CN107315930A - A kind of method of protection Python programs - Google Patents
A kind of method of protection Python programs Download PDFInfo
- Publication number
- CN107315930A CN107315930A CN201710549817.8A CN201710549817A CN107315930A CN 107315930 A CN107315930 A CN 107315930A CN 201710549817 A CN201710549817 A CN 201710549817A CN 107315930 A CN107315930 A CN 107315930A
- Authority
- CN
- China
- Prior art keywords
- python
- parallel
- protection
- command code
- opcode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000004048 modification Effects 0.000 claims description 15
- 238000012986 modification Methods 0.000 claims description 15
- 230000008676 import Effects 0.000 claims description 11
- 230000008859 change Effects 0.000 claims description 7
- JLQUFIHWVLZVTJ-UHFFFAOYSA-N carbosulfan Chemical compound CCCCN(CCCC)SN(C)C(=O)OC1=CC=CC2=C1OC(C)(C)C2 JLQUFIHWVLZVTJ-UHFFFAOYSA-N 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract description 5
- 238000013515 script Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000002633 protecting effect Effects 0.000 description 5
- 230000008901 benefit Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
The invention discloses a kind of method of protection Python programs, methods described includes:Parallel step and the non-parallel step after parallel step, wherein, parallel step includes:Parallel sub-step A:Based on any default command code corresponding relation, the first default number command code is exchanged in opcode.h, the second default number command code is then exchanged again;Parallel sub-step B:The command code in opcode.py is changed, is kept consistent with default command code corresponding relation;Non-parallel step includes:Step 1:Recompilate source code, obtain new python interpreters, realize existing decompiling instrument can not decompiling obtain source code, the technique effect protected to Python programs.
Description
Technical field
The present invention relates to computer program field, in particular it relates to a kind of method of protection Python programs.
Background technology
Python programs are the application programs developed using Python scripts.In order to protect source code not reveal, make
The application program (app.py) developed with python scripts can typically first pass through Python script compilers and compile it as
Byte code files (app.pyc) are then distributed to client's fortune by the binary system byte code file (app.pyc) with specific structure
OK.
Bytecode (.pyc) file for the application compiling generation developed using Python scripts, is not to be directed to specific place
The binary file of device and system is managed, but it is specific for having for Python virtual machines (Python Virtual Machine)
Structure and features binary file, it remains the full detail in addition to annotation in Python sound code files.
Because byte code files have specific form, the application program developed using Python scripts is easy
It is sound code file by attacker's decompiling, developer and company is caused damage.A most important attribute in byte code files
Domain is exactly sequence of opcodes, wherein the control to program execution logic is contained, and to the behaviour of the execution of parameters in program
The information such as work, therefore the protection of sequence of opcodes and byte code files form is particularly important.
Because the application program developed using Python scripts can typically use substantial amounts of third party library, especially portion
The application program (linux system can also use Python some storehouses) in Linux environment is affixed one's name to, so needing to ensure Python
The compatibility of program and third party library.
Existing Python program protection methods are mainly modification command code, and simple modification command code can cause operation
Program crashing during specific code.Because pyc files are only for Python virtual machines, so when pyc programs are transferred to other
Environment, which remains unchanged, normally to be run.
In summary, present inventor has found above-mentioned technology extremely during the present application technical scheme is realized
There is following technical problem less:
Be present certain compatibility issue in existing Python program protection methods, and occur under some specific programs
Collapse, and existing guard method can not protect pyc programs to be stolen.
The content of the invention
The invention provides a kind of method of protection Python programs, solve in existing Python program protection methods
The compatibility issue of presence and run particular code when there is program crashing the problem of, realizing is preventing the base of decompiling
Compatibility is improved on plinth, prevents program from the technique effect collapsed occur.
For achieving the above object, this application provides a kind of method of protection Python programs, methods described includes:
Parallel step and the non-parallel step after parallel step, wherein, parallel step includes:
Parallel sub-step A:Based on any default command code corresponding relation, first default number behaviour is exchanged in opcode.h
Make code, the second default number command code is then exchanged again;
Parallel sub-step B:The command code in opcode.py is changed, is kept consistent with default command code corresponding relation;
Non-parallel step includes:
Step 1:Source code is recompilated, new python interpreters are obtained.
Wherein, there is no sequencing between the sub-step in parallel step, non-parallel step is carried out after the completion of parallel step
Suddenly, source code is easily obtained by decompiling present invention mainly solves Python programs, and overcomes what existing defence program was present
Weak point.The present invention reaches above-mentioned purpose based on modification Python source codes and cyberdog encryption.Python interpreters use 4
The shaped digital of byte represents start context, and Python interpreters can only perform the pyc after the compiling with identical version number
Program.Version number is defined in the import.c of interpreter.Python interpreters in the process of implementation, for being cited (both
Import module), can generate pyc files for it automatically, when the module is loaded again, just directly perform pyc texts
Part, without being compiled operation again.Python interpreters store command code using 1 byte capacity, can have in theory
256 command codes, have used 0-147 command codes, wherein 0-89 command codes are the command code for not needing parameter, 90- now
No. 147 command codes are to need the command code of parameter.Command code is defined in opcode.h files, as shown in Figure 1.
The command code of python interpreters is defined in opcode.h, any first in opcode.h to exchange No. 0-89
Command code, it is then any again to exchange 90-147 command codes.The python interpreters of command code were so changed, were just provided with certainly
Oneself exclusive a set of command code, in the case where not knowing our corresponding relation of command code, others also just can not be to me
Pyc programs carry out decompiling, thus we, which have just reached, prevents program by decompiling, protects the purpose of source code.Modification
Command code in opcode.py, keeps the command code after being exchanged with step A consistent.If not changing the operation in this file
Code, causes python interpreters mistake occur when step 1 operation is performed, it is impossible to obtain new python interpreters.
Further, the parallel step also includes:Version number defined in modification import.c is not made for one
Value.In order to ensure our amended python interpreters, performing when these have had the module of pyc files not go out
Existing compatibility issue is, it is necessary to which it is a value being not used to change the version number defined in import.c.
Further, the parallel step also includes:The related content of the generation pyc files in import.c is changed, is made
Python interpreters can not generate pyc files.Python interpreters can directly generate the pyc files after compiling, if will repair
The pyc files of the python interpreters generation for command code of correcting one's mistakes and the pyc files of common python interpreters generation are contrasted,
Easily be cracked the amended command code corresponding relation of acquisition, and then causes program to obtain source code by decompiling, loses guarantor
The meaning of shield.
Further, the parallel step also includes:Change in marshal.c about pyc file contents after display compiling
Interface, prevent other programs from call these interfaces compiled after pyc file contents.
Further, the non-parallel step also includes:Step 2:New python interpreters are carried out using softdog
Encryption.In order to increase protecting effect, prevent other people from changing, the new python interpreters of acquisition are cracked, using softdog to new
Python interpreters be encrypted.
Further, the non-parallel step also includes:Step 3:Delete opcode.py and opcode.h.Prevent from passing through
Opcode.py or opcode.h exchanged after command code.
Further, the step 1 is specially:Source code is recompilated using gcc or VS, new python is obtained and explains
Device.
Further, 0-89 command codes are exchanged in opcode.h, 90-147 command codes are then exchanged again.
One or more technical schemes that the application is provided, have at least the following technical effects or advantages:
Method in the application have modified magic_number and command code so that existing decompiling instrument counter can not be compiled
Translate and obtain source code.
Further, the method in the application has carried out softdog encryption to amended python performing environments, can be with
Protect it to be run under protected environment, prevent other people from directly usurping.
Further, the method in the application have modified the command code defined in opcode.py simultaneously, can prevent
The program that refer to this file is collapsed.
Further, in the application method, will not be right because using the magic_number not used
Other python performing environments are impacted, and improve compatibility.
Brief description of the drawings
Accompanying drawing described herein is used for providing further understanding the embodiment of the present invention, constitutes one of the application
Point, do not constitute the restriction to the embodiment of the present invention;
Fig. 1 is command code schematic diagram defined in opcode.h files;
Fig. 2 is version number's schematic diagram defined in modification import.c in the application;
Fig. 3 is the related content schematic diagram of the generation pyc files in modification import.c in the application;
Fig. 4 is the interface diagram of pyc file contents after relevant display is compiled in modification marshal.c in the application;
Fig. 5 be in the application in opcode.h any swap operation code schematic diagram;
Fig. 6 is the schematic flow sheet of the method for protection Python programs in the application.
Embodiment
The invention provides a kind of method of protection Python programs, solve in existing Python program protection methods
The compatibility issue of presence and run particular code when there is program crashing the problem of, realizing is preventing the base of decompiling
Compatibility is improved on plinth, prevents program from the technique effect collapsed occur.
It is below in conjunction with the accompanying drawings and specific real in order to be more clearly understood that the above objects, features and advantages of the present invention
Mode is applied the present invention is further described in detail.It should be noted that in the case where not conflicting mutually, the application's
Feature in embodiment and embodiment can be mutually combined.
Many details are elaborated in the following description to facilitate a thorough understanding of the present invention, still, the present invention may be used also
Implemented with the other modes in the range of being different from being described herein using other, therefore, protection scope of the present invention is not by under
The limitation of specific embodiment disclosed in face.
Embodiment one, refer to Fig. 2-Fig. 6:
(1) because Python interpreters can only perform the pyc programs with identical version number, and if there is pyc files,
Python interpreters can preferentially perform pyc programs, without going Complied executing source code file again, in order to ensure after our modifications
Python interpreters, perform these there is the module of pyc files when occur without compatibility issue, it would be desirable to change
Version number defined in import.c is a value (as shown in Figure 2) being not used.If do not changed, although do not interfere with
Protecting effect, but python interpreters perform these had the module of pyc files when, will make a mistake, program without
Method is correctly run, it is therefore desirable to which first revision number is a value having not been used.
(2) command code of python interpreters is defined in opcode.h, any first in opcode.h to exchange 0-
No. 89 command codes, it is then any again to exchange 90-147 command codes, as shown in Figure 5.So changed the python solutions of command code
Device is released, oneself exclusive a set of command code is just provided with, in the case where not knowing our corresponding relation of command code, others
Also can not just decompiling be carried out to our pyc programs, thus we, which have just reached, prevents program from, by decompiling, protecting source generation
The purpose of code
(3) command code in modification opcode.py, keeps the command code after being exchanged with (2) consistent.If not changing this
Command code in file, causes python interpreters mistake occur when the operation of (6) step is performed, it is impossible to obtain newly
Python interpreters.
(4) python interpreters can directly generate the pyc files after compiling, if the python that will change command code
The pyc files of interpreter generation and the pyc files of common python interpreters generation are contrasted, and are easily cracked and are changed
Command code corresponding relation afterwards, and then cause program to obtain source code by decompiling, the meaning of protection is lost, therefore also need to
The related content of the generation pyc files in import.c is changed, prevents python interpreters from generating pyc files (such as Fig. 3 institutes
Show), increase the difficulty that other people crack.
(5) perhaps python can call relevant interface on one's own initiative by program upon execution, to show pyc files after compiling
Content, with (4) similarly, in order to strengthen protecting effect, in addition it is also necessary to change in marshal.c pyc files after relevant display compiling
Content interface, prevent other programs from call these interfaces compiled after pyc file contents, as shown in Figure 4.
(6) source code is recompilated using gcc or VS, obtains new python interpreters.This operation must be completed
Above after 5 operations, and above 5 operations can not be performed by particular order.
(7) in order to increase protecting effect, prevent other people from changing, crack the new python interpreters obtained in (6), we
New python interpreters are encrypted using softdog.Make new python interpreters can only be in the environment of having softdog
It could run, and can not be debugged and crack.The operation needs completion (6) step to be carried out again after operating
(8) it is last and delete opcode.py and opcode.h, prevent from being handed over by opcode.py or opcode.h
Command code after changing.
Technical scheme in above-mentioned the embodiment of the present application, at least has the following technical effect that or advantage:
Method in the application have modified magic_number and command code so that existing decompiling instrument counter can not be compiled
Translate and obtain source code.
Further, the method in the application has carried out softdog encryption to amended python performing environments, can be with
Protect it to be run under protected environment, prevent other people from directly usurping.
Further, the method in the application have modified the command code defined in opcode.py simultaneously, can prevent
The program that refer to this file is collapsed.
Further, in the application method, will not be right because using the magic_number not used
Other python performing environments are impacted, and improve compatibility.
, but those skilled in the art once know basic creation although preferred embodiments of the present invention have been described
Property concept, then can make other change and modification to these embodiments.So, appended claims are intended to be construed to include excellent
Select embodiment and fall into having altered and changing for the scope of the invention.
Obviously, those skilled in the art can carry out the essence of various changes and modification without departing from the present invention to the present invention
God and scope.So, if these modifications and variations of the present invention belong to the scope of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to comprising including these changes and modification.
Claims (8)
1. a kind of method of protection Python programs, it is characterised in that methods described includes:
Parallel step and the non-parallel step after parallel step, wherein, parallel step includes:
Parallel sub-step A:Based on any default command code corresponding relation, first default number operation is exchanged in opcode.h
Code, then exchanges the second default number command code again;
Parallel sub-step B:The command code in opcode.py is changed, is kept consistent with default command code corresponding relation;
Non-parallel step includes:
Step 1:Source code is recompilated, new python interpreters are obtained.
2. the method for protection Python programs according to claim 1, it is characterised in that the parallel step also includes:
Version number defined in modification import.c is a value being not used.
3. the method for protection Python programs according to claim 1, it is characterised in that the parallel step also includes:
The related content of the generation pyc files in import.c is changed, prevents python interpreters from generating pyc files.
4. the method for protection Python programs according to claim 1, it is characterised in that the parallel step also includes:
Change the interface about pyc file contents after display compiling in marshal.c.
5. the method for protection Python programs according to claim 1, it is characterised in that the non-parallel step is also wrapped
Include:Step 2:New python interpreters are encrypted using softdog.
6. the method for protection Python programs according to claim 5, it is characterised in that the non-parallel step is also wrapped
Include:Step 3:Delete opcode.py and opcode.h.
7. the method for protection Python programs according to claim 1, it is characterised in that the step 1 is specially:Use
Gcc or VS recompilates source code, obtains new python interpreters.
8. the method for protection Python programs according to claim 1, it is characterised in that 0-89 is exchanged in opcode.h
Number command code, then exchanges 90-147 command codes again.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710549817.8A CN107315930A (en) | 2017-07-07 | 2017-07-07 | A kind of method of protection Python programs |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710549817.8A CN107315930A (en) | 2017-07-07 | 2017-07-07 | A kind of method of protection Python programs |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107315930A true CN107315930A (en) | 2017-11-03 |
Family
ID=60179124
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710549817.8A Pending CN107315930A (en) | 2017-07-07 | 2017-07-07 | A kind of method of protection Python programs |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107315930A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108427559A (en) * | 2018-03-14 | 2018-08-21 | 新华三技术有限公司 | A kind of script file generates and call method and device |
| CN110378085A (en) * | 2019-07-30 | 2019-10-25 | 四川长虹电器股份有限公司 | A kind of Python bytecode anti-reversing method |
| CN111523120A (en) * | 2020-04-30 | 2020-08-11 | 广州锦行网络科技有限公司 | Python source code security protection implementation method and system |
| CN113434874A (en) * | 2021-06-11 | 2021-09-24 | 湖南大学 | Python source code protection method and system based on pyc encryption |
| CN116089983A (en) * | 2023-02-23 | 2023-05-09 | 北京微步在线科技有限公司 | Reinforcing compiling method and device for py file |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102592082A (en) * | 2010-12-18 | 2012-07-18 | 微软公司 | Security through opcode randomization |
| CN105868589A (en) * | 2016-03-30 | 2016-08-17 | 网易(杭州)网络有限公司 | Script encryption method, and script running method and device |
| CN106503496A (en) * | 2016-12-08 | 2017-03-15 | 合肥康捷信息科技有限公司 | Replaced and the Python shell script anti-reversal methods for merging based on operation code |
| CN106599628A (en) * | 2016-12-08 | 2017-04-26 | 合肥康捷信息科技有限公司 | Python byte code file protection method based on module hook |
| CN106778101A (en) * | 2016-12-08 | 2017-05-31 | 合肥康捷信息科技有限公司 | A kind of Python code obscured based on controlling stream and profile obscures method |
-
2017
- 2017-07-07 CN CN201710549817.8A patent/CN107315930A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102592082A (en) * | 2010-12-18 | 2012-07-18 | 微软公司 | Security through opcode randomization |
| CN105868589A (en) * | 2016-03-30 | 2016-08-17 | 网易(杭州)网络有限公司 | Script encryption method, and script running method and device |
| CN106503496A (en) * | 2016-12-08 | 2017-03-15 | 合肥康捷信息科技有限公司 | Replaced and the Python shell script anti-reversal methods for merging based on operation code |
| CN106599628A (en) * | 2016-12-08 | 2017-04-26 | 合肥康捷信息科技有限公司 | Python byte code file protection method based on module hook |
| CN106778101A (en) * | 2016-12-08 | 2017-05-31 | 合肥康捷信息科技有限公司 | A kind of Python code obscured based on controlling stream and profile obscures method |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108427559A (en) * | 2018-03-14 | 2018-08-21 | 新华三技术有限公司 | A kind of script file generates and call method and device |
| CN110378085A (en) * | 2019-07-30 | 2019-10-25 | 四川长虹电器股份有限公司 | A kind of Python bytecode anti-reversing method |
| CN111523120A (en) * | 2020-04-30 | 2020-08-11 | 广州锦行网络科技有限公司 | Python source code security protection implementation method and system |
| CN113434874A (en) * | 2021-06-11 | 2021-09-24 | 湖南大学 | Python source code protection method and system based on pyc encryption |
| CN116089983A (en) * | 2023-02-23 | 2023-05-09 | 北京微步在线科技有限公司 | Reinforcing compiling method and device for py file |
| CN116089983B (en) * | 2023-02-23 | 2024-03-26 | 北京微步在线科技有限公司 | Reinforcing compiling method and device for py file |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107315930A (en) | A kind of method of protection Python programs | |
| CN108345773B (en) | Code protection method and device based on virtual machine, electronic equipment and storage medium | |
| US10853270B2 (en) | Cryptographic pointer address encoding | |
| JP7101761B2 (en) | Call path dependent authentication | |
| CN108733988B (en) | Method for protecting executable program on android platform | |
| KR101719635B1 (en) | A system and method for aggressive self-modification in dynamic function call systems | |
| US20160203087A1 (en) | Method for providing security for common intermediate language-based program | |
| KR101391982B1 (en) | Encryption method for preventing decompile of andriod application | |
| Cadar et al. | Data randomization | |
| US8090959B2 (en) | Method and apparatus for protecting .net programs | |
| US20170024230A1 (en) | Method, apparatus, and computer-readable medium for ofuscating execution of an application on a virtual machine | |
| CN110929234B (en) | Python program encryption protection system and method based on code virtualization | |
| EP1376310A2 (en) | Secure and opaque type library providing secure data protection of variables | |
| CN107480476B (en) | Android native layer instruction compiling virtualization shell adding method based on ELF infection | |
| CN105022936A (en) | Class file encryption and decryption method and class file encryption and decryption device | |
| CN104318155A (en) | Dynamic loading method capable of guarding against reverse APK file | |
| CN104408337A (en) | Reinforcement method for preventing reverse of APK (Android package) file | |
| CN104866739A (en) | Application program encryption method and application program encryption system in Android system | |
| CN107871066B (en) | Code compiling method and device based on android system | |
| CN110309630B (en) | Java code encryption method and device | |
| CN112613023B (en) | Protection method and terminal of authentication information generation algorithm | |
| CN112052433A (en) | Virtual protection method, terminal and storage medium for Jar file | |
| CN113282294B (en) | Android platform Java character string confusion method and device | |
| Pizzolotto et al. | Oblive: seamless code obfuscation for java programs and android apps | |
| CN112395563A (en) | Method and device for encrypting software product, storage medium and processor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20190418 Address after: Room 904, 905, 906, 1005, 1006, 1007, No. 898 Baicao Road, Chengdu High-tech Zone, Sichuan Province Applicant after: Chengdu Sixiangzhi New Technology Co., Ltd. Address before: 610000 No. 88 Tianchen Road, Chengdu High-tech Zone, Sichuan Province Applicant before: CHENGDU EVERHIGH TECHNOLOGY CO., LTD. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171103 |
|
| RJ01 | Rejection of invention patent application after publication |