CN112347430A - IOS application reinforcement protection system - Google Patents
IOS application reinforcement protection system Download PDFInfo
- Publication number
- CN112347430A CN112347430A CN202011167561.2A CN202011167561A CN112347430A CN 112347430 A CN112347430 A CN 112347430A CN 202011167561 A CN202011167561 A CN 202011167561A CN 112347430 A CN112347430 A CN 112347430A
- Authority
- CN
- China
- Prior art keywords
- code
- protection system
- char
- key
- ios application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002787 reinforcement Effects 0.000 title claims abstract description 26
- 230000003068 static effect Effects 0.000 claims description 10
- 238000000034 method Methods 0.000 claims description 7
- 238000009434 installation Methods 0.000 claims description 3
- 239000010979 ruby Substances 0.000 claims description 3
- 229910001750 ruby Inorganic materials 0.000 claims description 3
- 239000011800 void material Substances 0.000 claims description 3
- 238000005336 cracking Methods 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 10
- 238000004458 analytical method Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 230000002265 prevention Effects 0.000 description 4
- 101001072091 Homo sapiens ProSAAS Proteins 0.000 description 2
- 102100036366 ProSAAS Human genes 0.000 description 2
- 230000009191 jumping Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000007596 consolidation process Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 238000012858 packaging process Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000013515 script Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
Compared with the prior art, the IOS application reinforcement protection system can effectively solve the problems of anti-reverse compilation, anti-debugging and anti-tampering processing, has extremely high safety coefficient and cracking cost, and improves the cracking difficulty by several orders of magnitude.
Description
Technical Field
The invention relates to the technical field of IOS application security, in particular to an IOS application reinforcement protection system.
Background
The IOS is a handheld device operating system developed by Apple inc, which was originally designed for use by the iPhone as published by the Macworld conference, earlier than 2007, 1, 9, and was subsequently introduced to Apple products such as iPod touch, iPad, and Apple TV. iOS is also Darwin based and thus also belongs to Unix-like commercial operating systems, as does apple's Mac OS X operating system. Originally, the system is named iPhone IOS, the world wide digital television (WWDC) announces the system as iOS until 6.7.2010, and the data of Canalys shows that iOS occupies 30% of the market share of the global smartphone system by 11.2011, and the market share of the U.S. is 43%.
With the continuous development of the mobile phone application market, the acceleration rate of malicious applications on the IOS platform exceeds that of the Android platform. IOS applications also face security issues such as reverse cracking, shoplifting cracking, second package signing, etc. In order to solve the related problems, the IOS virtual machine source code is protected, and related reinforcement products are released for the iOS platform.
At present, most IOS reinforcement processing methods adopt command scripts to carry out character string encryption, class name, method name and picture hash value change on current project codes, but the mode is only based on basic code confusion, and has no good precaution effect on code decompilation and tampering technologies, so that the problems of decompilation prevention, debugging prevention and tampering prevention are solved at present.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides an IOS application reinforcement protection system which aims to solve the problem that IOS application protection is not comprehensive, and can effectively solve the problems of anti-compilation, anti-debugging and anti-tampering processing.
In order to achieve the purpose, the invention adopts the following technical scheme:
an IOS application reinforcement protection system includes a code obfuscation module, a string encryption module, and a code virtualization module.
Preferably, the code obfuscation module divides, scrambles, hides and inserts flower instructions into the control flow of the original code, so that the code logic is complicated without influencing the original logic, and the App store shelf availability is improved.
Preferably, the character string encryption module encrypts a static constant character string defined in the code and decrypts the static constant character string at runtime.
Preferably, the code virtualization module is a DX-VM virtual machine instruction that compiles the original code into dynamic.
Preferably, the reinforcement protection method performs one-key encryption through an IOS installation package compiling tool.
Preferably, the language used by the ruggedized protection system includes one or more of C/C + +, BASIC, Prolog, Python, PHP, Ruby, and Lua.
Preferably, the tool used by the code obfuscation module is prosguard.
Preferably, the character string encryption module adopts the following program:
#include <stdio.h>
#include <string.h>
#define LODWORD(_qw) ((unsigned long)(_qw))
#define HIDWORD(_qw) ((unsigned long)(((_qw) >> 32) & 0xffffffff))
char *pkey = "www.oschina.net";
char *keymap = "abcdefghijklmnopqrstuvwxyz";
void encrypt(char *username, char *key)
{
int i;
unsigned __int64 v6;
unsigned __int64 tmp;
int nameLen = strlen(username);
for ( i = 0; i != nameLen; ++i )
{
tmp = (keymap[i] * username[i] ^ 0x28FC) & 0xFFFFFFF;
v6 = LODWORD(tmp);
tmp = (unsigned int)keymap[i] * (unsigned __int64)(unsigned int)username[i] >> 32;
v6 += HIDWORD(tmp);
key[i] = pkey[v6 % 0xF];
key[i + 1] = 0;
}
}
int main(int argc, char* argv[])
{
char *name = "luobotou";
char key[64] = {0};
encrypt(name, key);
printf("name:%s\nkey:%s \n", name, key);
getchar();
return 0;
}。
compared with the prior art, the invention has the beneficial effects that:
firstly, strong safety protection:
1. source codes do not need to be uploaded, and the problem of code leakage does not need to be worried about;
2. the SAAS platform and the privatization deployment scheme meet the safety requirements of different customers.
Secondly, flexible one-key reinforcement:
1. the operation is convenient and fast, the normal development and packaging processes are not influenced, the package is uploaded to the SAAS reinforcement platform, and reinforcement is completed by one key;
2. the protection configuration, such as the code confusion strength and the code confusion ratio, can be flexibly adjusted according to the needs.
And thirdly, perfect iOS environment compatibility:
1. improving the probability of putting the App store on shelf;
2. after consolidation, the IPA and static library of the tape Bitcode can be packed, supporting submission of Bitcode to App store.
Drawings
FIG. 1 is a schematic diagram of a code fragment of an IOS application reinforcement protection system according to the present invention;
FIG. 2 is a flow chart of code segment control for an IOS application reinforcement protection system according to the present invention;
FIG. 3 is a pseudo code diagram of a code segment of an IOS application reinforcement protection system according to the present invention;
FIG. 4 is a schematic diagram of code logic obfuscation of an IOS application reinforcement protection system according to the present invention;
FIG. 5 is a flowchart illustrating a post-decompilation protection control of an IOS application reinforcement protection system according to the present invention;
FIG. 6 is a schematic diagram of string encryption for an IOS application reinforcement protection system according to the present invention;
fig. 7 is a schematic diagram of code virtualization of an IOS application hardened protection system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings of the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
An IOS application reinforcement protection system includes a code obfuscation module, a string encryption module, and a code virtualization module.
A code obfuscation module: the control flow of an original code is segmented, disordered and hidden, a floral instruction is inserted, the code logic is complicated without influencing the original logic, the App store shelf life is improved, a tool used by the code confusion module is ProGuard, after the code is subjected to logic confusion protection, the control flow graph of the function becomes very complicated, a large number of useless code blocks which cannot be executed are interspersed in the function, logic jumping among the useless code blocks is achieved, and the difficulty of reverse analysis is greatly improved.
A string encryption module: the method comprises the steps of encrypting static constant character strings defined in a code, decrypting in a running mode, preventing an attacker from performing static analysis through the character strings, guessing code logic, encrypting all the static constant character strings, decrypting in the running mode, preventing the attacker from performing static analysis through the character strings, and guessing the code logic. After the character strings in the code are encrypted, all the character strings are replaced by encrypted references, and the character strings in the plain text cannot be seen by any decompilation means.
A code virtualization module: the original code is compiled into a dynamic DX-VM virtual machine instruction, the instruction runs on a DX virtual machine and cannot be decompiled to return readable source code, after code virtualization protection is adopted, the decompilation of the function cannot see any content similar to the original code, and only the call to a subsystem of the virtual machine exists in a function body.
The reinforcement protection system performs one-key encryption through an IOS installation package compiling tool.
The language used by the reinforcement protection system comprises one or more of C/C + +, BASIC, Prolog, Python, PHP, Ruby and Lua.
The character string encryption module adopts the following programs:
#include <stdio.h>
#include <string.h>
#define LODWORD(_qw) ((unsigned long)(_qw))
#define HIDWORD(_qw) ((unsigned long)(((_qw) >> 32) & 0xffffffff))
char *pkey = "www.oschina.net";
char *keymap = "abcdefghijklmnopqrstuvwxyz";
void encrypt(char *username, char *key)
{
int i;
unsigned __int64 v6;
unsigned __int64 tmp;
int nameLen = strlen(username);
for ( i = 0; i != nameLen; ++i )
{
tmp = (keymap[i] * username[i] ^ 0x28FC) & 0xFFFFFFF;
v6 = LODWORD(tmp);
tmp = (unsigned int)keymap[i] * (unsigned __int64)(unsigned int)username[i] >> 32;
v6 += HIDWORD(tmp);
key[i] = pkey[v6 % 0xF];
key[i + 1] = 0;
}
}
int main(int argc, char* argv[])
{
char *name = "luobotou";
char key[64] = {0};
encrypt(name, key);
printf("name:%s\nkey:%s \n", name, key);
getchar();
return 0;
}。
the IOS reinforcement protection method comprises the following operation processes: the code of the figure 1 is compiled and analyzed, the analysis process is shown in figure 2, and then the code is inversely compiled into a pseudo code, as shown in figure 3, character strings used in the code logic and the source code are all clearly visible and basically consistent with the source code structure, the control flow of the original code is divided, disordered and hidden, or a flower instruction is inserted into a function to realize the confusion of the code, so that the code logic is complicated but the original code logic is not influenced, as shown in figure 4, after the logic confusion protection is carried out on the code, the control flow graph of the function becomes very complicated, a large number of useless code blocks which cannot be executed are inserted into the function, and the logic jumping among the useless code blocks is carried out, so that the difficulty of inverse analysis is greatly enhanced; if the decompilation prevention function is started, the control flow graph is completely hidden, only one code block is left, and the effective code cannot be decompiled, as shown in fig. 5, which is very effective for resisting a reverse analysis tool.
As shown in FIG. 6, all static constant strings are encrypted, C/C + +/OC/Swift strings are supported, decryption is performed during runtime, an attacker is prevented from performing static analysis through the strings, code logic is guessed, after the strings in the code are encrypted, all the strings are replaced by encrypted references, any decompilation means cannot see the strings in the clear, and the world! Hello, World! character strings can be easily decompiled but protected from view.
As shown in fig. 7, the original code is compiled into a dynamic DX-VM virtual machine instruction, and the dynamic DX-VM virtual machine instruction cannot be decompiled to return a readable source code, any tool cannot directly decompile the virtual machine instruction, after the code virtualization protection is adopted, the decompiling of the function cannot see any content similar to the original code, and only the call to the virtual machine subsystem is performed in the function body.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
Claims (8)
1. An IOS application reinforcement protection system, characterized in that: the reinforcement protection system comprises a code obfuscation module, a character string encryption module and a code virtualization module.
2. The IOS application hardened protection system of claim 1, wherein: the code confusion module divides, disorganizes and hides the control flow of the original code, inserts the flower instruction, complicates the code logic without influencing the original logic, and improves the App store shelf probability.
3. The IOS application hardened protection system of claim 1, wherein: the character string encryption module encrypts the static constant character string defined in the code and decrypts the character string during running.
4. The IOS application hardened protection system of claim 1, wherein: the code virtualization module compiles the original code into dynamic DX-VM virtual machine instructions.
5. The IOS application hardened protection system of any one of claims 2-4, wherein: the reinforcement protection method carries out one-key encryption through an IOS installation package compiling tool.
6. The IOS application hardened protection system of claim 5, wherein: the language used by the reinforcement protection system comprises one or more of C/C + +, BASIC, Prolog, Python, PHP, Ruby and Lua.
7. The IOS application hardened protection system of claim 4, wherein: the tool used by the code obfuscation module is prosguard.
8. The IOS application hardened protection system of claim 3, wherein: the character string encryption module adopts the following programs:
#include <stdio.h>
#include <string.h>
#define LODWORD(_qw) ((unsigned long)(_qw))
#define HIDWORD(_qw) ((unsigned long)(((_qw) >> 32) & 0xffffffff))
char *pkey = "www.oschina.net";
char *keymap = "abcdefghijklmnopqrstuvwxyz";
void encrypt(char *username, char *key)
{
int i;
unsigned __int64 v6;
unsigned __int64 tmp;
int nameLen = strlen(username);
for ( i = 0; i != nameLen; ++i )
{
tmp = (keymap[i] * username[i] ^ 0x28FC) & 0xFFFFFFF;
v6 = LODWORD(tmp);
tmp = (unsigned int)keymap[i] * (unsigned __int64)(unsigned int)username[i] >> 32;
v6 += HIDWORD(tmp);
key[i] = pkey[v6 % 0xF];
key[i + 1] = 0;
}
}
int main(int argc, char* argv[])
{
char *name = "luobotou";
char key[64] = {0};
encrypt(name, key);
printf("name:%s\nkey:%s \n", name, key);
getchar();
return 0;
}。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011167561.2A CN112347430A (en) | 2020-10-28 | 2020-10-28 | IOS application reinforcement protection system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011167561.2A CN112347430A (en) | 2020-10-28 | 2020-10-28 | IOS application reinforcement protection system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112347430A true CN112347430A (en) | 2021-02-09 |
Family
ID=74358807
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011167561.2A Pending CN112347430A (en) | 2020-10-28 | 2020-10-28 | IOS application reinforcement protection system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112347430A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107016265A (en) * | 2017-04-12 | 2017-08-04 | 金陵科技学院 | A kind of code security protective capacities assessment method obscured based on encryption and controlling stream |
CN110598379A (en) * | 2019-09-23 | 2019-12-20 | 北京智游网安科技有限公司 | Method, system, equipment and storage medium for implementing character string confusion |
CN110929234A (en) * | 2019-11-28 | 2020-03-27 | 施羊梦燊 | Python program encryption protection system and method based on code virtualization |
-
2020
- 2020-10-28 CN CN202011167561.2A patent/CN112347430A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107016265A (en) * | 2017-04-12 | 2017-08-04 | 金陵科技学院 | A kind of code security protective capacities assessment method obscured based on encryption and controlling stream |
CN110598379A (en) * | 2019-09-23 | 2019-12-20 | 北京智游网安科技有限公司 | Method, system, equipment and storage medium for implementing character string confusion |
CN110929234A (en) * | 2019-11-28 | 2020-03-27 | 施羊梦燊 | Python program encryption protection system and method based on code virtualization |
Non-Patent Citations (1)
Title |
---|
佚名: "一个简单的字符串加密程序", pages 1, Retrieved from the Internet <URL:https://blog.csdn.net/s1986q/article/details/77816064> * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101471589B1 (en) | Method for Providing Security for Common Intermediate Language Program | |
CN104239757B (en) | Application program reversing-preventing method and device and operation method and terminal | |
KR101391982B1 (en) | Encryption method for preventing decompile of andriod application | |
CN104680039B (en) | A kind of data guard method and device of application program installation kit | |
KR101623096B1 (en) | Apparatus and method for managing apk file in a android platform | |
CN106548046B (en) | Device and method for protecting code | |
CN108363911B (en) | Python script obfuscating and watermarking method and device | |
CN102236757A (en) | Software protection method and system applicable to Android system | |
WO2016078130A1 (en) | Dynamic loading method for preventing reverse of apk file | |
CN106415491B (en) | Application protection method, server and terminal | |
CN108399319B (en) | Source code protection method, application server and computer readable storage medium | |
CN112100582B (en) | Method for protecting software distribution safety by applying strong symmetric encryption | |
CN109284585B (en) | Script encryption method, script decryption operation method and related device | |
CN103902858A (en) | APK application reinforcing method and system | |
CN105022936A (en) | Class file encryption and decryption method and class file encryption and decryption device | |
CN104932902A (en) | Method for generating APK file and terminal | |
CN101814124A (en) | Java-based method for enhancing software security | |
CN104318135A (en) | Java code safety dynamic loading method on basis of trusted execution environment | |
CN106155729A (en) | The hot update method of Lua script, Apparatus and system | |
CN111914225B (en) | Source code protection system and source code encryption method | |
CN111191195A (en) | Method and device for protecting APK | |
CN111240654A (en) | Python code reinforcement protection method and system | |
CN111859415A (en) | Neural network model encryption system and method | |
KR102001046B1 (en) | Apparatus and Method of Providing Security, and Apparatus and Method of Executing Security for Common Intermediate Language | |
US8694548B2 (en) | Defense-in-depth security for bytecode executables |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |