Control method and device of default browser and terminal Download PDF

Info

Publication number
CN104881291B
CN104881291B CN201510300373.5A CN201510300373A CN104881291B CN 104881291 B CN104881291 B CN 104881291B CN 201510300373 A CN201510300373 A CN 201510300373A CN 104881291 B CN104881291 B CN 104881291B
Authority
CN
China
Prior art keywords
function
default browser
path
browser
creation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510300373.5A
Other languages
Chinese (zh)
Other versions
CN104881291A (en
Inventor
杨振辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Baoqu Technology Co Ltd
Original Assignee
Beijing Kingsoft Internet Security Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kingsoft Internet Security Software Co Ltd filed Critical Beijing Kingsoft Internet Security Software Co Ltd
Priority to CN201510300373.5A priority Critical patent/CN104881291B/en
Publication of CN104881291A publication Critical patent/CN104881291A/en
Application granted granted Critical
Publication of CN104881291B publication Critical patent/CN104881291B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Stored Programmes (AREA)

Abstract

The invention discloses a control method, a device and a terminal of a default browser, wherein the method comprises the following steps: receiving a process creation request of an application program for calling a browser, and calling a process creation system function of a system according to the request to create a process to be created; intercepting a process creation system function of a system, and acquiring a mapping path loaded by a process to be created by the process creation system function; judging whether the mapping path is the path of a default browser or not; and if not, creating a process handle according to the path of the default browser, creating a process of the default browser according to the process handle, and feeding back the process to the application program so that the application program calls the default browser according to the process. The method creates the system function by calling the process of the system to create the target process, so that kernel codes are executed when the system is called, the whole work is in a kernel state, the permission problem does not exist, the success rate of default browser control is improved, and the system performance is improved.

Description

Control method, device and the terminal of default browser
Technical field
The present invention relates to a kind of field of computer technology more particularly to control method of default browser, device and terminals.
Background technology
It at present, can calling system current default when the network address that user shows in click chat tool on chat tool Browser opens the network address.But if system current default browser does not possess website safety detection function, work as user When the network address of opening includes swindle content, the risk of property loss may be brought to user.Therefore, it is necessary to lock one to have The default browser of website safety detection function opens the network address showed in chat tool class application program, to avoid system The risk that default browser can be changed and brought.
In correlation technique, as shown in Figure 1, the method for locking default browser is mainly:Pass through in RING3 (User space) Function CreateProcess creates a target process to run browser " Abrowser.exe ", wherein can pass through DLL The mode of (Dynamic Link Library, dynamic link library) injection is by the code and data of browser " Abrowser.exe " It is mapped in the address space of target process;Afterwards, by HOOK, (what is provided in Windows operating system is a kind of replacing The system mechanism of " interruption " under DOS is translated into " hook " or " hook ") to above-mentioned process creation function Createprocess, it creates Target process is linked up with running browser " Abrowser.exe " this event;In HOOK process creation functions In the processing function of Createprocess (i.e. HookCreateProcess), judge browser " Abrowser.exe " whether be The default browser of locking;If so, browser Abrowser.exe is directly invoked, if it is not, then changing target component as locking Default browser, that is, the default browser of locking is called, so as to achieve the purpose that lock default browser.
But there are the problem of be:(1) due to be in RING3 (User space) DLL injection by way of it is silent to lock Browser is recognized, it is possible that can be because Insufficient privilege causes injection to fail;(2) target process can change the interior of oneself process It deposits, protects oneself not by HOOK, so that whether the browser that cannot be guaranteed target process operation is default browser, so as to It can cause default browser locking failure.
The content of the invention
The purpose of the present invention is intended to solve one of the technical issues of above-mentioned at least to a certain extent.
For this purpose, first purpose of the present invention is to propose a kind of control method of default browser.This method passes through tune With the process creation system function of system to create target process so that is performed when execution system is called is kernel code, So that entire work in kernel state, so there is no rights concerns, improves the success rate of default browser control, carries High system performance.
Second object of the present invention is to propose a kind of control device of default browser.
Third object of the present invention is to propose a kind of terminal.
To achieve these goals, the control method of the default browser of first aspect present invention embodiment, including:It receives The creation request for being used to call browser of application program, and created according to the process of the creation request calling system System function is built to create process to be created;The process creation system function of the system is intercepted, and obtains the process Create the Image Path that system function process to be created is loaded;Judge whether the Image Path is default browser Path;If it is determined that Image Path is not the path of the default browser, then created according to the path of the default browser Process handle;And the process of the default browser is created according to the process handle, and by the progress feedback to described Application program, so that the application program calls the default browser according to the process.
The control method of the default browser of the embodiment of the present invention, can first receive application program for calling browser Creation request can be created afterwards according to the process creation system function of creation request calling system with starting The process built during establishment, can be intercepted and captured by the process creation system function of Hook Function Hook (hook) system The Image Path that process creation system function process to be created is loaded, and whether the Image Path for judging to load is silent Recognize the path of browser, if it is not, then a process handle is created according to default browser path, and according to the process handle The process of default browser is created, and by the progress feedback to application program, so that application program calls acquiescence according to the process Browser, so as to achieve the purpose that locking acquiescence browsing, due to creating mesh by the process creation system function of calling system Mark process so that is performed when execution system is called is kernel code, so that entire work is in kernel state, so not There are rights concerns, and DLL need not be injected target process, reduce the EMS memory occupation to target process, improved and be System performance.
To achieve these goals, the control device of the default browser of second aspect of the present invention embodiment, including:It receives Module, for receiving the creation request for being used to call browser of application program;First creation module, for according to The process creation system function of creation request calling system is to create process to be created;Interception module, for intercepting The process creation system function of the system;Acquisition module, for obtain the process creation system function it is to be created into The Image Path that journey is loaded;Judgment module, for judge the Image Path whether be default browser path;Second wound Block is modeled, for when judging Image Path not for the path of the default browser, according to the path of the default browser Create process handle;And the 3rd creation module, for creating the process of the default browser according to the process handle, and By the progress feedback to the application program, so that the application program calls the default browser according to the process.
The control device of the default browser of the embodiment of the present invention can be adjusted by receiving module reception application program With the creation request of browser, the first creation module is according to the process creation system function of creation request calling system To start to create process to be created, during establishment, interception module passes through Hook Function Hook (hook) system To intercept and capture the process creation system function, acquisition module obtains the process creation system function to be created process creation system function The Image Path that the process built is loaded, judgment module judge loading Image Path whether be default browser path, such as Fruit is not that then the second creation module creates a process handle according to default browser path, and created according to the process handle The process of default browser, and by the progress feedback to application program, so that application program calls acquiescence browsing according to the process Device, so as to achieve the purpose that locking acquiescence browsing, due to by the process creation system function of calling system with create target into Journey so that is performed when execution system is called is kernel code, so that entire work is in kernel state, so being not present Rights concerns, and DLL need not be injected target process, reduce the EMS memory occupation to target process, improve systematicness Energy.
To achieve these goals, the terminal of third aspect present invention embodiment, including:Housing, processor, memory, Circuit board and power circuit, wherein, the circuit board is placed in the interior volume that the housing surrounds, the processor and described Memory is arranged on the circuit board;The power circuit, for powering for each circuit or device of the terminal;It is described Memory is used to store executable program code;The processor is by reading the executable program generation stored in the memory Code runs program corresponding with the executable program code, for performing following steps:Receive being used for for application program Call the creation request of browser, and according to the process creation system function of the creation request calling system to create Build process to be created;The process creation system function of the system is intercepted, and obtains the process creation system function institute The Image Path that the process to be created is loaded;Judge the Image Path whether be default browser path;If it is determined that Image Path is not the path of the default browser, then creates process handle according to the path of the default browser;And The process of the default browser is created according to the process handle, and by the progress feedback to the application program, so that The application program calls the default browser according to the process.
The terminal of the embodiment of the present invention can first receive the creation request for being used to call browser of application program, it It can created afterwards according to the process creation system function of creation request calling system to start to create process to be created During, can the process creation system letter be intercepted and captured by the process creation system function of Hook Function Hook (hook) system The Image Path that number processes to be created are loaded, and judge loading Image Path whether be default browser path, If it is not, then creating a process handle according to default browser path, and default browser is created according to the process handle Process, and by the progress feedback to application program, so that application program calls default browser according to the process, so as to reach The purpose of locking acquiescence browsing, due to creating target process by the process creation system function of calling system so that holding What row system performed when calling is kernel code, so that entire work is in kernel state, so there is no rights concerns, and And DLL need not be injected target process, reduce the EMS memory occupation to target process, improve system performance.
The additional aspect of the present invention and advantage will be set forth in part in the description, and will partly become from the following description It obtains substantially or is recognized by the practice of the present invention.
Description of the drawings
Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments Substantially and it is readily appreciated that, wherein,
Fig. 1 is the flow chart of the method for locking default browser of the prior art;
Fig. 2 is the flow chart of the control method of default browser according to an embodiment of the invention;
Fig. 3 is the structure diagram of the control device of default browser according to an embodiment of the invention;
Fig. 4 is the structure diagram of the control device of default browser in accordance with another embodiment of the present invention.
Specific embodiment
The embodiment of the present invention is described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end Same or similar label represents same or similar element or has the function of same or like element.Below with reference to attached The embodiment of figure description is exemplary, it is intended to for explaining the present invention, and is not considered as limiting the invention.
Below with reference to the accompanying drawings control method, device and the terminal of default browser according to embodiments of the present invention are described.
Fig. 2 is the flow chart of the control method of default browser according to an embodiment of the invention.It should be noted that In an embodiment of the present invention, default browser can be regarded as the default browser of user's locking, i.e., in the application Network address is opened using the default browser of the locking.
As shown in Fig. 2, the control method of the default browser can include:
S201 receives the creation request for being used to call browser of application program, and according to creation request tune With the process creation system function of system to create process to be created.
For example, by taking application program is certain chat tool as an example, when user is beaten in certain chat tool by clicking on Open the network address " http of its displaying:During //www.xxx.com ", certain chat tool can be with " http://www.xxx.com " is as ginseng Number to send creation request to system.When the process creation for being used to call browser for receiving the transmission of certain chat tool please After asking, can start to create according to the process creation system function of the creation request calling system it is to be created into Journey.
S202, the process creation system function of intercepting system, and obtain process creation system function process to be created The Image Path loaded.
For example, it is assumed that default browser lockBrowser.exe, current browser Abrowser.exe, In specific embodiment, when the process creation system function of system starts establishment process, Hook Function intercepting system can be first passed through Process creation system function, wherein, in an embodiment of the present invention, Hook Function can be used for when executed obtain image letter Number, and current browser Abrowser.exe files and its file handle hFile can be obtained, it afterwards can be by this document handle HFile is passed to NtCreateSection (... hFile) with loading procedure image.Then, it is performed in Hook Function, hook Function can obtain the corresponding Image Path of this document handle from parameter hFile.
S203, judge Image Path whether be default browser path.
For example, the path that ObReferenceObjectByHandle functions obtain default browser can be first passed through, afterwards, It can be by the above-mentioned Image Path got compared with the path of default browser, to judge whether the path of the two is consistent.
S204 if it is determined that Image Path is not the path of default browser, is then created according to the path of default browser Process handle, and the process of default browser is created and by progress feedback to application program according to process handle, so that using Program calls default browser according to process.
Specifically, when Image Path not be default browser path when, it is necessary to redirect.For example, acquiescence can be browsed Default browser is opened using NtCreateFile (path of default browser) functions in the path of device as parameter LockBrowser.exe files obtain corresponding file handle hNewFile, afterwards, can using file handle hNewFile as Parameter, call function RealNtCreateSection (hNewFile), to obtain process handle hNewSection.Finally, may be used The process of default browser lockBrowser.exe is created according to process handle hNewSection, and the progress feedback is arrived Application program, application program call default browser lockBrowser.exe according to the process.Thus, it is possible to it is silent to reach locking Recognize the purpose of browser lockBrowser.exe, and cause user that the acquiescence of locking can be used when application program opens network address Browser, the risk for avoiding system browser that from may being changed, improves security.
S205 if it is determined that Image Path is the path of default browser, then directly creates the process of default browser, with Make application call default browser.
Specifically, when judging Image Path for the path of default browser, can directly be created according to the Image Path silent The process of browser is recognized, so that application program calls default browser according to the process.
Further, in one embodiment of the invention, before the process creation system function of intercepting system, this is silent The control method for recognizing browser may also include:By SSDT, (System Services Descriptor Table, system service are retouched State symbol table) in call function address be revised as the address of Hook Function so that the process creation system function of system create into Hook Function is performed during journey.
Specifically, in an embodiment of the present invention, SSDT can be first obtained, and obtains process creation system function in SSDT In function address call number.It afterwards, can be according to function address call number of the process creation system function in SSDT, by SSDT In call function address be revised as the address of Hook Function, and former call function address is preserved, so that the process creation of system System function performs Hook Function in the process of establishment, that is, completes HOOK.
Wherein, in an embodiment of the present invention, function address call number of the process creation system function in SSDT is obtained Specific implementation process may include:System process query function (such as ZwQuerySystemInformation) acquisition can be first passed through Plot in the management of process storehouse of system.Afterwards, the derived table of plot can according to transplantable execution body PE file structures, be obtained Address.It then, can be according to derived table and process creation system function with obtaining function of the process creation system function in SSDT Location call number.For example, the derived table can be enumerated, and enumeration result and process creation system function are compared to obtain process Create function address call number of the system function in SSDT.
The control method of the default browser of the embodiment of the present invention, can first receive application program for calling browser Creation request can be created afterwards according to the process creation system function of creation request calling system with starting The process built during establishment, can be intercepted and captured by the process creation system function of Hook Function Hook (hook) system The Image Path that process creation system function process to be created is loaded, and whether the Image Path for judging to load is silent Recognize the path of browser, if it is not, then a process handle is created according to default browser path, and according to the process handle The process of default browser is created, and by the progress feedback to application program, so that application program calls acquiescence according to the process Browser, so as to achieve the purpose that locking acquiescence browsing, due to creating mesh by the process creation system function of calling system Mark process so that is performed when execution system is called is kernel code, so that entire work is in kernel state, so not The code in default browser path and data are injected into there are rights concerns, and since DLL injection modes need not be passed through In target process, therefore reduce the EMS memory occupation to target process, improve system performance.
In addition, the invention also provides a kind of control devices of default browser.
Fig. 3 is the structure diagram of the control device of default browser according to an embodiment of the invention.It needs to illustrate , in an embodiment of the present invention, default browser can be regarded as the default browser of user's locking, that is, be directed to using journey In sequence network address is opened using the default browser of the locking.
As shown in figure 3, the control device of the default browser can include:Receiving module 10, the first creation module 20 are cut Modulus block 30, acquisition module 40, judgment module 50, the second creation module 60 and the 3rd creation module 70.
Specifically, receiving module 10 can be used for the creation request for being used to call browser for receiving application program.The One creation module 20 can be used for the process creation system function according to creation request calling system to be created to create Process.For example, by taking application program is certain chat tool as an example, when user opens it in certain chat tool by clicking on Network address " the http of displaying:During //www.xxx.com ", certain chat tool can be with " http://www.xxx.com " as a parameter to Creation request is sent to system.When receiving module 10 receives the process for being used to call browser of certain chat tool transmission After request to create, the first creation module 20 can be opened according to the process creation system function of the creation request calling system File process to be created.
Interception module 30 can be used for the process creation system function of intercepting system.Acquisition module 40 is created available for acquisition process Build the Image Path that system function process to be created is loaded.
For example, it is assumed that default browser lockBrowser.exe, current browser Abrowser.exe, When the process creation system function of system starts establishment process, interception module 30 can be created by the process of Hook Function intercepting system System function is built, wherein, in an embodiment of the present invention, Hook Function can be used for obtaining image function when executed.It obtains Module 40 can obtain current browser Abrowser.exe files and its file handle hFile, afterwards can be by this document handle HFile is passed to NtCreateSection (... hFile) with loading procedure image.Then, it is performed in Hook Function, hook Function can obtain the corresponding Image Path of this document handle from parameter hFile.
Judgment module 50 can be used for judge Image Path whether be default browser path.For example, judgment module 50 can The path that ObReferenceObjectByHandle functions obtain default browser is first passed through, afterwards, can be got above-mentioned Image Path is compared with the path of default browser, to judge whether the path of the two is consistent.
Second creation module 60 can be used for when judging Image Path not for the path of default browser, be browsed according to acquiescence The path of device creates process handle.3rd creation module 70 can be used for the process that default browser is created according to process handle, and By progress feedback to application program, so that application program calls default browser according to process.More specifically, work as Image Path not For default browser path when, it is necessary to redirect.For example, the second creation module 60 can be using the path of default browser as ginseng Number, default browser lockBrowser.exe files are opened using NtCreateFile (path of default browser) functions, Corresponding file handle hNewFile is obtained, it afterwards, can be using file handle hNewFile as parameter, call function RealNtCreateSection (hNewFile), to obtain process handle hNewSection.3rd creation module 70 can basis Process handle hNewSection creates the process of default browser lockBrowser.exe, and by the progress feedback to application Program, application program call default browser lockBrowser.exe according to the process.Thus, it is possible to it is clear to reach locking acquiescence It lookes at the purpose of device lockBrowser.exe, and user is caused when application program opens network address the acquiescence of locking to can be used to browse Device, the risk for avoiding system browser that from may being changed, improves security.
Further, in one embodiment of the invention, as shown in figure 4, the control device of the default browser may be used also Including modified module 80.Modified module 80 can be used for before the process creation system function of 30 intercepting system of interception module, will The address of Hook Function is revised as in call function address in SSDT, so that the process creation system function of system is in the process of establishment Perform Hook Function.
Specifically, in an embodiment of the present invention, as shown in figure 4, the modified module 80 may include 81 He of acquiring unit Change unit 82.Acquiring unit 81 can be used for obtaining SSDT, and obtain function address of the process creation system function in SSDT Call number.Unit 82 is changed available for the function address call number according to process creation system function in SSDT, it will be in SSDT Call function address be revised as the address of Hook Function, and former call function address is preserved, so that the process creation system of system System function performs Hook Function in the process of establishment, that is, completes HOOK.
Wherein, in an embodiment of the present invention, acquiring unit 81 obtains function of the process creation system function in SSDT The specific implementation process of allocation index number can be as follows:System process query function can be first passed through (such as ZwQuerySystemInformation the plot in the management of process storehouse of system) is obtained;It afterwards, can be according to transplantable execution Body PE file structures obtain the export table address of plot;Then, process wound is obtained according to derived table and process creation system function Build function address call number of the system function in SSDT.For example, the derived table can be enumerated, and by enumeration result and process creation System function is compared to obtain function address call number of the process creation system function in SSDT.
Further, in one embodiment of the invention, the 3rd creation module 70 can also be used to judge Image Path For default browser path when, directly create default browser process so that application call default browser.More Body, the 3rd creation module 70 can directly basis be somebody's turn to do when judgment module 50 judges Image Path for the path of default browser Image Path creates the process of default browser, so that application program calls default browser according to the process.
The control device of the default browser of the embodiment of the present invention can be adjusted by receiving module reception application program With the creation request of browser, the first creation module is according to the process creation system function of creation request calling system To start to create process to be created, during establishment, interception module passes through Hook Function Hook (hook) system To intercept and capture the process creation system function, acquisition module obtains the process creation system function to be created process creation system function The Image Path that the process built is loaded, judgment module judge loading Image Path whether be default browser path, such as Fruit is not that then the second creation module creates a process handle according to default browser path, and created according to the process handle The process of default browser, and by the progress feedback to application program, so that application program calls acquiescence browsing according to the process Device, so as to achieve the purpose that locking acquiescence browsing, due to by the process creation system function of calling system with create target into Journey so that is performed when execution system is called is kernel code, so that entire work is in kernel state, so being not present Rights concerns, and DLL need not be injected target process, reduce the EMS memory occupation to target process, improve systematicness Energy.
In addition, the invention also provides a kind of terminal, it is necessary to which explanation, in an embodiment of the present invention, terminal can manage Solution is PC (Personal Computer, personal computer) ends.The terminal may include:Housing, processor, memory, circuit board And power circuit, wherein, circuit board is placed in the interior volume that housing surrounds, and processor and memory are set on circuit boards; Power circuit, for powering for each circuit or device of terminal;Memory is used to store executable program code;Processor leads to It crosses and reads in memory the executable program code that stores to run program corresponding with executable program code, for performing Following steps:
S101 ' receives the creation request for being used to call browser of application program, and according to creation request tune With the process creation system function of system to create process to be created.
S102 ', the process creation system function of intercepting system, and obtain process creation system function process to be created The Image Path loaded.
S103 ', judge Image Path whether be default browser path.
S104 ' if it is determined that Image Path is not the path of default browser, is then created according to the path of default browser Process handle.
S105 ' creates the process of default browser according to process handle, and by progress feedback to application program, so that should Default browser is called according to process with program.
The terminal of the embodiment of the present invention can first receive the creation request for being used to call browser of application program, it It can created afterwards according to the process creation system function of creation request calling system to start to create process to be created During, can the process creation system letter be intercepted and captured by the process creation system function of Hook Function Hook (hook) system The Image Path that number processes to be created are loaded, and judge loading Image Path whether be default browser path, If it is not, then creating a process handle according to default browser path, and default browser is created according to the process handle Process, and by the progress feedback to application program, so that application program calls default browser according to the process, so as to reach The purpose of locking acquiescence browsing, due to creating target process by the process creation system function of calling system so that holding What row system performed when calling is kernel code, so that entire work is in kernel state, so there is no rights concerns, and And DLL need not be injected target process, reduce the EMS memory occupation to target process, improve system performance.
In the description of the present invention, it is to be understood that term " first ", " second " are only used for description purpose, and cannot It is interpreted as indicating or implies relative importance or imply the quantity of the technical characteristic indicated by indicating.Define as a result, " the One ", at least one this feature can be expressed or be implicitly included to the feature of " second ".In the description of the present invention, " multiple " It is meant that at least two, such as two, three etc., unless otherwise specifically defined.
Any process described otherwise above or method description are construed as in flow chart or herein, represent to include Module, segment or the portion of the code of the executable instruction of one or more the step of being used to implement specific logical function or process Point, and the scope of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discuss suitable Sequence, including according to involved function by it is basic simultaneously in the way of or in the opposite order, carry out perform function, this should be of the invention Embodiment person of ordinary skill in the field understood.
Expression or logic and/or step described otherwise above herein in flow charts, for example, being considered use In the order list for the executable instruction for realizing logic function, may be embodied in any computer-readable medium, for Instruction execution system, device or equipment (such as computer based system, including the system of processor or other can be held from instruction Row system, device or equipment instruction fetch and the system executed instruction) it uses or combines these instruction execution systems, device or set It is standby and use.For the purpose of this specification, " computer-readable medium " can any can be included, store, communicate, propagate or pass Defeated program is for instruction execution system, device or equipment or the dress used with reference to these instruction execution systems, device or equipment It puts.The more specific example (non-exhaustive list) of computer-readable medium includes following:Electricity with one or more wiring Connecting portion (electronic device), portable computer diskette box (magnetic device), random access memory (RAM), read-only memory (ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk is read-only deposits Reservoir (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other are suitable Medium, because can be for example by carrying out optical scanner to paper or other media, then into edlin, interpretation or if necessary with it His suitable method is handled electronically to obtain described program, is then stored in computer storage.
It should be appreciated that each several part of the present invention can be realized with hardware, software, firmware or combination thereof.Above-mentioned In embodiment, software that multiple steps or method can in memory and by suitable instruction execution system be performed with storage Or firmware is realized.If for example, with hardware come realize in another embodiment, can be under well known in the art Any one of row technology or their combination are realized:With for the logic gates to data-signal realization logic function Discrete logic, have suitable combinational logic gate circuit application-specific integrated circuit, programmable gate array (PGA), scene Programmable gate array (FPGA) etc..
Those skilled in the art are appreciated that realize all or part of step that above-described embodiment method carries Suddenly it is that relevant hardware can be instructed to complete by program, the program can be stored in a kind of computer-readable storage medium In matter, the program upon execution, one or a combination set of the step of including embodiment of the method.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, it can also That unit is individually physically present, can also two or more units be integrated in a module.Above-mentioned integrated mould The form that hardware had both may be employed in block is realized, can also be realized in the form of software function module.The integrated module is such as Fruit is realized in the form of software function module and is independent production marketing or in use, can also be stored in a computer In read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or the spy for combining the embodiment or example description Point is contained at least one embodiment of the present invention or example.In the present specification, schematic expression of the above terms is not It must be directed to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be in office It is combined in an appropriate manner in one or more embodiments or example.In addition, without conflicting with each other, the skill of this field Art personnel can tie the different embodiments described in this specification or example and different embodiments or exemplary feature It closes and combines.
Although the embodiment of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is impossible to limitation of the present invention is interpreted as, those of ordinary skill in the art within the scope of the invention can be to above-mentioned Embodiment is changed, changes, replacing and modification.

Claims (11)

1. a kind of control method of default browser, which is characterized in that comprise the following steps:
The creation request for being used to call browser of application program is received, and according to the creation request calling system Process creation system function to create process to be created;
The process creation system function of the system is intercepted, and obtains process creation system function process institute to be created The Image Path of loading;
Judge the Image Path whether be default browser path;
If it is determined that Image Path be the default browser path, then according to the path of the default browser create into Journey handle;
Create the process of the default browser according to the process handle, and by the progress feedback to the application program, So that the application program calls the default browser according to the process;
If it is determined that Image Path is the path of the default browser, then the process of the default browser is directly created, with Make default browser described in the application call.
2. the control method of default browser as described in claim 1, which is characterized in that the process of the interception system System function is created, is specifically included:
The process creation system function of the system is intercepted by Hook Function, wherein, the Hook Function is used to be performed When obtain the Image Path.
3. the control method of default browser as claimed in claim 2, which is characterized in that the interception system into Before journey creates system function, the control method further includes:
Call function address in system service descriptor table SSDT is revised as to the address of the Hook Function, so that the system Process creation system function perform the Hook Function in the process of establishment.
4. the control method of default browser as claimed in claim 3, which is characterized in that described by system service descriptor table The address of the Hook Function is revised as in call function address in SSDT, specifically includes:
The system service descriptor table SSDT is obtained, and obtains the process creation system function and is described in the system service Accord with the function address call number in table SSDT;
According to function address call number of the process creation system function in the system service descriptor table SSDT, by institute State the address that the Hook Function is revised as in the call function address in system service descriptor table SSDT.
5. the control method of default browser as claimed in claim 4, which is characterized in that the acquisition process creation system letter Function address call number of the number in the system service descriptor table SSDT specifically includes:
The plot in the management of process storehouse of the system is obtained by system process query function;
According to the transplantable export table address for performing body PE file structures, obtaining the plot;
The process creation system function is obtained according to the derived table and the process creation system function to take in the system The function address call number being engaged in descriptor table SSDT.
6. a kind of control device of default browser, which is characterized in that including:
Receiving module, for receiving the creation request for being used to call browser of application program;
First creation module, for being wanted according to the process creation system function of the creation request calling system with creating The process of establishment;
Interception module, for intercepting the process creation system function of the system;
Acquisition module, for obtaining the Image Path that process creation system function process to be created is loaded;
Judgment module, for judge the Image Path whether be default browser path;
Second creation module, it is clear according to the acquiescence for when judging Image Path not for the path of the default browser Look at device path create process handle;
3rd creation module, for creating the process of the default browser according to the process handle, and the process is anti- The application program is fed to, so that the application program calls the default browser according to the process;
3rd creation module is additionally operable to when judging Image Path for the path of the default browser, directly described in establishment The process of default browser, so that default browser described in the application call.
7. the control device of default browser as claimed in claim 6, which is characterized in that the interception module is specifically used for:
The process creation system function of the system is intercepted by Hook Function, wherein, the Hook Function is used to be performed When obtain the Image Path.
8. the control device of default browser as claimed in claim 7, which is characterized in that further include:
Modified module, for before the process creation system function of the interception system, by system service descriptor table The address of the Hook Function is revised as in call function address in SSDT, so that the process creation system function of the system is being created The Hook Function is performed when building process.
9. the control device of default browser as claimed in claim 8, which is characterized in that the modified module includes:
Acquiring unit for obtaining the system service descriptor table SSDT, and obtains the process creation system function in institute State the function address call number in system service descriptor table SSDT;
Unit is changed, for the function according to the process creation system function in the system service descriptor table SSDT The address of the Hook Function is revised as in call function address in the system service descriptor table SSDT by location call number.
10. the control device of default browser as claimed in claim 9, which is characterized in that the acquiring unit is specifically used for:
The plot in the management of process storehouse of the system is obtained by system process query function;
According to the transplantable export table address for performing body PE file structures, obtaining the plot;
The process creation system function is obtained according to the derived table and the process creation system function to take in the system The function address call number being engaged in descriptor table SSDT.
11. a kind of terminal, which is characterized in that including:Housing, processor, memory, circuit board and power circuit, wherein, it is described Circuit board is placed in the interior volume that the housing surrounds, and the processor and the memory are arranged on the circuit board; The power circuit, for powering for each circuit or device of the terminal;The memory is used to store executable program Code;The processor is run and the executable program by reading the executable program code stored in the memory The corresponding program of code, for performing following steps:
The creation request for being used to call browser of application program is received, and according to the creation request calling system Process creation system function to create process to be created;
The process creation system function of the system is intercepted, and obtains process creation system function process institute to be created The Image Path of loading;
Judge the Image Path whether be default browser path;
If it is determined that Image Path be the default browser path, then according to the path of the default browser create into Journey handle;
Create the process of the default browser according to the process handle, and by the progress feedback to the application program, So that the application program calls the default browser according to the process;
If it is determined that Image Path is the path of the default browser, then the process of the default browser is directly created, with Make default browser described in the application call.
CN201510300373.5A 2015-06-03 2015-06-03 Control method and device of default browser and terminal Active CN104881291B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510300373.5A CN104881291B (en) 2015-06-03 2015-06-03 Control method and device of default browser and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510300373.5A CN104881291B (en) 2015-06-03 2015-06-03 Control method and device of default browser and terminal

Publications (2)

Publication Number Publication Date
CN104881291A CN104881291A (en) 2015-09-02
CN104881291B true CN104881291B (en) 2018-05-25

Family

ID=53948798

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510300373.5A Active CN104881291B (en) 2015-06-03 2015-06-03 Control method and device of default browser and terminal

Country Status (1)

Country Link
CN (1) CN104881291B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3332321B1 (en) 2015-09-24 2023-06-07 Hewlett Packard Enterprise Development LP Process and thread launch features
CN106897618A (en) * 2015-12-21 2017-06-27 珠海市君天电子科技有限公司 Webpage access method and device
CN106020880B (en) * 2016-05-17 2019-05-07 珠海豹趣科技有限公司 A kind of browser starting method, apparatus and electronic equipment
CN107766351B (en) * 2016-08-16 2020-12-25 腾讯科技(深圳)有限公司 File directory identification method and device
CN106557688A (en) * 2016-11-17 2017-04-05 广东欧珀移动通信有限公司 The method and device of management default application
CN107103099B (en) * 2017-05-26 2021-03-16 北京金山安全管理系统技术有限公司 Browser homepage returning method and device
CN107729132B (en) * 2017-10-09 2019-10-25 武汉斗鱼网络科技有限公司 A kind of video decoding process guard method and device
CN107566843B (en) * 2017-10-09 2019-07-09 武汉斗鱼网络科技有限公司 A kind of video decoding process guard method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101901313A (en) * 2010-06-10 2010-12-01 中科方德软件有限公司 Linux file protection system and method
CN102194079A (en) * 2011-03-18 2011-09-21 北京思创银联科技股份有限公司 File access filtering method
CN102542182A (en) * 2010-12-15 2012-07-04 苏州凌霄科技有限公司 Device and method for controlling mandatory access based on Windows platform
CN103617395A (en) * 2013-12-06 2014-03-05 北京奇虎科技有限公司 Method, device and system for intercepting advertisement programs based on cloud security

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101901313A (en) * 2010-06-10 2010-12-01 中科方德软件有限公司 Linux file protection system and method
CN102542182A (en) * 2010-12-15 2012-07-04 苏州凌霄科技有限公司 Device and method for controlling mandatory access based on Windows platform
CN102194079A (en) * 2011-03-18 2011-09-21 北京思创银联科技股份有限公司 File access filtering method
CN103617395A (en) * 2013-12-06 2014-03-05 北京奇虎科技有限公司 Method, device and system for intercepting advertisement programs based on cloud security

Also Published As

Publication number Publication date
CN104881291A (en) 2015-09-02

Similar Documents

Publication Publication Date Title
CN104881291B (en) Control method and device of default browser and terminal
CN1933647B (en) Apparatus and method for controlling access to an external memory
CN108228305A (en) Display methods, device, storage medium and the electronic equipment of five application page
US20080148298A1 (en) System and Methods for Providing Granular Security for Locally Running Scripted Environments and Web Applications
CN108549568A (en) Using entrance processing method, apparatus, storage medium and electronic equipment
CN107357489A (en) A kind of synchronous method for browsing information, terminal and server
CN103514395A (en) Plug-in right control method and system
CN106203141A (en) The data processing method of a kind of application and device
CN107800611A (en) The method and page layout switch device of a kind of page layout switch
CN108334404A (en) The operation method and device of application program
CN106648316A (en) Unlocking method and terminal
CN109684027A (en) The method and apparatus of dynamically track Java Virtual Machine operation
CN104123165B (en) Application program unloading method and device and mobile terminal
CN105095758A (en) Processing method and device for lock-screen application program and mobile terminal
CN106169048B (en) File delet method, device and electronic equipment
CN108171063A (en) Method, terminal and the computer readable storage medium of access safety element
CN106325710B (en) Control method, device and the mobile terminal of mobile terminal
CN107943921A (en) Page sharing information generation method, device, computer equipment and storage medium
CN111880952A (en) Application program jumping method and device, electronic equipment and storage medium
CN111639339A (en) Process monitoring method and device, electronic equipment and storage medium
CN112015496A (en) Interface calling method and device, computer equipment and storage medium
CN100576225C (en) External memory storage management devices and external memory storage management method
CN110275701A (en) Data processing method, device, medium and calculating equipment
CN105631318B (en) A kind of acquisition methods and device of registration table key assignments
CN115454541A (en) Macro code acquisition method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20181205

Address after: 519030 Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province

Patentee after: Zhuhai Leopard Technology Co.,Ltd.

Address before: 100085 East District, Second Floor, 33 Xiaoying West Road, Haidian District, Beijing

Patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd.

TR01 Transfer of patent right