CN111310133A - Script obfuscating method and device - Google Patents

Script obfuscating method and device Download PDF

Info

Publication number
CN111310133A
CN111310133A CN202010129119.4A CN202010129119A CN111310133A CN 111310133 A CN111310133 A CN 111310133A CN 202010129119 A CN202010129119 A CN 202010129119A CN 111310133 A CN111310133 A CN 111310133A
Authority
CN
China
Prior art keywords
instruction
jump
array
lua
code file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010129119.4A
Other languages
Chinese (zh)
Inventor
赵培源
于飞鸿
黄胜蓝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xi'an Clover Cyber Technology Co ltd
Original Assignee
Xi'an Clover Cyber Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xi'an Clover Cyber Technology Co ltd filed Critical Xi'an Clover Cyber Technology Co ltd
Priority to CN202010129119.4A priority Critical patent/CN111310133A/en
Publication of CN111310133A publication Critical patent/CN111310133A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/43Checking; Contextual analysis
    • G06F8/433Dependency analysis; Data or control flow analysis
    • G06F8/434Pointers; Aliasing

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Stored Programmes (AREA)

Abstract

The disclosure provides a script confusion method and device, relates to the technical field of computer security, and can improve script security. The specific technical scheme is as follows: the method comprises the steps of obtaining a lua byte code file after lua source code file compiling, analyzing the lua byte code file, and obtaining an instruction array of all code objects in the lua byte code file; acquiring instruction information of each instruction in an instruction array; randomly adjusting the positions of all instructions in the instruction array, and obfuscating the adjusted instruction array by adopting a preset obfuscating rule to obtain an obfuscated instruction array; and correspondingly updating the instruction arrays of all the code objects in the lua byte code file into the obfuscated instruction array to obtain the obfuscated lua byte code file. The invention is used for script obfuscation.

Description

Script obfuscating method and device
Technical Field
The present disclosure relates to the field of computer security technologies, and in particular, to a script obfuscating method and apparatus.
Background
With the development of science and technology, computer technology is widely applied to various fields, and great convenience is provided for work, study and daily life of people. The expansion of the application range and the application depth promotes the continuous improvement of the performance of the computer, and further puts higher requirements on computer software. In this case, the script language has been developed very rapidly as a supplement to a general programming language.
A scripting language, also known as a build-out language, or dynamic language, is a programming language used to control programs. Because of its advantages of compactness and efficiency, more and more software embeds scripting languages into software to provide flexible extensions and customized functionality for applications. Scripting languages are widely used, particularly in the gaming industry. Accordingly, if the script code is leaked out, a user is not damaged so much, and thus it is required to enhance security of the script code.
The script security can be enhanced by obfuscating the script code, but the obfuscating techniques adopted by the prior art are relatively simple, and the obfuscating effect is achieved by a symmetric encryption algorithm, and/or modifying the corresponding relation between the operation code and the byte code of the interpreter, and/or obfuscating the variable name of the source code, but obfuscated script obfuscating logic is basically visible, and the anti-cracking performance is relatively poor.
Disclosure of Invention
The embodiment of the disclosure provides a script obfuscating method and device, which can improve script security. The technical scheme is as follows:
according to a first aspect of embodiments of the present disclosure, there is provided a script obfuscating method, including:
the method comprises the steps of obtaining a lua byte code file after lua source code file compiling, analyzing the lua byte code file, and obtaining an instruction array of all code objects in the lua byte code file, wherein the instruction array comprises at least one instruction;
acquiring instruction information of each instruction in an instruction array, wherein the instruction information comprises position information of each instruction in the instruction array;
randomly adjusting the positions of all instructions in the instruction array, and obfuscating the adjusted instruction array by adopting a preset obfuscating rule to obtain an obfuscated instruction array;
and correspondingly updating the instruction arrays of all the code objects in the lua byte code file into the obfuscated instruction array to obtain the obfuscated lua byte code file.
According to the method and the device, on the premise that the lua interpreter is not modified, the lua instruction array is confused, so that the disassembler and the decompiler fail to restore the source code, the lua script is protected from being cracked, and the script safety is improved.
In one embodiment, obfuscating the adjusted instruction array using a preset obfuscation rule, and obtaining an obfuscated instruction array includes:
acquiring an instruction name of each instruction;
determining the instruction type of each instruction according to the instruction name of each instruction, wherein the instruction type comprises a non-jump instruction and a jump instruction, and the jump instruction comprises a conditional jump instruction and a non-conditional jump instruction;
and generating a jump instruction corresponding to each instruction according to the instruction name, the instruction type and a preset confusion rule of each instruction to obtain a confused instruction array, wherein the preset confusion rule comprises the corresponding relation among the instruction names, the instruction types and the jump rules of a plurality of instructions.
In one embodiment, generating a jump instruction corresponding to each instruction according to the instruction type of each instruction and a preset obfuscation rule, and obtaining an obfuscated instruction array includes:
when the instruction type of the instruction is a non-jump instruction, generating a jump instruction which jumps to a next instruction corresponding to the original execution logic, wherein the original next instruction is;
when the instruction type of the instruction is an unconditional jump instruction, generating a jump instruction which jumps to the original instruction position to be jumped;
and when the instruction type of the instruction is a conditional jump instruction, generating a jump instruction corresponding to the condition that the jump direction is established and a jump instruction for jumping to a next instruction corresponding to the original execution logic.
In one embodiment, obfuscating the adjusted instruction array using a preset obfuscation rule, and obtaining an obfuscated instruction array includes:
and adding a random jump instruction and/or a garbage instruction while mixing the adjusted instruction array by adopting a preset mixing rule to obtain a mixed instruction array.
In one embodiment, the method further comprises: and deleting debugging information in the obfuscated lua character code file, wherein the debugging information comprises a source code line number and a local variable name corresponding to each instruction.
According to a second aspect of embodiments of the present disclosure, there is provided a script obfuscating apparatus, including:
the analysis module is used for acquiring the lua byte code file after the lua source code file is compiled, analyzing the lua byte code file and obtaining an instruction array of all code objects in the lua byte code file, wherein the instruction array comprises at least one instruction;
the acquisition module is used for acquiring the instruction information of each instruction in the instruction array, and the instruction information comprises the position information of each instruction in the instruction array;
the confusion module is used for randomly adjusting the positions of all instructions in the instruction array, and confusing the adjusted instruction array by adopting a preset confusion rule to obtain a confused instruction array;
and the updating module is used for correspondingly updating the instruction arrays of all the code objects in the lua byte code file into the confused instruction arrays to obtain the confused lua byte code file.
In one embodiment, the obfuscation module includes: obtaining a submodule, determining a submodule and generating a submodule;
the obtaining submodule is used for obtaining the instruction name of each instruction;
the determining submodule is used for determining the instruction type of each instruction according to the instruction name of each instruction, the instruction type comprises a non-jump instruction and a jump instruction, and the jump instruction comprises a conditional jump instruction and a non-conditional jump instruction;
and the generating submodule is used for generating the jump instruction corresponding to each instruction according to the instruction name, the instruction type and a preset confusion rule of each instruction to obtain a confused instruction array, wherein the preset confusion rule comprises the corresponding relation among the instruction names, the instruction types and the jump rules of a plurality of instructions.
In one embodiment, the generating submodule is configured to generate a jump instruction to a next instruction corresponding to an original execution logic when an instruction type of the instruction is a non-jump instruction, where the original next instruction is; when the instruction type of the instruction is an unconditional jump instruction, generating a jump instruction which jumps to the original instruction position to be jumped; and when the instruction type of the instruction is a conditional jump instruction, generating a jump instruction corresponding to the condition that the jump direction is established and a jump instruction for jumping to a next instruction corresponding to the original execution logic.
In an embodiment, the obfuscating module is configured to add a random jump instruction and/or a garbage instruction to the adjusted instruction array while obfuscating the adjusted instruction array by using a preset obfuscating rule, so as to obtain an obfuscated instruction array.
In one embodiment, the script obfuscating device further comprises: a deletion module;
and the deleting module is used for deleting debugging information in the obfuscated lua character code file, wherein the debugging information comprises a source code line number and a local variable name corresponding to each instruction.
According to a third aspect of embodiments of the present disclosure, there is provided a script obfuscating device, comprising a processor and a memory, in which at least one computer instruction is stored, the instruction being loaded and executed by the processor to implement the steps performed in the script obfuscating method described in the first aspect and any one of the embodiments of the first aspect.
According to a fourth aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium having stored therein at least one computer instruction, which is loaded and executed by a processor to implement the steps performed in the script obfuscation method described in the first aspect and any one of the embodiments of the first aspect.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a flow chart of a script obfuscation method provided by an embodiment of the present disclosure;
FIG. 2 is a schematic diagram of an lua source code provided by an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of an lua bytecode provided by an embodiment of the disclosure;
FIG. 4 is a schematic diagram of an obfuscated lua bytecode provided by an embodiment of the disclosure;
FIG. 5 is a schematic diagram of an obfuscated lua bytecode adding a random jump instruction according to an embodiment of the disclosure;
FIG. 6 is a schematic diagram of an obfuscated lua bytecode for adding a garbage instruction according to an embodiment of the disclosure;
FIG. 7 is a block diagram of a script obfuscating device provided by an embodiment of the present disclosure;
FIG. 8 is a block diagram of a script obfuscating device provided by an embodiment of the present disclosure;
fig. 9 is a block diagram of a script obfuscating apparatus according to an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
The embodiment of the present disclosure provides a script obfuscating method, as shown in fig. 1, the script obfuscating method includes the following steps:
101. and acquiring the lua byte code file after the lua source code file is compiled, and analyzing the lua byte code file to obtain the instruction arrays of all code objects in the lua byte code file.
In the embodiment of the disclosure, the lua source code file is compiled by a lua compiler, a lua byte code file corresponding to the lua source code file, that is, a luac file, is generated, and further, the instruction arrays of all code objects in the lua byte code file are obtained by parsing the lua byte code file through nested parsing, wherein the instruction arrays include at least one instruction.
102. Instruction information for each instruction in the instruction array is obtained.
The instruction information includes location information of each instruction in the lua bytecode file. In the embodiment of the present disclosure, the position information indicates an instruction sequence number of each instruction in the instruction array, the instruction sequence numbers sequentially increase according to the order, and each instruction includes an instruction name of the instruction, an instruction parameter, and a logical relationship with a next instruction.
103. And randomly adjusting the positions of all instructions in the instruction array, and obfuscating the adjusted instruction array by adopting a preset obfuscating rule to obtain an obfuscated instruction array.
In the embodiment of the present disclosure, the positions of all instructions in the instruction array are randomly adjusted to obtain an adjusted instruction array, and the adjusted instruction array is logically continuous and equivalent to the original source code. Further, the adjusted instruction array is obfuscated by adopting a preset obfuscating rule, so that an obfuscated instruction array is obtained.
Specifically, the adjusted instruction array is obfuscated by adopting a preset obfuscation rule, and obtaining the obfuscated instruction array comprises:
acquiring an instruction name of each instruction;
determining the instruction type of each instruction according to the instruction name of each instruction, wherein the instruction type comprises a non-jump instruction and a jump instruction, and the jump instruction comprises a conditional jump instruction and a non-conditional jump instruction;
and generating a jump instruction corresponding to each instruction according to the instruction name, the instruction type and a preset confusion rule of each instruction to obtain a confused instruction array, wherein the preset confusion rule comprises the corresponding relation among the instruction names, the instruction types and the jump rules of a plurality of instructions.
In the lua, one instruction is 4 bytes in size, the lowest 6 bits are an operation code (OpCode), and the content behind the OpCode varies from instruction to instruction, so that 64 instructions are supported by the lua, and currently, only 47 instructions are used by the existing lua5.3, which includes: the instruction type of each instruction can be determined according to the instruction name, and then the jump instruction corresponding to each instruction is generated according to a preset confusion rule.
In the disclosed embodiments, the jump rule is used to indicate to which instruction or to which location a jump of the generated jump instruction is made. Therefore, when the instruction type of the instruction is a non-jump instruction, a jump instruction jumping to a next instruction corresponding to the original execution logic is generated, when the instruction type of the instruction is a non-conditional jump instruction, a jump instruction jumping to an instruction position to be jumped is generated, when the instruction type of the instruction is a conditional jump instruction, a jump instruction corresponding to when a jump condition is established and a jump instruction jumping to a next instruction corresponding to the original execution logic are generated, and then an obfuscated instruction array is obtained. Of course, a random jump instruction and/or a garbage instruction may be added while generating the jump instruction to obtain an obfuscated instruction array. It should be noted that the obfuscated instruction number is not physically contiguous, but is still logically contiguous and equivalent to the source code.
The jump rules for all jump instructions in the lua are shown with reference to table 1. And analyzing the jump instruction to analyze whether the jump instruction is a conditional jump or not and whether the jump instruction jumps to the next instruction or not. In table 1, pc denotes a position of an instruction currently executed by the lua interpreter, pc + + denotes a jump to a next instruction, pc + ═ sBx denotes a jump to a position of current position + sBx, and sBx denotes the lower 14 bits of the current instruction. As shown in table 1, OP _ JMP and OP _ forcerep are unconditional jump instructions, and the generated jump instruction is a jump to the current position + sBx; OP _ LOADBOOL, OP _ EQ, OP _ LT, OP _ LE, OP _ TEST and OP _ TESSTST are conditional jump instructions, and the generated jump instruction is a jump instruction to the next instruction; OP _ FOELOOP and OP _ TFORLOOP are unconditional jump instructions, and the generated jump instruction is a jump to the current position + sBx. It should be noted that: for instructions of type pc + ═ sBx, their jump offsets are recalculated during the obfuscation process; for the OP _ EXTRARG extended instruction it is merged with the previous instruction.
TABLE 1
Instruction name Whether or not to jump conditionally Whether to jump to the next instruction
OP_JMP Whether or not pc+=sBx
OP_FORPREP Whether or not pc+=sBx
OP_LOADBOOL Is that pc++
OP_EQ Is that pc++
OP_LT Is that pc++
OP_LE Is that pc++
OP_TEST Is that pc++
OP_TESTSET Is that pc++
OP_FORLOOP Is that pc+=sBx
OP_TFORLOOP Is that pc+=sBx
104. And correspondingly updating the instruction arrays of all the code objects in the lua byte code file into the obfuscated instruction array to obtain the obfuscated lua byte code file.
And after obtaining the obfuscated instruction array, replacing the instruction arrays of all code objects in the original lua byte code file to obtain the obfuscated lua byte code file.
Further, after the obfuscated lua bytecode file is obtained, debug (debug) information in the obfuscated lua bytecode file can be deleted, wherein the debug information includes a source code line number and a local variable name corresponding to each instruction. Therefore, under the condition of not modifying the lua interpreter, the lua instruction array is confused, debugging information is cut out, the disassembler and the decompiler fail to restore source codes, the lua script is protected from being cracked, and the script safety is improved.
The script obfuscation method described above is exemplified below. Lua source code easy.lua is compiled, and a compiled file is easy.luac, as shown in fig. 2, and the easy.luac file is parsed to obtain the meaning of each instruction in the easy.luac file, as shown in fig. 3, referring to table 2 below, the load command in table 2 is the OP _ load command, and the rest commands and the command type omit OP _.
TABLE 2
Figure BDA0002395308780000081
As shown in fig. 4, in order to obtain obfuscated easy.
Firstly, randomly adjusting instructions in easy.lua, sequencing the sequence of the adjusted instruction sequence numbers to be 1-6-4-5-7-3-2, and then generating a jump instruction corresponding to each instruction according to the instruction name, the instruction type and a preset confusion instruction of each instruction, specifically, if the load instruction with the instruction sequence number of 1 is a non-jump instruction, generating a jump instruction with the instruction sequence number of 2, and jumping to the original next instruction, namely an EQ instruction with the instruction sequence number of 11; if the EQ instruction with the instruction sequence number of 11 is a conditional jump instruction, two jump instructions with instruction sequence numbers of 12 and 13 are generated, the jump instruction with the instruction sequence number of 12 jumps to the original next instruction, and the jump instruction with the instruction sequence number of 13 is an instruction corresponding to the condition that the jump condition is established.
When the condition is satisfied, executing a jump instruction with an instruction sequence number of 13 to jump to an instruction corresponding to the satisfied condition, namely a load instruction with an instruction sequence number of 5, wherein the load instruction is a non-jump instruction, generating the jump instruction with the instruction sequence number of 6 to jump to an original next instruction, namely a JMP instruction with the instruction sequence number of 7, and generating the JMP instruction with the instruction sequence number of 7 to jump to an original instruction position to be jumped, namely a RETURN instruction with the instruction sequence number of 8; when the condition is not satisfied, executing a jump instruction with an instruction sequence number of 12 to jump to an original next instruction, namely a JMP instruction with an instruction sequence number of 10, wherein the JMP instruction with the instruction sequence number of 10 is unconditional jump, jumping to an original instruction position to jump, namely a LOADK instruction with an instruction sequence number of 3, and the LOADK instruction with the instruction sequence number of 3 is a non-jump instruction, generating a jump instruction with an instruction sequence number of 4 to jump to the original next instruction, namely a RETURN instruction with an instruction sequence number of 8.
Comparing the obfuscated easy.lucs with the original easy.luc, it can be found that the local variable names (locals) are changed from 1 to 0, the source code line numbers are also changed from specific numbers, and in addition, each instruction is also connected through the JMP instruction, so that the instruction array is physically discontinuous, but is still logically continuous and equivalent to the original source code.
Further, a random jump instruction or a garbage instruction may be added in the instruction confusion process to enhance the confusion strength of the instruction array, as shown in fig. 5, the confused easy.
According to the script obfuscating method provided by the embodiment of the disclosure, under the condition that the lua interpreter is not modified, obfuscation is performed on the lua instruction array, debugging information is cut out, the disassembler and the decompiler are disabled, so that source codes cannot be restored, the lua script is protected from being cracked, and the script safety is improved.
Based on the script obfuscation method described in the embodiments corresponding to fig. 1 and fig. 3, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute an embodiment of the method of the present disclosure.
The embodiment of the present disclosure provides a script obfuscating apparatus, as shown in fig. 7, the script obfuscating apparatus 50 includes: the device comprises an analysis module 701, an acquisition module 702, an obfuscation module 703 and an update module 704;
the parsing module 701 is configured to obtain a lua byte code file after lua source code file compilation, and parse the lua byte code file to obtain an instruction array of all code objects in the lua byte code file, where the instruction array includes at least one instruction;
an obtaining module 702, configured to obtain instruction information of each instruction in the instruction array, where the instruction information includes location information of each instruction in the instruction array;
a confusion module 703, configured to randomly adjust positions of all instructions in the instruction array, and perform confusion on the adjusted instruction array by using a preset confusion rule to obtain a confused instruction array;
an updating module 704, configured to correspondingly update the instruction arrays of all the code objects in the lua bytecode file to an obfuscated instruction array, so as to obtain an obfuscated lua bytecode file.
In one embodiment, as shown in fig. 8, the obfuscation module 703 includes: an acquisition sub-module 7031, a determination sub-module 7032 and a generation sub-module 7033;
the obtaining submodule 7031 is configured to obtain an instruction name of each instruction;
the determining submodule 7032 is configured to determine an instruction type of each instruction according to an instruction name of each instruction, where the instruction type includes a non-jump instruction and a jump instruction, and the jump instruction includes a conditional jump instruction and a non-conditional jump instruction;
the generating submodule 7033 is configured to generate a jump instruction corresponding to each instruction according to the instruction name, the instruction type, and a preset confusion rule of each instruction, so as to obtain a confused instruction array, where the preset confusion rule includes a correspondence between instruction names of multiple instructions, instruction types, and jump rules.
In an embodiment, the generating sub-module 7033 is configured to generate, when the instruction type of the instruction is a non-jump instruction, a jump instruction that jumps to a next instruction corresponding to an original execution logic, where the original next instruction is; when the instruction type of the instruction is an unconditional jump instruction, generating a jump instruction which jumps to the original instruction position to be jumped; and when the instruction type of the instruction is a conditional jump instruction, generating a jump instruction corresponding to the condition that the jump direction is established and a jump instruction for jumping to a next instruction corresponding to the original execution logic.
In an embodiment, the obfuscating module 703 is configured to add a random jump instruction and/or a garbage instruction to the adjusted instruction array while obfuscating the adjusted instruction array according to a preset obfuscating rule, so as to obtain an obfuscated instruction array.
In one embodiment, as shown in fig. 9, the script obfuscating apparatus further includes: a deletion module 705;
the deleting module 705 is configured to delete the debugging information in the obfuscated lua character code file, where the debugging information includes a source code line number and a local variable name corresponding to each instruction.
According to the script obfuscating device provided by the embodiment of the disclosure, under the condition that the lua interpreter is not modified, obfuscating is performed on the lua instruction array, debugging information is cut out, so that the disassembler and the decompiler fail to restore source codes, the lua script is protected from being cracked, and the script safety is improved.
The embodiment of the present disclosure further provides a script obfuscating device, where the script obfuscating device includes a receiver, a transmitter, a memory, and a processor, where the transmitter and the memory are respectively connected to the processor, the memory stores at least one computer instruction, and the processor is configured to load and execute the at least one computer instruction to implement the script obfuscating method described in the embodiment corresponding to fig. 1.
Based on the script obfuscation method described in the embodiment corresponding to fig. 1, an embodiment of the present disclosure further provides a computer-readable storage medium, for example, the non-transitory computer-readable storage medium may be a Read Only Memory (ROM), a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like. The storage medium stores computer instructions for executing the script obfuscating method described in the embodiment corresponding to fig. 1, which is not described herein again.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (10)

1. A method for script obfuscation, the method comprising:
the method comprises the steps of obtaining a lua byte code file after lua source code file compiling, analyzing the lua byte code file, and obtaining an instruction array of all code objects in the lua byte code file, wherein the instruction array comprises at least one instruction;
acquiring instruction information of each instruction in the instruction array, wherein the instruction information comprises position information of each instruction in the instruction array;
randomly adjusting the positions of all instructions in the instruction array, and obfuscating the adjusted instruction array by adopting a preset obfuscating rule to obtain an obfuscated instruction array;
and correspondingly updating the instruction arrays of all the code objects in the lua byte code file into the confused instruction array to obtain the confused lua byte code file.
2. The method of claim 1, wherein the obfuscating the adjusted instruction array using a preset obfuscation rule to obtain an obfuscated instruction array comprises:
acquiring an instruction name of each instruction;
determining the instruction type of each instruction according to the instruction name of each instruction, wherein the instruction type comprises a non-jump instruction and a jump instruction, and the jump instruction comprises a conditional jump instruction and a non-conditional jump instruction;
and generating a jump instruction corresponding to each instruction according to the instruction name, the instruction type and a preset confusion rule of each instruction to obtain a confused instruction array, wherein the preset confusion rule comprises the corresponding relation among the instruction names, the instruction types and the jump rules of a plurality of instructions.
3. The method according to claim 2, wherein the generating a jump instruction corresponding to each instruction according to the instruction type of each instruction and a preset obfuscation rule to obtain an obfuscated instruction array comprises:
when the instruction type of the instruction is a non-jump instruction, generating a jump instruction which jumps to a next instruction corresponding to the original execution logic, wherein the original next instruction is;
when the instruction type of the instruction is an unconditional jump instruction, generating a jump instruction which jumps to the original instruction position to be jumped;
and when the instruction type of the instruction is a conditional jump instruction, generating a jump instruction corresponding to the condition that the jump direction is established and a jump instruction for jumping to a next instruction corresponding to the original execution logic.
4. The method of claim 1, wherein the obfuscating the adjusted instruction array using a preset obfuscation rule to obtain an obfuscated instruction array comprises:
and adding a random jump instruction and/or a garbage instruction while mixing the adjusted instruction array by adopting a preset mixing rule to obtain a mixed instruction array.
5. The method of claim 1, further comprising:
and deleting debugging information in the obfuscated lua character code file, wherein the debugging information comprises a source code line number and a local variable name corresponding to each instruction.
6. A script obfuscation device, comprising:
the analysis module is used for acquiring a lua byte code file after lua source code file compiling, and analyzing the lua byte code file to obtain an instruction array of all code objects in the lua byte code file, wherein the instruction array comprises at least one instruction;
the obtaining module is used for obtaining instruction information of each instruction in the instruction array, and the instruction information comprises position information of each instruction in the instruction array;
the confusion module is used for randomly adjusting the positions of all instructions in the instruction array, and confusing the adjusted instruction array by adopting a preset confusion rule to obtain a confused instruction array;
and the updating module is used for correspondingly updating the instruction arrays of all the code objects in the lua byte code file into the confused instruction arrays to obtain the confused lua byte code file.
7. The apparatus of claim 6, wherein the obfuscation module comprises: obtaining a submodule, determining a submodule and generating a submodule;
the obtaining submodule is used for obtaining the instruction name of each instruction;
the determining submodule is used for determining the instruction type of each instruction according to the instruction name of each instruction, wherein the instruction type comprises a non-jump instruction and a jump instruction, and the jump instruction comprises a conditional jump instruction and a non-conditional jump instruction;
the generating submodule is used for generating a jump instruction corresponding to each instruction according to the instruction name, the instruction type and a preset confusion rule of each instruction to obtain a confused instruction array, and the preset confusion rule comprises the corresponding relation of the instruction names, the instruction types and the jump rules of a plurality of instructions.
8. The apparatus of claim 7,
the generation submodule is used for generating a jump instruction which jumps to a next instruction corresponding to the original execution logic when the instruction type of the instruction is a non-jump instruction, wherein the original next instruction is; when the instruction type of the instruction is an unconditional jump instruction, generating a jump instruction which jumps to the original instruction position to be jumped; and when the instruction type of the instruction is a conditional jump instruction, generating a jump instruction corresponding to the condition that the jump direction is established and a jump instruction for jumping to a next instruction corresponding to the original execution logic.
9. The apparatus of claim 6,
and the confusion module is used for adding a random jump instruction and/or a garbage instruction to the adjusted instruction array while adopting a preset confusion rule to perform confusion, so as to obtain the confused instruction array.
10. The apparatus of claim 6, wherein the script obfuscating means further comprises: a deletion module;
and the deleting module is used for deleting debugging information in the obfuscated lua character code file, wherein the debugging information comprises a source code line number and a local variable name corresponding to each instruction.
CN202010129119.4A 2020-02-28 2020-02-28 Script obfuscating method and device Pending CN111310133A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010129119.4A CN111310133A (en) 2020-02-28 2020-02-28 Script obfuscating method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010129119.4A CN111310133A (en) 2020-02-28 2020-02-28 Script obfuscating method and device

Publications (1)

Publication Number Publication Date
CN111310133A true CN111310133A (en) 2020-06-19

Family

ID=71160359

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010129119.4A Pending CN111310133A (en) 2020-02-28 2020-02-28 Script obfuscating method and device

Country Status (1)

Country Link
CN (1) CN111310133A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112156476A (en) * 2020-09-23 2021-01-01 成都完美天智游科技有限公司 Game configuration file exporting method, device, equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103927164A (en) * 2014-03-10 2014-07-16 珠海市君天电子科技有限公司 Method and system for confusing scripts
CN108363911A (en) * 2018-02-11 2018-08-03 西安四叶草信息技术有限公司 A kind of Python scripts obscure, the method and device of watermark
CN108829396A (en) * 2018-06-15 2018-11-16 腾讯科技(深圳)有限公司 Method, the method for script execution, relevant apparatus and the system of script compiling

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103927164A (en) * 2014-03-10 2014-07-16 珠海市君天电子科技有限公司 Method and system for confusing scripts
CN108363911A (en) * 2018-02-11 2018-08-03 西安四叶草信息技术有限公司 A kind of Python scripts obscure, the method and device of watermark
CN108829396A (en) * 2018-06-15 2018-11-16 腾讯科技(深圳)有限公司 Method, the method for script execution, relevant apparatus and the system of script compiling

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112156476A (en) * 2020-09-23 2021-01-01 成都完美天智游科技有限公司 Game configuration file exporting method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
US9639377B2 (en) Method for linking and loading to protect applications
KR101706425B1 (en) Apparatus and method for unit test of code
KR101861341B1 (en) Deobfuscation apparatus of application code and method of deobfuscating application code using the same
US20100138817A1 (en) In-place function modification
US20130318511A1 (en) Vectorization of scalar functions including vectorization annotations and vectorized function signatures matching
US7418699B2 (en) Method and system for performing link-time code optimization without additional code analysis
WO2019005228A1 (en) Automated source code adaption to inject features between platform versions
CN107632832B (en) Dalvik byte code oriented control flow confusion method
KR102176742B1 (en) Method of call graph extraction in android apps, recording medium and apparatus for performing the method
US6625807B1 (en) Apparatus and method for efficiently obtaining and utilizing register usage information during software binary translation
CN111310133A (en) Script obfuscating method and device
CN109543368B (en) Cross-platform source code virtualization protection method based on intermediate language interpreter
Juričić Detecting source code similarity using low-level languages
US9436452B2 (en) Method for enforcing language subsets
US5946493A (en) Method and system in a data processing system for association of source code instructions with an optimized listing of object code instructions
US20180129490A1 (en) Object ordering preservation during lto link stage
US20180275976A1 (en) Link time optimization in presence of a linker script using path based rules
CN110472425A (en) Unity plug-in unit encryption method based on Mono, storage medium
CN115756480A (en) Android application reinforcement method, system and equipment
CN111796832B (en) Hot patch file generation method, device, equipment and storage medium
US20050125783A1 (en) Program optimization with intermediate code
JP2009258796A (en) Program development device and program development method
US11783013B2 (en) Protected processing of operations
CN112799942B (en) Keil C51-based software source code and target code coverage rate analysis method and system
Bazhenov et al. Methodology of software code decomposition analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200619

RJ01 Rejection of invention patent application after publication