Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

网上出了破解流程 #96

Open
liming0 opened this issue Jun 2, 2021 · 9 comments
Open

网上出了破解流程 #96

liming0 opened this issue Jun 2, 2021 · 9 comments

Comments

@liming0
Copy link

liming0 commented Jun 2, 2021

网上出了破解流程,希望能有方法避免一下
https://learnku.com/articles/56253
@liming0
Copy link
Author

liming0 commented Jun 2, 2021

还有,qq群满了,希望再加一个群,顺便更新下加群链接

@liang530
Copy link

liang530 commented Oct 4, 2021

可考虑增加如下方案:

1、自行修改xjar.go,对传入的java执行器进行校验,确保java执行器不被篡改。

2、xjar.go中添加java参数 -XX:+DisableAttachMechanism 禁止jvm附加调试,防止类似于阿里arthas等调试工具直接内存解密

@cocolove2
Copy link

可以在启动器文件(xjar.go)中加入命令校验示例如下:

// start java application
	java := os.Args[1]
	args := os.Args[2:]
	key := bytes.Join([][]byte{
		xKey.algorithm, {13, 10},
		xKey.keysize, {13, 10},
		xKey.ivsize, {13, 10},
		xKey.password, {13, 10},
	}, []byte{})
//此处加入校验是否为java命令,其他命令报错
	if !strings.EqualFold(java, "java") {
		panic(errors.New("not support cmd,only support java"))
	}
cmd := exec.Command(java, args...)
	cmd.Stdin = bytes.NewReader(key)
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr

1 similar comment
@cocolove2
Copy link

可以在启动器文件(xjar.go)中加入命令校验示例如下:

// start java application
	java := os.Args[1]
	args := os.Args[2:]
	key := bytes.Join([][]byte{
		xKey.algorithm, {13, 10},
		xKey.keysize, {13, 10},
		xKey.ivsize, {13, 10},
		xKey.password, {13, 10},
	}, []byte{})
//此处加入校验是否为java命令,其他命令报错
	if !strings.EqualFold(java, "java") {
		panic(errors.New("not support cmd,only support java"))
	}
cmd := exec.Command(java, args...)
	cmd.Stdin = bytes.NewReader(key)
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr

@iMonkeyz
Copy link

作者群满进不去的可以加这个交流群: 917602674

@topwqp
Copy link

topwqp commented Jun 24, 2022

如上两位作者所言: 为了防止破解,修改go代码,第一个元素必须是java,或者直接把java写在命令中, 第二个添加参数 -XX:+DisableAttachMechanism, 代码如下
`// start java application
java := os.Args[1]
args := os.Args[2:]
key := bytes.Join([][]byte{
xKey.algorithm, {13, 10},
xKey.keysize, {13, 10},
xKey.ivsize, {13, 10},
xKey.password, {13, 10},
}, []byte{})

// first  cmd must java
if !strings.EqualFold(java, "java") {
	panic(errors.New("not support cmd,only support java"))
}
//添加java参数 -XX:+DisableAttachMechanism
args = append([]string{"-XX:+DisableAttachMechanism"},args...)
cmd := exec.Command(java, args...)`

@zundaren
Copy link

如上两位作者所言: 为了防止破解,修改go代码,第一个元素必须是java,或者直接把java写在命令中, 第二个添加参数 -XX:+DisableAttachMechanism, 代码如下 `// start java application java := os.Args[1] args := os.Args[2:] key := bytes.Join([][]byte{ xKey.algorithm, {13, 10}, xKey.keysize, {13, 10}, xKey.ivsize, {13, 10}, xKey.password, {13, 10}, }, []byte{})

// first  cmd must java
if !strings.EqualFold(java, "java") {
	panic(errors.New("not support cmd,only support java"))
}
//添加java参数 -XX:+DisableAttachMechanism
args = append([]string{"-XX:+DisableAttachMechanism"},args...)
cmd := exec.Command(java, args...)`

java造假的其实也不安全,主要就是这个东西读取参数,建议对 java 做 hash 校验,指定jdk版本

@zundaren
Copy link

到目前为止,这个问题无解吗? 只是检查名称是不是java的话完全没用啊,只要把破解的程序改名为"java"不就过去了

指定java的版本,改名字内容的hash值和原装的肯定不一样啊,你部署生产统一jdk就行了

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@topwqp @liang530 @cocolove2 @iMonkeyz @zundaren @liming0 and others