CN111984939A - Character string obfuscating method, device, electronic equipment and storage medium - Google Patents
Character string obfuscating method, device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111984939A CN111984939A CN201910429808.4A CN201910429808A CN111984939A CN 111984939 A CN111984939 A CN 111984939A CN 201910429808 A CN201910429808 A CN 201910429808A CN 111984939 A CN111984939 A CN 111984939A
- Authority
- CN
- China
- Prior art keywords
- character string
- confusion
- confused
- macro
- obfuscated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 116
- 238000005336 cracking Methods 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 7
- 238000004590 computer program Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 2
- 238000012216 screening Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
- G06F7/582—Pseudo-random number generators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
- G06F8/433—Dependency analysis; Data or control flow analysis
- G06F8/434—Pointers; Aliasing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Mathematical Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Multimedia (AREA)
- Computational Mathematics (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a character string confusion method, a character string confusion device, electronic equipment and a storage medium. The method comprises the following steps: scanning the code file, and determining a character string to be confused which accords with a scanning rule; adding confusion macro processing to the character string to be confused; and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time. The technical scheme has the advantages that the character string confusion can be automatically realized, developers do not need to manually remove the confusion, and the workload of the developers is reduced; the specific confusion is carried out in the process of code compiling, so that the performance of the program in operation is not influenced, and the efficiency is high; the character strings are mixed up according to the compiling time, so that the mixed up character strings obtained by compiling each time are different, and the cracking difficulty is improved.
Description
Technical Field
The invention relates to the field of information security, in particular to a character string confusion method and device, electronic equipment and a storage medium.
Background
When the binary file is cracked, the character strings often become a key point of breakthrough because the character strings hard-coded in the codes can be found in the binary file without being changed. Therefore, in order to increase the difficulty of cracking, it is an important step to confuse the character strings. Confusion of strings can be started from several points: 1) calling an application program to process the character string before compiling; 2) the code group is directly written into the character string after confusion; 3) and processing the generated binary file.
The character string confusion method in the prior art also has some disadvantages, such as: because the adopted confusion algorithm is fixed, the confusion results of the same character strings are the same each time, and if an attacker finds that a certain character string appears for many times, the character string can also become a breakthrough; the developer needs to replace the character strings in the source code one by one, the workload of the developer is increased if the source code is huge, and the like, so a better scheme is needed.
Disclosure of Invention
In view of the above, the present invention has been made to provide a character string obfuscation method, apparatus, electronic device, and storage medium that overcome or at least partially solve the above-mentioned problems.
According to an aspect of the present invention, there is provided a character string obfuscating method, including:
scanning the code file, and determining a character string to be confused which accords with a scanning rule;
adding confusion macro processing to the character string to be confused;
and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time.
Optionally, the method further comprises: adding a header file of the confusion macro in a code file for completing character string confusion;
The scanning the code file and determining the character string to be confused which accords with the scanning rule comprises the following steps: and if a head file containing the confusion macro in one code file is scanned, not executing character string confusion of the code file.
Optionally, the scanning the code file, and determining the character string to be obfuscated that meets the scanning rule includes:
if a character string is in the same row with any one of the # include, # warning, # error and # pragma, not taking the character string as the character string to be confused;
and/or the presence of a gas in the gas,
if one character string is used for initializing the array, the character string is not used as a character string to be confused;
and/or the presence of a gas in the gas,
if a character string is located in the annotation area, the character string is not used as the character string to be confused.
Optionally, the obfuscating the corresponding string to be obfuscated according to the compiling time includes:
determining an obfuscated key according to the compilation time;
randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
Optionally, the determining the obfuscation key according to the compilation time includes:
generating a random number using any one of a _ COUNTER _ macro, a _ LINE _ macro, and a _ FILE _ macro as the number of iterations of the pseudo-random generator, using the _ TIME _ macro as a seed of the pseudo-random generator;
The generated random number is used as the obfuscating key.
Optionally, the obfuscating the to-be-obfuscated character string according to the determined obfuscating key and the selected obfuscating method includes:
and obfuscating the character string to be obfuscated based on a template element programming technology, wherein the character string to be obfuscated is received by using a variable parameter template, and the determined obfuscating key and the obfuscated character string are stored.
Optionally, the preset obfuscation method includes at least one of:
exclusive or, addition and negation of characters.
According to another aspect of the present invention, there is provided a character string obfuscating apparatus including:
the scanning unit is suitable for scanning the code file and determining a character string to be confused which accords with a scanning rule;
the confusion unit is suitable for adding confusion macro processing to the character strings to be confused; and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time.
Optionally, the obfuscating unit is further adapted to add a header file of the obfuscating macro in a code file that completes character string obfuscation;
and the scanning unit is suitable for not executing character string confusion on a code file if a head file containing the confusion macro in the code file is scanned.
Optionally, the scanning unit is adapted to not treat a character string as a character string to be obfuscated if the character string is in the same row as any of the # include, # warning, # error, and # pragma; and/or if one character string is used for initializing the array, not taking the character string as the character string to be confused; and/or if a character string is located in the comment area, not taking the character string as the character string to be confused.
Optionally, the obfuscating the corresponding string to be obfuscated according to the compiling time includes:
determining an obfuscated key according to the compilation time;
randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
Optionally, the determining the obfuscation key according to the compilation time includes:
generating a random number using any one of a _ COUNTER _ macro, a _ LINE _ macro, and a _ FILE _ macro as the number of iterations of the pseudo-random generator, using the _ TIME _ macro as a seed of the pseudo-random generator;
the generated random number is used as the obfuscating key.
Optionally, the obfuscating the to-be-obfuscated character string according to the determined obfuscating key and the selected obfuscating method includes:
And obfuscating the character string to be obfuscated based on a template element programming technology, wherein the character string to be obfuscated is received by using a variable parameter template, and the determined obfuscating key and the obfuscated character string are stored.
Optionally, the preset obfuscation method includes at least one of:
exclusive or, addition and negation of characters.
In accordance with still another aspect of the present invention, there is provided an electronic apparatus including: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to perform a method as any one of the above.
According to a further aspect of the invention, there is provided a computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement a method as any one of the above.
According to the technical scheme, the code file is scanned through the predefined scanning rule, and the character string to be confused which accords with the scanning rule is determined; adding confusion macro processing to the character string to be confused; and in the code compiling process, the obfuscating macro obfuscates the corresponding character string to be obfuscated according to the compiling time. The technical scheme has the advantages that the character string confusion can be automatically realized, developers do not need to manually remove the confusion, and the workload of the developers is reduced; the specific confusion is carried out in the process of code compiling, so that the performance of the program in operation is not influenced, and the efficiency is high; the character strings are mixed up according to the compiling time, so that the mixed up character strings obtained by compiling each time are different, and the cracking difficulty is improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flow diagram illustrating a method of string obfuscation according to one embodiment of the invention;
FIG. 2 is a schematic diagram of a character string obfuscator according to an embodiment of the present invention;
FIG. 3 shows a schematic structural diagram of an electronic device according to one embodiment of the invention;
fig. 4 shows a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention can be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
Fig. 1 is a flow chart illustrating a method for obfuscating a character string according to an embodiment of the present invention. As shown in fig. 1, the method includes:
step S110, scanning the code file, and determining the character string to be confused which accords with the scanning rule. The scanning rules may be predefined, e.g., to determine which format strings are to be obfuscated, which attribute strings are not to be obfuscated, etc. Specifically, the source project directory may be recursively scanned, all the code files may be traversed one by one, and each code file may be subjected to character string screening according to a scanning rule.
Step S120, adding confusion macro processing to the character string to be confused; and in the code compiling process, the obfuscating macro obfuscates the corresponding character string to be obfuscated according to the compiling time.
Therefore, the method shown in fig. 1 can automatically realize the character string confusion without the need of manually defrobbing by developers, thereby reducing the workload of the developers; the specific confusion is carried out in the process of code compiling, so that the performance of the program in operation is not influenced, and the efficiency is high; the character strings are mixed up according to the compiling time, so that the mixed up character strings obtained by compiling each time are different, and the cracking difficulty is improved.
In an embodiment of the present invention, the method further includes: adding a head file of the confusion macro in the code file for completing character string confusion; scanning the code file, and determining the character string to be confused which accords with the scanning rule comprises the following steps: if a header file containing the confusion macro in a code file is scanned, the character string confusion of the code file is not executed.
The header file of the confusion macro is added, so that the correct operation of the scanning macro can be ensured and can be normally identified by a compiler; it is also possible to identify whether a code file has been string obfuscated. Here, the code file for completing the character string obfuscation refers to a code file obtained by adding a scanning macro to all scanned character strings to be obfuscated, and the actual obfuscation still needs to be executed during compiling.
In the embodiment of the invention, the scanning can be realized based on the compiling rule, so that the character strings to be confused which accord with the scanning rule are determined.
Specifically, in an embodiment of the present invention, in the method, scanning the code file, and determining the character string to be obfuscated that meets the scanning rule includes: if a character string is in the same row with any one of the # include, # warning, # error and # pragma, not taking the character string as the character string to be confused; and/or if one character string is used for initializing the array, not taking the character string as the character string to be confused; and/or if a character string is located in the comment area, not taking the character string as the character string to be confused.
Three examples of non-obfuscated strings are given, the first two being because if obfuscation is performed, there is an error, while the strings in the annotation area have no effect on the functionality, and obfuscation only increases unnecessary resource consumption.
It will be readily appreciated that the above scanning rules are merely examples, and that other scanning rules may be customized by a developer as desired.
In an embodiment of the present invention, the obfuscating the corresponding string to be obfuscated according to the compiling time includes: determining an obfuscated key according to the compilation time; randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
Both the key and obfuscation methods take into account that at compile time may not be the same as the last compile time. Specifically, the obfuscating key is determined according to the compiling time, so that it can be ensured that obfuscating results obtained by compiling each time are different, and a plurality of obfuscating methods can be preset, and one obfuscating method can be randomly selected.
In an embodiment of the present invention, in the above method, the predetermined obfuscation method includes at least one of: exclusive or, addition and negation of characters.
In view of efficiency, the obfuscation method needs to be selected to obtain results quickly, because the obfuscation is performed at runtime, and the efficiency of the program in runtime cannot be affected, so the obfuscation method is preferably xor, add, or negate of characters, and the use of DES or AES algorithm affects the efficiency of runtime.
In an embodiment of the present invention, the determining the obfuscation key according to the compile time includes: generating a random number using any one of a _ COUNTER _ macro, a _ LINE _ macro, and a _ FILE _ macro as the number of iterations of the pseudo-random generator, using the _ TIME _ macro as a seed of the pseudo-random generator; the generated random number is used as the obfuscating key.
Here, several types of macros are selected to determine the obfuscated key, so that __ TIME __ is different during each compilation, the seeds of the pseudo-random number generator are different, the generated pseudo-random number sequences are different, the obfuscated result is guaranteed to be different during each compilation, and __ COUNTER __ enables different strings to use different random numbers.
In an embodiment of the present invention, in the method, obfuscating the confusion string according to the determined obfuscating key and the selected obfuscating method includes: and obfuscating the character string to be obfuscated based on a template element programming technology, wherein the character string to be obfuscated is received by using a variable parameter template, and the determined obfuscating key and the obfuscated character string are stored.
Template meta-programming is a meta-programming technique in which a compiler uses a template to generate temporary source code, which is then mixed with the remaining source code and compiled. Template meta-programming differs from normal run-time programs in that the execution of the template meta-program is entirely during compile-time.
In this way, the character string can be obfuscated by writing a template of variable parameters to receive a character string of arbitrary length.
And defining a key and a buffer in the template, wherein the key is used for storing a key used in obfuscation, and the buffer is used for storing an obfuscated character string and is used for decryption at runtime. Different obfuscation methods are different instantiation incarnations of the template.
Specifically, the obfuscated macro may be obtained in the manner described in the above embodiment, and an example of the obtained obfuscated macro is as follows, where str is a character string to be obfuscated:
#define JGB_OBFUS(str)(PRE_JGBOBFUS(str).decrypt())
the decryption () is only effective when the program runs, and the character string is not confused.
When a character string to be obfuscated is scanned, an obfuscating macro is added to the character string to be obfuscated, and the character string is written back to the code file, so that the processed code file is obtained finally.
Fig. 2 is a schematic structural diagram of a character string obfuscator according to an embodiment of the present invention. As shown in fig. 2, the character string obfuscating apparatus 200 includes:
The scanning unit 210 is adapted to scan the code file and determine a character string to be obfuscated that conforms to the scanning rule. The scanning rules may be predefined, e.g., to determine which format strings are to be obfuscated, which attribute strings are not to be obfuscated, etc. Specifically, the source project directory may be recursively scanned, all the code files may be traversed one by one, and each code file may be subjected to character string screening according to a scanning rule.
An obfuscating unit 220 adapted to add an obfuscating macro-process to the string to be obfuscated; and in the code compiling process, the obfuscating macro obfuscates the corresponding character string to be obfuscated according to the compiling time.
Therefore, the device shown in fig. 2 can automatically realize character string confusion through the mutual matching of the units, does not need the developers to manually confuse, and reduces the workload of the developers; the specific confusion is carried out in the process of code compiling, so that the performance of the program in operation is not influenced, and the efficiency is high; the character strings are mixed up according to the compiling time, so that the mixed up character strings obtained by compiling each time are different, and the cracking difficulty is improved.
In an embodiment of the present invention, in the above apparatus, the obfuscating unit 220 is further adapted to add a header file of an obfuscating macro in the code file where the obfuscation of the character string is completed; the scanning unit 210 is adapted to not perform character string obfuscation on a code file if a header file containing obfuscating macros in the code file is scanned.
The header file of the confusion macro is added, so that the correct operation of the scanning macro can be ensured and can be normally identified by a compiler; it is also possible to identify whether a code file has been string obfuscated. Here, the code file for completing the character string obfuscation refers to a code file obtained by adding a scanning macro to all scanned character strings to be obfuscated, and the actual obfuscation still needs to be executed during compiling.
In the embodiment of the invention, the scanning can be realized based on the compiling rule, so that the character strings to be confused which accord with the scanning rule are determined.
Specifically, in an embodiment of the present invention, in the above apparatus, the scanning unit 210 is adapted to not treat a character string as a character string to be obfuscated if the character string is in the same row as any one of the # include, # warning, # error and # pragma; and/or if one character string is used for initializing the array, not taking the character string as the character string to be confused; and/or if a character string is located in the comment area, not taking the character string as the character string to be confused.
Three examples of non-obfuscated strings are given, the first two being because if obfuscation is performed, there is an error, while the strings in the annotation area have no effect on the functionality, and obfuscation only increases unnecessary resource consumption.
It will be readily appreciated that the above scanning rules are merely examples, and that other scanning rules may be customized by a developer as desired.
In an embodiment of the present invention, in the above apparatus, obfuscating the corresponding string to be obfuscated according to compilation time includes: determining an obfuscated key according to the compilation time; randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
Both the key and obfuscation methods take into account that at compile time may not be the same as the last compile time. Specifically, the obfuscating key is determined according to the compiling time, so that it can be ensured that obfuscating results obtained by compiling each time are different, and a plurality of obfuscating methods can be preset, and one obfuscating method can be randomly selected.
In an embodiment of the present invention, in the above apparatus, the predetermined obfuscating method includes at least one of: exclusive or, addition and negation of characters.
In view of efficiency, the obfuscation method needs to be selected to obtain results quickly, because the obfuscation is performed at runtime, and the efficiency of the program in runtime cannot be affected, so the obfuscation method is preferably xor, add, or negate of characters, and the use of DES or AES algorithm affects the efficiency of runtime.
In an embodiment of the present invention, in the above apparatus, determining the obfuscation key according to compilation time includes: generating a random number using any one of a _ COUNTER _ macro, a _ LINE _ macro, and a _ FILE _ macro as the number of iterations of the pseudo-random generator, using the _ TIME _ macro as a seed of the pseudo-random generator; the generated random number is used as the obfuscating key.
Here, several types of macros are selected to determine the obfuscated key, so that __ TIME __ is different during each compilation, the seeds of the pseudo-random number generator are different, the generated pseudo-random number sequences are different, the obfuscated result is guaranteed to be different during each compilation, and __ COUNTER __ enables different strings to use different random numbers.
In an embodiment of the present invention, in the apparatus, obfuscating the confusion string according to the determined obfuscating key and the selected obfuscating method includes: and obfuscating the character string to be obfuscated based on a template element programming technology, wherein the character string to be obfuscated is received by using a variable parameter template, and the determined obfuscating key and the obfuscated character string are stored.
Template meta-programming is a meta-programming technique in which a compiler uses a template to generate temporary source code, which is then mixed with the remaining source code and compiled. Template meta-programming differs from normal run-time programs in that the execution of the template meta-program is entirely during compile-time.
In this way, the character string can be obfuscated by writing a template of variable parameters to receive a character string of arbitrary length.
And defining a key and a buffer in the template, wherein the key is used for storing a key used in obfuscation, and the buffer is used for storing an obfuscated character string and is used for decryption at runtime. Different obfuscation methods are different instantiation incarnations of the template.
Specifically, the obfuscated macro may be obtained in the manner described in the above embodiment, and an example of the obtained obfuscated macro is as follows, where str is a character string to be obfuscated:
#define JGB_OBFUS(str)(PRE_JGBOBFUS(str).decrypt())
the decryption () is only effective when the program runs, and the character string is not confused.
When a character string to be obfuscated is scanned, an obfuscating macro is added to the character string to be obfuscated, and the character string is written back to the code file, so that the processed code file is obtained finally.
In summary, according to the technical scheme of the present invention, the code file is scanned by predefining the scanning rule, and the character string to be obfuscated that meets the scanning rule is determined; adding confusion macro processing to the character string to be confused; and in the code compiling process, the obfuscating macro obfuscates the corresponding character string to be obfuscated according to the compiling time. The technical scheme has the advantages that the character string confusion can be automatically realized, developers do not need to manually remove the confusion, and the workload of the developers is reduced; the specific confusion is carried out in the process of code compiling, so that the performance of the program in operation is not influenced, and the efficiency is high; the character strings are mixed up according to the compiling time, so that the mixed up character strings obtained by compiling each time are different, and the cracking difficulty is improved.
It should be noted that:
the algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose devices may be used with the teachings herein. The required structure for constructing such a device will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the invention and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components of a string obfuscation device according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
For example, fig. 3 shows a schematic structural diagram of an electronic device according to an embodiment of the invention. The electronic device 300 comprises a processor 310 and a memory 320 arranged to store computer executable instructions (computer readable program code). The memory 320 may be an electronic memory such as a flash memory, an EEPROM (electrically erasable programmable read only memory), an EPROM, a hard disk, or a ROM. The memory 320 has a storage space 330 storing computer readable program code 331 for performing any of the method steps described above. For example, the storage space 330 for storing the computer readable program code may comprise respective computer readable program codes 331 for respectively implementing various steps in the above method. The computer readable program code 331 may be read from or written to one or more computer program products. These computer program products comprise a program code carrier such as a hard disk, a Compact Disc (CD), a memory card or a floppy disk. Such a computer program product is typically a computer readable storage medium such as described in fig. 4. Fig. 4 shows a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention. The computer readable storage medium 400 has stored thereon a computer readable program code 331 for performing the steps of the method according to the invention, readable by a processor 310 of the electronic device 300, which computer readable program code 331, when executed by the electronic device 300, causes the electronic device 300 to perform the steps of the method described above, in particular the computer readable program code 331 stored on the computer readable storage medium may perform the method shown in any of the embodiments described above. The computer readable program code 331 may be compressed in a suitable form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The embodiment of the invention discloses A1 and a character string confusion method, which comprises the following steps:
scanning the code file, and determining a character string to be confused which accords with a scanning rule;
adding confusion macro processing to the character string to be confused;
and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time.
A2, the method of a1, wherein the method further comprises: adding a header file of the confusion macro in a code file for completing character string confusion;
the scanning the code file and determining the character string to be confused which accords with the scanning rule comprises the following steps: and if a head file containing the confusion macro in one code file is scanned, not executing character string confusion of the code file.
A3, the method as in A1, wherein the scanning the code file and the determining the character strings to be confused which accord with the scanning rules comprise:
if a character string is in the same row with any one of the # include, # warning, # error and # pragma, not taking the character string as the character string to be confused;
and/or the presence of a gas in the gas,
if one character string is used for initializing the array, the character string is not used as a character string to be confused;
and/or the presence of a gas in the gas,
if a character string is located in the annotation area, the character string is not used as the character string to be confused.
A4, the method as in A1, wherein the obfuscating the corresponding string to be obfuscated according to compilation time comprises:
determining an obfuscated key according to the compilation time;
randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
A5, the method of A4, wherein the determining an obfuscation key according to compile time includes:
generating a random number using any one of a _ COUNTER _ macro, a _ LINE _ macro, and a _ FILE _ macro as the number of iterations of the pseudo-random generator, using the _ TIME _ macro as a seed of the pseudo-random generator;
the generated random number is used as the obfuscating key.
A6, the method of a4, wherein the obfuscating a string of obfuscated characters according to a determined obfuscation key and a selected obfuscation method includes:
and obfuscating the character string to be obfuscated based on a template element programming technology, wherein the character string to be obfuscated is received by using a variable parameter template, and the determined obfuscating key and the obfuscated character string are stored.
A7, the method of a4, wherein the predetermined obfuscation method includes at least one of:
exclusive or, addition and negation of characters.
The embodiment of the invention discloses B8, a character string confusion device, comprising:
the scanning unit is suitable for scanning the code file and determining a character string to be confused which accords with a scanning rule;
the confusion unit is suitable for adding confusion macro processing to the character strings to be confused; and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time.
B9, the device of B8, wherein,
the obfuscating unit is further adapted to add a header file of the obfuscating macro in a code file where character string obfuscation is completed;
and the scanning unit is suitable for not executing character string confusion on a code file if a head file containing the confusion macro in the code file is scanned.
B10, the device of B8, wherein,
the scanning unit is suitable for not taking a character string as a character string to be confused if the character string is in the same row with any one of the # include, # warning, # error and # pragma; and/or if one character string is used for initializing the array, not taking the character string as the character string to be confused; and/or if a character string is located in the comment area, not taking the character string as the character string to be confused.
B11, the apparatus as in B8, wherein the obfuscating the corresponding string to be obfuscated according to compilation time includes:
determining an obfuscated key according to the compilation time;
randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
B12, the apparatus as in B11, wherein the determining an obfuscation key according to compile time includes:
Generating a random number using any one of a _ COUNTER _ macro, a _ LINE _ macro, and a _ FILE _ macro as the number of iterations of the pseudo-random generator, using the _ TIME _ macro as a seed of the pseudo-random generator;
the generated random number is used as the obfuscating key.
B13, the apparatus as in B11, wherein the obfuscating the obfuscated character string according to the determined obfuscating key and the selected obfuscating method includes:
and obfuscating the character string to be obfuscated based on a template element programming technology, wherein the character string to be obfuscated is received by using a variable parameter template, and the determined obfuscating key and the obfuscated character string are stored.
B14, the device as in B11, wherein the preset obfuscation method comprises at least one of the following:
exclusive or, addition and negation of characters.
The embodiment of the invention discloses C15 and electronic equipment, wherein the electronic equipment comprises: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to perform the method of any one of a1-a 7.
The embodiment of the invention discloses D16, a computer readable storage medium, wherein the computer readable storage medium stores one or more programs which when executed by a processor implement the method as described in any one of A1-A7.
Claims (10)
1. A method of string obfuscation, comprising:
scanning the code file, and determining a character string to be confused which accords with a scanning rule;
adding confusion macro processing to the character string to be confused;
and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time.
2. The method of claim 1, wherein the method further comprises: adding a header file of the confusion macro in a code file for completing character string confusion;
the scanning the code file and determining the character string to be confused which accords with the scanning rule comprises the following steps: and if a head file containing the confusion macro in one code file is scanned, not executing character string confusion of the code file.
3. The method of claim 1, wherein the scanning the code file and determining the strings to be obfuscated that conform to the scanning rules comprises:
if a character string is in the same row with any one of the # include, # warning, # error and # pragma, not taking the character string as the character string to be confused;
and/or the presence of a gas in the gas,
if one character string is used for initializing the array, the character string is not used as a character string to be confused;
and/or the presence of a gas in the gas,
If a character string is located in the annotation area, the character string is not used as the character string to be confused.
4. The method of claim 1, wherein the obfuscating the respective strings to be obfuscated according to compile time comprises:
determining an obfuscated key according to the compilation time;
randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
5. A character string obfuscator device, comprising:
the scanning unit is suitable for scanning the code file and determining a character string to be confused which accords with a scanning rule;
the confusion unit is suitable for adding confusion macro processing to the character strings to be confused; and in the code compiling process, the confusion macro is used for confusing the corresponding character strings to be confused according to the compiling time.
6. The apparatus of claim 8, wherein,
the obfuscating unit is further adapted to add a header file of the obfuscating macro in a code file where character string obfuscation is completed;
and the scanning unit is suitable for not executing character string confusion on a code file if a head file containing the confusion macro in the code file is scanned.
7. The apparatus of claim 8, wherein,
The scanning unit is suitable for not taking a character string as a character string to be confused if the character string is in the same row with any one of the # include, # warning, # error and # pragma; and/or if one character string is used for initializing the array, not taking the character string as the character string to be confused; and/or if a character string is located in the comment area, not taking the character string as the character string to be confused.
8. The apparatus of claim 8, wherein the obfuscating the respective strings to be obfuscated according to compile time comprises:
determining an obfuscated key according to the compilation time;
randomly selecting one confusion method from preset confusion methods, and confusing the character strings to be obfuscated according to the determined confusion key and the selected confusion method.
9. An electronic device, wherein the electronic device comprises: a processor; and a memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the method of any one of claims 1-4.
10. A computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910429808.4A CN111984939A (en) | 2019-05-22 | 2019-05-22 | Character string obfuscating method, device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910429808.4A CN111984939A (en) | 2019-05-22 | 2019-05-22 | Character string obfuscating method, device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111984939A true CN111984939A (en) | 2020-11-24 |
Family
ID=73436435
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910429808.4A Pending CN111984939A (en) | 2019-05-22 | 2019-05-22 | Character string obfuscating method, device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111984939A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105103127A (en) * | 2013-02-28 | 2015-11-25 | 微软技术许可有限责任公司 | Compiler based obfuscation |
| CN105718765A (en) * | 2016-01-26 | 2016-06-29 | 国家信息技术安全研究中心 | Method for achieving code obfuscation through finite automaton |
| CN106326693A (en) * | 2016-08-18 | 2017-01-11 | 广州优视网络科技有限公司 | Obfuscation method and obfuscation device for application program code |
| US20170351847A1 (en) * | 2016-06-03 | 2017-12-07 | Electronic Arts Inc. | Simple obfuscation of text data in binary files |
| CN108737431A (en) * | 2018-05-28 | 2018-11-02 | 深圳职业技术学院 | Based on graduation distributed authentication method, the apparatus and system obscured under IoT scenes |
| CN109784010A (en) * | 2018-12-18 | 2019-05-21 | 武汉极意网络科技有限公司 | A kind of program control flow based on LLVM obscures method and device |
-
2019
- 2019-05-22 CN CN201910429808.4A patent/CN111984939A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105103127A (en) * | 2013-02-28 | 2015-11-25 | 微软技术许可有限责任公司 | Compiler based obfuscation |
| CN105718765A (en) * | 2016-01-26 | 2016-06-29 | 国家信息技术安全研究中心 | Method for achieving code obfuscation through finite automaton |
| US20170351847A1 (en) * | 2016-06-03 | 2017-12-07 | Electronic Arts Inc. | Simple obfuscation of text data in binary files |
| CN106326693A (en) * | 2016-08-18 | 2017-01-11 | 广州优视网络科技有限公司 | Obfuscation method and obfuscation device for application program code |
| CN108737431A (en) * | 2018-05-28 | 2018-11-02 | 深圳职业技术学院 | Based on graduation distributed authentication method, the apparatus and system obscured under IoT scenes |
| CN109784010A (en) * | 2018-12-18 | 2019-05-21 | 武汉极意网络科技有限公司 | A kind of program control flow based on LLVM obscures method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108345773B (en) | Code protection method and device based on virtual machine, electronic equipment and storage medium | |
| US10586026B2 (en) | Simple obfuscation of text data in binary files | |
| US6463538B1 (en) | Method of software protection using a random code generator | |
| US9128722B2 (en) | Systems, methods, and computer-readable media for fertilizing machine-executable code | |
| JP6429785B2 (en) | Compiler without operators | |
| JP4739465B2 (en) | Confusing technology to enhance software security | |
| US20160364707A1 (en) | Potentate: A Cryptography-Obfuscating, Self-Policing, Pervasive Distribution System For Digital Content | |
| US10127160B2 (en) | Methods and systems for binary scrambling | |
| JP2004038966A (en) | Secure and opaque type library for providing secure variable data protection | |
| JP7132926B2 (en) | Compilation device and compilation method | |
| JP5740349B2 (en) | Expression transformation in a computer environment | |
| JP7285850B2 (en) | Compilation device and method | |
| Balachandran et al. | Potent and stealthy control flow obfuscation by stack based self-modifying code | |
| CN112434266A (en) | Shell code control flow flattening confusion method | |
| JP5455914B2 (en) | Tamper resistant technology | |
| Angelini et al. | Ropmate: Visually assisting the creation of rop-based exploits | |
| JP2021530057A (en) | Compiler device with mask function | |
| CN110119601A (en) | Program reinforcement means and device based on application program installation kit | |
| Kyle et al. | Application of domain-aware binary fuzzing to aid Android virtual machine testing | |
| CN110147653A (en) | Application security reinforcement means and device | |
| CN107506623B (en) | Application program reinforcing method and device, computing equipment and computer storage medium | |
| CN110119600A (en) | Program reinforcement means and device based on application program installation kit | |
| CN113626773B (en) | Code protection method based on intermediate language | |
| CN111984939A (en) | Character string obfuscating method, device, electronic equipment and storage medium | |
| CN113282893B (en) | Source code reinforcement method, source code reinforcement device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |