CN111752591A - Operation method and device for reinforcement application and application reinforcement method and device - Google Patents
Operation method and device for reinforcement application and application reinforcement method and device Download PDFInfo
- Publication number
- CN111752591A CN111752591A CN201910239278.7A CN201910239278A CN111752591A CN 111752591 A CN111752591 A CN 111752591A CN 201910239278 A CN201910239278 A CN 201910239278A CN 111752591 A CN111752591 A CN 111752591A
- Authority
- CN
- China
- Prior art keywords
- function
- reinforcement
- application
- code instruction
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/72—Code refactoring
Abstract
The invention discloses an operation method and device for reinforcement application and an application reinforcement method and device. The operation method comprises the following steps: when a target function in a reinforcement application is called, acquiring a code instruction of the reinforcement function corresponding to the target function; the code instruction of the reinforcement function and the function body of the reinforcement function are stored separately in a file; loading the code instruction to a specified position of a memory; executing the reinforcement function according to the loaded code instruction to obtain an execution result of the reinforcement function; and taking the execution result as the execution result of the target function. According to the technical scheme, the file codes can be effectively prevented from being acquired by memories in various modes when the application is operated, the operation performance of the application program is ensured on the premise of ensuring the safety, and the forward and backward compatibility of various versions can be realized.
Description
Technical Field
The invention relates to the field of application program safety, in particular to an operation method and device for reinforcing application and an application reinforcing method and device.
Background
The android application program installation file is compressed and packaged into an apk file, the installation process of the apk is to decompress the apk into a dex file, an original resource file and an android manifest.
Therefore, a technical solution for protecting the application program from being cracked is needed to solve the above technical problems.
Disclosure of Invention
In view of the above, the present invention has been made in order to provide a method and a device for running a reinforcement application and a method and a device for applying reinforcement that overcome or at least partially solve the above problems.
According to an aspect of the present invention, there is provided a method of operating a hardened application, comprising:
when an objective function in reinforcement application is called, acquiring a code instruction of the reinforcement function corresponding to the objective function; the code instruction of the reinforcement function and the function body of the reinforcement function are stored in a file separately;
loading the code instruction to a specified position of a memory;
executing the reinforcement function according to the loaded code instruction to obtain an execution result of the reinforcement function;
and taking the execution result as the execution result of the target function.
Optionally, the objective function is a local function, and/or a function body of the objective function is empty.
Alternatively, the code instructions are saved at the end of the file.
Optionally, the location in the function body of the hardened function where the code instruction is stored is preset to 0.
Optionally, the code instruction is derived from a primitive function body of the objective function.
Optionally, the separately stored code instructions are subjected to encryption processing;
loading the code instructions into the specified location of the memory includes: and carrying out decryption processing on the code instruction, and loading the decrypted code instruction to a specified position of the memory.
Optionally, the reinforcement function is a private function.
Optionally, the method further comprises:
and after the execution of the reinforcement function is finished, setting the content of the address field corresponding to the reinforcement function in the memory as 0.
Optionally, the file is a dex file, and the application is an android application.
According to another aspect of the present invention, there is provided an application reinforcement method including:
taking a function to be reinforced in the application to be reinforced as a target function;
generating a reinforcement function according to the target function;
the code instruction of the reinforcement function and the function body of the reinforcement function are stored in a file in a separating way, and reinforcement application is obtained according to the file;
the reinforcement application operates according to the method of operation of the reinforcement application as defined in any one of the above.
According to still another aspect of the present invention, there is provided an execution apparatus of a reinforcement application, including:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is suitable for acquiring a code instruction of a reinforcement function corresponding to an objective function when the objective function in the reinforcement application is called; the code instructions of the hardening function are stored separately from the body of the hardening function in the file.
And the loading unit is suitable for loading the code instruction to a specified position of the memory.
The execution unit is suitable for executing the reinforcement function according to the loaded code instruction and acquiring an execution result of the reinforcement function; and taking the execution result as the execution result of the target function.
Optionally, the objective function is a local function, and/or a function body of the objective function is empty.
Alternatively, the code instructions are saved at the end of the file.
Optionally, the location in the function body of the hardened function where the code instruction is stored is preset to 0.
Optionally, the code instruction is derived from a primitive function body of the objective function.
Optionally, the code instruction separately stored in the obtaining unit is subjected to encryption processing;
and the loading unit further comprises: and carrying out decryption processing on the code instruction, and loading the decrypted code instruction to a specified position of the memory.
Optionally, the reinforcement function is a private function.
Optionally, the execution unit further includes:
and after the execution of the reinforcement function is finished, setting the content of the address field corresponding to the reinforcement function in the memory as 0.
Optionally, the file is a dex file, and the application is an android application.
According to yet another aspect of the present invention, there is provided an application reinforcement device comprising:
the determining unit is used for taking a function to be reinforced in the application to be reinforced as a target function;
a generating unit that generates a reinforcement function from the objective function;
the reinforcement unit is used for separately storing the code instruction of the reinforcement function and the function body of the reinforcement function in a file and obtaining reinforcement application according to the file;
the reinforcement application operates according to the operating means of the reinforcement application as defined in any one of the above.
According to still another aspect of the present invention, there is also provided an electronic apparatus, wherein the electronic apparatus includes: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to perform the method of operating the ruggedized application described above.
According to still another aspect of the present invention, there is also provided a computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs which, when executed by a processor, implement the execution method of the above-described reinforcement application.
As can be seen from the above, the method for operating the reinforcement application of the present invention includes the following steps: when an objective function in reinforcement application is called, acquiring a code instruction of the reinforcement function corresponding to the objective function; the code instruction of the reinforcement function and the function body of the reinforcement function are stored in a file separately; loading the code instruction to a specified position of a memory; executing the reinforcement function according to the loaded code instruction to obtain an execution result of the reinforcement function; and taking the execution result as the execution result of the target function. By the method, the safety and the concealment of the application program in the operation can be ensured, and the following technical effects can be obtained: 1. the method can effectively prevent the memory in various modes from acquiring the code data of the executable file; 2. the running performance of the application program can be ensured on the premise of ensuring the safety; 3. and the application versions can be compatible forwards and backwards.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 illustrates a flow diagram of a method for operating a ruggedized application, in accordance with one embodiment of the present invention;
FIG. 2 illustrates a schematic structural diagram of an operating device for a ruggedized application, in accordance with one embodiment of the present invention;
FIG. 3 illustrates a flow diagram of a method of applying reinforcement according to one embodiment of the present invention;
FIG. 4 illustrates a schematic structural diagram of an application reinforcement device according to an embodiment of the present invention;
FIG. 5 shows a schematic structural diagram of an electronic device according to one embodiment of the invention;
fig. 6 shows a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Although the android platform adopts a multi-level security protection mechanism at present, due to the defects of the android platform, the software of the android platform is still threatened from various aspects by using a Java language which is easy to decompile, wherein the most important threat is reverse attack. The key parts of the software are cracked through reverse engineering, so that software information is obtained or a series of malicious attacks are implemented. The general steps of the reverse android software are: the method comprises the steps of decompiling the software, reading the decompiled code, dynamically debugging the decompiled code if necessary, injecting or directly modifying the decompiled code after finding a breakthrough, and recompiling the software for testing.
The apk application in the Java layer is easy to be reversed to obtain a dex file, while the Native program in the Native layer has higher safety and can directly interact with a CPU (central processing unit), so that the reversing difficulty is high, and the performance of the program is improved. Since the files of the Native layer are difficult to be statically decompiled, most attacks against the files are dynamic debugging and memory dump analysis.
There are many kinds of dex protection schemes in the prior art, the most common scheme is decryption and dynamic memory loading at run-time after encryption, and the disadvantage of this scheme is that the decrypted dex exists in the memory, and the dex can be taken from the memory by a cracker. If all the functions in the dex are processed by the vmp, a cracker can be prevented from taking the correct dex from the memory, but the running efficiency is reduced greatly. Some dex code separation technologies exist in the market, but the technologies in the market are very dependent on the system structure, and each update of the system means that the scheme needs to be adjusted.
In order to protect executable file codes such as dex and the like from being acquired, the invention provides an operation method and device for reinforcing an application program in a code separation mode.
Fig. 1 shows a flow chart of a method for operating a reinforcement application according to an embodiment of the present invention, as shown in fig. 1, the method comprising:
step S110, when an objective function in the reinforcement application is called, acquiring a code instruction of the reinforcement function corresponding to the objective function; the code instructions of the hardening function are stored separately from the body of the hardening function in the file.
Embodiments may learn when the target function is called by listening for call events of the target function, and perform subsequent processing. The function can be understood as a function or a method in a programming language, and for the avoidance of ambiguity, the concept of a function is uniformly used for description. The target function includes, for example, all or part of functions included in an executable file (e.g., dex), and these functions may be objects that need to be protected in a service. The reinforcing functions are converted from the objective functions by copying and the like, and can realize the same functions and obtain the same execution results.
According to the embodiment, before the application runs, the reinforcement function can be added into the executable file in advance, and the target function is replaced by executing the code instruction (such as insn) of the reinforcement function during running, so that the target function can be prevented from being acquired in a memory, and the safety of the code instruction in the reinforcement function is further protected by separately storing the reinforcement function and the code instruction of the reinforcement function in the file.
Step S120, load the code instruction to the designated location of the memory.
Step S130, executing the reinforcement function according to the loaded code instruction, and obtaining an execution result of the reinforcement function.
In step S140, the execution result is used as the execution result of the objective function.
Therefore, the method shown in fig. 1 can ensure the security and the concealment of the application program in the operation, and can specifically obtain the following technical effects: 1. the method can effectively prevent the memory in various modes from acquiring the code data of the executable file; 2. the running performance of the application program can be ensured on the premise of ensuring the safety; 3. the various versions can be compatible forward and backward.
In one embodiment of the invention, the objective function is a local function and/or the function body of the objective function is empty.
The embodiment of the invention provides two examples of ways for avoiding the original content of the target function from being acquired, which can be realized in combination or alternatively. In one approach, the attribute of the target function is a native attribute, so that the target function is not directly loaded into the memory when the application is executed, and the hardening function can be executed in a first step, thereby preventing the memory dump. In another mode, the function body of the target function is emptied, so that even if the target function is loaded into the memory, a cracker cannot obtain the code instruction of the target function through the dump mode.
In one embodiment of the present invention, the code instruction is stored at the tail of the file, but may be stored at the front or other designated location in other embodiments, so that the code instruction can be quickly located when the application runs, and the obtaining of the code instruction is facilitated when the reinforcement function is executed.
In one embodiment of the invention, the location in the function body of the reinforcement function where the code instruction is stored is preset to 0. Therefore, a cracker can immediately obtain the reinforcement function but cannot obtain the data content therein, and the data security is further ensured. Moreover, by means of occupation, a cracker is difficult to directly find the code instructions of the reinforcement function from the code structure and store the code instructions separately, so that the cracking difficulty is increased.
In one embodiment of the invention, the code instructions are derived from a primitive function body of the objective function. For example, the developer may copy the target function to obtain the reinforcement function, so as to ensure that the execution result of the reinforcement function is the same as the execution result of the target function.
In one embodiment of the invention, the code instructions are encrypted; loading the code instructions into the specified location of the memory S120 includes: and carrying out decryption processing on the code instruction, and loading the decrypted code instruction to a specified position of the memory.
By encrypting the code instructions separately placed in the file, the data security of the code instructions after separation can be ensured, a cracker is prevented from obtaining the code instructions by directly obtaining an executable file, and the decryption processing of the code instructions is also carried out in order to ensure that the code can be normally called when the code runs.
In one embodiment of the invention, the reinforcement function is a private function. Private (private) functions can only be accessed by methods of the current class, further ensuring the security of the code instructions therein. For example, if a specific class is used to implement the operation method of the reinforcement application, the reinforcement function can only be accessed by the specific class, which increases the difficulty of cracking.
In one embodiment of the invention, the method further comprises: and after the execution of the reinforcement function is finished, setting the content of the address field corresponding to the reinforcement function in the memory as 0.
The content of the address segment corresponding to the reinforcement function in the memory is set to be 0, so that a cracker is prevented from acquiring the data of the address segment corresponding to the code segment at the designated position of the memory, and the code instruction is acquired. That is, after the reinforcement function is executed, a masking operation is added, so that the possibility of dump is further reduced.
In one embodiment of the invention, the file is a dex file and the application is an android application. In order to ensure the safe operation of the dex file in the android application program, the dex file can be reinforced by adopting the method.
Fig. 2 is a block diagram illustrating an apparatus for operating a reinforcement application according to an embodiment of the present invention, and as shown in fig. 2, the apparatus 200 for operating a reinforcement application includes:
an obtaining unit 210 that obtains, when an objective function in a reinforcement application is called, a code instruction of a reinforcement function corresponding to the objective function; the code instructions of the hardening function are stored separately from the body of the hardening function in the file.
The target function can be known when being called by monitoring the calling event of the target function, so as to perform subsequent processing, and the function can be understood as a function or a method in a programming language, and for avoiding ambiguity, the concept of the function is uniformly used for description. The target function includes all or part of functions in an executable file including dex, and the functions can be objects needing important protection in business. The reinforcing functions are converted from the objective functions by copying and the like, and can realize the same functions and obtain the same execution results.
Before the application runs, a reinforcement function can be added into the executable file in advance, and during the running, the target function is replaced by a code instruction (such as insn) for executing the reinforcement function, so that the target function can be prevented from being acquired in a memory, and the code instructions in the reinforcement function are further protected by separately storing the reinforcement function and the code instruction of the reinforcement function in the file.
The load unit 220 loads the code instructions to a specified location in the memory.
The execution unit 230 executes the reinforcement function according to the loaded code instruction, and obtains an execution result of the reinforcement function; and then taking the execution result as the execution result of the objective function.
Therefore, the device shown in fig. 2 can ensure the safety and the concealment of the application program in operation, and can specifically obtain the following technical effects: 1. the method can effectively prevent the memory in various modes from acquiring the code data of the executable file; 2. the running performance of the application program can be ensured on the premise of ensuring the safety; 3. the various versions can be compatible forward and backward.
In one embodiment of the invention, the objective function is a local function and/or the function body of the objective function is empty.
The embodiment of the invention provides two examples of ways for avoiding the original content of the target function from being acquired, which can be realized in combination or alternatively. In one approach, the attribute of the target function is a native attribute, so that the target function is not directly loaded into the memory when the application is executed, and the hardening function can be executed in a first step, thereby preventing the memory dump. In another mode, the function body of the target function is emptied, so that even if the target function is loaded into the memory, a cracker cannot obtain the code instruction of the target function through the dump mode.
In one embodiment of the invention, the code instructions are saved at the end of the file. Of course, in other embodiments, the location may be a front portion or other designated location, so that the code instruction can be quickly located when the application runs, and the code instruction can be conveniently obtained when the reinforcement function is executed.
In one embodiment of the invention, the location in the function body of the reinforcement function where the code instruction is stored is preset to 0. Through the operation, even if a cracker obtains the reinforcement function, the cracker cannot obtain the data content therein, and the data security is further ensured. Moreover, by means of occupation, a cracker is difficult to directly find the code instructions of the reinforcement function from the code structure and store the code instructions separately, so that the cracking difficulty is increased.
In one embodiment of the invention, the code instructions are derived from a primitive function body of the objective function. For example, the developer may copy the target function to obtain the reinforcement function, so as to ensure that the execution result of the reinforcement function is the same as the execution result of the target function.
In one embodiment of the present invention, the code instructions separately stored in the obtaining unit 210 are encrypted; the loading unit further includes: and carrying out decryption processing on the code instruction, and loading the decrypted code instruction to a specified position of the memory.
By encrypting the code instructions separately placed in the file, the data security of the code instructions after separation can be ensured, a cracker is prevented from obtaining the code instructions by directly obtaining an executable file, and the decryption processing of the code instructions is also carried out in order to ensure that the code can be normally called when the code runs.
In one embodiment of the invention, the reinforcement function is a private function. Private (private) functions can only be accessed by methods of the current class, further ensuring the security of the code instructions therein. For example, if a specific class is used to implement the operation method of the reinforcement application, the reinforcement function can only be accessed by the specific class, which increases the difficulty of cracking.
In one embodiment of the present invention, the execution unit 230 further includes: and after the execution of the reinforcement function is finished, setting the content of the address field corresponding to the reinforcement function in the memory as 0.
The content of the address segment corresponding to the reinforcement function in the memory is set to be 0, so that a cracker is prevented from acquiring the data of the address segment corresponding to the code segment at the designated position of the memory, and the code instruction is acquired. That is, after the reinforcement function is executed, a masking operation is added, so that the possibility of dump is further reduced.
In one embodiment of the invention, the file is a dex file and the application is an android application. In order to ensure the safe operation of the dex file in the android application program, the dex file can be reinforced by adopting the method.
Fig. 3 shows a flow chart of a method for applying reinforcement according to an embodiment of the invention, which, as shown in fig. 3, describes the step of applying reinforcement from another perspective, including:
step S310, taking a function to be reinforced in the application to be reinforced as a target function; the functions to be reinforced can be part or all of the functions of the executable file of the application program, and the functions can be objects needing important protection in business.
Step S320, generating a reinforcement function according to the target function; this step is implemented by means such as copying, and can be considered as the first separation measure for protecting the target function code instructions in the file.
Step S330, separately storing the code instruction of the reinforcement function and the function body of the reinforcement function in a file, and obtaining reinforcement application according to the file; the separation of the code in the file is further realized by separating the reinforced function code instruction from the reinforced function body, and the concealment of the file is improved.
The reinforcement application may be operated according to the operation method of the reinforcement application described in any of the foregoing embodiments, and it is easy to understand that these two technical solutions may be used in cooperation with each other, for example, the specific file may be a dex file; the execution of the reinforced application can be realized by listening to the calling event of the target function to know when the target function is called, and so on, which are not illustrated in any more detail.
Fig. 4 is a block diagram illustrating an apparatus for applying reinforcement according to an embodiment of the present invention, as shown in fig. 4, including:
a determining unit 410, which takes the function to be consolidated in the application to be consolidated as the objective function; the functions to be reinforced can be part or all of the functions of the executable file of the application program, and the functions can be objects needing important protection in business.
A generating unit 420 for generating a reinforcement function according to the objective function; the generation unit is realized by means of copying, etc., and may be regarded as a first separation measure for protecting the target function code instruction in the file.
The reinforcement unit 430 is configured to store the code instruction of the reinforcement function and the function body of the reinforcement function separately in a file, and obtain reinforcement application according to the file; wherein the content of the first and second substances,
the reinforcement application may be operated according to the operation device of the reinforcement application as described in any of the previous embodiments, and it is easy to understand that the two technical solutions may be used in cooperation with each other, for example, the specific file may be a dex file; the execution of the reinforced application can be realized by listening to the calling event of the target function to know when the target function is called, and so on, which are not illustrated in any more detail.
In summary, according to the operation method of the reinforcement application introduced in the present invention, when the objective function in the reinforcement application is called, the code instruction of the reinforcement function corresponding to the objective function is obtained; the code instruction of the reinforcement function and the function body of the reinforcement function are stored in a file separately; loading the code instruction to a specified position of a memory; and executing the reinforcement function according to the loaded code instruction to obtain an execution result of the reinforcement function. The method can effectively prevent the memories in various modes from acquiring the code data of the executable file, ensures the safety of the target function, does not depend on the structure of any system, and has good compatibility.
It should be noted that:
the algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose devices may be used with the teachings herein. The required structure for constructing such a device will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components of the hardened application execution apparatus in accordance with embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
For example, fig. 5 shows a schematic structural diagram of an electronic device according to an embodiment of the invention. The electronic device 500 comprises a processor 510 and a memory 520 arranged to store computer executable instructions (computer readable program code). The memory 520 may be an electronic memory such as a flash memory, an EEPROM (electrically erasable programmable read only memory), an EPROM, a hard disk, or a ROM. The memory 520 has a storage space 530 storing computer readable program code 531 for performing any of the method steps in the above described method. For example, the storage space 530 for storing the computer readable program code may include respective computer readable program codes 531 for respectively implementing various steps in the above method. The computer readable program code 531 may be read from or written to one or more computer program products. These computer program products comprise a program code carrier such as a hard disk, a Compact Disc (CD), a memory card or a floppy disk. Such a computer program product is typically a computer readable storage medium such as that of fig. 6. Fig. 6 shows a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention. The computer readable storage medium 600 has stored thereon a computer readable program code 531 for performing the steps of the method according to the invention, which is readable by the processor 510 of the electronic device 500, and when the computer readable program code 531 is executed by the electronic device 500, causes the electronic device 500 to perform the steps of the method described above, in particular the computer readable program code 531 stored on the computer readable storage medium may perform the method shown in any of the embodiments described above. The computer readable program code 531 may be compressed in a suitable form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The embodiment of the invention discloses an A1 operation method of a reinforcement application, which comprises the following steps:
when a target function in a reinforcement application is called, acquiring a code instruction of the reinforcement function corresponding to the target function; the code instruction of the reinforcement function and the function body of the reinforcement function are stored separately in a file;
loading the code instruction to a specified position of a memory;
executing the reinforcement function according to the loaded code instruction to obtain an execution result of the reinforcement function;
and taking the execution result as the execution result of the target function.
A2, the method according to A1, wherein the objective function is a local function, and/or the function body of the objective function is empty.
A3, the method of A1, wherein the code instructions are saved at the end of the file.
A4, the method as in A1, wherein the location of the storing code instruction in the function body of the hardened function is preset to 0.
A5, the method as in A1, wherein the code instructions are derived from a primitive function body of the objective function.
A6, the method of A5, wherein the separately stored code instructions are subjected to encryption processing;
the loading the code instructions to the specified location of the memory comprises: and carrying out decryption processing on the code instruction, and loading the decrypted code instruction to a specified position of the memory.
A7, the method of A1, wherein the reinforcement function is a private function.
A8, the method of claim a1, wherein the method further comprises:
and after the execution of the reinforced function is finished, setting the content of the address field corresponding to the reinforced function in the memory as 0.
A9, the method according to A1, wherein the file is a dex file, and the application is an android application.
The embodiment of the invention also discloses B10 and an application reinforcement method, which comprises the following steps:
taking a function to be reinforced in the application to be reinforced as a target function;
generating a reinforcement function according to the target function;
the code instruction of the reinforcement function and the function body of the reinforcement function are stored in a file in a separating mode, and reinforcement application is obtained according to the file;
the reinforcement application is operated according to the method as described in any of a1-a 9.
The embodiment of the invention also discloses C11, an operation device for reinforcing application, which comprises:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is suitable for acquiring a code instruction of a reinforcement function corresponding to a target function when the target function in reinforcement application is called; the code instruction of the reinforcement function and the function body of the reinforcement function are stored separately in a file;
the loading unit is suitable for loading the code instruction to a specified position of a memory;
the execution unit is suitable for executing the reinforced function according to the loaded code instruction and acquiring the execution result of the reinforced function; and taking the execution result as the execution result of the target function.
C12, the apparatus according to C11, wherein the objective function is a local function, and/or the function body of the objective function is empty.
C13, the apparatus as in C11, wherein the code instructions are saved at the end of the file.
C14, the apparatus as in C11, wherein the location of the storing code instruction in the function body of the hardened function is preset to 0.
C15, the apparatus as in C11, wherein the code instructions are derived from a primitive function body of the objective function.
C16, the apparatus as in C15, wherein the code instructions stored separately in the fetch unit are encrypted;
and the loading unit further comprises: and carrying out decryption processing on the code instruction, and loading the decrypted code instruction to a specified position of the memory.
C17, the apparatus as in C11, wherein the hardened function is a private function.
C18, the apparatus as described in C11, wherein the execution unit further comprises:
and after the execution of the reinforced function is finished, setting the content of the address field corresponding to the reinforced function in the memory as 0.
C19, the device is the device C11, wherein the file is a dex file, and the application is an android application.
The embodiment of the invention also discloses D20, an application reinforcing device, which comprises:
the determining unit is used for taking a function to be reinforced in the application to be reinforced as a target function;
a generating unit that generates a reinforcement function from the objective function;
the reinforcement unit is used for separately storing the code instruction of the reinforcement function and the function body of the reinforcement function in a file and obtaining reinforcement application according to the file;
the reinforcement application operates according to the apparatus as described in any of C11-C19.
The embodiment of the invention also discloses E21 and electronic equipment, wherein the electronic equipment comprises: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to perform the method of any one of a1-a9, B10.
Embodiments of the invention also disclose F22, a computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement a method as described in any of a1-a9, B10.
Claims (10)
1. A method of operating a ruggedized application, comprising:
when a target function in a reinforcement application is called, acquiring a code instruction of the reinforcement function corresponding to the target function; the code instruction of the reinforcement function and the function body of the reinforcement function are stored separately in a file;
loading the code instruction to a specified position of a memory;
executing the reinforcement function according to the loaded code instruction to obtain an execution result of the reinforcement function;
and taking the execution result as the execution result of the target function.
2. The method of claim 1, wherein the objective function is a local function and/or a function body of the objective function is empty.
3. The method of claim 1, wherein the code instructions are saved at an end of the file.
4. The method of claim 1, wherein the location in the function body of the hardening function where the code instruction is stored is preset to 0.
5. An application reinforcement method comprising:
taking a function to be reinforced in the application to be reinforced as a target function;
generating a reinforcement function according to the target function;
the code instruction of the reinforcement function and the function body of the reinforcement function are stored in a file in a separating mode, and reinforcement application is obtained according to the file;
the reinforcement application is operated according to the method of any one of claims 1-4.
6. An execution device for a ruggedized application, comprising:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is suitable for acquiring a code instruction of a reinforcement function corresponding to a target function when the target function in reinforcement application is called; the code instruction of the reinforcement function and the function body of the reinforcement function are stored separately in a file;
the loading unit is suitable for loading the code instruction to a specified position of a memory;
the execution unit is suitable for executing the reinforced function according to the loaded code instruction and acquiring the execution result of the reinforced function; and taking the execution result as the execution result of the target function.
7. The apparatus of claim 6, wherein the objective function is a local function and/or a function body of the objective function is empty.
8. An application reinforcement device comprising:
the determining unit is used for taking a function to be reinforced in the application to be reinforced as a target function;
a generating unit that generates a reinforcement function from the objective function;
the reinforcement unit is used for separately storing the code instruction of the reinforcement function and the function body of the reinforcement function in a file and obtaining reinforcement application according to the file;
the reinforcement application operates according to the apparatus of any one of claims 6-7.
9. An electronic device, wherein the electronic device comprises: a processor; and a memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the method of any one of claims 1-5.
10. A computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement the method of any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910239278.7A CN111752591A (en) | 2019-03-27 | 2019-03-27 | Operation method and device for reinforcement application and application reinforcement method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910239278.7A CN111752591A (en) | 2019-03-27 | 2019-03-27 | Operation method and device for reinforcement application and application reinforcement method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111752591A true CN111752591A (en) | 2020-10-09 |
Family
ID=72671874
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910239278.7A Pending CN111752591A (en) | 2019-03-27 | 2019-03-27 | Operation method and device for reinforcement application and application reinforcement method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111752591A (en) |
-
2019
- 2019-03-27 CN CN201910239278.7A patent/CN111752591A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106295370B (en) | Method and device for reinforcing Dynamic Link Library (DLL) file of installation package | |
| CN106355049B (en) | Method and device for reinforcing SO file of dynamic link library of android installation package | |
| EP1366404B1 (en) | Digital data protection arrangement | |
| CN107977552B (en) | Android application reinforcing method and device | |
| KR101503785B1 (en) | Method And Apparatus For Protecting Dynamic Library | |
| CN106203006A (en) | Android application reinforcement means based on dex Yu so file Dynamic Execution | |
| CN104392181A (en) | SO file protection method and device and android installation package reinforcement method and system | |
| CN105512521A (en) | Reinforcement and protection method and system for software installation package | |
| WO2015192637A1 (en) | Method and apparatus for reinforced protection of software installation package | |
| CN107330328B (en) | Method and device for defending against virus attack and server | |
| MX2007011026A (en) | System and method for foreign code detection. | |
| CN105989252A (en) | Function level packing-oriented unpacking method and system | |
| CN105760721A (en) | Software hardening method and system | |
| CN108985096B (en) | Security enhancement and security operation method and device for Android SQLite database | |
| CN112134905B (en) | Android system based signature method, device and equipment | |
| CN110147653A (en) | Application security reinforcement means and device | |
| CN107506623B (en) | Application program reinforcing method and device, computing equipment and computer storage medium | |
| El-Harake et al. | Blocking advertisements on android devices using monitoring techniques | |
| CN107209815B (en) | Method for code obfuscation using return-oriented programming | |
| CN113536242A (en) | Dynamic library calling method and device, terminal equipment and storage medium | |
| CN102831334A (en) | Positioning method and positioning system for target address | |
| EP2075728A1 (en) | A method and an apparatus for code protection | |
| CN111752591A (en) | Operation method and device for reinforcement application and application reinforcement method and device | |
| CN106295327B (en) | Executable file reinforcing method and device | |
| CN106709289B (en) | method and device for reinforcing executable file |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |