CN105069351A - Apparatus and method for preventing stealing of login information of application program - Google Patents
Apparatus and method for preventing stealing of login information of application program Download PDFInfo
- Publication number
- CN105069351A CN105069351A CN201510438894.7A CN201510438894A CN105069351A CN 105069351 A CN105069351 A CN 105069351A CN 201510438894 A CN201510438894 A CN 201510438894A CN 105069351 A CN105069351 A CN 105069351A
- Authority
- CN
- China
- Prior art keywords
- application program
- keyboard
- message
- log
- hook
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
The invention provides an apparatus and a method for preventing stealing of login information of an application program. The apparatus comprises an execution module, a keyboard hook and a filtration module which correspond to the same current application program, wherein the execution module is used for unloading the keyboard hook and reinstalling the keyboard hook at every other preset time interval; the keyboard hook is used for intercepting keyboard input information for the current application program and sending the keyboard input information to the filtration module; and the filtration module is used for judging whether the keyboard input information sent by the keyboard hook is the login information of the current application program, and if so, sending the login information to a login module in the current application program. According to the technical scheme, the security of the login information of the application program can be improved.
Description
Technical field
The present invention relates to computer safety field, particularly a kind of application program log-on message prevents the device and method stolen.
Background technology
Along with the development of computer technology, computing machine relates to the various aspects in life, work, and user carries out work, study and amusement by calculating.The computer operating system of current main flow is Windows system, the operation of Windows system program be based upon message passing mechanism basis on, nearly all program activity is all driven by message, can Hook Mechanism be passed through, arrive in message and intercepting and capturing are carried out to it before target window and to go forward side by side row relax.Keyboard is the main input equipment of computing machine, and the character information of user's input is nearly all realized by keyboard.
A lot of application programs on computing machine are all verified by the identity of login form to user of account encrypted code, when user is when by input through keyboard log-on message, other application programs steal the log-on message of user easily via Hook Technique, once the log-on message of user is stolen by rogue program, by making the log-on message of user reveal, causing the privacy leakage of user, causing the consequences such as economic loss.
At present, prevent user login information by the method maliciously stolen, mainly comprise: obtain the log-on message by input through keyboard, then log-on message is encrypted, thus make rogue program cannot obtain definite log-on message.
Prevent user login information by the method maliciously stolen for prior art, getting user by the log-on message of input through keyboard and before being encrypted, the log-on message of user's input may be obtained by Hook Technique by other rogue programs, the log-on message that now rogue program gets is not encrypted, and therefore the security of application program log-on message is lower.
Summary of the invention
The invention provides the device and method that a kind of application program log-on message prevents stealing, the security of application program log-on message can be improved.
Embodiments provide the device that a kind of application program log-on message prevents stealing, be applied to and comprise in the computing machine of keyboard, comprising: the execution module of corresponding and same current application program, keyboard hook and filtering module;
Described execution module, for the interval time preset every one, unloads described keyboard hook and reinstalls;
Described keyboard hook, for intercepting and capturing the keyboard input information being directed to described current application program, and sends to described filtering module by described keyboard input information;
Described filtering module, for judging that whether keyboard input information that described keyboard hook sends is the log-on message of described current application program, if so, sends to the login module in described current application program by described log-on message.
Preferably, any one or more in described execution module, keyboard hook and filtering module are positioned at application.
Preferably, this device comprises further: arrange module;
Described module is set, for passing through Windows system command code GetCurrentThreadId (), obtain the ID of current thread corresponding to described current application program, and according to the ID of described current thread, described keyboard hook is set to the partial keyboard hook of described current thread.
Preferably, this device comprises further: encrypting module;
Described encrypting module, before described log-on message being sent to the login module in described current application program at described filtering module, described log-on message is encrypted, and the described log-on message after encryption is sent to the login module in described current application program.
Preferably, described execution module comprises: timer, unloading unit and installation unit;
Described timer, for often through a described interval time, sends unloading order to described unloading unit;
Described unloading unit, for receive described timer send unloading order after, by Windows system command code UnHookWindowsHookEx (), described keyboard hook is unloaded;
Described installation unit, for after described keyboard hook has unloaded by described unloading unit, has reinstalled described keyboard hook by Windows system command code SetWindowsHookEx () immediately.
Preferably, described filtering module, for according to judged result, by be not the keyboard input information of current application program log-on message by Windows system command code CallNextHookEx (), be issued to other modules corresponding in current application program.
The embodiment of the present invention additionally provides a kind of method that application program log-on message prevents stealing, and the method comprises:
Every the interval time that one presets, unloading keyboard hook is also reinstalled;
Keyboard hook intercepts and captures the keyboard input information being directed to current application program;
Judge whether described keyboard input information is log-on message;
If so, described log-on message is sent to the login module in described current application program.
Preferably, the method comprises further:
By Windows system command code GetCurrentThreadId (), obtain the ID of current thread corresponding to described current application program, and according to the ID of described current thread, described keyboard hook is set to the partial keyboard hook of described current thread.
Preferably, taking a step forward of the login module in described current application program is sent to comprise described log-on message described:
Described log-on message is encrypted.
Preferably, judge described keyboard input information comprises after whether being log-on message further described:
According to judged result, if described keyboard input information is not log-on message, then this keyboard input information is passed through Windows system command code CallNextHookEx (), be issued to other modules corresponding in current application program.
Embodiments provide the device and method that a kind of application program log-on message prevents stealing, every the interval time that one presets, reinstall again after keyboard hook being unloaded by execution module, ensure that this keyboard hook is last installation, based on the hook that Windows system is created by last in first out LIFO leading subscriber, thus make this keyboard hook intercept and capture the keyboard input information being directed to current application program at first, after this keyboard hook intercepts and captures keyboard input information, the keyboard input information of intercepting and capturing is sent to filtering module, the log-on message of current application program is filtered out in filtering module information entered from the keyboard, and this log-on message is sent to the login module in current application program, and then application program completes login, by constantly unloading and reinstalling keyboard hook, ensure that keyboard hook is last installation, thus intercepted and captured before other application programs obtain keyboard input information, other rogue programs are avoided to get application program log-on message, thus improve the security of application program log-on message.
Accompanying drawing explanation
Fig. 1 is the device schematic diagram that a kind of application program log-on message that one embodiment of the invention provides prevents stealing;
Fig. 2 is the device schematic diagram that a kind of application program log-on message that another embodiment of the present invention provides prevents stealing;
Fig. 3 is the method flow diagram that a kind of application program log-on message that one embodiment of the invention provides prevents stealing;
Fig. 4 is the method flow diagram that a kind of application program log-on message that another embodiment of the present invention provides prevents stealing.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described.Obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
As shown in Figure 1, one embodiment of the invention provides the device that a kind of application program log-on message prevents stealing, and comprising: the execution module 101 of corresponding and same current application program, keyboard hook 102 and filtering module 103;
Execution module 101, for the interval time preset every one, unloads keyboard hook 102 and reinstalls;
Keyboard hook 102, for intercepting and capturing the keyboard input information being directed to current application program, and sends to filtering module 103 by the keyboard input information intercepted;
Filtering module 103, for judging that whether keyboard input information that keyboard hook 102 sends is the log-on message of current application program, if so, sends to the login module in current application program by described log-on message.
A kind of application program log-on message provided by the embodiment of the present invention prevents the device stolen, every the interval time that one presets, reinstall again after keyboard hook being unloaded by execution module, ensure that this keyboard hook is last installation, based on the hook that Windows system is created by last in first out LIFO leading subscriber, thus make this keyboard hook intercept and capture the keyboard input information being directed to current application program at first, after this keyboard hook intercepts and captures keyboard input information, the keyboard input information of intercepting and capturing is sent to filtering module, the log-on message of current application program is filtered out in filtering module information entered from the keyboard, and this log-on message is sent to the login module in current application program, and then application program completes login, by constantly unloading and reinstalling keyboard hook, ensure that keyboard hook is last installation, thus intercepted and captured before other application programs obtain keyboard input information, other rogue programs are avoided to get application program log-on message, thus improve the security of application program log-on message.
In an embodiment of the invention, corresponding execution module, keyboard hook and the filtering module of current application program is all arranged on the aspect of application program, system kernel is not modified, thus avoid when system kernel is modified, the appearance of computing machine blue screen situation is caused due to system version difference, ensure the normal operation of computing machine, thus improve the stability of computing machine.
In an embodiment of the invention, this device may further include and arranges module, utilization arranges module, by Windows system command code GetCurrentThreadId (), get the ID of current thread corresponding to current application program, according to the ID of current thread, keyboard hook is set to the partial keyboard hook of current thread, based on the disposal route of Windows system to local hook and global hook, local hook obtains the key information of user by having precedence over global hook, thus ensure that this partial keyboard hook has precedence over other global hooks and intercepts and captures keyboard input information, other overall keyboard hooks are avoided to obtain application program log-on message prior to this partial keyboard hook, further increase the security of application program log-on message.
In an embodiment of the invention, this device comprises encrypting module further, filter out the log-on message of current application program in filtering module information entered from the keyboard after, this log-on message is encrypted, and the information after encryption is sent to the login module in current application program, login is completed after log-on message being decrypted after login module in current application program receives enciphered message, like this, log-on message is being sent in the login module process in current application program, even if other application programs have acquired log-on message, but it does not know the clear crytpographic key of log-on message, thus also definite log-on message cannot be obtained, avoid the leakage of application program log-on message, thus further increase the safety of application program log-on message.
In an embodiment of the invention, execution module comprises three subelements, timer respectively, unloading unit and installation unit, timer is according to pre-set interval time, often through an interval time, a unloading order is sent to unloading unit, unloading unit is after the unloading order receiving timer transmission, by Windows system command code UnHookWindowsHookEx (), keyboard hook is unloaded, installation unit is after keyboard hook has unloaded by unloading unit, keyboard hook is reinstalled immediately by Windows system command code SetWindowsHookEx (), by constantly unloading and installing keyboard hook, ensure that this keyboard hook is last installation, thus keyboard input information can be intercepted and captured at first, application program log-on message is avoided to be obtained by other application programs.
In an embodiment of the invention, filtering module judges whether the keyboard input information received is log-on message, if log-on message to be sent to the login module in current application program, if not then passing through Windows system command code CallNextHookEx (), this keyboard input information is sent to other modules in current application program, ensures that other orders are properly implemented.
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with drawings and the specific embodiments, the present invention is described in further detail.
As shown in Figure 2, one embodiment of the invention provides the device that a kind of application program log-on message prevents stealing, and comprising: corresponding to same application program 1 timer 2 01, unloading unit 202, module 203, installation unit 204, keyboard hook 205, filtering module 206 and encrypting module 207 are set;
Timer 2 01 is connected with unloading unit 202, for each interval time, sends unloading order to unloading unit 202;
Unloading unit 202 is connected with keyboard hook 205, for after the unloading order receiving timer 2 01 transmission, is unloaded by keyboard hook 205;
Installation unit 204 is connected with keyboard hook 205, for after keyboard hook 205 is unloaded, reinstalls keyboard hook 205;
Arrange module 203 to be connected with keyboard hook 205, for keyboard hook 205 is set to partial keyboard hook;
Keyboard hook 205 is connected with filtering module 206, for intercepting and capturing the keyboard input information being directed to application program 1, and keyboard input information is sent to filtering module 206;
Filtering module 206 is connected with encrypting module 207, for judging that whether keyboard input information that keyboard hook 205 sends is the log-on message of application program 1, if so, this log-on message is sent to the login module of application program 1;
Encrypting module 207 is connected with filtering module 206, is encrypted for the log-on message screened filtering module 206.
In embodiments of the present invention, user pre-sets an interval time, timer 2 01 obtains the current time of system by Windows system command code GetTickCount (), when system time is often through an interval time, timer 2 01 just sends a unloading order to unloading unit 202.Such as, it is 5 seconds for pre-setting interval time, when timer 2 01 last time is 9 to the time that unloading unit 202 sends unloading order 12 points 5 seconds, when timer 2 01 is 9 by Windows system command code GetTickCount () acquisition present system time when 12 points and 10 seconds, send a unloading order from trend unloading unit 202.
In embodiments of the present invention, the keyboard hook 205 of application program 1 correspondence, after receiving the unloading order that timer 2 01 sends, by by Windows system command code UnHookWindowsHookEx (), unloads by unloading unit 202.
In embodiments of the present invention, installation unit 204 is monitored keyboard hook 205 in real time, after it detects that keyboard hook 205 is unloaded, immediately by Windows system command code SetWindowsHookEx (), again keyboard hook 205 can be installed.
In embodiments of the present invention, keyboard hook 205 is being installed first or after keyboard hook 205 being reinstalled at every turn, arranging module 203 can by Windows system command code GetCurrentThreadId (), obtain the ID of the current thread of application program 1 correspondence, according to this ID, keyboard hook 205 is set to the partial keyboard hook of current thread.Such as, when keyboard hook 205 is installed for the first time again, module 203 obtains the current thread of application program 1 correspondence ID by Windows system command code GetCurrentThreadId () is set, by this ID, keyboard hook 205 is set to the partial keyboard hook of the current thread of application program 1 correspondence, the follow-up keyboard hook 205 at every turn reinstalled is local thread.
In embodiments of the present invention, because unloading unit 202 and installation unit 204 constantly unload keyboard hook 205 and install, ensure that keyboard hook 205 is last installation, thus keyboard hook 205 can intercept and capture the keyboard input information that user is inputted to application program 1 by keyboard at first, this keyboard input information, after intercepting keyboard input information, is sent to filtering module 206 by keyboard hook 205.
In embodiments of the present invention, filtering module 206 is after receiving the keyboard input information that keyboard hook 205 sends, judge that whether this keyboard input information is the log-on message of application program 1, if, this log-on message is sent to encrypting module 207, if not, then by Windows system command code CallNextHookEx (), this keyboard input information is issued to other modules in application program 1.
In embodiments of the present invention, encrypting module 207 is after receiving the log-on message that filtering module 206 sends, this log-on message is encrypted, and the log-on message after encryption is sent to the login module in application program 1, log in after the deciphering of this log-on message to make the login module in application program 1.
As shown in Figure 3, one embodiment of the invention provides a kind of method that application program log-on message prevents stealing, and comprising:
Step 301:: the interval time preset every one, unloading keyboard hook is also reinstalled;
Step 302: keyboard hook intercepts and captures the keyboard input information being directed to current application program;
Step 303: judge whether described keyboard input information is log-on message, if so, performs step and plays 304, if not, terminate current process;
Step 304: described log-on message is sent to the login module in described current application program.
As shown in Figure 4, one embodiment of the invention provides a kind of method that application program log-on message prevents stealing, and comprising:
Step 401: set interval time.
In an embodiment of the invention, the interval time of a unloading keyboard hook is set.Such as, arranging interval time is 5 seconds.
Step 402: create keyboard hook that is corresponding and current application program.
In an embodiment of the invention, for the current application program needing to carry out logging in, at application, a keyboard hook for current application program is created.Such as, data base management system (DBMS) needs keeper to be logged in by login account and login password, then create a keyboard hook at application to this data base management system (DBMS).
Step 403: this keyboard hook is set to partial keyboard hook.
In an embodiment of the invention, after keyboard hook has created, by Windows system command code GetCurrentThreadId (), obtain the ID of current thread corresponding to current application program, by the ID of current thread, keyboard hook is set to the partial keyboard hook of current thread, to ensure to obtain keyboard input information before global hook.Such as, by Windows system command code GetCurrentThreadId (), obtain the ID of current thread 1 corresponding to data base management system (DBMS), according to this ID, keyboard hook is set to the partial keyboard hook of current thread 1.
Step 404: often through an interval time, reinstalls after being unloaded by this keyboard hook again.
In an embodiment of the invention, often through time time, by Windows system command code UnHookWindowsHookEx (), keyboard hook is unloaded, after unloading completes, immediately by Windows system command code SetWindowsHookEx (), reinstall this keyboard hook, thus ensure that this keyboard hook is last installation.Such as, often through 5 seconds, by Windows system command code UnHookWindowsHookEx (), keyboard hook corresponding for data base management system (DBMS) is unloaded, after having unloaded, immediately by Windows system command code SetWindowsHookEx (), reinstall the keyboard hook that data base management system (DBMS) is corresponding, wherein the unloading and installing of keyboard hook all completes instantaneously, ensures that keyboard hook corresponding to data base management system (DBMS) is last installation.
Step 405: keyboard hook intercepts and captures the keyboard input information being directed to current application program.
In an embodiment of the invention, based on constantly unloading keyboard hook in step 404 and reinstalling, ensure that this keyboard hook is last installation, this keyboard hook can intercept and capture at first user by keyboard to current application program input keyboard input information.Such as, the keyboard hook that data base management system (DBMS) is corresponding can intercept and capture the keyboard input information that user is inputted to data base management system (DBMS) by keyboard at first.
Step 406: judge that whether the keyboard input information intercepted and captured is the log-on message of current application program, if so, perform step 408, otherwise perform step 407.
In an embodiment of the invention, after intercepting the keyboard input information for current application program, judge that whether this keyboard input information is the log-on message of current application program, if so, then perform step 408, if otherwise perform step 407.Such as, keyboard hook corresponding to data base management system (DBMS) intercepts user by input through keyboard to after the keyboard input information of this data base management system (DBMS), judge that whether this keyboard input information is the log-on message of this data base management system (DBMS), if, perform step 408 to be encrypted this log-on message, if not, then this keyboard input information is issued to corresponding module.
Step 407: this keyboard input information is issued to other modules corresponding in current application program, and terminates current process.
In an embodiment of the invention, after judging that keyboard input information that keyboard hook is intercepted and captured is not the log-on message of the current application program that this keyboard hook is corresponding, by Windows system command code CallNextHookEx (), this keyboard input information is issued to other modules corresponding in current application program, and terminates current process.Such as, what keyboard hook corresponding to data base management system (DBMS) was intercepted and captured is the information upgraded data in this data base management system (DBMS), then by Windows system command code CallNextHookEx (), this Data Update information is issued to module corresponding in this data base management system (DBMS), then terminates current process.
Step 408: this log-on message is encrypted.
In an embodiment of the invention, after judging that keyboard input information that keyboard hook is intercepted and captured is the log-on message of the current application program that this keyboard hook is corresponding, this log-on message is encrypted.Such as, after the log-on message of intercepted data base management system, by the mode of FUZZY MAPPING, this log-on message is carried out FUZZY MAPPING, such as the login password " 123456 " that user inputs is mapped to " abcdef ".
Step 409: the log-on message after encryption is sent to the login module in current application program.
In an embodiment of the invention, after the log-on message encryption of current application program, this encrypted login information is sent to the login module in current application program.Such as, the log-on message of the data base management system (DBMS) through encryption is sent to the login module in this data base management system (DBMS).
Step 410: the login module in current application program logs in after encrypted login decrypts information.
In an embodiment of the invention, login module in current application program, after receiving encrypted login information, according to corresponding decryption method, is decrypted encrypted login information, obtain the true log-on message of user's input, logged in by this true log-on message.Such as, by the FUZZY MAPPING decryption method of correspondence, after the login password " abcdef " of data base management system (DBMS) is reduced into the login password " 123456 " being really, make user's log database management system by this login password.
According to such scheme, a kind of application program log-on message that embodiments of the invention provide prevents the device and method stolen, and at least has following beneficial effect:
1, in the embodiment of the present invention, every the interval time that one presets, reinstall again after keyboard hook being unloaded by execution module, ensure that this keyboard hook is last installation, based on the hook that Windows system is created by last in first out LIFO leading subscriber, thus make this keyboard hook intercept and capture the keyboard input information being directed to current application program at first, after this keyboard hook intercepts and captures keyboard input information, the keyboard input information of intercepting and capturing is sent to filtering module, the log-on message of current application program is filtered out in filtering module information entered from the keyboard, and this log-on message is sent to the login module in current application program, and then application program completes login, by constantly unloading and reinstalling keyboard hook, ensure that keyboard hook is last installation, thus intercepted and captured before other application programs obtain keyboard input information, other rogue programs are avoided to get application program log-on message, thus improve the security of application program log-on message.
2, in the embodiment of the present invention, all realize in the aspect of application program corresponding to the execution module of application program, keyboard hook and filtering module, system kernel is not modified, thus avoid because of system version problem, after modifying to kernel, causing computing machine to occur, the situation of blue screen occurs, ensure that the normal operation of computing machine, thus improve the stability of computing machine.
3, in the embodiment of the present invention, can when creating keyboard hook, or when reinstalling keyboard hook at every turn, keyboard hook is set to the partial keyboard hook of corresponding thread, based on the disposal route of Windows system to local hook and global hook, partial keyboard hook can have precedence over global hook and obtain keyboard input information, provide a kind of mechanism of redundancy, ensure user create keyboard hook can at first result user by the information of input through keyboard, thus avoid other rogue programs to obtain the log-on message of application program, the security of further raising application program log-on message.
4, in the embodiment of the present invention, after keyboard hook intercepts the log-on message of application program, first log-on message is encrypted, then the log-on message after encryption is sent to the login module in application program, like this, log-on message is being sent in the process of application program, even if other rogue programs have intercepted and captured this log-on message, but owing to not knowing the clear crytpographic key of this log-on message, also cannot obtain definite log-on message, thus further increase the security of application program log-on message.
5, in the embodiment of the present invention, after keyboard hook intercepts keyboard input information, first the information intercepted and captured is filtered, filter out the log-on message of application program, send to the login module in application program after this log-on message being encrypted, for other keyboard input informations not being log-on message, be issued to other modules corresponding in application program, ensure that user's other orders to this application program are properly implemented, also can ensure the performance of computing machine simultaneously.
It should be noted that, in this article, the relational terms of such as first and second and so on is only used for an entity or operation to separate with another entity or operational zone, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other same factor.
One of ordinary skill in the art will appreciate that: all or part of step realizing said method embodiment can have been come by the hardware that programmed instruction is relevant, aforesaid program can be stored in the storage medium of embodied on computer readable, this program, when performing, performs the step comprising said method embodiment; And aforesaid storage medium comprises: ROM, RAM, magnetic disc or CD etc. various can be program code stored medium in.
Finally it should be noted that: the foregoing is only preferred embodiment of the present invention, only for illustration of technical scheme of the present invention, be not intended to limit protection scope of the present invention.All any amendments done within the spirit and principles in the present invention, equivalent replacement, improvement etc., be all included in protection scope of the present invention.
Claims (10)
1. application program log-on message prevents it is characterized in that the device stolen, be applied to and comprise in the computing machine of keyboard, comprising: the execution module of corresponding and same current application program, keyboard hook and filtering module;
Described execution module, for the interval time preset every one, unloads described keyboard hook and reinstalls;
Described keyboard hook, for intercepting and capturing the keyboard input information being directed to described current application program, and sends to described filtering module by described keyboard input information;
Described filtering module, for judging that whether keyboard input information that described keyboard hook sends is the log-on message of described current application program, if so, sends to the login module in described current application program by described log-on message.
2. device according to claim 1, is characterized in that, any one or more in described execution module, keyboard hook and filtering module are positioned at application.
3. device according to claim 1, is characterized in that, comprises further: arrange module;
Described module is set, for passing through Windows system command code GetCurrentThreadId (), obtain the ID of current thread corresponding to described current application program, and according to the ID of described current thread, described keyboard hook is set to the partial keyboard hook of described current thread.
4. device according to claim 1, is characterized in that, comprises further: encrypting module;
Described encrypting module, before described log-on message being sent to the login module in described current application program at described filtering module, described log-on message is encrypted, and the described log-on message after encryption is sent to the login module in described current application program.
5. device according to claim 1, is characterized in that, described execution module comprises: timer, unloading unit and installation unit;
Described timer, for often through a described interval time, sends unloading order to described unloading unit;
Described unloading unit, for receive described timer send unloading order after, by Windows system command code UnHookWindowsHookEx (), described keyboard hook is unloaded;
Described installation unit, for after described keyboard hook has unloaded by described unloading unit, has reinstalled described keyboard hook by Windows system command code SetWindowsHookEx () immediately.
6., according to described device arbitrary in claim 1 to 5, it is characterized in that,
Described filtering module, for according to judged result, by be not the keyboard input information of current application program log-on message by Windows system command code CallNextHookEx (), be issued to other modules corresponding in current application program.
7. application program log-on message prevents it is characterized in that a method of stealing, comprising:
Every the interval time that one presets, unloading keyboard hook is also reinstalled;
Keyboard hook intercepts and captures the keyboard input information being directed to current application program;
Judge whether described keyboard input information is log-on message;
If so, described log-on message is sent to the login module in described current application program.
8. method according to claim 7, it is characterized in that, comprise further: by Windows system command code GetCurrentThreadId (), obtain the ID of current thread corresponding to described current application program, and according to the ID of described current thread, described keyboard hook is set to the partial keyboard hook of described current thread.
9. method according to claim 7, is characterized in that, sends to taking a step forward of the login module in described current application program to comprise described log-on message described:
Described log-on message is encrypted.
10., according to described method arbitrary in claim 7 to 9, it is characterized in that, judge described keyboard input information comprises after whether being log-on message further described:
According to judged result, if described keyboard input information is not log-on message, then this keyboard input information is passed through Windows system command code CallNextHookEx (), be issued to other modules corresponding in current application program.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510438894.7A CN105069351A (en) | 2015-07-23 | 2015-07-23 | Apparatus and method for preventing stealing of login information of application program |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510438894.7A CN105069351A (en) | 2015-07-23 | 2015-07-23 | Apparatus and method for preventing stealing of login information of application program |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105069351A true CN105069351A (en) | 2015-11-18 |
Family
ID=54498714
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510438894.7A Pending CN105069351A (en) | 2015-07-23 | 2015-07-23 | Apparatus and method for preventing stealing of login information of application program |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105069351A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106446678A (en) * | 2016-09-22 | 2017-02-22 | 武汉斗鱼网络科技有限公司 | Method and system for protecting network account based on handle function |
CN106446684A (en) * | 2016-09-22 | 2017-02-22 | 武汉斗鱼网络科技有限公司 | Network account protection method and system based on password control |
CN108345526A (en) * | 2017-12-20 | 2018-07-31 | 北京金山安全管理系统技术有限公司 | Hook processing method and processing device |
CN110688632A (en) * | 2019-09-06 | 2020-01-14 | 中国平安财产保险股份有限公司 | Application program login method, device, equipment and storage medium |
CN111222128A (en) * | 2019-12-31 | 2020-06-02 | 北京握奇数据股份有限公司 | Method and module for safely inputting and checking USBKey PIN code |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101051904A (en) * | 2007-05-17 | 2007-10-10 | 成都金山互动娱乐科技有限公司 | Method for landing by account number cipher for protecting network application sequence |
CN101441689A (en) * | 2007-11-23 | 2009-05-27 | 杨筑平 | Login protection method |
CN101727281A (en) * | 2009-09-04 | 2010-06-09 | 丁贵 | System and method for one-key locking of computer monitor |
JP2010198341A (en) * | 2009-02-25 | 2010-09-09 | Fujitsu Fsas Inc | Authentication processing program and device |
CN102222179A (en) * | 2010-04-13 | 2011-10-19 | 郑勇 | Anti-keylogging technology based on Windows kernel |
US20140196072A1 (en) * | 2013-01-04 | 2014-07-10 | Thomas Aquinas Bagwell | Digital multimedia content integration system claim of benefit to prior application |
CN104573484A (en) * | 2014-12-31 | 2015-04-29 | 上海动联信息技术股份有限公司 | Highly safe password input box |
-
2015
- 2015-07-23 CN CN201510438894.7A patent/CN105069351A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101051904A (en) * | 2007-05-17 | 2007-10-10 | 成都金山互动娱乐科技有限公司 | Method for landing by account number cipher for protecting network application sequence |
CN101441689A (en) * | 2007-11-23 | 2009-05-27 | 杨筑平 | Login protection method |
JP2010198341A (en) * | 2009-02-25 | 2010-09-09 | Fujitsu Fsas Inc | Authentication processing program and device |
CN101727281A (en) * | 2009-09-04 | 2010-06-09 | 丁贵 | System and method for one-key locking of computer monitor |
CN102222179A (en) * | 2010-04-13 | 2011-10-19 | 郑勇 | Anti-keylogging technology based on Windows kernel |
US20140196072A1 (en) * | 2013-01-04 | 2014-07-10 | Thomas Aquinas Bagwell | Digital multimedia content integration system claim of benefit to prior application |
CN104573484A (en) * | 2014-12-31 | 2015-04-29 | 上海动联信息技术股份有限公司 | Highly safe password input box |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106446678A (en) * | 2016-09-22 | 2017-02-22 | 武汉斗鱼网络科技有限公司 | Method and system for protecting network account based on handle function |
CN106446684A (en) * | 2016-09-22 | 2017-02-22 | 武汉斗鱼网络科技有限公司 | Network account protection method and system based on password control |
CN108345526A (en) * | 2017-12-20 | 2018-07-31 | 北京金山安全管理系统技术有限公司 | Hook processing method and processing device |
CN110688632A (en) * | 2019-09-06 | 2020-01-14 | 中国平安财产保险股份有限公司 | Application program login method, device, equipment and storage medium |
CN111222128A (en) * | 2019-12-31 | 2020-06-02 | 北京握奇数据股份有限公司 | Method and module for safely inputting and checking USBKey PIN code |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105069351A (en) | Apparatus and method for preventing stealing of login information of application program | |
CN111082940B (en) | Internet of things equipment control method and device, computing equipment and storage medium | |
US20070101432A1 (en) | Risk driven compliance management | |
CN105303073B (en) | Software code guard method | |
US20150295714A1 (en) | Data security verification method and device | |
CN107483495B (en) | Big data cluster host management method, management system and server | |
CN103413083A (en) | Security defending system for single host | |
CN112417391B (en) | Information data security processing method, device, equipment and storage medium | |
CN110891062A (en) | Password changing method, server and storage medium | |
CN116760740A (en) | Intelligent embedded monitoring system in Internet of things equipment | |
CN106506471A (en) | Application control method and device | |
CN104581008A (en) | Information security protection system and method for video monitoring system | |
CN104573530A (en) | Server safety reinforcing system | |
CN104135483A (en) | Automatic configuration management system for network security | |
CN107231245B (en) | Method and device for reporting monitoring log, and method and device for processing monitoring log | |
CN115310078A (en) | Industrial production line auditing system and application method | |
CN111628863A (en) | Data signature method and device, electronic equipment and storage medium | |
CN114553571A (en) | Server management method and device, electronic equipment and storage medium | |
WO2019144936A1 (en) | Method for realizing remote network locking and unlocking of mobile terminal based on android system | |
CN106303371A (en) | Take pictures monitoring system, method and mobile terminal | |
US20230224335A1 (en) | Integrated control frameworks | |
CN114844676B (en) | Emergency handling system and method for network security threat of power monitoring system | |
CN114189515B (en) | SGX-based server cluster log acquisition method and device | |
CN103188266B (en) | A kind of address assignment based on ezvpn reclaims dynamic control method and system | |
CN100590569C (en) | Computer I/O port control program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20151118 |
|
WD01 | Invention patent application deemed withdrawn after publication |