CN110032838B - Script file reinforcement method, device and equipment - Google Patents
Script file reinforcement method, device and equipment Download PDFInfo
- Publication number
- CN110032838B CN110032838B CN201910216723.8A CN201910216723A CN110032838B CN 110032838 B CN110032838 B CN 110032838B CN 201910216723 A CN201910216723 A CN 201910216723A CN 110032838 B CN110032838 B CN 110032838B
- Authority
- CN
- China
- Prior art keywords
- instruction
- function data
- script file
- virtual
- constant
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000002787 reinforcement Effects 0.000 title claims abstract description 71
- 238000000034 method Methods 0.000 title claims abstract description 67
- 238000006243 chemical reaction Methods 0.000 claims abstract description 69
- 238000004458 analytical method Methods 0.000 claims abstract description 53
- 238000012545 processing Methods 0.000 claims abstract description 48
- 230000006870 function Effects 0.000 claims description 212
- 230000003014 reinforcing effect Effects 0.000 claims description 18
- 238000007596 consolidation process Methods 0.000 description 23
- 230000008569 process Effects 0.000 description 14
- 238000010586 diagram Methods 0.000 description 7
- 238000005728 strengthening Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Stored Programmes (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
The invention discloses a script file reinforcement method, which comprises the following steps: analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data; performing instruction conversion reinforcement processing on an execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant; coding the virtual instruction to be coded based on the analysis constant to obtain a virtual instruction; acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction; and generating a hardened script file based on the conversion constant, the virtual instruction and the virtual environment switching instruction. By utilizing the technical scheme provided by the invention, the reinforcement of the script file of the application program can be realized, and the safety of the application program is improved.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method, an apparatus, and a device for reinforcing a script file.
Background
Script files are executable files written in a certain format using a specific descriptive language, which are typically temporarily called and executed by an application. The grammar of the script file is relatively simple and easy to grasp, and the script file is closely related to the application program, including the functions of the application program, so that the script file is widely applied to webpage design, game development and the like, but some crackers crack a popular mobile game client through illegal means, acquire source codes, configuration files, pictures and other resources of important script files and the like, develop the village mobile game according to the source codes, the configuration files, the pictures and the like, or crack the script files to plug in the game.
In the prior art, a method generally adopted for encrypting a script file is to change the order of opcodes (operation codes) in source codes of the script file, so that the codes of byte codes in the generated file are inconsistent with the source codes, and the file generated by the existing decompiler cannot be decompiled. However, a cracking person can easily obtain the correct sequence of the opcodes in a reverse analysis mode, and then the decompiler can normally translate by slightly modifying the opcodes, so that the existing method for protecting the script file by modifying the opcodes has lower safety, and the script file cannot be effectively protected.
Therefore, it is necessary to provide a method for reinforcing a script file, so as to solve the problem that the script file is easy to be decompiled and displayed, and to maximally protect the security of an application program.
Disclosure of Invention
The invention provides a file reinforcement method, a device and equipment, which can realize reinforcement of script files of an application program and improve the safety of the application program.
In one aspect, the present invention provides a method for reinforcing a script file, the method comprising:
analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
performing instruction conversion reinforcement processing on an execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant;
coding the virtual instruction to be coded based on the analysis constant to obtain a virtual instruction;
acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction;
and generating a hardened script file based on the conversion constant, the virtual instruction and the virtual environment switching instruction.
Further, the method further includes, after performing encoding processing on the virtual instruction to be encoded based on the parsing constant to obtain a virtual instruction,:
decoding the virtual instruction to obtain an equivalent operation instruction of the virtual instruction;
acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction;
and generating a reinforced script file based on the conversion constant, the equivalent operation instruction and the virtual environment switching instruction.
Further, the function data corresponding to the script file to be consolidated comprises one or more function data;
when the function data corresponding to the script file to be consolidated includes a plurality of function data, the analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant corresponding to the function data includes:
acquiring nested function data in the script file to be consolidated, wherein the nested function data comprises a plurality of function data with calling relations;
performing recursion analysis processing on the nested function data to obtain function data corresponding to the script file to be consolidated;
and analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant corresponding to the function data.
Further, before the instruction conversion reinforcement processing is performed on the execution instruction corresponding to the function data, the method further includes:
judging whether the function data corresponding to the script file to be reinforced meets the preset reinforcing condition or not;
if yes, executing the step of carrying out instruction conversion reinforcement processing on the execution instruction corresponding to the function data.
Further, before the instruction conversion reinforcement processing is performed on the execution instruction corresponding to the function data, the method further includes:
judging whether function data which meet preset reinforcement conditions exist in function data corresponding to the script file to be reinforced;
if yes, the instruction conversion reinforcement processing on the execution instruction corresponding to the function data comprises the instruction conversion reinforcement processing on the execution instruction corresponding to the function data meeting the preset reinforcement condition.
Further, the generating the consolidated script file based on the conversion constant, the virtual instruction, and the virtual environment switching instruction includes:
generating a function body based on the conversion constant, the virtual instruction, and the virtual environment switching instruction;
and generating a reinforced script file based on the function body and the file header before reinforcement.
Further, the method further comprises:
storing the parsing constant and the conversion constant in a constant list;
and recording the position information of the analysis constant in the constant list and the position information of the conversion constant in the constant list.
Further, the encoding the virtual instruction to be encoded based on the parsing constant includes:
and encoding the position information of the analysis constant in the constant list into the virtual instruction to be encoded to obtain the virtual instruction.
Further, the invention also provides a script file reinforcement device, which comprises:
the analysis processing module is used for analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
the instruction conversion reinforcement processing module is used for carrying out instruction conversion reinforcement processing on the execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant;
the coding processing module is used for coding the virtual instruction to be coded based on the analysis constant to obtain a virtual instruction;
the virtual environment switching instruction acquisition module is used for acquiring the virtual environment switching instruction, and the virtual environment switching instruction is used for executing the virtual instruction;
and the generation module is used for generating a reinforced script file based on the conversion constant, the virtual instruction and the virtual environment switching instruction.
Furthermore, the invention also provides script file reinforcement equipment, which comprises a processor and a memory, wherein at least one instruction, at least one section of program, a code set or an instruction set is stored in the memory, and the at least one instruction, the at least one section of program, the code set or the instruction set is loaded and executed by the processor to realize the script file reinforcement method.
The method, the device and the equipment for reinforcing the script file have the following technical effects:
the invention can realize reinforcement of script files of application programs, avoid decompilation of the existing reverse tool, increase the difficulty of decompilation, thus can greatly improve the security of the file, and the invention does not change the source code program of the file, can keep good compatibility with other protection schemes.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of a method for reinforcing script files according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of analyzing function data corresponding to a script file to be consolidated according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a structure of nested function data with a tree structure according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of recursive analysis of nested function data in a tree structure according to an embodiment of the present invention;
FIG. 5 is a flowchart of an implementation of generating a hardened script file based on a transition constant, a virtual instruction, and a virtual environment switching instruction according to an embodiment of the present invention;
FIG. 6 is a diagram illustrating the structure of a context structure required for executing virtual instructions according to an embodiment of the present invention;
FIG. 7 is a flowchart illustrating another method for strengthening a script file according to an embodiment of the present invention;
FIG. 8 is a flowchart illustrating another method for strengthening a script file according to an embodiment of the present invention;
FIG. 9 is a flowchart of another method for reinforcing script files according to an embodiment of the present invention;
fig. 10 is a schematic diagram of a script file reinforcement device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or server that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The following describes the implementation process of document reinforcement specifically, as shown in fig. 1, fig. 1 is a schematic flow chart of a document reinforcement method according to an embodiment of the present invention, where the present specification provides the method operation steps described in the examples or the flowcharts, but may include more or fewer operation steps based on conventional or non-creative labor. The order of steps recited in the embodiments is merely one way of performing the order of steps and does not represent a unique order of execution. When implemented in a real system or server product, the methods illustrated in the embodiments or figures may be performed sequentially or in parallel (e.g., in a parallel processor or multithreaded environment). Specifically, the method may include:
s102, analyzing function data corresponding to a script file to be reinforced to obtain an execution instruction and an analysis constant of the function data;
in this embodiment of the present disclosure, the script file to be consolidated may include a script file that needs to be consolidated, and the reinforcement processing of the script file may prevent the script file from being decrypted. Specifically, the script file to be consolidated may include one or more script files.
In one implementation manner, the script file to be consolidated may include, but is not limited to, an luac file, where the luac file is a file that is compiled by lua source code and contains lua bytecode and is executable on a lua virtual machine.
In some embodiments, the function data corresponding to the script file to be consolidated includes one or more function data, and when the function data corresponding to the script file to be consolidated includes a plurality of function data, a nested relationship exists between the plurality of function data, and the nested function data may include a plurality of function data having a calling relationship.
The nested function data may include a plurality of function data having a calling relationship.
In some embodiments, as shown in fig. 2, when the function data corresponding to the script file to be consolidated includes a plurality of function data, the parsing processing of the function data corresponding to the script file to be consolidated may be specifically implemented by the following steps:
s1022: and acquiring nested function data in the script file to be consolidated.
In this embodiment of the present disclosure, as shown in fig. 3, fig. 3 is a schematic diagram of nested function data with a tree structure according to an embodiment of the present disclosure.
Specifically, the script file to be consolidated needs to be analyzed to obtain corresponding function data. In one implementation manner, the script file to be consolidated may be a luac file, where the luac file includes a Header and a Function Block, where the Header is some description information (such as a version number of a parser, a supported machine type of operation, etc.) of a bytecode file, and the Function Block includes all information of Function data.
It can be understood that after the luac file is parsed, the parsed Function blocks may be one or multiple, and when the parsed Function blocks are multiple, the multiple Function blocks are nested, so as to form the nested Function data of the tree structure shown in fig. 3, specifically, in the tree structure, function Block M may call Function Block a and Function Block B, function Block a may call Function Block A1 and Function Block A2, function Block B may call Function Block B1.1 and Function Block B1.2.
S1024, performing recursion analysis processing on the nested function data to obtain function data corresponding to the script file to be consolidated;
specifically, recursive analysis is performed on the tree structure shown in fig. 3, and the tree structure is traversed to obtain function data corresponding to the script file to be consolidated.
In one implementation manner, as shown in fig. 4, fig. 4 is a schematic diagram of recursive analysis of nested function data with a tree structure according to the present invention. Specifically, the function data can be sequentially analyzed according to the calling relation among the function data, and specifically, the nested function data of the tree structure can be sequentially traversed according to the calling relation among the function data to obtain the function data.
In some embodiments, a function list may be maintained to repair function data obtained by parsing, specifically, function data corresponding to the obtained script file to be consolidated may be sequentially arranged and added to the function list according to the parsing order in the recursion parsing process, or nested function data of each layer may be added to the function list layer by layer according to the number of layers of nested function data.
Further, in other embodiments, when the function data corresponding to the to-be-consolidated script file includes one function data, the function data corresponding to the to-be-consolidated script file is directly analyzed, so as to obtain an execution instruction and an analysis constant corresponding to the function data.
And S1026, analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant corresponding to the function data.
In an implementation manner, the obtained script file to be consolidated is a luac file, and the following information is obtained after analyzing the function data corresponding to the script file to be consolidated:
function block of a Lua 5 binary chunk (storage structure of function body in Lua byte code File)
Therefore, after analyzing the function data corresponding to the script file to be consolidated, an execution instruction corresponding to the function data corresponding to the script file to be consolidated after analyzing the function data corresponding to the script file to be consolidated can be obtained by directly reading list of instructions (code) (instruction list), and after analyzing the function data corresponding to the script file to be consolidated, an analysis constant corresponding to the function data corresponding to the script file to be consolidated after analyzing the function data corresponding to the script file to be consolidated can be obtained by directly reading list of constants (constant list), it can be understood that when the function data corresponding to the script file to be consolidated includes a plurality of function data, the execution instruction and the analysis constant of each function data are obtained by analyzing the plurality of function data one by one.
It can be understood that when the acquired script file to be consolidated includes one script file, the steps are performed on the acquired script file to be consolidated, and when the acquired script file to be consolidated includes a plurality of script files, the steps are performed one by one on the script file to be consolidated.
S104, performing instruction conversion reinforcement processing on the execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant;
in this embodiment of the present disclosure, the executing instruction generates a conversion constant and a virtual instruction to be encoded in the process of instruction conversion reinforcement processing, where the instruction to be encoded is an instruction that has not referenced a constant yet, and the conversion constant after being generated is also stored in the constant list (list of constants) shown after the function data corresponding to the script file to be reinforced is parsed; it can be understood that the execution instruction corresponds to the virtual instruction to be encoded generated after the conversion reinforcement processing one by one, that is, the execution instruction is translated one by one, so that the virtual instruction to be encoded corresponding to each execution instruction can be obtained.
Further, after the conversion constant and the analysis instruction are stored in the constant list (list of constants) shown after the function data corresponding to the script file to be consolidated is analyzed, the position information of the analysis constant in the constant list and the position information of the conversion constant in the constant list may be recorded, so as to identify the conversion constant and the position of the analysis constant in the constant list.
S106, coding the virtual instruction to be coded based on the analysis constant to obtain a virtual instruction;
in one implementation, the virtual instructions may be, but are not limited to, instructions defined for a virtual machine built on top of the lua virtual machine.
Further, in an implementation manner, the encoding processing is performed on the virtual instruction to be encoded based on the parsing constant, and the obtaining of the virtual instruction may be implemented by the following steps:
and encoding the position information of the analysis constant in the constant list to the virtual instruction to be encoded to obtain the virtual instruction.
Specifically, when a virtual instruction is generated, the virtual instruction may refer to one or more parsing constants, and in a specific implementation process, after the parsing constants are generated, the parsing constants are stored in a constant list (list of constants) obtained by parsing function data corresponding to the script file to be consolidated, and the positions of the parsing constants in the constant list are recorded, so that when the position information of the parsing constants in the constant list is already determined, the position information of the required parsing constants is encoded into the virtual instruction to be generated according to the functional requirement of the virtual instruction to be generated, and the virtual instruction based on the parsing constants can be obtained.
It can be understood that the structure of the virtual instruction is arbitrarily defined, but the generated virtual instruction needs to complete the same function as the execution instruction, that is, the virtual instruction needs to be equivalently replaced after the execution instruction is converted, so in the process of converting the execution instruction parsed by the function data corresponding to the original script file to be consolidated into the virtual instruction, the parsing constant corresponding to the function data corresponding to the original script file to be consolidated needs to be encoded into the virtual instruction according to the functional requirement of the virtual instruction.
In one implementation scheme, it is assumed that the function data corresponding to the script file to be consolidated resolves the following execution instruction:
LOADK ABx R(A):=Kst(Bx)
Loads constant number Bx into register R(A).Constants are usually
numbers or strings.Each function has its own constant list,or pool.
the meaning of the execution instruction is as follows: the constant Bx is loaded into the register R (a), the constant Bx can be a number or a character string, the function data is provided with a constant list, and the constant corresponding to the function data can be obtained from the constant list according to the position information of the constant in the virtual instruction.
In the process of converting the execution instruction into the virtual instruction, the obtained virtual instruction needs to complete the same function of the execution instruction, so that although the virtual instruction can be arbitrarily defined, codes a and Bx in the execution instruction need to be encoded into the virtual instruction to be encoded to obtain a final virtual instruction, specifically, the encoding rule can be arbitrarily set, and an encoding method example is given herein:
the final virtual instruction length is designed to be 32 bits, wherein 6 bits are used for representing the instruction type, 9 bits are used for storing A, the rest 17 bits are used for storing Bx, and the encoding result is as follows
It will be appreciated that the above-described transformation reinforcement process translates into a functionally equivalent, but difficult to read and understand form of behavior. Therefore, the custom reinforcement of the script file can be realized under the condition of not changing the source code and the original function, and the safety of the program is improved.
S108, acquiring a virtual environment switching instruction.
In the embodiment of the specification, the virtual environment switching instruction may be used to create a virtual environment for executing a virtual instruction, so as to execute the virtual instruction.
S110, generating a reinforced script file based on the conversion constant, the virtual instruction and the virtual environment switching instruction.
In one implementation manner, as shown in fig. 5, the generation of the hardened script file based on the conversion constant, the virtual instruction, and the virtual environment switching instruction may be implemented by the following steps:
s1102, generating a function body based on the conversion constant, the virtual instruction and the virtual environment switching instruction;
it will be understood that, in this specification, in order to execute the virtual instruction after conversion, a virtual environment switching instruction needs to be inserted in front of the formed function body, and preferably, in one implementation manner, when the script file to be consolidated is a luac file, the virtual environment switching instruction may be code as follows:
by the above-described segment of the instruction, a context structure required for executing the virtual instruction shown in fig. 6 is created, and as shown in fig. 6, information required for running the virtual machine is stored in the structure shown in fig. 6. A step of
It will be appreciated that the virtual environment switch instruction creates the context structure (vmcontext) required to execute the virtual instruction shown in fig. 6 and saves registers, constants, of the real environment to implement the execution loop of the virtual instruction.
S1104, generating a script file after reinforcement based on the function body and the file header before reinforcement.
Specifically, the function body generated in the steps and the file header before reinforcement are assembled again to obtain the script file after reinforcement.
The invention can avoid decompilation of the existing reverse tool, increase the difficulty of decompilation, thus can greatly improve the security of the file, and the invention does not change the source code program of the file, script file after the invention consolidates can run normally on the original virtual machine, can keep good compatibility with other protective schemes.
In another implementation manner, as shown in fig. 7, fig. 7 is a flow chart of another method for reinforcing a script file, where the method for reinforcing a script file includes:
s202, analyzing function data corresponding to a script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
specifically, please refer to the related descriptions of the above embodiments for the specific explanation of step S202, which is not repeated here.
S204, judging whether function data corresponding to the script file to be reinforced meets preset reinforcing conditions or not;
if it is determined that the function data corresponding to the script file to be consolidated meets the preset consolidation condition, step S206 is executed, and if it is determined that the function data corresponding to the script file to be consolidated does not meet the preset consolidation condition, the consolidation process of the script file to be consolidated is ended.
In one embodiment, the preset reinforcement condition may be, but is not limited to, a reinforcement condition customized according to a user's needs. For example, it may be defined that some of the missing function data is not consolidated: specifically, the file reinforcement process of the invention can cause a certain code volume expansion and performance loss, and in order to balance the security and performance loss, a user selects some unimportant function data to not carry out reinforcement processing, so that the security of the reinforcement process can be effectively balanced, and the loss of the code performance can be avoided.
In another embodiment, it may be provided that the closure instruction is not consolidated. Specifically, the executing instruction scanned in the executing instruction list may be judged, whether the executing instruction is a closure instruction is judged, if the executing instruction is a closure instruction, it is indicated that the executing instruction does not support reinforcement temporarily, the reinforcement process of the script file to be reinforced is ended, and if the executing instruction is not a closure instruction, the step S206 is continued.
It can be understood that in the step S204, the following cases exist for judging whether the function data corresponding to the script file to be consolidated satisfies the preset consolidation condition:
when the function data corresponding to the script file to be consolidated is one, if the function data is judged to meet the consolidation condition, executing the step S206, and if the function data is judged not to meet the consolidation condition, ending the consolidation process of the script file to be consolidated;
when the function data corresponding to the script file to be consolidated is multiple, it is required to sequentially determine whether the multiple function data all meet the consolidation condition, and if the multiple function data all meet the consolidation condition, executing step S206, otherwise, ending the consolidation process of the script file to be consolidated.
S206, performing instruction conversion reinforcement processing on the execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant;
s208, coding the virtual instruction to be coded based on the analysis constant to obtain a virtual instruction;
s210, acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction;
s212, generating a reinforced script file based on the analysis constant, the conversion constant, the virtual instruction and the virtual environment switching instruction.
Specifically, the specific explanation of steps S206-S212 is referred to the related descriptions in the above embodiments, and will not be repeated here.
Further, the function data corresponding to the script file to be consolidated comprises one or more function data;
in another implementation manner, when the function data corresponding to the script file to be consolidated includes a plurality of function data, as shown in fig. 8, fig. 8 is a flow chart of another script file consolidation method provided in an embodiment of the present invention, where the script file consolidation method includes:
s302, analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
s304, judging whether function data corresponding to the script file to be reinforced has function data meeting preset reinforcing conditions;
if it is determined that the function data corresponding to the script file to be consolidated has function data that satisfies the preset consolidation condition, step S306 is executed, and if it is determined that the function data corresponding to the script file to be consolidated does not have function data that satisfies the preset consolidation condition, the consolidation process of the script file to be consolidated is ended.
Specifically, in this embodiment, the script file to be consolidated corresponds to a plurality of function data, but unlike the above embodiment, in this embodiment, whether the plurality of function data satisfy the preset consolidation condition is sequentially determined, and step S306 is performed on the function data satisfying the preset consolidation condition. For example, in this embodiment, the script file to be consolidated includes 4 pieces of function data f1, f2, f3 and f4, whether the four pieces of function data satisfy the preset consolidation condition is sequentially determined, when the function data being determined satisfies the preset consolidation condition, step S306 is directly performed on the function data, the subsequent piece of function data is sequentially determined again, and obviously, the manner of determining while determining is only a preferred manner, in other embodiments, after all the functions corresponding to the script file to be consolidated are determined, the function data satisfying the preset consolidation condition may be sequentially arranged, and then step S306 is sequentially performed on the function data satisfying the preset consolidation condition.
S306, performing instruction conversion reinforcement processing on the execution instruction corresponding to the function data meeting the preset reinforcement condition to obtain a virtual instruction to be encoded and a conversion constant.
S308, coding the virtual instruction to be coded based on the analysis constant to obtain a virtual instruction;
s310, acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction;
s312, generating a reinforced script file based on the analysis constant, the conversion constant, the virtual instruction and the virtual environment switching instruction.
It should be understood that, in this embodiment, reference is made to the specific description of the above embodiment where it is not noted, and the details are not repeated here.
Further, in another implementation manner, as shown in fig. 9, fig. 9 is a schematic flow chart of another method for strengthening a script file according to an embodiment of the present invention, (fig. 9 edits a schematic flow chart of the method for strengthening a script file shown in fig. 1), the method for strengthening a script file further includes, after the step of obtaining a virtual instruction by performing encoding processing on the virtual instruction to be encoded based on the parsing constant shown in the above embodiment:
s108': decoding the virtual instruction to obtain an equivalent operation instruction of the virtual instruction;
in one embodiment, in order to execute the obtained virtual instruction, the virtual instruction may be directly decoded, and the following steps may be referred to for specific execution:
1) Analyzing the virtual instruction to obtain an A, bx value;
2) Fetching the value of subscript Bx from the constant list stored in vmcontext in fig. 6;
3) And saving the value obtained in the second step to a position marked as A in a register list in vmcontext.
Equivalent pseudocode is obtained:
loadk 3,0
val=vmcontext[‘contexts’][Bx]
vmcontext[‘registers’][A]=val
it can be understood that in the execution cycle of the virtual instruction, the above-described parsed pseudo code is used to replace the original loadk a Bx instruction, and the acquired execution instruction does not need to be stored in a register, so that the storage and the value of the virtual instruction and the cost of parsing the instruction can be saved. Thus, in an implementation, the virtual instructions are not stored in the script file after the consolidation, but only exist during the consolidation process.
Further, as shown in fig. 10, fig. 10 is a schematic structural diagram of a script file reinforcement device according to an embodiment of the present invention, and specifically, the device includes:
the analysis processing module is used for carrying out analysis processing on the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
the instruction conversion reinforcement processing module is used for carrying out instruction conversion reinforcement processing on the execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant;
the coding processing module is used for coding the virtual instruction to be coded based on the conversion constant and the analysis constant to obtain a virtual instruction;
the virtual environment switching instruction acquisition module is used for acquiring the virtual environment switching instruction, and the virtual environment switching instruction is used for executing the virtual instruction;
and the generation module is used for generating a reinforced script file based on the analysis constant, the conversion constant, the virtual instruction and the virtual environment switching instruction.
Further, the script file reinforcing device further comprises:
the decoding module is used for decoding the virtual instruction to obtain an equivalent operation instruction of the virtual instruction;
the generation module is further configured to generate a hardened script file based on the conversion constant, the equivalent operation instruction, and the virtual instruction switching instruction.
Preferably, the parsing module includes:
the nested function data acquisition unit is used for acquiring nested function data in the script file to be consolidated when the function data corresponding to the script file to be consolidated comprises a plurality of function data, wherein the nested function data comprises a plurality of function data with calling relations;
the recursion analysis processing unit is used for recursion analysis processing of the plurality of function data with the calling relation to obtain function data corresponding to the script file to be consolidated;
and the function data analysis processing unit is used for analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant corresponding to the function data.
Further, the device further comprises:
the first judging module is used for judging whether the function data corresponding to the script file to be reinforced meets the preset reinforcing condition or not before the instruction conversion reinforcing processing is carried out on the execution instruction corresponding to the function data.
Further, the device further comprises:
and the second judging module is used for judging whether the function data corresponding to the script file to be reinforced has the function data meeting the preset reinforcing condition before the instruction conversion reinforcing processing is carried out on the execution instruction corresponding to the function data.
Further, the generating module includes:
a function body generating unit configured to generate a function body based on the parsing constant, the conversion constant, and the virtual instruction;
the file header determining unit is used for taking the virtual environment switching instruction as a file header;
and the generating unit is used for generating the reinforced script file based on the function body and the file header.
Further, the device further comprises:
a storage module for storing the parsing constant and the conversion constant in a constant list;
and the position information recording module is used for recording the bit information of the analysis constant in the constant list and the position information of the conversion constant in the constant list.
Further, the encoding processing module includes:
and the encoding unit is used for encoding the position information of the analysis constant in the constant list to the virtual instruction to be encoded to obtain the virtual instruction.
The device and method embodiments in the device embodiments described are based on the same inventive concept.
Further, in another implementation manner, the embodiment of the present invention further provides a file reinforcement device, where the device includes a processor and a memory, where at least one instruction, at least one program, a code set, or an instruction set is stored in the memory, and the at least one instruction, the at least one program, the code set, or the instruction set is loaded and executed by the processor to implement the file reinforcement method described above
It should be noted that: the sequence of the embodiments of the present invention is only for description, and does not represent the advantages and disadvantages of the embodiments. And the foregoing description has been directed to specific embodiments of this specification. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for apparatus, system and server embodiments, the description is relatively simple, as it is substantially similar to method embodiments, with reference to the description of method embodiments in part.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program for instructing relevant hardware, where the program may be stored in a computer readable storage medium, and the storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The foregoing description of the preferred embodiments of the invention is not intended to limit the invention to the precise form disclosed, and any such modifications, equivalents, and alternatives falling within the spirit and scope of the invention are intended to be included within the scope of the invention.
Claims (10)
1. A script file reinforcement method, the method comprising:
analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
performing instruction conversion reinforcement processing on an execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant; the virtual instruction to be encoded is an instruction which has equivalent functions with the execution instruction, is more complex in form than the execution instruction and does not refer to constants, and the conversion constants are constants stored in a constant list obtained by analyzing function data corresponding to the script file to be consolidated;
coding the position information of the analysis constant in the constant list to the virtual instruction to be coded to obtain a virtual instruction;
acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction;
and generating a hardened script file based on the conversion constant, the virtual instruction and the virtual environment switching instruction.
2. The script file reinforcement method according to claim 1, wherein after the encoding processing is performed on the virtual instruction to be encoded based on the parsing constant to obtain a virtual instruction, the method further comprises:
decoding the virtual instruction to obtain an equivalent operation instruction of the virtual instruction;
acquiring a virtual environment switching instruction, wherein the virtual environment switching instruction is used for executing the virtual instruction;
and generating a reinforced script file based on the conversion constant, the equivalent operation instruction and the virtual environment switching instruction.
3. The script file reinforcement method according to claim 1 or 2, wherein the function data corresponding to the script file to be reinforced includes one or more function data;
when the function data corresponding to the script file to be consolidated includes a plurality of function data, the analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant corresponding to the function data includes:
acquiring nested function data in the script file to be consolidated, wherein the nested function data comprises a plurality of function data with calling relations;
performing recursion analysis processing on the nested function data to obtain function data corresponding to the script file to be consolidated;
and analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant corresponding to the function data.
4. The script file reinforcement method according to claim 2, wherein before the instruction conversion reinforcement processing is performed on the execution instruction corresponding to the function data, the method further comprises:
judging whether the function data corresponding to the script file to be reinforced meets the preset reinforcing condition or not;
if yes, executing the step of carrying out instruction conversion reinforcement processing on the execution instruction corresponding to the function data.
5. The script file reinforcement method according to claim 2, wherein before the instruction conversion reinforcement processing is performed on the execution instruction corresponding to the function data, the method further comprises:
judging whether function data which meet preset reinforcement conditions exist in function data corresponding to the script file to be reinforced;
if yes, the instruction conversion reinforcement processing on the execution instruction corresponding to the function data comprises the instruction conversion reinforcement processing on the execution instruction corresponding to the function data meeting the preset reinforcement condition.
6. The script file reinforcement method of claim 1, wherein the generating the reinforced script file based on the conversion constant, the virtual instruction, and the virtual environment switching instruction comprises:
generating a function body based on the conversion constant, the virtual instruction, and the virtual environment switching instruction;
and generating a reinforced script file based on the function body and the file header before reinforcement.
7. The script file reinforcement method of claim 1, wherein the method further comprises:
storing the parsing constant and the conversion constant in a constant list;
and recording the position information of the analysis constant in the constant list and the position information of the conversion constant in the constant list.
8. The script file reinforcement method of claim 7, wherein the encoding the virtual instruction to be encoded based on the parsing constant includes:
and encoding the position information of the analysis constant in the constant list into the virtual instruction to be encoded to obtain the virtual instruction.
9. A script file reinforcing apparatus, the apparatus comprising:
the analysis processing module is used for analyzing the function data corresponding to the script file to be consolidated to obtain an execution instruction and an analysis constant of the function data;
the instruction conversion reinforcement processing module is used for carrying out instruction conversion reinforcement processing on the execution instruction corresponding to the function data to obtain a virtual instruction to be encoded and a conversion constant; the virtual instruction to be encoded is an instruction which has equivalent functions with the execution instruction, is more complex in form than the execution instruction and does not refer to constants, and the conversion constants are constants stored in a constant list obtained by analyzing function data corresponding to the script file to be consolidated;
the coding processing module is used for coding the position information of the analysis constant in the constant list to the virtual instruction to be coded to obtain a virtual instruction;
the virtual environment switching instruction acquisition module is used for acquiring the virtual environment switching instruction, and the virtual environment switching instruction is used for executing the virtual instruction;
and the generation module is used for generating a reinforced script file based on the conversion constant, the virtual instruction and the virtual environment switching instruction.
10. A script file reinforcement device comprising a processor and a memory, wherein the memory stores at least one instruction, at least one program, set of codes, or set of instructions, the at least one instruction, the at least one program, set of codes, or set of instructions being loaded and executed by the processor to implement the script file reinforcement method of any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910216723.8A CN110032838B (en) | 2019-03-21 | 2019-03-21 | Script file reinforcement method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910216723.8A CN110032838B (en) | 2019-03-21 | 2019-03-21 | Script file reinforcement method, device and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110032838A CN110032838A (en) | 2019-07-19 |
| CN110032838B true CN110032838B (en) | 2023-05-12 |
Family
ID=67236462
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910216723.8A Active CN110032838B (en) | 2019-03-21 | 2019-03-21 | Script file reinforcement method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110032838B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10783082B2 (en) | 2019-08-30 | 2020-09-22 | Alibaba Group Holding Limited | Deploying a smart contract |
| CN110675256B (en) * | 2019-08-30 | 2020-08-21 | 阿里巴巴集团控股有限公司 | Method and device for deploying and executing intelligent contracts |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016139078A1 (en) * | 2015-03-02 | 2016-09-09 | Inventio Ag | Protecting a computer program against reverse engineering |
| CN106503496A (en) * | 2016-12-08 | 2017-03-15 | 合肥康捷信息科技有限公司 | Replaced and the Python shell script anti-reversal methods for merging based on operation code |
| CN107729725A (en) * | 2017-10-09 | 2018-02-23 | 南京南瑞集团公司 | A kind of Android applications hardened system and method based on virtual machine instructions modification |
| CN108829396A (en) * | 2018-06-15 | 2018-11-16 | 腾讯科技(深圳)有限公司 | Method, the method for script execution, relevant apparatus and the system of script compiling |
| CN109189470A (en) * | 2018-08-21 | 2019-01-11 | 北京奇虎科技有限公司 | Code reinforcement means and device |
| CN109344575A (en) * | 2018-08-17 | 2019-02-15 | 北京奇虎科技有限公司 | Lua script file processing method, device and calculating equipment |
-
2019
- 2019-03-21 CN CN201910216723.8A patent/CN110032838B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016139078A1 (en) * | 2015-03-02 | 2016-09-09 | Inventio Ag | Protecting a computer program against reverse engineering |
| CN106503496A (en) * | 2016-12-08 | 2017-03-15 | 合肥康捷信息科技有限公司 | Replaced and the Python shell script anti-reversal methods for merging based on operation code |
| CN107729725A (en) * | 2017-10-09 | 2018-02-23 | 南京南瑞集团公司 | A kind of Android applications hardened system and method based on virtual machine instructions modification |
| CN108829396A (en) * | 2018-06-15 | 2018-11-16 | 腾讯科技(深圳)有限公司 | Method, the method for script execution, relevant apparatus and the system of script compiling |
| CN109344575A (en) * | 2018-08-17 | 2019-02-15 | 北京奇虎科技有限公司 | Lua script file processing method, device and calculating equipment |
| CN109189470A (en) * | 2018-08-21 | 2019-01-11 | 北京奇虎科技有限公司 | Code reinforcement means and device |
Non-Patent Citations (2)
| Title |
|---|
| Handler混淆增强的虚拟机保护方法;谢鑫等;《计算机工程与应用》;20150521(第15期);全文 * |
| 基于操作码合并的Python程序防逆转算法;王小强等;《计算机工程》;20180515(第05期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110032838A (en) | 2019-07-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10409966B2 (en) | Optimizing and protecting software | |
| TWI730654B (en) | Method and device for deploying and executing smart contract | |
| CN108681457B (en) | Android application program protection method based on code sinking and residual code interpretation | |
| CN109948308A (en) | Code security guard method, device, electronic equipment and computer readable storage medium | |
| CN101084478B (en) | Watermarking computer program code | |
| CN110032838B (en) | Script file reinforcement method, device and equipment | |
| KR101861341B1 (en) | Deobfuscation apparatus of application code and method of deobfuscating application code using the same | |
| CN112214736A (en) | Code encryption method and related assembly | |
| JP6162733B2 (en) | Expression transformation in a computer environment | |
| CN111045792A (en) | Method and device for caching and executing intelligent contracts | |
| KR102176742B1 (en) | Method of call graph extraction in android apps, recording medium and apparatus for performing the method | |
| WO2021175053A1 (en) | Method and apparatus for executing functional module in virtual machine | |
| CN112115427A (en) | Code obfuscation method, device, electronic device and storage medium | |
| CN111723345A (en) | Callback function-based control flow obfuscation method and system | |
| CN110119601A (en) | Program reinforcement means and device based on application program installation kit | |
| JP2004062220A (en) | Information processor, method of processing information, and program converter | |
| JP2008226010A (en) | Compile method and compile device | |
| CN105095698A (en) | Program code obfuscation based upon recently executed program code | |
| US20030204638A1 (en) | Scripting language for processing typed structured data | |
| JP5277825B2 (en) | Program obfuscation device and obfuscation program | |
| CN116541280B (en) | Fuzzy test case generation method based on neural network | |
| JP2009211646A (en) | Data concealing program, data read-out program, data concealing device, and data reader | |
| KR101747767B1 (en) | Java automatic identifier renaming method | |
| CN112084498A (en) | Data anti-aliasing method, device, equipment and storage medium | |
| CN111859860A (en) | Data analysis method and device, storage medium, and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |