CN110378085A - A kind of Python bytecode anti-reversing method - Google Patents

A kind of Python bytecode anti-reversing method Download PDF

Info

Publication number
CN110378085A
CN110378085A CN201910695668.5A CN201910695668A CN110378085A CN 110378085 A CN110378085 A CN 110378085A CN 201910695668 A CN201910695668 A CN 201910695668A CN 110378085 A CN110378085 A CN 110378085A
Authority
CN
China
Prior art keywords
code
python
sequence
byte
bytecode
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910695668.5A
Other languages
Chinese (zh)
Inventor
严松
罗阿文
常清雪
江佳峻
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201910695668.5A priority Critical patent/CN110378085A/en
Publication of CN110378085A publication Critical patent/CN110378085A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Devices For Executing Special Programs (AREA)

Abstract

The invention discloses a kind of Python bytecode anti-reversing methods, comprising: the sound code file write using Python is compiled into bytecode using collector by step S100:Python interpreter;Step S200: the non-key operation code in sequence of opcodes that byte code files include is replaced by virtual machine with new value, makes that it includes new operation codes.Operation code replaces it and is substantially replaced the non-key operation code in sequence of opcodes that byte code files include with new value, makes that it includes new operation codes, to change the content and structure of sequence of opcodes, achievees the purpose that anti-reverse.The present invention guarantee Python bytecode operation result and it is logically true under the premise of, non-key operation code in bytecode is replaced, the content and structure for changing the sequence of opcodes in byte code files, so that bytecode can not go out source code by reverse decompiling.

Description

A kind of Python bytecode anti-reversing method
Technical field
The present invention relates to software inverse engineering technical fields, are a kind of Python bytecode anti-reversing methods specifically.
Background technique
Currently, Python is most commonly used programming language, the mode of Python program operation in worldwide It is quite unique.Python first by suffix be .py sound code file be compiled as byte code files, be stored in engineering catalogue _ _ Under pycache__, then virtual machine is transferred to be converted to binary code, is executed by CPU.The byte code files of Python in order to reach across Platform, so remaining all information in source code.Exactly because this characteristic of Python bytecode, results in byte Code file is easy to go out source code therein by attacker's decompiling, brings loss to developer.
Summary of the invention
The purpose of the present invention is to provide a kind of Python bytecode anti-reversing methods, for solving in the prior art Python bytecode is easy the problem of being gone out source code therein by attacker's decompiling, brought loss to developer.
The present invention is solved the above problems by following technical proposals:
A kind of Python bytecode anti-reversing method, comprising:
The sound code file write using Python is compiled by step S100:Python interpreter using collector Bytecode;
Step S200: non-key operation code in the sequence of opcodes that byte code files are included by virtual machine with new value into Row replacement, makes that it includes new operation codes.
Operation code replaces the non-key operation in the sequence of opcodes (co_code) that byte code files are substantially included by it Code is replaced with new value, makes that it includes new operation codes, to change the content and structure of sequence of opcodes, reaches anti-reverse The purpose turned.
Further, step S200 is specifically included:
Step S210: parameter definition
The set of n operation is defined in virtual machine are as follows:
OP={ op1,op2,opi,...,opn}
Wherein, opiIndicate i-th of operation that virtual machine is supported, n is supported the sum of operation by virtual machine;
Operation code set corresponding with set OP are as follows: OP_CODE={ code1,code2, codei,...,coden}
Wherein codeiFor opiRepresentation, with opiIt corresponds, codei∈N+And codei≤ 255,1≤i≤n;
Step S220: replacement operation code is defined
Use set OP_CODE '={ code '1,code′2,code'i,...,code′nReplace set OP_CODE, So that OP_CODE ' is at least there is an element and makes codei≠codei, wherein code 'i≤ 255,1≤i≤n;
Step S230: operation code replacement
Explanation operation is compiled to source Python program, then under its engineering catalogue _ _ pycache__, is taken out Python byte code files open byte code files, read wherein byte code files using the compile function that Python is carried The opcode value in the domain sequence of opcodes co_code in corresponding PyCodeObject object, formation operation code collection close OP_ CODE carries out judgement according to following rules to the opcode value in set and according to value replaces,
(1) if op_codei< 90&& is non-key operation code, then operation code explicit declaration, be all it is simple not Operation with parameter change sequence, the random number using between 0 to 64 can replace its opcode value at random inside same class, It will not influence the execution of Python program;
(2) if 90≤op_codei≤ 131, it is non-key operation code, the then operation code and function call with parameter Unrelated, its sequence is upset in inside, and the random number using between 0 to 128 replaces its opcode value, will not cause shadow to source program It rings;
(3) if 131 < op_codei≤ 137, it is non-key operation code, the then operation code with parameter and function tune With unrelated, to it, transfer sequence, the random number using between 0 to 255 are replaced its opcode value, will not be caused to source program two-by-two It influences;
(4) if 137 < op_codei≤ 147, it is non-key operation code, the then operation code with parameter, two extensions Operation internal sequence can be upset at random, and replace its opcode value using the number between 0 to 255 at random, will not be to source program It impacts;
The domain co_code in PyCodeObject object, included new operation code, to change sequence of opcodes Content and structure, be equivalent to and encrypted byte code files.Finally, (.pyc) Python operation code file distribution is gone out, weight New interpretation executes, that is, can reach the purpose that can not inversely compile out source code.
Compared with prior art, the present invention have the following advantages that and the utility model has the advantages that
(1) present invention guarantee Python bytecode operation result and it is logically true under the premise of, to non-in bytecode Key operation code is replaced, and changes the content and structure of the sequence of opcodes in byte code files, so that bytecode can not Source code is gone out by reverse decompiling.
Detailed description of the invention
Fig. 1 is the principle of the present invention block diagram.
Specific embodiment
The present invention is described in further detail below with reference to embodiment, embodiments of the present invention are not limited thereto.
Embodiment 1:
In conjunction with shown in attached drawing 1, a kind of Python bytecode anti-reversing method, comprising:
The sound code file write using Python is compiled by step S100:Python interpreter using collector Bytecode;
Step S200: non-key operation code in the sequence of opcodes that byte code files are included by virtual machine with new value into Row replacement, makes that it includes new operation codes.
Operation code replaces the non-key operation in the sequence of opcodes (co_code) that byte code files are substantially included by it Code is replaced with new value, makes that it includes new operation codes, to change the content and structure of sequence of opcodes, reaches anti-reverse The purpose turned.
Further, step S200 is specifically included:
Step S210: parameter definition
The set of n operation is defined in virtual machine are as follows:
OP={ op1,op2,opi,...,opn}
Wherein, opiIndicate i-th of operation that virtual machine is supported, n is supported the sum of operation by virtual machine;
Operation code set corresponding with set OP are as follows: OP_CODE={ code1,code2, codei,...,coden}
Wherein codeiFor opiRepresentation, with opiIt corresponds, codei∈N+And codei≤ 255,1≤i≤n;
Step S220: replacement operation code is defined
Use set OP_CODE '={ code '1,code′2,code'i,...,code′nReplace set OP_CODE, So that OP_CODE ' is at least there is an element and makes code 'i≠codei, wherein code 'i≤ 255,1≤i≤n;
Step S230: operation code replacement
Explanation operation is compiled to source Python program, then under its engineering catalogue _ _ pycache__, is taken out (.pyc) Python byte code files open byte code files, read wherein byte using the compile function that Python is carried The opcode value in the domain sequence of opcodes co_code in the corresponding PyCodeObject object of code file, formation operation code collection OP_CODE is closed, the opcode value in set is carried out to judge whether it is non-key operation code according to following rules, and change it Value, due to Python support each operation code (similarly hereinafter) only account for a byte, value between 0~255, so replacement Value also should be between 0~255:
Non-key operation code set opcode value therein is judged and replaced, judgment rule is as shown in Figure 1:
(1) if op_codei< 90&& is non-key operation code, then operation code explicit declaration, be all it is simple not Operation with parameter change sequence, the random number using between 0 to 64 can replace its opcode value at random inside same class, It will not influence the execution of Python program;
(2) if 90≤op_codei≤ 131, it is non-key operation code, the then operation code and function call with parameter Unrelated, its sequence is upset in inside, and the random number using between 0 to 128 replaces its opcode value, will not cause shadow to source program It rings;
(3) if 131 < op_codei≤ 137, it is non-key operation code, the then operation code with parameter and function tune With unrelated, to it, transfer sequence, the random number using between 0 to 255 are replaced its opcode value, will not be caused to source program two-by-two It influences;
(4) if 137 < op_codei≤ 147, it is non-key operation code, the then operation code with parameter, two extensions Operation internal sequence can be upset at random, and replace its opcode value using the number between 0 to 255 at random, will not be to source program It impacts;
The domain co_code in PyCodeObject object, included new operation code, to change sequence of opcodes Content and structure, be equivalent to and encrypted byte code files.Finally, (.pyc) Python operation code file distribution is gone out, weight New interpretation executes, that is, can reach the purpose that can not inversely compile out source code.
Although reference be made herein to invention has been described for explanatory embodiment of the invention, and above-described embodiment is only this hair Bright preferable embodiment, embodiment of the present invention are not limited by the above embodiments, it should be appreciated that those skilled in the art Member can be designed that a lot of other modification and implementations, these modifications and implementations will fall in principle disclosed in the present application Within scope and spirit.

Claims (2)

1. a kind of Python bytecode anti-reversing method characterized by comprising
The sound code file write using Python is compiled into byte using collector by step S100:Python interpreter Code;
Step S200: virtual machine replaces the non-key operation code in sequence of opcodes that byte code files include with new value It changes, makes that it includes new operation codes.
2. a kind of Python bytecode anti-reversing method according to claim 1, which is characterized in that the step S200 tool Body includes:
Step S210: parameter definition
The set of n operation is defined in virtual machine are as follows:
OP={ op1,op2,opi,...,opn}
Wherein, opiIndicate i-th of operation that virtual machine is supported, n is supported the sum of operation by virtual machine;
Operation code set corresponding with set OP are as follows: OP_CODE={ code1,code2, codei,...,coden}
Wherein codeiFor opiRepresentation, with opiIt corresponds, codei∈N+And codei≤ 255,1≤i≤n;
Step S220: replacement operation code is defined
Use set OP_CODE '={ code '1,code′2,code'i,...,code′nReplace set OP_CODE, make OP_ At least there is an element and make code in CODE 'i′≠codei, wherein codei'≤255,1≤i≤n;
Step S230: operation code replacement
Explanation operation is compiled to source Python program, then under its engineering catalogue _ _ pycache__, takes out Python word Code file is saved, byte code files are opened, it is corresponding to read wherein byte code files using the compile function that Python is carried The opcode value in the domain sequence of opcodes co_code in PyCodeObject object, formation operation code collection closes OP_CODE, right Opcode value in set carries out judgement according to following rules and according to value replaces,
(1) if op_codei< 90&& is non-key operation code, then operation code explicit declaration, is all simply without parameter Operation, change sequence, the random number using between 0 to 64 can replace its opcode value at random inside same class;
(2) if 90≤op_codei≤ 131, it is non-key operation code, then the operation code with parameter and function call are unrelated, Its sequence is upset in inside, and the random number using between 0 to 128 replaces its opcode value;
(3) if 131 < op_codei≤ 137, be non-key operation code, then the operation code with parameter and function call without It closes, to it, transfer sequence, the random number using between 0 to 255 replace its opcode value two-by-two;
(4) if 137 < op_codei≤ 147, it is non-key operation code, then the operation code with parameter, in two extended operations Portion's sequence can be upset at random, and replace its opcode value using the number between 0 to 255 at random;
Python byte code files are released, execution is reinterpreted.
CN201910695668.5A 2019-07-30 2019-07-30 A kind of Python bytecode anti-reversing method Pending CN110378085A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910695668.5A CN110378085A (en) 2019-07-30 2019-07-30 A kind of Python bytecode anti-reversing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910695668.5A CN110378085A (en) 2019-07-30 2019-07-30 A kind of Python bytecode anti-reversing method

Publications (1)

Publication Number Publication Date
CN110378085A true CN110378085A (en) 2019-10-25

Family

ID=68257038

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910695668.5A Pending CN110378085A (en) 2019-07-30 2019-07-30 A kind of Python bytecode anti-reversing method

Country Status (1)

Country Link
CN (1) CN110378085A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110929234A (en) * 2019-11-28 2020-03-27 施羊梦燊 Python program encryption protection system and method based on code virtualization
CN111523120A (en) * 2020-04-30 2020-08-11 广州锦行网络科技有限公司 Python source code security protection implementation method and system
CN112926032A (en) * 2021-03-26 2021-06-08 支付宝(杭州)信息技术有限公司 Method and device for processing and operating byte code and byte code operating system
CN113434874A (en) * 2021-06-11 2021-09-24 湖南大学 Python source code protection method and system based on pyc encryption
CN116089983A (en) * 2023-02-23 2023-05-09 北京微步在线科技有限公司 Reinforcing compiling method and device for py file

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503496A (en) * 2016-12-08 2017-03-15 合肥康捷信息科技有限公司 Replaced and the Python shell script anti-reversal methods for merging based on operation code
CN107315930A (en) * 2017-07-07 2017-11-03 成都恒高科技有限公司 A kind of method of protection Python programs
CN108363911A (en) * 2018-02-11 2018-08-03 西安四叶草信息技术有限公司 A kind of Python scripts obscure, the method and device of watermark

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503496A (en) * 2016-12-08 2017-03-15 合肥康捷信息科技有限公司 Replaced and the Python shell script anti-reversal methods for merging based on operation code
CN107315930A (en) * 2017-07-07 2017-11-03 成都恒高科技有限公司 A kind of method of protection Python programs
CN108363911A (en) * 2018-02-11 2018-08-03 西安四叶草信息技术有限公司 A kind of Python scripts obscure, the method and device of watermark

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王小强: "《基于操作码的Python程序防逆转算法研究与实现》", 《万方数据》 *
王小强等: "《基于操作码合并的Python程序防逆转算法》", 《计算机工程》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110929234A (en) * 2019-11-28 2020-03-27 施羊梦燊 Python program encryption protection system and method based on code virtualization
CN110929234B (en) * 2019-11-28 2023-03-24 施羊梦燊 Python program encryption protection system and method based on code virtualization
CN111523120A (en) * 2020-04-30 2020-08-11 广州锦行网络科技有限公司 Python source code security protection implementation method and system
CN112926032A (en) * 2021-03-26 2021-06-08 支付宝(杭州)信息技术有限公司 Method and device for processing and operating byte code and byte code operating system
CN113434874A (en) * 2021-06-11 2021-09-24 湖南大学 Python source code protection method and system based on pyc encryption
CN116089983A (en) * 2023-02-23 2023-05-09 北京微步在线科技有限公司 Reinforcing compiling method and device for py file
CN116089983B (en) * 2023-02-23 2024-03-26 北京微步在线科技有限公司 Reinforcing compiling method and device for py file

Similar Documents

Publication Publication Date Title
CN110378085A (en) A kind of Python bytecode anti-reversing method
Torlak et al. A lightweight symbolic virtual machine for solver-aided host languages
US8245204B2 (en) Parameter management using compiler directives
Cartwright et al. Observable sequentiality and full abstraction
Ioannides et al. Coverage-directed test generation automated by machine learning--a review
Li et al. PASS: string solving with parameterized array and interval automaton
CN109117164B (en) Micro-service updating method and system based on difference analysis of key elements
WO2021258692A1 (en) Multi-chip compatible compiling method and device
CN111770116B (en) Method for executing intelligent contract, block chain node and storage medium
CN109829313A (en) A kind of method and device programming defence SGX side-channel attack based on code reuse
CN111770204A (en) Method for executing intelligent contract, block chain node and storage medium
CN111768183A (en) Method for executing intelligent contract, block chain node and storage medium
CN111770202B (en) Method for executing intelligent contract, block chain node and storage medium
JP2018510445A (en) Domain-specific system and method for improving program performance
CN111768184A (en) Method for executing intelligent contract and block link point
CN111815310A (en) Method for executing intelligent contract, block chain node and storage medium
Taentzer et al. Generation of Sierpinski triangles: A case study for graph transformation tools
Lau et al. A model for inter-module analysis and optimizing compilation
Smans et al. VeriFast for Java: A tutorial
Hills Variable feature usage patterns in PHP (T)
CN116149670B (en) HDL compiling optimization method based on graph
Alshraideh A complete automation of unit testing for JavaScript programs
Meier et al. An architecture for prolog extensions
CN109299004B (en) Method and system for analyzing difference of key elements
Lin et al. Compositional symbolic execution: Incremental solving revisited

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191025

RJ01 Rejection of invention patent application after publication