Call system function security scheme

1. Directly call the function of the system
Reasons why it is not recommended to use ： We are in the process of coding , There are many functional systems that have provided functional interfaces , Generally, we call system functions directly to realize functions . But you know what ？ It's not safe for you to call system functions directly in some scenarios , When your program is being studied by security reverse , You can import the table directly through the program , And the system functions called by disassembly , So we just need to check the function of the system function , Then you can know the general function points , And just one hook (HOOK technology ) Functions on the system , Then the function of the system function you call will fail .

The following figure shows the assembly code realized by calling the system function . You can analyze the function directly through the system function shown .

2. Customize the implementation function and then call the function
Recommended reasons for use ： For the key functions, we suggest to implement the functions by ourselves , Then call , This can make it more difficult for the program to be analyzed directly , So as to strengthen the security of the program .

The following figure is the assembly code for custom function calls , You can see from the assembly code below that the key functions are implemented by yourself , To understand the function of this function, you need to go inside the function for analysis . This enhances the relative safety of key function functions .