CN102930204B - Software shelling method based on software protecting equipment, system and method for protecting software - Google Patents
Software shelling method based on software protecting equipment, system and method for protecting software Download PDFInfo
- Publication number
- CN102930204B CN102930204B CN201210353459.0A CN201210353459A CN102930204B CN 102930204 B CN102930204 B CN 102930204B CN 201210353459 A CN201210353459 A CN 201210353459A CN 102930204 B CN102930204 B CN 102930204B
- Authority
- CN
- China
- Prior art keywords
- software
- code
- object code
- protecting equipment
- code section
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 230000006870 function Effects 0.000 claims description 27
- 239000000284 extract Substances 0.000 claims description 19
- 230000009191 jumping Effects 0.000 claims description 9
- 238000000605 extraction Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 description 16
- 238000007906 compression Methods 0.000 description 7
- 230000000694 effects Effects 0.000 description 5
- 230000006835 compression Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of software shelling method based on software protecting equipment, comprise the following steps: S1: in whole code segments of protected software, search object code section;S2: object code section is extracted in software protecting equipment and stores;S3: in whole code segments of protected software; object code section is replaced with and includes the code segment of jump instruction or be used for from described software protecting equipment, extracting described object code section and being reverted to the code segment in home position, and protected software is carried out shell adding.The invention also discloses a kind of software shelling system and method for protecting software.During shell adding running software, owing to object code section is stored in software protecting equipment, so all codes and the data of protected software not all being exposed in internal memory, increase the protection intensity to software.
Description
Technical field
The present invention relates to protecting computer software technical field, add particularly to a kind of software based on software protecting equipment
Shell side method, system and method for protecting software.
Background technology
In prior art, it is exactly to insert one period of code (i.e. shell generation in protected software that software carries out shell adding protection
Code), and the Article 1 instruction sensing shell code that the i.e. software in the entrance of protected software is performed, then protected software
Code and data are protected by modes such as encryption or compressions.First the software processed through shell adding can enter into
In shell code, in shell code, the source code reduction being encrypted or compressed is returned, jump to protected software the most again
Original entrance continues executing with.
Prior art additionally provides a kind of mode that software carries out shell adding protection based on software protecting equipment, i.e. at shell
Code adds the access to software protecting equipment, and by judging whether some condition becomes after access software protection device
Rob Roy determines whether software can continue executing with, and simplest Rule of judgment is exactly whether software protecting equipment exists, and even looks for
Arrive software protecting equipment, then having allowed software to perform, if can not find software protecting equipment, the most not allowing software continue to run with.
But, software shelling protected mode of the prior art has the protected software of a weakness, i.e. shell adding to run
Time, after having performed shell code and jumped to the original entrance of protected software, all codes of protected software and data
All it is exposed to internal memory suffer, just easily by its dump out can cause protected software easily quilt by some instruments
Cracking, that namely often says shells to software.
Summary of the invention
It is an object of the present invention to provide a kind of software shelling method based on software protecting equipment, to solve to use now
When the protected software having the shell adding method in technology to process is run, jump to the original of protected software having performed shell code
All it is exposed to, because of all codes of protected software and data, the protected software easily quilt that causes in internal memory after entrance
The problem cracked.
To achieve these goals, the invention provides a kind of software shelling method based on software protecting equipment, including
Following steps:
S1: search object code section in whole code segments of protected software;
S2: described object code section is extracted in described software protecting equipment and stores;
S3: in whole code segments of described protected software, replaces with described object code section and includes jump instruction
Code segment or for extracting described object code section from described software protecting equipment and reverted to home position
Code segment, described jump instruction is pointed to for extracting described object code section from described software protecting equipment and being reverted to
The code segment in home position, and described protected software is carried out shell adding.
As preferably, in described step S1, code segment that described object code Duan Weiyu single function is corresponding or with list
In the code segment that individual function is corresponding one section.
As preferably, described step S2 farther includes: send described object code section to described software protecting equipment,
And be stored in the memory block of described software protecting equipment.
As preferably, described step S3 particularly as follows:
S301: inject shell code in described protected software;
S302: in whole code segments of described protected software, replaces with described object code section for from described
Software protecting equipment extracts described object code section and is reverted to the code segment in home position;
S303: whole code segments of described protected software are encrypted or compress.
As preferably, described step S3 particularly as follows:
S311: in whole code segments of described protected software, replaces with described object code section for from described
Software protecting equipment extracts described object code section and is reverted to the code segment in home position;
S312: inject shell code in described protected software;
S313: whole code segments of described protected software are encrypted or compress.
As preferably, described step S3 particularly as follows:
S321: inject shell code in described protected software, comprises described for from described software in described shell code
Protection device is extracted described object code section and is reverted to the code segment in home position;
S322: in whole code segments of described protected software, described object code section is replaced with described in include jump
Turn the code segment of instruction;
S323: whole code segments of described protected software are encrypted or compress.
It is a further object to provide a kind of software shelling system based on software protecting equipment, to solve to use
When the protected software adding shell systems process of the prior art is run, jump to the former of protected software having performed shell code
The protected software being all exposed to cause in internal memory because of all codes and the data of protected software after beginning entrance is easy
The problem being cracked.
To achieve these goals, the invention provides a kind of software shelling system based on software protecting equipment, including:
Searching module, it is for searching object code section in whole code segments of protected software;
Extraction module, it stores for described object code section being extracted in described software protecting equipment;
Replacement module, described object code section, in whole code segments of described protected software, is replaced with by it
Including the code segment of jump instruction or for extracting described object code section from described software protecting equipment and being reduced
To the code segment in home position, described jump instruction is pointed to for extracting described object code section from described software protecting equipment
And reverted to the code segment in home position;
Shell adding module, it is for carrying out shell adding to described protected software.
As preferably, described lookup module is specifically for searching and single function in whole code segments of protected software
Corresponding code segment is as object code section or searches a section in the code segment corresponding with single function as object code
Section.
A further object of the present invention is to provide a kind of method for protecting software, to solve shell adding software of the prior art fortune
The problem that the protected software being all exposed to cause in internal memory because of all codes and data during row is easily cracked.
To achieve these goals, the invention provides a kind of method for protecting software based on software protecting equipment, including
Following steps:
S401: run shell code, decipher or decompress whole code segments of protected software, jumps to described soft by protection
The original entrance of whole code segments of part continues executing with;
S402: go to for extracting object code section from described software protecting equipment and being reverted to home position
Code segment time access described software protecting equipment, read the object code section being stored in described software protecting equipment and by it
Write described for extracting described object code section from described software protecting equipment and being reverted to the code in home position
The position of section, described object code section be find in whole code segments of described protected software in advance and extract described
The code segment of storage in software protecting equipment;
S403: described object code section Article 1 instruction start perform, described object code section has performed after continuation to
Lower execution.
To achieve these goals, the invention provides another kind of method for protecting software based on software protecting equipment, bag
Include following steps:
S501: run shell code, decipher or decompress whole code segments of protected software, jumps to described soft by protection
The original entrance of whole code segments of part continues executing with;
S502: go to jump to during the code segment including jump instruction for extracting mesh from described software protecting equipment
Marking code segment and reverted to the code segment in home position, described jump instruction is pointed to described for filling from described software protection
Put middle extraction described object code section and reverted to the code segment in home position;
S503: access described software protecting equipment, reads the object code section being stored in described software protecting equipment also
Include described in being written to that the position of the code segment of jump instruction, described object code section are in advance in described protected software
Code segment all finds and extracts the code segment of storage in described software protecting equipment;
S504: described object code section Article 1 instruction start perform, described object code section has performed after continuation to
Lower execution.
Compared with prior art, the method have the advantages that
1) the software fortune that the software shelling method and system shell adding based on software protecting equipment using the present invention to provide is crossed
During row, after having performed shell code and having jumped to the original entrance of protected software, due to the partial code of protected software
Section remains stored in software protecting equipment, so all codes and the data of protected software not all being exposed to internal memory
In, therefore, protected software after having performed shell code by dump easily out would not increase the protection to software
Intensity;
2) in the method for protecting software based on software protecting equipment that the present invention provides, due to the part generation of protected software
Code section is stored in software protecting equipment, code and data is not all exposed in internal memory during shell adding running software, therefore, and quilt
Protection software after having performed shell code by dump easily out would not increase the protection intensity to software.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the software shelling method of the embodiment of the present invention one;
Fig. 2 is the schematic diagram using the software shelling method of embodiment one that software carries out shell adding process;
Fig. 3 is the schematic flow sheet during running software using the software shelling method shell adding of embodiment one to cross;
Fig. 4 is the schematic flow sheet of the software shelling method of the embodiment of the present invention two;
Fig. 5 is the schematic flow sheet of the software shelling method of the embodiment of the present invention three;
Fig. 6 is the schematic diagram using the software shelling method of embodiment three that software carries out shell adding process;
Fig. 7 is the schematic flow sheet during running software using the software shelling method shell adding of embodiment three to cross;
Fig. 8 is the structured flowchart of the software shelling system of the embodiment of the present invention four.
Detailed description of the invention
Below in conjunction with the accompanying drawings the specific embodiment of the present invention is described in detail.
Embodiment one:
As depicted in figs. 1 and 2, the software shelling method based on software protecting equipment of embodiment one comprises the following steps:
S1: search object code section C in whole code segment A of protected software;
Due to one section of other code of object code section C one-tenth to be replaced in subsequent step, therefore object code section C to expire
Foot is the most claimed below: protected software can not jump to outside object code section C inside object code section C (in the middle of i.e. certain
Place) instruction;
Owing to object code section C is to be extracted in software protecting equipment E, so object code section C can only be from Article 1
Instruction starts to perform, thus in whole code segment A of protected software, in addition to object code section C, it is impossible to there are other can
To jump directly to the code in the middle of object code section C.It is limited to this condition, whole function is chosen exactly as object code section
A kind of simplest form of object code section C, but a certain section chosen in a function can also be used as target generation
The mode of code section C.Therefore, in embodiment one, as a kind of preferred implementation, search procedure in units of single function,
Would correspond to a code segment of single function or one section therein extract in software protecting equipment E as object code section
C, this ensures that theres not exist in other code segments in addition to corresponding to the code segment of this single function and jumps to corresponding to this
Instruction within the code segment of single function.
S2: object code section C is extracted in software protecting equipment E and stores;
Object code section C is transmitted directly to software protecting equipment E as one piece of data by process in fact exactly that extract, and
It is stored in the memory block of software protecting equipment E;The number can being stored therein by hardware guarantee due to software protecting equipment E
According to being read out easily, it is possible to object code section C is stored in software protecting equipment E with the form of clear data
In, and again object code section C need not be encrypted storage.
S301: inject shell code B in protected software;
The technology injecting shell code in protected software belongs to the routine techniques of software shelling in prior art, at this not
Repeat again.
S302: in whole code segment A of protected software, replaces with object code section C for filling from software protection
Put and E extracts object code section C and is reverted to the code segment D in home position;
Object code section C of storage in software protecting equipment E is mainly read out and reverts to by the effect of code segment D
At code segment D, from software protecting equipment E, i.e. read object code section C, and replace current by object code section C read
Code segment D.
S303: whole code segment A of protected software are encrypted or compress;
Encryption and compression process fall within the routine techniques of software shelling in prior art, are not belonging to the design of the present invention,
Also repeating no more at this, encryption and compression process can certainly use other process with similar functions of the prior art
Process is replaced.
As it is shown on figure 3, use embodiment one software shelling method shell adding cross running software time step be:
S401: shell code B is first carried out, deciphering or decompressed code section A, then branch to the original entrance of code segment A
Point continues executing with;
S402: when going to code segment D, code segment D access software protection device E, reads generation from software protecting equipment E
Code section C is also filled into the position of code segment D;
The Article 1 instruction of S403: code segment C starts to perform, and code segment C continues after having performed to perform downwards.
It can be seen that with comparing when object code section C not being extracted in software protecting equipment E, software perform effect
Fruit is the same.
When using the running software that the software shelling method shell adding of embodiment one is crossed, performing shell code B and jumping to
Behind the original entrance of protected software, owing to the partial code section of protected software remains stored in software protecting equipment E,
So all codes and the data of protected software not all being exposed in internal memory, therefore, protected software would not held
Go after shell code by dump easily out, increased the protection intensity to software.
Embodiment two:
As shown in Figure 4, the software shelling method based on software protecting equipment of embodiment two comprises the following steps:
S1: search object code section C in whole code segment A of protected software;
S2: object code section C is extracted in software protecting equipment E and stores;
S311: in whole code segment A of protected software, replaces with object code section C for filling from software protection
Put and E extracts object code section C and is reverted to the code segment D in home position;
S312: inject shell code B in protected software;
S313: whole code segment A of protected software are encrypted or compress.
It can be seen that the software shelling method of embodiment two is right with differing only in of the software shelling method of embodiment one
The execution sequence of third and fourth step is exchanged.
The step during running software that the software shelling method shell adding of employing embodiment two is crossed is similarly:
Shell code B is first carried out, deciphering or decompressed code section A, and the original entrance then branching to code segment A is continued
Perform;
When going to code segment D, code segment D access software protection device E, reads code segment C from E and is filled into code
The position of section D;
The Article 1 instruction of code segment C starts to perform, and code segment C continues after having performed to perform downwards.
Embodiment three:
As shown in Figure 5 and Figure 6, the software shelling method based on software protecting equipment of embodiment three comprises the following steps:
S1: search object code section C in whole code segment A of protected software;
Due to one section of other code of object code section C one-tenth to be replaced in subsequent step, therefore object code section C to expire
Foot is the most claimed below: protected software can not jump to outside object code section C inside object code section C (in the middle of i.e. certain
Place) instruction;
Owing to object code section C is to be extracted in software protecting equipment E, so object code section C can only be from Article 1
Instruction starts to perform, thus in whole code segment A of protected software, in addition to object code section C, it is impossible to there are other can
To jump directly to the code in the middle of object code section C.It is limited to this condition, whole function is chosen exactly as object code section
A kind of simplest form of object code section C, but a certain section chosen in a function can also be used as target generation
The mode of code section C.Therefore, in embodiment three, as a kind of preferred implementation, search procedure in units of single function,
Would correspond to a code segment of single function or one section therein extract in software protecting equipment E as object code section
C, this ensures that theres not exist in other code segments in addition to corresponding to the code segment of this single function and jumps to corresponding to this
Instruction within the code segment of single function.
S2: object code section C is extracted in software protecting equipment E and stores;
Object code section C is transmitted directly to software protecting equipment E as one piece of data by process in fact exactly that extract, and
It is stored in the memory block of software protecting equipment E;The number can being stored therein by hardware guarantee due to software protecting equipment E
According to being read out easily, it is possible to object code section C is stored in software protecting equipment E with the form of clear data
In, and again object code section C need not be encrypted storage.
S321: inject shell code B in protected software, wherein comprises for extracting target from software protecting equipment E
Code segment C is also reverted to the code segment D in home position;
The technology injecting shell code in protected software belongs to the routine techniques of software shelling in prior art, at this not
Repeat again.
S322: in whole code segment A of protected software, replaces with the generation including jump instruction by object code section C
Code section C ', code segment D is pointed in described jump instruction;
Object code section C of storage in software protecting equipment E is mainly read out and reverts to by the effect of code segment D
Including the code segment C ' place of jump instruction, i.e. from software protecting equipment E read object code section C, and with reading target generation
Code section C replaces code segment C ';The mode that object code section C replaces with code segment C ' here is: by the first of object code section C
Bar instruction modification is described jump instruction, and jump target is appointed as after code segment D, code segment C ' place Article 1 instructs all with sky
Instruction is filled.
S323: whole code segment A of protected software are encrypted or compress;
Encryption and compression process fall within the routine techniques of software shelling in prior art, are not belonging to the design of the present invention,
Also repeating no more at this, encryption and compression process can certainly use other process with similar functions of the prior art
Process is replaced.
As it is shown in fig. 7, use embodiment three software shelling method shell adding cross running software time step be:
S501: shell code B is first carried out, deciphering or decompressed code section A, then branch to the original entrance of code segment A
Point continues executing with;
S502: go to jump to during code segment C ' code segment D;
Being to jump to code segment D owing to the Article 1 of code segment C ' instructs, entering so next jumping directly to code segment D
Row access software protection device E;
S503: code segment D access software protection device E, reads code segment C from software protecting equipment E and is filled into generation
Code section C ' position;
S504: the code segment D Article 1 instruction having performed to jump to afterwards code segment C starts to perform, and code segment C has performed
Rear continuation performs downwards.
It can be seen that with comparing when object code section C not being extracted in software protecting equipment E, software perform effect
Fruit is the same.
When using the running software that the software shelling method shell adding of embodiment three is crossed, performing shell code B and jumping to
Behind the original entrance of protected software, owing to the partial code section of protected software remains stored in software protecting equipment E,
So all codes and the data of protected software not all being exposed in internal memory, therefore, protected software would not held
Go after shell code by dump easily out, increased the protection intensity to software.
Embodiment four:
As shown in Figure 8, the software shelling system based on software protecting equipment of embodiment four includes:
Searching module 1, it is for searching object code section, described object code in whole code segments of protected software
There is not the instruction jumping to described object code intrasegmental part in other code segments outside Duan;
During owing to using the software shelling systems versus software of embodiment four to process, object code section one-tenth to be replaced one
The other code of section, the object code section therefore searched to meet claimed below: in protected software outside object code section not
Can there is the instruction jumping to object code intrasegmental part (somewhere in the middle of i.e.);
In embodiment four, as a kind of preferred implementation, search when module 1 searches object code section with single function
For unit, the code segment that would correspond to single function extracts in software protecting equipment, this ensures that there except corresponding to
Other code segments outside the code segment of this single function do not exist and jumps to corresponding within the code segment of this single function
Instruction.
Extraction module 2, it stores for described object code section being extracted in described software protecting equipment;
Extraction module 2 extracts the process of object code section and in fact object code section is directly transmitted as one piece of data exactly
To software protecting equipment, and it is stored in the memory block of software protecting equipment;Owing to software protecting equipment can pass through hardware package
The data that card is stored therein will not be read out easily, it is possible to object code section is stored with the form of clear data
In software protecting equipment, and again object code section need not be encrypted storage.
Replacement module 3, described object code section, in whole code segments of described protected software, is replaced with by it
Including the code segment of jump instruction or for extracting object code section from software protecting equipment and being reverted to raw bits
The code segment put, described jump instruction is pointed to for extracting object code section from software protecting equipment and being reverted to original
The code segment of position;
When replacement module 3 is for replacing with described object code section for extracting object code from software protecting equipment
Section when being reverted to the code segment in home position, for extracting object code section and being reduced from software protecting equipment
The object code section stored in software protecting equipment is mainly read out and reduces by the acting on of code segment to home position
To for extracting object code section from software protecting equipment and being reverted at the code segment in home position, i.e. protect from software
Protection unit reads object code section, and replaces for extracting target generation from software protecting equipment by the object code section read
Code section is also reverted to the code segment in home position;
When replacement module 3 is for replacing with, by described object code section, the code segment including jump instruction, for from soft
In part protection device extract object code section and reverted to home position code segment effect be mainly by software protection
In device the object code section of storage read out and revert to described in include at the code segment of jump instruction, i.e. from software protection
Device reads object code section, and with including the code segment of jump instruction described in the object code section replacement read;Here will
Object code section includes that the mode of code segment of jump instruction is described in replacing with: by the Article 1 instruction modification of object code section
For described jump instruction, jump target is appointed as extracting object code section from software protecting equipment and being reverted to former
The code segment of beginning position, described in include all filling with do-nothing instruction after Article 1 instruction at the code segment of jump instruction.
Shell code injection module 4, it is for injecting shell code in described protected software.
Encrypting module 5, it is for being encrypted whole code segments of described protected software.
Shell code injection module 4 and encrypting module 5 broadly fall into shell adding module, and shell adding module belongs to software in prior art and adds
The routine techniques of shell, is not belonging to the design of the present invention, also repeats no more at this;Encrypting module 5 herein can use compression module
Replacing, described compression module is for being compressed whole code segments of described protected software;Additionally, encrypting module 5 and pressure
Contracting module can also use other processing modules with similar functions of the prior art to be replaced.
Use embodiment four software shelling system shell adding cross running software time, performed shell code and jump to by
Behind the original entrance of protection software, owing to the partial code section of protected software remains stored in software protecting equipment, institute
All codes and the data of protected software not all to be exposed in internal memory, therefore, protected software would not perform
After complete shell code by dump easily out, the protection intensity to software is increased.
Embodiment five:
The embodiment of the present invention five provides a kind of method for protecting software based on software protecting equipment, comprises the following steps:
S401: run shell code, decipher or decompress whole code segments of protected software, jumps to described soft by protection
The original entrance of whole code segments of part continues executing with;
S402: go to for extracting object code section from described software protecting equipment and being reverted to home position
Code segment time access described software protecting equipment, read the object code section being stored in described software protecting equipment and by it
For extraction object code section from software protecting equipment the position of the code segment being reverted to home position described in writing,
Described object code section is to find in whole code segments of described protected software in advance and extract described software protection
The code segment of storage in device;
S403: described object code section Article 1 instruction start perform, described object code section has performed after continuation to
Lower execution.
The flow process of the method for protecting software of embodiment five refers to shown in Fig. 3, and this flow process is and uses embodiment one
The step during running software that shell adding method shell adding is crossed.
Owing to the partial code section of protected software is stored in software protecting equipment, will generation during shell adding running software
Code and data are all exposed in internal memory, and therefore, protected software would not be gone out by dump easily after having performed shell code
Come, increase the protection intensity to software.
Embodiment six:
The embodiment of the present invention six provides a kind of method for protecting software based on software protecting equipment, comprises the following steps:
S501: run shell code, decipher or decompress whole code segments of protected software, jumps to described soft by protection
The original entrance of whole code segments of part continues executing with;
S502: go to jump to during the code segment including jump instruction for extracting target generation from software protecting equipment
Code section is also reverted to the code segment in home position, and described jump instruction is pointed to described for extracting from software protecting equipment
Object code section is also reverted to the code segment in home position;
S503: access described software protecting equipment, reads the object code section being stored in described software protecting equipment also
Include described in being written to that the position of the code segment of jump instruction, described object code section are in advance in described protected software
Code segment all finds and extracts the code segment of storage in described software protecting equipment;
S504: described object code section Article 1 instruction start perform, described object code section has performed after continuation to
Lower execution.
The flow process of the method for protecting software of embodiment six refers to shown in Fig. 7, and this flow process is and uses embodiment three
The step during running software that shell adding method shell adding is crossed.
Similarly, since the partial code section of protected software is stored in software protecting equipment, do not have during shell adding running software
Having and code and data are all exposed in internal memory, therefore, protected software would not be by easily after having performed shell code
Dump out, increases the protection intensity to software.
Above example is only the exemplary embodiment of the present invention, is not used in the restriction present invention, protection scope of the present invention
It is defined by the claims.The present invention can be made respectively in the essence of the present invention and protection domain by those skilled in the art
Planting amendment or equivalent, this amendment or equivalent also should be regarded as being within the scope of the present invention.
Claims (8)
1. a software shelling method based on software protecting equipment, it is characterised in that comprise the following steps:
S1: search the object code section corresponding with single function in whole code segments of protected software;
S2: described object code section is extracted in described software protecting equipment and stores;
S3: in whole code segments of described protected software, replaces with the generation including jump instruction by described object code section
Code section or for extracting described object code section from described software protecting equipment and reverted to the code in home position
Section, described jump instruction is pointed to for extracting described object code section from described software protecting equipment and being reverted to original
The code segment of position, and described protected software is carried out shell adding;
There is not the instruction jumping to described object code intrasegmental part in other code segments outside described object code section.
Software shelling method based on software protecting equipment the most according to claim 1, it is characterised in that described step S2
Farther include: described object code section is sent to described software protecting equipment, and is stored in described software protecting equipment
In memory block.
Software shelling method based on software protecting equipment the most according to claim 1, it is characterised in that described step S3
Particularly as follows:
S301: inject shell code in described protected software;
S302: in whole code segments of described protected software, replaces with described object code section for from described software
Protection device is extracted described object code section and is reverted to the code segment in home position;
S303: whole code segments of described protected software are encrypted or compress.
Software shelling method based on software protecting equipment the most according to claim 1, it is characterised in that described step S3
Particularly as follows:
S311: in whole code segments of described protected software, replaces with described object code section for from described software
Protection device is extracted described object code section and is reverted to the code segment in home position;
S312: inject shell code in described protected software;
S313: whole code segments of described protected software are encrypted or compress.
Software shelling method based on software protecting equipment the most according to claim 1, it is characterised in that described step S3
Particularly as follows:
S321: inject shell code in described protected software, comprises described for from described software protection in described shell code
Device extracts described object code section and is reverted to the code segment in home position;
S322: in whole code segments of described protected software, described object code section is replaced with described in include redirecting finger
The code segment of order;
S323: whole code segments of described protected software are encrypted or compress.
6. a software shelling system based on software protecting equipment, it is characterised in that including:
Searching module, it is for searching the object code section corresponding with single function in whole code segments of protected software;
Extraction module, it stores for described object code section being extracted in described software protecting equipment;
Replacement module, described object code section, in whole code segments of described protected software, is replaced with and includes by it
The code segment of jump instruction or for extracting described object code section from described software protecting equipment and being reverted to former
The code segment of beginning position, described jump instruction is pointed to for extracting described object code section from described software protecting equipment and inciting somebody to action
It reverts to the code segment in home position;
Shell adding module, it is for carrying out shell adding to described protected software;
There is not the instruction jumping to described object code intrasegmental part in other code segments outside described object code section.
7. a method for protecting software based on software protecting equipment, it is characterised in that comprise the following steps:
S401: run shell code, decipher or decompress whole code segments of protected software, jump to described protected software
All the original entrance of code segment continues executing with;
S402: go to for extracting object code section from described software protecting equipment and being reverted to the generation in home position
Access described software protecting equipment during code section, read the object code section being stored in described software protecting equipment and be written to
Described for extracting described object code section from described software protecting equipment and being reverted to the code segment in home position
Position, described object code section is to find in whole code segments of described protected software in advance and extract described software
The code segment corresponding to single function of storage in protection device;
The Article 1 instruction of S403: described object code section starts to perform, and described object code section has performed rear continuation and held downwards
OK;
There is not the instruction jumping to described object code intrasegmental part in other code segments outside described object code section.
8. a method for protecting software based on software protecting equipment, it is characterised in that comprise the following steps:
S501: run shell code, decipher or decompress whole code segments of protected software, jump to described protected software
All the original entrance of code segment continues executing with;
S502: go to jump to during the code segment including jump instruction for extracting target generation from described software protecting equipment
Code section is also reverted to the code segment in home position, and described jump instruction is pointed to described for from described software protecting equipment
Extract described object code section and reverted to the code segment in home position;
S503: access described software protecting equipment, reads the object code section being stored in described software protecting equipment and by it
Include described in writing that the position of the code segment of jump instruction, described object code section are whole in described protected software in advance
Code segment finds and extracts the code segment corresponding to single function of storage in described software protecting equipment;
The Article 1 instruction of S504: described object code section starts to perform, and described object code section has performed rear continuation and held downwards
OK;
There is not the instruction jumping to described object code intrasegmental part in other code segments outside described object code section.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210353459.0A CN102930204B (en) | 2012-09-20 | 2012-09-20 | Software shelling method based on software protecting equipment, system and method for protecting software |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210353459.0A CN102930204B (en) | 2012-09-20 | 2012-09-20 | Software shelling method based on software protecting equipment, system and method for protecting software |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102930204A CN102930204A (en) | 2013-02-13 |
| CN102930204B true CN102930204B (en) | 2016-12-21 |
Family
ID=47645001
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210353459.0A Active CN102930204B (en) | 2012-09-20 | 2012-09-20 | Software shelling method based on software protecting equipment, system and method for protecting software |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102930204B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103699820B (en) * | 2013-12-25 | 2017-02-15 | 北京深思数盾科技股份有限公司 | Obfuscating method for relative jump instruction |
| CN104751024B (en) * | 2013-12-27 | 2018-10-19 | 腾讯科技(深圳)有限公司 | A kind of method and device that core source code is encrypted |
| CN104978528A (en) * | 2014-04-01 | 2015-10-14 | 四零四科技股份有限公司 | Operating system core encryption and its decryption method |
| CN104102860A (en) * | 2014-08-11 | 2014-10-15 | 北京奇虎科技有限公司 | Protecting method and running method and device and system for Android platform application program |
| CN112818359B (en) * | 2020-12-31 | 2022-06-03 | 北京深思数盾科技股份有限公司 | File protection method and device |
| CN112905543A (en) * | 2021-02-07 | 2021-06-04 | 网易(杭州)网络有限公司 | Anti-cracking method, medium, device and computing equipment for script file |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2927185Y (en) * | 2006-04-14 | 2007-07-25 | 北京飞天诚信科技有限公司 | Data safety transmission equipment |
| CN101013459A (en) * | 2007-02-07 | 2007-08-08 | 北京飞天诚信科技有限公司 | Method and apparatus for improving security of software protection |
| CN201035579Y (en) * | 2006-12-30 | 2008-03-12 | 北京深思洛克数据保护中心 | Device of performing protection to software |
| CN101261664A (en) * | 2008-04-10 | 2008-09-10 | 北京深思洛克数据保护中心 | A method for realizing software protection based on the program code stored in the software protection device |
| CN101964040A (en) * | 2010-09-10 | 2011-02-02 | 西安理工大学 | PE loader-based software packing protection method |
-
2012
- 2012-09-20 CN CN201210353459.0A patent/CN102930204B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2927185Y (en) * | 2006-04-14 | 2007-07-25 | 北京飞天诚信科技有限公司 | Data safety transmission equipment |
| CN201035579Y (en) * | 2006-12-30 | 2008-03-12 | 北京深思洛克数据保护中心 | Device of performing protection to software |
| CN101013459A (en) * | 2007-02-07 | 2007-08-08 | 北京飞天诚信科技有限公司 | Method and apparatus for improving security of software protection |
| CN101261664A (en) * | 2008-04-10 | 2008-09-10 | 北京深思洛克数据保护中心 | A method for realizing software protection based on the program code stored in the software protection device |
| CN101964040A (en) * | 2010-09-10 | 2011-02-02 | 西安理工大学 | PE loader-based software packing protection method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102930204A (en) | 2013-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102930204B (en) | Software shelling method based on software protecting equipment, system and method for protecting software | |
| CN104067282B (en) | Counter operation in state machine lattice | |
| CN106126981B (en) | Software security means of defence based on the replacement of virtual function table | |
| CN102004884B (en) | Method and device capable of acquiring executable file input table | |
| CN103946855A (en) | Methods, devices, and systems for detecting return-oriented programming exploits | |
| CN111310222B (en) | File encryption method | |
| CN105612527A (en) | Method for providing security for common intermediate language-based program | |
| CN101261664B (en) | A method for realizing software protection based on the program code stored in the software protection device | |
| CN105051711A (en) | Methods and apparatuses for providing data received by a state machine engine | |
| CN103150493A (en) | JavaScript code obfuscation method and device | |
| CN103413075A (en) | Method and device for protecting JAVA executable program through virtual machine | |
| CN102238001A (en) | Method and device for enhancing data security | |
| CN102184363B (en) | Automatic software packer shelling method based on comprehensive processing | |
| CN104246727A (en) | Data processing system and method for operating a data processing system | |
| CN103136458A (en) | Code protection method for Linux operating system and module of method | |
| CN101038615A (en) | Method for directly and arbitrary separating code to encryption lock from software to implement protection of software protection | |
| CN106682493B (en) | A kind of method, apparatus for preventing process from maliciously being terminated and electronic equipment | |
| CN101930521A (en) | File protecting method and device thereof | |
| CN113434148A (en) | Decryption-preventing client development compiling method and device, electronic equipment and storage medium | |
| CN106295322B (en) | A kind of hardware protection device for buffer overflow attack | |
| CN103186746A (en) | Protection method and system of executable file | |
| CN109960902A (en) | A kind of safety protecting method of dynamic link library, storage medium and terminal device | |
| CN101261665A (en) | A method for realizing software protection based on data file encryption | |
| CN104272317B (en) | The subset of multiple instruction is identified and performed in safer performing environment | |
| US20150006909A1 (en) | Module encryption/decryption program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: BEIJING SHENSI SHUDUN SCIENCE + TECHNOLOGY CO., LT Free format text: FORMER OWNER: BEIJING SENSELOCK SOFTWARE TECHNOLOGY CO., LTD. Effective date: 20150722 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20150722 Address after: 100872 room 1706, building 59, Zhongguancun street, Haidian District, Beijing Applicant after: BEIJING SHENSI SHUDUN TECHNOLOGY Co.,Ltd. Address before: 100086 Beijing City, Haidian District Zhongguancun South Street No. 6 Zhucheng building block B room 1201 Applicant before: Beijing Senselock Software Technology Co.,Ltd. |
|
| CB02 | Change of applicant information |
Address after: 100872 room 1706, building 59, Zhongguancun street, Haidian District, Beijing Applicant after: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. Address before: 100872 room 1706, building 59, Zhongguancun street, Haidian District, Beijing Applicant before: BEIJING SHENSI SHUDUN TECHNOLOGY Co.,Ltd. |
|
| COR | Change of bibliographic data | ||
| CB02 | Change of applicant information |
Address after: 100193 Beijing, Haidian District, East West Road, No. 10, East Hospital, building No. 5, floor 5, layer 510 Applicant after: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. Address before: 100872 room 1706, building 59, Zhongguancun street, Haidian District, Beijing Applicant before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. |
|
| COR | Change of bibliographic data | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee after: Beijing Shendun Technology Co.,Ltd. Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. |