如何在运行程序时检查程序代码的更改
各位开发人员大家好,
假设我有一个程序需要通过网络服务器向他授予授权。显然,在我的代码中的某个时刻,会有类似这样的内容:
if (serverResponse == expectedResponse){
//Continue as the authorized user
}
这个系统有一个非常非常不可能的弱点。如果有人要实际修改可执行文件并将该 if 的代码(我认为是某种分支指令)更改为代码,那么它总是会分支到真实情况。有没有办法从我的程序中检测到这种修改?
对我来说,这听起来就像一位心理学家在检查自己的理智。如果这不可能的话,这样的事情怎么办呢?像 Punkbuster 这样的软件如何检查游戏代码的操纵情况?
我想这可能与我的这个程序是用 C++ 编写并用 GCC 编译器编译的非常相关。
Hello fellow developers,
assume I had a program that required authorization granted to him by a server over the network. Obviously, at some point within my code there would be something along the lines of:
if (serverResponse == expectedResponse){
//Continue as the authorized user
}
This system has a very, very unlikely weakness. If anybody were to actually modify the executable file and change the code of that if (which I assume to be some sort of branching instruction) to code, that always branches to the true-case. Is there a way to detect such a modification from within my program?
To me this sounds like a psychologist checking his own sanity. If this is not possible, how would such a thing be done? How does software like Punkbuster check for manipulation of game code?
I guess it might be very relevant that this program of mine is written in C++ and compiled with the GCC compiler.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
一种方法是获取函数的地址并获取该地址处内存的 CRC。然而,这不是很灵活,因为您必须在每次修改函数时计算函数的大小,或者使用反汇编程序库,例如宏伟且免费的 BEAEngine 来动态计算它。但逆向工程师有可能修改您的 CRC 代码。或者它正在检查的校验和。他们还可以在您的程序获取服务器响应之前对其进行修改,并将其更改为
expectedResponse。所以你真的赢不了。还有一些软件,例如免费的 UPX ,它将打包您的可执行文件(如果您告诉他们,则会对其进行混淆)并且使人们很难阅读和修改以达到他们想要的正确结果。
然而,如果一个人有足够的时间和技巧,那你真的无能为力。正如我们常说的,客户永远是赢家;你所能做的就是让游戏变得更加困难。
One approach is to take the address of the function and obtain the CRC of the memory at that address. This isn't very flexible however, because you have to either calculate the size of the function every time you modify it, or use a disassembler library like the magnificent and free BEAEngine to dynamically calculate it. But then there's the possibility of the reverse engineer modifying your CRC code. Or the checksum it's checking it against. They can also modify the server's response before your program gets it and change it to the
expectedResponse. So you really can't win.There are also softwares such as the free UPX which will pack your executable (and obfuscate it if you tell them to) and make it very difficult for people to read and modify to achieve the correct result they are going for.
However, if someone has enough time and skill, there's really nothing you can do. As we used to say, the client always wins; all you can do is make the game more difficult.
这里的技巧是不要依赖简单的 if 语句。正如您所说,可以对您的代码进行逆向工程的人可以轻松规避这一点。相反,您应该使用从服务器返回的值来实现程序的某些重要功能。例如,来自服务器的响应可以用作解密客户端上的一些重要数据的密钥。对于逆向工程师来说,规避这一点要困难得多。
The trick here is not to rely on a simple if statement. As you say that is easily circumvented by someone who can reverse engineer your code. Instead you should use the value returned from the server for some vital function of your program. For instance the response from the server could be used as a key to decrypt some vital data on the client. That would be much harder for a reverse engineer to circumvent.