CN110378085A - A kind of Python bytecode anti-reversing method - Google Patents
A kind of Python bytecode anti-reversing method Download PDFInfo
- Publication number
- CN110378085A CN110378085A CN201910695668.5A CN201910695668A CN110378085A CN 110378085 A CN110378085 A CN 110378085A CN 201910695668 A CN201910695668 A CN 201910695668A CN 110378085 A CN110378085 A CN 110378085A
- Authority
- CN
- China
- Prior art keywords
- code
- python
- sequence
- byte
- bytecode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 10
- 230000015572 biosynthetic process Effects 0.000 claims description 3
- 230000006870 function Effects 0.000 description 6
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
The invention discloses a kind of Python bytecode anti-reversing methods, comprising: the sound code file write using Python is compiled into bytecode using collector by step S100:Python interpreter;Step S200: the non-key operation code in sequence of opcodes that byte code files include is replaced by virtual machine with new value, makes that it includes new operation codes.Operation code replaces it and is substantially replaced the non-key operation code in sequence of opcodes that byte code files include with new value, makes that it includes new operation codes, to change the content and structure of sequence of opcodes, achievees the purpose that anti-reverse.The present invention guarantee Python bytecode operation result and it is logically true under the premise of, non-key operation code in bytecode is replaced, the content and structure for changing the sequence of opcodes in byte code files, so that bytecode can not go out source code by reverse decompiling.
Description
Technical field
The present invention relates to software inverse engineering technical fields, are a kind of Python bytecode anti-reversing methods specifically.
Background technique
Currently, Python is most commonly used programming language, the mode of Python program operation in worldwide
It is quite unique.Python first by suffix be .py sound code file be compiled as byte code files, be stored in engineering catalogue _ _
Under pycache__, then virtual machine is transferred to be converted to binary code, is executed by CPU.The byte code files of Python in order to reach across
Platform, so remaining all information in source code.Exactly because this characteristic of Python bytecode, results in byte
Code file is easy to go out source code therein by attacker's decompiling, brings loss to developer.
Summary of the invention
The purpose of the present invention is to provide a kind of Python bytecode anti-reversing methods, for solving in the prior art
Python bytecode is easy the problem of being gone out source code therein by attacker's decompiling, brought loss to developer.
The present invention is solved the above problems by following technical proposals:
A kind of Python bytecode anti-reversing method, comprising:
The sound code file write using Python is compiled by step S100:Python interpreter using collector
Bytecode;
Step S200: non-key operation code in the sequence of opcodes that byte code files are included by virtual machine with new value into
Row replacement, makes that it includes new operation codes.
Operation code replaces the non-key operation in the sequence of opcodes (co_code) that byte code files are substantially included by it
Code is replaced with new value, makes that it includes new operation codes, to change the content and structure of sequence of opcodes, reaches anti-reverse
The purpose turned.
Further, step S200 is specifically included:
Step S210: parameter definition
The set of n operation is defined in virtual machine are as follows:
OP={ op1,op2,opi,...,opn}
Wherein, opiIndicate i-th of operation that virtual machine is supported, n is supported the sum of operation by virtual machine;
Operation code set corresponding with set OP are as follows: OP_CODE={ code1,code2, codei,...,coden}
Wherein codeiFor opiRepresentation, with opiIt corresponds, codei∈N+And codei≤ 255,1≤i≤n;
Step S220: replacement operation code is defined
Use set OP_CODE '={ code '1,code′2,code'i,...,code′nReplace set OP_CODE,
So that OP_CODE ' is at least there is an element and makes codei≠codei, wherein code 'i≤ 255,1≤i≤n;
Step S230: operation code replacement
Explanation operation is compiled to source Python program, then under its engineering catalogue _ _ pycache__, is taken out
Python byte code files open byte code files, read wherein byte code files using the compile function that Python is carried
The opcode value in the domain sequence of opcodes co_code in corresponding PyCodeObject object, formation operation code collection close OP_
CODE carries out judgement according to following rules to the opcode value in set and according to value replaces,
(1) if op_codei< 90&& is non-key operation code, then operation code explicit declaration, be all it is simple not
Operation with parameter change sequence, the random number using between 0 to 64 can replace its opcode value at random inside same class,
It will not influence the execution of Python program;
(2) if 90≤op_codei≤ 131, it is non-key operation code, the then operation code and function call with parameter
Unrelated, its sequence is upset in inside, and the random number using between 0 to 128 replaces its opcode value, will not cause shadow to source program
It rings;
(3) if 131 < op_codei≤ 137, it is non-key operation code, the then operation code with parameter and function tune
With unrelated, to it, transfer sequence, the random number using between 0 to 255 are replaced its opcode value, will not be caused to source program two-by-two
It influences;
(4) if 137 < op_codei≤ 147, it is non-key operation code, the then operation code with parameter, two extensions
Operation internal sequence can be upset at random, and replace its opcode value using the number between 0 to 255 at random, will not be to source program
It impacts;
The domain co_code in PyCodeObject object, included new operation code, to change sequence of opcodes
Content and structure, be equivalent to and encrypted byte code files.Finally, (.pyc) Python operation code file distribution is gone out, weight
New interpretation executes, that is, can reach the purpose that can not inversely compile out source code.
Compared with prior art, the present invention have the following advantages that and the utility model has the advantages that
(1) present invention guarantee Python bytecode operation result and it is logically true under the premise of, to non-in bytecode
Key operation code is replaced, and changes the content and structure of the sequence of opcodes in byte code files, so that bytecode can not
Source code is gone out by reverse decompiling.
Detailed description of the invention
Fig. 1 is the principle of the present invention block diagram.
Specific embodiment
The present invention is described in further detail below with reference to embodiment, embodiments of the present invention are not limited thereto.
Embodiment 1:
In conjunction with shown in attached drawing 1, a kind of Python bytecode anti-reversing method, comprising:
The sound code file write using Python is compiled by step S100:Python interpreter using collector
Bytecode;
Step S200: non-key operation code in the sequence of opcodes that byte code files are included by virtual machine with new value into
Row replacement, makes that it includes new operation codes.
Operation code replaces the non-key operation in the sequence of opcodes (co_code) that byte code files are substantially included by it
Code is replaced with new value, makes that it includes new operation codes, to change the content and structure of sequence of opcodes, reaches anti-reverse
The purpose turned.
Further, step S200 is specifically included:
Step S210: parameter definition
The set of n operation is defined in virtual machine are as follows:
OP={ op1,op2,opi,...,opn}
Wherein, opiIndicate i-th of operation that virtual machine is supported, n is supported the sum of operation by virtual machine;
Operation code set corresponding with set OP are as follows: OP_CODE={ code1,code2, codei,...,coden}
Wherein codeiFor opiRepresentation, with opiIt corresponds, codei∈N+And codei≤ 255,1≤i≤n;
Step S220: replacement operation code is defined
Use set OP_CODE '={ code '1,code′2,code'i,...,code′nReplace set OP_CODE,
So that OP_CODE ' is at least there is an element and makes code 'i≠codei, wherein code 'i≤ 255,1≤i≤n;
Step S230: operation code replacement
Explanation operation is compiled to source Python program, then under its engineering catalogue _ _ pycache__, is taken out
(.pyc) Python byte code files open byte code files, read wherein byte using the compile function that Python is carried
The opcode value in the domain sequence of opcodes co_code in the corresponding PyCodeObject object of code file, formation operation code collection
OP_CODE is closed, the opcode value in set is carried out to judge whether it is non-key operation code according to following rules, and change it
Value, due to Python support each operation code (similarly hereinafter) only account for a byte, value between 0~255, so replacement
Value also should be between 0~255:
Non-key operation code set opcode value therein is judged and replaced, judgment rule is as shown in Figure 1:
(1) if op_codei< 90&& is non-key operation code, then operation code explicit declaration, be all it is simple not
Operation with parameter change sequence, the random number using between 0 to 64 can replace its opcode value at random inside same class,
It will not influence the execution of Python program;
(2) if 90≤op_codei≤ 131, it is non-key operation code, the then operation code and function call with parameter
Unrelated, its sequence is upset in inside, and the random number using between 0 to 128 replaces its opcode value, will not cause shadow to source program
It rings;
(3) if 131 < op_codei≤ 137, it is non-key operation code, the then operation code with parameter and function tune
With unrelated, to it, transfer sequence, the random number using between 0 to 255 are replaced its opcode value, will not be caused to source program two-by-two
It influences;
(4) if 137 < op_codei≤ 147, it is non-key operation code, the then operation code with parameter, two extensions
Operation internal sequence can be upset at random, and replace its opcode value using the number between 0 to 255 at random, will not be to source program
It impacts;
The domain co_code in PyCodeObject object, included new operation code, to change sequence of opcodes
Content and structure, be equivalent to and encrypted byte code files.Finally, (.pyc) Python operation code file distribution is gone out, weight
New interpretation executes, that is, can reach the purpose that can not inversely compile out source code.
Although reference be made herein to invention has been described for explanatory embodiment of the invention, and above-described embodiment is only this hair
Bright preferable embodiment, embodiment of the present invention are not limited by the above embodiments, it should be appreciated that those skilled in the art
Member can be designed that a lot of other modification and implementations, these modifications and implementations will fall in principle disclosed in the present application
Within scope and spirit.
Claims (2)
1. a kind of Python bytecode anti-reversing method characterized by comprising
The sound code file write using Python is compiled into byte using collector by step S100:Python interpreter
Code;
Step S200: virtual machine replaces the non-key operation code in sequence of opcodes that byte code files include with new value
It changes, makes that it includes new operation codes.
2. a kind of Python bytecode anti-reversing method according to claim 1, which is characterized in that the step S200 tool
Body includes:
Step S210: parameter definition
The set of n operation is defined in virtual machine are as follows:
OP={ op1,op2,opi,...,opn}
Wherein, opiIndicate i-th of operation that virtual machine is supported, n is supported the sum of operation by virtual machine;
Operation code set corresponding with set OP are as follows: OP_CODE={ code1,code2, codei,...,coden}
Wherein codeiFor opiRepresentation, with opiIt corresponds, codei∈N+And codei≤ 255,1≤i≤n;
Step S220: replacement operation code is defined
Use set OP_CODE '={ code '1,code′2,code'i,...,code′nReplace set OP_CODE, make OP_
At least there is an element and make code in CODE 'i′≠codei, wherein codei'≤255,1≤i≤n;
Step S230: operation code replacement
Explanation operation is compiled to source Python program, then under its engineering catalogue _ _ pycache__, takes out Python word
Code file is saved, byte code files are opened, it is corresponding to read wherein byte code files using the compile function that Python is carried
The opcode value in the domain sequence of opcodes co_code in PyCodeObject object, formation operation code collection closes OP_CODE, right
Opcode value in set carries out judgement according to following rules and according to value replaces,
(1) if op_codei< 90&& is non-key operation code, then operation code explicit declaration, is all simply without parameter
Operation, change sequence, the random number using between 0 to 64 can replace its opcode value at random inside same class;
(2) if 90≤op_codei≤ 131, it is non-key operation code, then the operation code with parameter and function call are unrelated,
Its sequence is upset in inside, and the random number using between 0 to 128 replaces its opcode value;
(3) if 131 < op_codei≤ 137, be non-key operation code, then the operation code with parameter and function call without
It closes, to it, transfer sequence, the random number using between 0 to 255 replace its opcode value two-by-two;
(4) if 137 < op_codei≤ 147, it is non-key operation code, then the operation code with parameter, in two extended operations
Portion's sequence can be upset at random, and replace its opcode value using the number between 0 to 255 at random;
Python byte code files are released, execution is reinterpreted.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910695668.5A CN110378085A (en) | 2019-07-30 | 2019-07-30 | A kind of Python bytecode anti-reversing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910695668.5A CN110378085A (en) | 2019-07-30 | 2019-07-30 | A kind of Python bytecode anti-reversing method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110378085A true CN110378085A (en) | 2019-10-25 |
Family
ID=68257038
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910695668.5A Pending CN110378085A (en) | 2019-07-30 | 2019-07-30 | A kind of Python bytecode anti-reversing method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110378085A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110929234A (en) * | 2019-11-28 | 2020-03-27 | 施羊梦燊 | Python program encryption protection system and method based on code virtualization |
CN111523120A (en) * | 2020-04-30 | 2020-08-11 | 广州锦行网络科技有限公司 | Python source code security protection implementation method and system |
CN112926032A (en) * | 2021-03-26 | 2021-06-08 | 支付宝(杭州)信息技术有限公司 | Method and device for processing and operating byte code and byte code operating system |
CN113434874A (en) * | 2021-06-11 | 2021-09-24 | 湖南大学 | Python source code protection method and system based on pyc encryption |
CN116089983A (en) * | 2023-02-23 | 2023-05-09 | 北京微步在线科技有限公司 | Reinforcing compiling method and device for py file |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106503496A (en) * | 2016-12-08 | 2017-03-15 | 合肥康捷信息科技有限公司 | Replaced and the Python shell script anti-reversal methods for merging based on operation code |
CN107315930A (en) * | 2017-07-07 | 2017-11-03 | 成都恒高科技有限公司 | A kind of method of protection Python programs |
CN108363911A (en) * | 2018-02-11 | 2018-08-03 | 西安四叶草信息技术有限公司 | A kind of Python scripts obscure, the method and device of watermark |
-
2019
- 2019-07-30 CN CN201910695668.5A patent/CN110378085A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106503496A (en) * | 2016-12-08 | 2017-03-15 | 合肥康捷信息科技有限公司 | Replaced and the Python shell script anti-reversal methods for merging based on operation code |
CN107315930A (en) * | 2017-07-07 | 2017-11-03 | 成都恒高科技有限公司 | A kind of method of protection Python programs |
CN108363911A (en) * | 2018-02-11 | 2018-08-03 | 西安四叶草信息技术有限公司 | A kind of Python scripts obscure, the method and device of watermark |
Non-Patent Citations (2)
Title |
---|
王小强: "《基于操作码的Python程序防逆转算法研究与实现》", 《万方数据》 * |
王小强等: "《基于操作码合并的Python程序防逆转算法》", 《计算机工程》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110929234A (en) * | 2019-11-28 | 2020-03-27 | 施羊梦燊 | Python program encryption protection system and method based on code virtualization |
CN110929234B (en) * | 2019-11-28 | 2023-03-24 | 施羊梦燊 | Python program encryption protection system and method based on code virtualization |
CN111523120A (en) * | 2020-04-30 | 2020-08-11 | 广州锦行网络科技有限公司 | Python source code security protection implementation method and system |
CN112926032A (en) * | 2021-03-26 | 2021-06-08 | 支付宝(杭州)信息技术有限公司 | Method and device for processing and operating byte code and byte code operating system |
CN113434874A (en) * | 2021-06-11 | 2021-09-24 | 湖南大学 | Python source code protection method and system based on pyc encryption |
CN116089983A (en) * | 2023-02-23 | 2023-05-09 | 北京微步在线科技有限公司 | Reinforcing compiling method and device for py file |
CN116089983B (en) * | 2023-02-23 | 2024-03-26 | 北京微步在线科技有限公司 | Reinforcing compiling method and device for py file |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110378085A (en) | A kind of Python bytecode anti-reversing method | |
Torlak et al. | A lightweight symbolic virtual machine for solver-aided host languages | |
US8245204B2 (en) | Parameter management using compiler directives | |
Cartwright et al. | Observable sequentiality and full abstraction | |
Ioannides et al. | Coverage-directed test generation automated by machine learning--a review | |
Li et al. | PASS: string solving with parameterized array and interval automaton | |
CN109117164B (en) | Micro-service updating method and system based on difference analysis of key elements | |
WO2021258692A1 (en) | Multi-chip compatible compiling method and device | |
CN111770116B (en) | Method for executing intelligent contract, block chain node and storage medium | |
CN109829313A (en) | A kind of method and device programming defence SGX side-channel attack based on code reuse | |
CN111770204A (en) | Method for executing intelligent contract, block chain node and storage medium | |
CN111768183A (en) | Method for executing intelligent contract, block chain node and storage medium | |
CN111770202B (en) | Method for executing intelligent contract, block chain node and storage medium | |
JP2018510445A (en) | Domain-specific system and method for improving program performance | |
CN111768184A (en) | Method for executing intelligent contract and block link point | |
CN111815310A (en) | Method for executing intelligent contract, block chain node and storage medium | |
Taentzer et al. | Generation of Sierpinski triangles: A case study for graph transformation tools | |
Lau et al. | A model for inter-module analysis and optimizing compilation | |
Smans et al. | VeriFast for Java: A tutorial | |
Hills | Variable feature usage patterns in PHP (T) | |
CN116149670B (en) | HDL compiling optimization method based on graph | |
Alshraideh | A complete automation of unit testing for JavaScript programs | |
Meier et al. | An architecture for prolog extensions | |
CN109299004B (en) | Method and system for analyzing difference of key elements | |
Lin et al. | Compositional symbolic execution: Incremental solving revisited |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191025 |
|
RJ01 | Rejection of invention patent application after publication |