Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Underived Native API function acquiring method and device

A function and module acquisition technology, applied in the computer field, can solve the problems of low search efficiency and search hit rate, and achieve the effect of improving search efficiency and search hit rate

Active Publication Date: 2014-03-12
GUANGZHOU HUADUO NETWORK TECH
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In order to solve the problem of very low search efficiency and search hit rate in the prior art when using feature codes for brute force search, the embodiment of the present invention provides a method and device for obtaining an unexported Native API function

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Underived Native API function acquiring method and device
  • Underived Native API function acquiring method and device
  • Underived Native API function acquiring method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] In order to make the objectives, technical solutions, and advantages of the present invention clearer, the embodiments of the present invention will be described in further detail below in conjunction with the accompanying drawings.

[0071] For ease of description, first, the relevant knowledge involved in the embodiments of the present invention will be described in detail.

[0072] In the process of implementing the present invention, the inventor found that in the prior art, before calling the WINDOWS API function or the Native API function required to execute the application, the address of the WINDOWS API function or the address of the Native API function is easily obtained by malicious programs. In this way, the final result obtained by the application program is likely to be monitored by the malicious program or modified by the malicious program. Therefore, for the application program, there is a great security risk. The inventor found that during the execution of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an underived Native API function acquiring method and belongs to the technical field of computers. The method comprises the steps of acquiring the range of a module code segment where a target Native API function is located, acquiring a current stack generated during calling of a specified function, acquiring pointer data located within the range of the module code segment according to the current stack, and acquiring the target Native API function during detection of statements containing the target Native API function according to the addresses of the pointer data. According to the underived Native API function acquiring method, the pointer data meeting predetermined conditions are acquired according to the range of the module code segment where the target Native API function is located and the current stack generated during the calling of the specified function, the target Native API function is acquired according to the pointer data, and the searching efficiency and searching hit rate are improved to a large extent.

Description

Technical field [0001] The present invention relates to the field of computer technology, in particular to a method and device for obtaining unexported Native API functions. Background technique [0002] With the widespread popularity and application of WINDOWS API (WINDOWS Application Programming Interface, WINDOWS Application Programming Interface) programming, more and more applications can complete corresponding functions by calling WINDOWS API functions. [0003] At present, when an application implements specific functions, it first needs to load the DLL (Dynamic Link Library) related to the function, and then obtain the starting address of the WINDOWS API function in the DLL according to the GetProcAddress function, and call the corresponding according to these starting addresses WINDOWS API functions of the WINDOWS, these WINDOWS API functions usually eventually call the lower-level Native API functions, and these Native API functions finally complete the access to the driv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/57
Inventor 冯世杰
Owner GUANGZHOU HUADUO NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com