CN113849781A - Go language source code obfuscation method, system, terminal and storage medium - Google Patents
Go language source code obfuscation method, system, terminal and storage medium Download PDFInfo
- Publication number
- CN113849781A CN113849781A CN202110961967.6A CN202110961967A CN113849781A CN 113849781 A CN113849781 A CN 113849781A CN 202110961967 A CN202110961967 A CN 202110961967A CN 113849781 A CN113849781 A CN 113849781A
- Authority
- CN
- China
- Prior art keywords
- syntax tree
- abstract syntax
- source code
- function
- encrypting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000003860 storage Methods 0.000 title claims abstract description 17
- 230000006870 function Effects 0.000 claims abstract description 98
- 238000005516 engineering process Methods 0.000 claims abstract description 5
- 238000010276 construction Methods 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims description 3
- 238000004458 analytical method Methods 0.000 abstract description 9
- 230000003068 static effect Effects 0.000 abstract description 7
- 238000012545 processing Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 229910002056 binary alloy Inorganic materials 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/31—Programming languages or programming paradigms
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Computing Systems (AREA)
- Devices For Executing Special Programs (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a Go language source code obfuscation method, a system, a terminal and a storage medium, comprising the following steps: reading a source code, and constructing an abstract syntax tree of the source code; encrypting the packet name of the abstract syntax tree by using a first encryption function; using binary operation technique to confuse character string in abstract syntax tree into byte code; encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree by using a second encryption function; and compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program. The method not only confuses the character strings, but also confuses the types and packet names, greatly increases the complexity of the program, fills the blank of the confusion technology of Go language, can effectively prevent static reverse analysis, improves the safety of the product, can effectively prevent the program product from being reversely cracked, and avoids unnecessary property loss.
Description
Technical Field
The invention relates to the technical field of software development, in particular to a Go language source code obfuscation method, a system, a terminal and a storage medium.
Background
The Go language is a programming language developed by Google, which is strong in static state, compiling, concurrent and has a garbage collection function. Go is honored as cloud computing development language because it can compile once and run everywhere, because the binary system program after compiling only has an executable file, does not exist and relies on the storehouse, Go language can accomplish the cross-platform support of language level.
However, due to the native cross-platform characteristic of the Go language, the compiled binary file contains a large amount of source code information, and a reverse engineer can easily find the packet, the used character string and the symbol information which are depended on when the source code is compiled in the binary file, so that the reverse engineer can crack the program more easily.
Compared with other cross-platform languages, such as Python, Lua, Java, etc., which are interpreted languages, when running a program written by them, it needs to perform differential processing by means of intermediate byte codes to achieve the purpose of cross-platform. The obfuscation techniques used for such interpreted languages are obfuscating byte codes, not binary. The Go language is a static language, a machine code is directly generated during compiling, and intermediate byte code conversion does not exist. Therefore, the obfuscation technique of the interpreted language is not applicable to Go language, cannot achieve the purpose of obfuscating at binary level, only the bytecode is obfuscated, but in reverse direction, the operated file is binary and not bytecode, and obfuscation is disabled.
The compiled language includes C, C + +, which have a syntax structure distinct from that of Go language, and no packet structure exists, so that the technique for obfuscating C and C + + cannot be applied to Go language.
In order to solve the problem that a program developed by Go language source codes is easy to crack reversely, the invention provides a Go language source code obfuscation method, a system, a terminal and a storage medium.
Disclosure of Invention
Aiming at the problem that programs based on Go language source codes are easy to reverse crack due to the fact that the Go language source codes in the prior art do not have applicable confusion methods, the invention provides a Go language source code confusion method, a system, a terminal and a storage medium to solve the technical problems.
In a first aspect, the present invention provides a Go language source code obfuscation method, including:
reading a source code, and constructing an abstract syntax tree of the source code;
encrypting the packet name of the abstract syntax tree by using a first encryption function;
using binary operation technique to confuse character string in abstract syntax tree into byte code;
encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree by using a second encryption function;
and compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
Further, reading the source code, and constructing an abstract syntax tree of the source code, including:
analyzing the source code by using a tool for constructing an abstract syntax tree in a Go voice standard library, and returning error information if the source code has errors; if the parsing passes, an abstract syntax tree structure is returned, which contains detailed information of the package, detailed paths in the current compilation environment, and structure information of each syntax node.
Further, encrypting the package name of the abstract syntax tree by using an encryption function comprises:
determining a root directory of a source code, traversing all package directories under the root directory, and acquiring relative paths of the package directories;
encrypting the relative path of the packet directory by using a first encryption function, and taking the obtained encrypted path as a packet name;
creating a directory according to the original directory architecture according to the package name to obtain an encrypted directory structure;
and updating the initial package name of the abstract syntax tree into the corresponding package name of the encrypted directory structure.
Further, the obfuscating of the character strings in the abstract syntax tree into byte codes by using a binary operation technique includes:
searching character strings in the abstract syntax tree through the node types;
if the character string is constant, the character string is converted into a reserved word format.
Further, converting the character string into a reserved word format, comprising:
generating byte codes with the same number of characters as the character strings by using a random number generation function;
carrying out XOR operation on each character string and the random byte codes at corresponding positions in sequence to generate a middle character string;
and carrying out XOR operation on each byte code and the middle character string at the corresponding position in sequence to generate a string of confusion byte codes.
Further, the encrypting function is used for encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree, and comprises the following steps:
acquiring a type definition structure of a source code, acquiring an absolute path of the type definition structure, and reading a function definition in a file under the absolute path;
traversing the source code, acquiring a receiving type defined by the function, and positioning a relative path according to the receiving type;
and encrypting the corresponding type definition structure, function definition and relative path in the abstract structure tree by using a second encryption function.
Further, the first encryption function and the second encryption function are both customized functions, and the customized functions include, but are not limited to, any one of a hash function, a transcoding function, and a combining function.
In a second aspect, the present invention provides a Go language source code obfuscation system, including:
the target construction unit is used for reading a source code and constructing an abstract syntax tree of the source code;
a package name encryption unit for encrypting the package name of the abstract syntax tree by using a first encryption function;
the character confusion unit is used for confusing the character strings in the abstract syntax tree into byte codes by utilizing a binary operation technology;
a symbol encryption unit for encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree by using a second encryption function;
and the target compiling unit is used for compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
Further, the object construction unit is configured to:
analyzing the source code by using a tool for constructing an abstract syntax tree in a Go voice standard library, and returning error information if the source code has errors; if the parsing passes, an abstract syntax tree structure is returned, which contains detailed information of the package, detailed paths in the current compilation environment, and structure information of each syntax node.
Further, the package name encryption unit is configured to:
determining a root directory of a source code, traversing all package directories under the root directory, and acquiring relative paths of the package directories;
encrypting the relative path of the packet directory by using a first encryption function, and taking the obtained encrypted path as a packet name;
creating a directory according to the original directory architecture according to the package name to obtain an encrypted directory structure;
and updating the initial package name of the abstract syntax tree into the corresponding package name of the encrypted directory structure.
Further, the character obfuscating unit is configured to:
searching character strings in the abstract syntax tree through the node types;
if the character string is constant, the character string is converted into a reserved word format.
Further, the character obfuscating unit is configured to:
generating byte codes with the same number of characters as the character strings by using a random number generation function;
carrying out XOR operation on each character string and the random byte codes at corresponding positions in sequence to generate a middle character string;
and carrying out XOR operation on each byte code and the middle character string at the corresponding position in sequence to generate a string of confusion byte codes.
Further, the symbol encryption unit is configured to:
acquiring a type definition structure of a source code, acquiring an absolute path of the type definition structure, and reading a function definition in a file under the absolute path;
traversing the source code, acquiring a receiving type defined by the function, and positioning a relative path according to the receiving type;
and encrypting the corresponding type definition structure, function definition and relative path in the abstract structure tree by using a second encryption function.
Further, the first encryption function and the second encryption function are both customized functions, and the customized functions include, but are not limited to, any one of a hash function, a transcoding function, and a combining function.
In a third aspect, a terminal is provided, including:
a processor, a memory, wherein,
the memory is used for storing a computer program which,
the processor is used for calling and running the computer program from the memory so as to make the terminal execute the method of the terminal.
In a fourth aspect, a computer storage medium is provided having stored therein instructions that, when executed on a computer, cause the computer to perform the method of the above aspects.
The beneficial effect of the invention is that,
according to the Go language source code obfuscation method, the Go language source code obfuscation system, the terminal and the storage medium, the Go language source code abstract syntax tree is constructed, then the package name, the character string and the symbol of the abstract syntax tree are encrypted and obfuscated, and the encrypted and obfuscated Go language program can be obtained by compiling the abstract syntax tree which is subjected to encryption and obfuscation processing through a Co compiling tool. The method not only confuses the character strings, but also confuses the types and packet names, greatly increases the complexity of the program, fills the blank of the confusion technology of Go language, can effectively prevent static reverse analysis, improves the safety of the product, can effectively prevent the program product from being reversely cracked, and avoids unnecessary property loss.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.
FIG. 2 is a schematic block diagram of a system of one embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The following explains key terms appearing in the present invention.
An Abstract Syntax Tree (AST) is a tree representation of the abstract syntax structure of the source code, and each node on the tree represents a structure in the source code, which is abstract because the abstract syntax tree does not represent every detail of the real syntax, for example, the nesting brackets are hidden in the structure of the tree and are not represented in the form of nodes. The abstract syntax tree does not depend on the syntax of the source language, that is, the context used in the parsing stage is grammatical-free, because when the grammar is written, the grammar is often equivalently transformed (left recursion, backtracking, ambiguity and the like are eliminated), which introduces some redundant components into the grammar analysis, adversely affects the subsequent stages, and even makes the combined stages confused. For this reason, many compilers often construct parse trees independently, establishing a clear interface for the front-end and back-end. Abstract syntax trees have a wide range of applications in many fields, such as browsers, intelligent editors, compilers. When the source program syntax analysis works, the analysis is carried out under the guidance of the grammar rule of the corresponding programming language. Grammatical rules describe the structure of the various grammatical elements of the language, and usually the grammatical rules of a programming language can be exactly described by so-called context-free grammar or its equivalent Backus-Naur paradigm (BNF). The context-independent grammars are divided into the following categories: LL (1), LR (0), LR (1), LR (k), LALR (1), etc. Each grammar has different requirements, such as LL (1) requires that the grammar be unambiguous and that there be no left recursion. When changing a grammar to the LL (1) grammar, some extra-spaced grammar symbols and production equations need to be introduced.
Var in computer languages: var in Pascal as a reservation word for programs to define variables. Such as: var a is integer; (variable a is defined, type is integer) var u array [1..100] of integer; (define array u, subscript from 1 to 100, array element type is integer).
Exclusive OR, English is exclusive OR, abbreviated as eor, which is a mathematical operator. It is applied to logical operations. The mathematical sign of the exclusive or is ″, and the computer sign is "eor". The algorithm is as follows:and if the two values of a and b are not the same, the XOR result is 1. If the values of a and b are the same, the XOR result is 0. XOR is also called half-add, which is equivalent to binary addition without carry: if 1 represents true and 0 represents false in binary system, the algorithm of exclusive or is: 0 ≧ 1 ≧ 0 ═ 1, 0 ≦ 1 ≦ 0 (both 0 and 1).
Although the code compiled by the Go language is binary, the packet name, the character string and the symbol are still clear and visible and are consistent with those in the source code, so that information leakage is caused, a reverse engineer can extract the native data, and the logic of the code is restored after analysis, so that the program is cracked.
In order to make up for the above defects, the invention provides an algorithm for confusing packet names, character strings and symbols in Go language, after processing, the relevant information in the generated binary file becomes disordered and unreadable, and the difficulty of reverse engineering cracking is greatly improved.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention. The execution subject in fig. 1 may be a Go language source code obfuscation system.
As shown in fig. 1, the method includes:
and 150, compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
In order to facilitate understanding of the present invention, the Go language source code obfuscation method provided by the present invention is further described below with reference to the principle of the Go language source code obfuscation method provided by the present invention and the process of obfuscating the Go language source code in the embodiments.
Specifically, the Go language source code obfuscation method includes:
and S1, reading the source code, and constructing an abstract syntax tree of the source code.
The Go language standard library provides a package AST for constructing an abstract syntax tree, which can analyze source codes, report errors if syntax errors exist, and return a structure of the abstract syntax tree after the analysis is passed, wherein the structure contains detailed information of the package, such as package name, detailed path in the current compiling environment, and structural information (type, value, metadata and the like) of each syntax node.
And S2, encrypting the package name of the abstract syntax tree by using a first encryption function.
Determining a root directory of a source code, traversing all package directories under the root directory, and acquiring relative paths of the package directories; encrypting the relative path of the packet directory by using a first encryption function, and taking the obtained encrypted path as a packet name; creating a directory according to the original directory architecture according to the package name to obtain an encrypted directory structure; and updating the initial package name of the abstract syntax tree into the corresponding package name of the encrypted directory structure.
The Go language distinguishes the packets according to the directory, for example, if the directory structure is a/b/c, the packet name is a.b.c. Thus, obfuscation of package names may be performed by altering directory names. The process is as follows:
(1) the root directory of the source code is determined, say "D: \ \ mygo".
(2) Iterating and traversing all files and directories under the directory to obtain a relative path of the directory, for example, if two directories, namely "animal" and "tree" are arranged under the "mygo" directory, two values of "\ \ animal" and "\ \ tree" are taken, and the two values are names of packages.
(3) The packet name is hashed using a HASH function, such as SHA256, where various encryption schemes, such as BASE64, etc., may also be used, which we name ENC, to two values: two directories, named a and b, are created in the same directory as "animal" and "tree".
(4) Files under "animal" and "tree" directories (non-directories) are copied under a and b.
(5) If there is a directory under the directory of "animal" and "tree", after the encrypted directory name is obtained, a new directory is created in the newly created directory in the third step, and the name is taken as the encrypted value, and so on. And iteratively processing the packet name in the source code directory structure to obtain a complete encrypted directory structure.
(6) And (3) iteratively processing the source code file, finding a package node, and changing the name 'p' of the corresponding plaintext packet into 'ENC (p)'.
After the steps, the package name in the source code is replaced by the encrypted character string, and the package name of the quoted part in the source code is correspondingly modified.
And S3, using binary operation technique to confuse the character string in the abstract syntax tree into byte code.
Searching character strings in the abstract syntax tree through the node types; if the character string is constant, the character string is converted into a reserved word format. A method of converting a string of characters to a reserved word format, comprising: generating byte codes with the same number of characters as the character strings by using a random number generation function; carrying out XOR operation on each character string and the random byte codes at corresponding positions in sequence to generate a middle character string; and carrying out XOR operation on each byte code and the middle character string at the corresponding position in sequence to generate a string of confusion byte codes.
The character strings in the source code file can be obfuscated in a subsequence generation mode, and the specific process is as follows:
(1) the string s is found by the node type in the abstract syntax tree.
(2) If s is found to be const, it needs to be modified to var, so that the character string can be generated by dynamic generation without hard coding.
Specifically, after s is found, s is replaced by the following subsequence:
the sub-sequence generates a middle character string by randomly generating the same number of byte codes (0 to 255) as the character string, sequentially performing XOR operation (binary operation) on each character string and the random byte code at the corresponding position, then sequentially performing XOR operation from the beginning on each byte code and the middle character string value at the corresponding position to generate a string of byte codes, and then acquiring the character string represented by the byte codes. The character string is consistent with the original character string, and the logic before and after program confusion is guaranteed to be unchanged.
(3) And traversing the abstract syntax tree, and replacing the found character strings with the above confusion byte codes.
After the above steps, the character string in the source code can be replaced by a subsequence, which is no longer an obvious character string. The generated binary file will not have a distinct string but a piece of code.
And S4, encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree by using a second encryption function.
Acquiring a type definition structure of a source code, acquiring an absolute path of the type definition structure, and reading a function definition in a file under the absolute path; traversing the source code, acquiring a receiving type defined by the function, and positioning a relative path according to the receiving type; and encrypting the corresponding type definition structure, function definition and relative path in the abstract structure tree by using a second encryption function.
The symbol is a type, the Go language is a type-strict language, and an explicit type is required when defining parameters, functions, variables, and the like. The type information can expose memory information, for example, a parameter of an int type has 4 bytes (32-bit system), and a reverse engineer can find the position of a variable in a memory according to the type information, so that the memory outside program control is accessed in the running process.
The invention provides the following type obfuscation algorithm, which can be used for obfuscating type definitions, variable declarations and functions in source codes during compiling:
obtaining a type definition structure t in a source code, and taking an absolute path of the type definition structure t, wherein if a dog. animal/eat and animal/sheetpdog.
And traversing the source code, acquiring a receiver type in the function definition, and taking a relative path of the receiver type, wherein for example, the definition of the sheetlog is ' func (, analog) sheetlog (), the definition of the receiver is ' analog ', and the relative path is ' analog/analog '.
The relative paths of the type definition, the function definition and the receiver are subjected to encryption confusion, such as t _ encryption ═ ENC (t _ relative), wherein ENC () represents an encryption function, and the encryption function can be selected by a user, and the embodiment adopts a hash encryption algorithm.
T _ relative in the abstract syntax tree is replaced with t _ optimization.
Through the above steps, the type information in the abstract syntax tree can be obfuscated.
And S5, compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
And compiling the obfuscated abstract syntax tree through a go compiling tool to obtain the obfuscated binary program.
According to the method and the device, not only are character strings confused, but also types and package names are confused, so that the complexity of a program is greatly increased, static reverse analysis can be effectively prevented, and the safety of a product is improved. Products developed by companies by using go languages can be confused by using the algorithm provided by the patent, so that the reversion can be effectively prevented, and unnecessary property loss is avoided.
As shown in fig. 2, the system 200 includes:
a target construction unit 210, configured to read a source code and construct an abstract syntax tree of the source code;
a package name encryption unit 220 for encrypting the package name of the abstract syntax tree using a first encryption function;
a character obfuscating unit 230 for obfuscating the character strings in the abstract syntax tree into bytecodes using a binary operation technique;
a symbol encryption unit 240 for encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree with a second encryption function;
and the target compiling unit 250 is used for compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
Optionally, as an embodiment of the present invention, the target building unit is configured to:
analyzing the source code by using a tool for constructing an abstract syntax tree in a Go voice standard library, and returning error information if the source code has errors; if the parsing passes, an abstract syntax tree structure is returned, which contains detailed information of the package, detailed paths in the current compilation environment, and structure information of each syntax node.
Optionally, as an embodiment of the present invention, the package name encryption unit is configured to:
determining a root directory of a source code, traversing all package directories under the root directory, and acquiring relative paths of the package directories;
encrypting the relative path of the packet directory by using a first encryption function, and taking the obtained encrypted path as a packet name;
creating a directory according to the original directory architecture according to the package name to obtain an encrypted directory structure;
and updating the initial package name of the abstract syntax tree into the corresponding package name of the encrypted directory structure.
Optionally, as an embodiment of the present invention, the character obfuscating unit is configured to:
searching character strings in the abstract syntax tree through the node types;
if the character string is constant, the character string is converted into a reserved word format.
Optionally, as an embodiment of the present invention, the character obfuscating unit is configured to:
generating byte codes with the same number of characters as the character strings by using a random number generation function;
carrying out XOR operation on each character string and the random byte codes at corresponding positions in sequence to generate a middle character string;
and carrying out XOR operation on each byte code and the middle character string at the corresponding position in sequence to generate a string of confusion byte codes.
Optionally, as an embodiment of the present invention, the symbol encryption unit is configured to:
acquiring a type definition structure of a source code, acquiring an absolute path of the type definition structure, and reading a function definition in a file under the absolute path;
traversing the source code, acquiring a receiving type defined by the function, and positioning a relative path according to the receiving type;
and encrypting the corresponding type definition structure, function definition and relative path in the abstract structure tree by using a second encryption function.
Optionally, as an embodiment of the present invention, the first encryption function and the second encryption function are both customized functions, and the customized functions include, but are not limited to, any one of a hash function, a transcoding function, and a combining function.
Fig. 3 is a schematic structural diagram of a terminal 300 according to an embodiment of the present invention, where the terminal 300 may be used to execute the Go language source code obfuscation method according to the embodiment of the present invention.
Among them, the terminal 300 may include: a processor 310, a memory 320, and a communication unit 330. The components communicate via one or more buses, and those skilled in the art will appreciate that the architecture of the servers shown in the figures is not intended to be limiting, and may be a bus architecture, a star architecture, a combination of more or less components than those shown, or a different arrangement of components.
The memory 320 may be used for storing instructions executed by the processor 310, and the memory 320 may be implemented by any type of volatile or non-volatile storage terminal or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. The executable instructions in memory 320, when executed by processor 310, enable terminal 300 to perform some or all of the steps in the method embodiments described below.
The processor 310 is a control center of the storage terminal, connects various parts of the entire electronic terminal using various interfaces and lines, and performs various functions of the electronic terminal and/or processes data by operating or executing software programs and/or modules stored in the memory 320 and calling data stored in the memory. The processor may be composed of an Integrated Circuit (IC), for example, a single packaged IC, or a plurality of packaged ICs connected with the same or different functions. For example, the processor 310 may include only a Central Processing Unit (CPU). In the embodiment of the present invention, the CPU may be a single operation core, or may include multiple operation cores.
A communication unit 330, configured to establish a communication channel so that the storage terminal can communicate with other terminals. And receiving user data sent by other terminals or sending the user data to other terminals.
The present invention also provides a computer storage medium, wherein the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments provided by the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
Therefore, the encrypted and obfuscated Go language program can be obtained by constructing the abstract syntax tree of the Go language source code, encrypting and obfuscating the packet name, the character string and the symbol of the abstract syntax tree, and compiling the abstract syntax tree subjected to the encryption and obfuscation processing by using a Co compiling tool. The method not only confuses the character strings, but also confuses the types and the packet names, greatly increases the complexity of the program, fills the blank of the confusion technology of Go language, can effectively prevent static reverse analysis, improves the safety of the product, can effectively prevent the program product from being reversely cracked, and avoids unnecessary property loss.
Those skilled in the art will readily appreciate that the techniques of the embodiments of the present invention may be implemented as software plus a required general purpose hardware platform. Based on such understanding, the technical solutions in the embodiments of the present invention may be embodied in the form of a software product, where the computer software product is stored in a storage medium, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and the like, and the storage medium can store program codes, and includes instructions for enabling a computer terminal (which may be a personal computer, a server, or a second terminal, a network terminal, and the like) to perform all or part of the steps of the method in the embodiments of the present invention.
The same and similar parts in the various embodiments in this specification may be referred to each other. Especially, for the terminal embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant points can be referred to the description in the method embodiment.
In the embodiments provided in the present invention, it should be understood that the disclosed system and method can be implemented in other ways. For example, the above-described system embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, systems or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions are within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A Go language source code obfuscation method is characterized by comprising the following steps:
reading a source code, and constructing an abstract syntax tree of the source code;
encrypting the packet name of the abstract syntax tree by using a first encryption function;
using binary operation technique to confuse character string in abstract syntax tree into byte code;
encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree by using a second encryption function;
and compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
2. The method of claim 1, wherein reading source code and constructing an abstract syntax tree for the source code comprises:
analyzing the source code by using a tool for constructing an abstract syntax tree in a Go voice standard library, and returning error information if the source code has errors; if the parsing passes, an abstract syntax tree structure is returned, which contains detailed information of the package, detailed paths in the current compilation environment, and structure information of each syntax node.
3. The method of claim 1, wherein encrypting the package name of the abstract syntax tree using an encryption function comprises:
determining a root directory of a source code, traversing all package directories under the root directory, and acquiring relative paths of the package directories;
encrypting the relative path of the packet directory by using a first encryption function, and taking the obtained encrypted path as a packet name;
creating a directory according to the original directory architecture according to the package name to obtain an encrypted directory structure;
and updating the initial package name of the abstract syntax tree into the corresponding package name of the encrypted directory structure.
4. The method of claim 1, wherein obfuscating the character strings in the abstract syntax tree into bytecodes using a binary operation technique comprises:
searching character strings in the abstract syntax tree through the node types;
if the character string is constant, the character string is converted into a reserved word format.
5. The method of claim 4, wherein converting the string of characters to a reserved word format comprises:
generating byte codes with the same number of characters as the character strings by using a random number generation function;
carrying out XOR operation on each character string and the random byte codes at corresponding positions in sequence to generate a middle character string;
and carrying out XOR operation on each byte code and the middle character string at the corresponding position in sequence to generate a string of confusion byte codes.
6. The method of claim 1, wherein encrypting the type definitions, function definitions, and relative paths of the symbols in the abstract syntax tree using an encryption function comprises:
acquiring a type definition structure of a source code, acquiring an absolute path of the type definition structure, and reading a function definition in a file under the absolute path;
traversing the source code, acquiring a receiving type defined by the function, and positioning a relative path according to the receiving type;
and encrypting the corresponding type definition structure, function definition and relative path in the abstract structure tree by using a second encryption function.
7. The method of claim 1, wherein the first encryption function and the second encryption function are each customized functions, and the customized functions include but are not limited to any one of hash functions, transcoding functions, and combining functions.
8. A Go language source code obfuscation system, comprising:
the target construction unit is used for reading a source code and constructing an abstract syntax tree of the source code;
a package name encryption unit for encrypting the package name of the abstract syntax tree by using a first encryption function;
the character confusion unit is used for confusing the character strings in the abstract syntax tree into byte codes by utilizing a binary operation technology;
a symbol encryption unit for encrypting the type definition, the function definition and the relative path of the symbol in the abstract syntax tree by using a second encryption function;
and the target compiling unit is used for compiling the encrypted and obfuscated abstract syntax tree by using a Go compiling tool to obtain an obfuscated binary program.
9. A terminal, comprising:
a processor;
a memory for storing instructions for execution by the processor;
wherein the processor is configured to perform the method of any one of claims 1-7.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110961967.6A CN113849781B (en) | 2021-08-20 | 2021-08-20 | Go language source code confusion method, system, terminal and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110961967.6A CN113849781B (en) | 2021-08-20 | 2021-08-20 | Go language source code confusion method, system, terminal and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113849781A true CN113849781A (en) | 2021-12-28 |
CN113849781B CN113849781B (en) | 2024-01-12 |
Family
ID=78975680
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110961967.6A Active CN113849781B (en) | 2021-08-20 | 2021-08-20 | Go language source code confusion method, system, terminal and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113849781B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116483376A (en) * | 2023-05-05 | 2023-07-25 | 广州正是网络科技有限公司 | Automatic generation method, system and storage medium for C# code |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104182267A (en) * | 2013-05-21 | 2014-12-03 | 中兴通讯股份有限公司 | Compiling method, interpreting method, interpreting device and user equipment |
US20200192662A1 (en) * | 2018-12-12 | 2020-06-18 | Sap Se | Semantic-aware and self-corrective re-architecting system |
CN111522558A (en) * | 2020-07-06 | 2020-08-11 | 嘉兴太美医疗科技有限公司 | Method, device, system and readable medium for dynamically configuring rules based on Java |
CN112597454A (en) * | 2020-12-28 | 2021-04-02 | 深圳市欢太科技有限公司 | Code obfuscation method, code operation method, device, medium, and apparatus |
-
2021
- 2021-08-20 CN CN202110961967.6A patent/CN113849781B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104182267A (en) * | 2013-05-21 | 2014-12-03 | 中兴通讯股份有限公司 | Compiling method, interpreting method, interpreting device and user equipment |
US20200192662A1 (en) * | 2018-12-12 | 2020-06-18 | Sap Se | Semantic-aware and self-corrective re-architecting system |
CN111522558A (en) * | 2020-07-06 | 2020-08-11 | 嘉兴太美医疗科技有限公司 | Method, device, system and readable medium for dynamically configuring rules based on Java |
CN112597454A (en) * | 2020-12-28 | 2021-04-02 | 深圳市欢太科技有限公司 | Code obfuscation method, code operation method, device, medium, and apparatus |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116483376A (en) * | 2023-05-05 | 2023-07-25 | 广州正是网络科技有限公司 | Automatic generation method, system and storage medium for C# code |
CN116483376B (en) * | 2023-05-05 | 2023-10-03 | 广州正是网络科技有限公司 | Automatic generation method, system and storage medium for C# code |
Also Published As
Publication number | Publication date |
---|---|
CN113849781B (en) | 2024-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11036614B1 (en) | Data control-oriented smart contract static analysis method and system | |
CN110675256B (en) | Method and device for deploying and executing intelligent contracts | |
CN106970820B (en) | Code storage method and code storage device | |
CN110688122B (en) | Method and device for compiling and executing intelligent contract | |
US20180159830A1 (en) | Obfuscating Source Code Sent, from a Server Computer, to a Browser on a Client Computer | |
CN113094667B (en) | System for preventing java program from being decompiled | |
CN113704706B (en) | Code reinforcement method and device | |
CN110825386A (en) | Code compiling method and device and storage medium | |
EP4111302A1 (en) | Detection of runtime errors using machine learning | |
CN115509514B (en) | Front-end data simulation method, device, equipment and medium | |
CN113849781B (en) | Go language source code confusion method, system, terminal and storage medium | |
CN110347416B (en) | Script updating method and device | |
KR102671575B1 (en) | A technique to BinDiff cross architecture binaries | |
CN116450194A (en) | Method and device for generating python installation package, electronic equipment and readable storage medium | |
CN113094664B (en) | System for preventing android application program from being decompiled | |
CN113094665B (en) | System for preventing java program from being decompiled | |
CN118103815A (en) | Compiling method and device for compiling | |
CN111522554A (en) | Method and system for linear generalized LL recognition and context-aware parsing | |
CN116451795B (en) | Quantum circuit diagram processing method and device, electronic equipment and storage medium | |
CN117785213B (en) | Front-end construction tool and construction method based on Rust development | |
Sunitha | Compiler construction | |
CN113094666B (en) | System for preventing java program from being decompiled | |
CN117270962B (en) | Method and device for processing coloring language, storage medium and electronic equipment | |
CN113971028B (en) | Data processing method, apparatus, device, storage medium and computer program product | |
CN114579135B (en) | Installation package generation method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |