当前位置:网站首页>Call system function security scheme

Call system function security scheme

2022-06-25 02:30:00 Hua Weiyun

1. Directly call the function of the system
Reasons why it is not recommended to use : We are in the process of coding , There are many functional systems that have provided functional interfaces , Generally, we call system functions directly to realize functions . But you know what ? It's not safe for you to call system functions directly in some scenarios , When your program is being studied by security reverse , You can import the table directly through the program , And the system functions called by disassembly , So we just need to check the function of the system function , Then you can know the general function points , And just one hook (HOOK technology ) Functions on the system , Then the function of the system function you call will fail .

image.png

The following figure shows the assembly code realized by calling the system function . You can analyze the function directly through the system function shown .

image.png

2. Customize the implementation function and then call the function
Recommended reasons for use : For the key functions, we suggest to implement the functions by ourselves , Then call , This can make it more difficult for the program to be analyzed directly , So as to strengthen the security of the program .
image.png

The following figure is the assembly code for custom function calls , You can see from the assembly code below that the key functions are implemented by yourself , To understand the function of this function, you need to go inside the function for analysis . This enhances the relative safety of key function functions .

image.png

原网站

版权声明
本文为[Hua Weiyun]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/176/202206242246134692.html