Method for intercepting target progress with self-protection

A target process, program technology, applied in the computer field
CN102799493AInactive Publication Date: 2012-11-28北京伸得纬科技有限公司 +1
5 Cites 13 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
北京伸得纬科技有限公司
Publication Date
2012-11-28
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a method for intercepting a target progress with self-protection. The method comprises the following steps of: calling the target progress into a memory to debug and searching all calling system service instructions; building mapping codes with different forms and same execution original functions for a directing code of each determined calling system service instruction; building a simulating target progress document and copying the codes of the target progresses to the simulating target progress document in the debugging process, and replacing the directing codes of the corresponding instructions by the mapping codes; compiling the simulating target progress document to form an executive simulating target progress; replacing the target progress by the simulating target progress when the system calls the target progress and executing; and intercepting the simulating target progress to realize the interception of the target progress. By the method, a corresponding relation between the target progress and the simulating target progress is built, and since the target progress is replaced by the simulating target progress, so an application program interface (API) hook can be used for interception.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of computers, in particular to a method for avoiding the interception of process shielding HOOK with self-protection. Background technique

[0002] The Windows operating system is built on an event-driven mechanism, and all parts of the system communicate through the mutual transmission of messages. However, under normal circumstances, applications can only process messages from within the process or from For messages sent by other processes, if you need to intercept the messages passed outside the process, you must adopt a technology called HOOK (hook). HOOK is a very important system interface in the Windows operating system. It can be used to easily intercept and process messages passed between other applications, and thus complete some special functions that are difficult for ordinary applications to achieve.

[0003] In the Windows operating system, an API refers to a function that is provided by the operating s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More