[{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/categories/","section":"Categories","summary":"","title":"Categories","type":"categories"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/","section":"标签","summary":"","title":"标签","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/categories/%E6%97%A5%E5%B8%B8%E9%9A%8F%E7%AC%94/","section":"Categories","summary":"","title":"日常随笔","type":"categories"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E7%94%9F%E6%B4%BB/","section":"标签","summary":"","title":"生活","type":"tags"},{"content":" 欢迎来到我的极客空间 # 这里是我记录技术沉淀与日常思考的个人博客。我主要专注于以下几个方向的深度探索：\n逆向工程：Android 动态插桩、SO 逆向与底层协议安全防护。 自动化架构：高并发异步任务流调度系统、高可用微服务后端设计。 数据采集：分布式网络爬虫、反爬虫机制对抗与大规模结构化数据处理。 你可以通过顶部的导航栏查看相关分类，或者通过下方的社交媒体链接与我联系。\n","date":"2026-07-07","externalUrl":null,"permalink":"/","section":"首页","summary":"欢迎来到我的极客空间 # 这里是我记录技术沉淀与日常思考的个人博客。我主要专注于以下几个方向的深度探索：\n逆向工程：Android 动态插桩、SO 逆向与底层协议安全防护。 自动化架构：高并发异步任务流调度系统、高可用微服务后端设计。 数据采集：分布式网络爬虫、反爬虫机制对抗与大规模结构化数据处理。 你可以通过顶部的导航栏查看相关分类，或者通过下方的社交媒体链接与我联系。\n","title":"首页","type":"page"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E6%80%9D%E8%80%83/","section":"标签","summary":"","title":"思考","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/posts/","section":"文章","summary":"","title":"文章","type":"posts"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E7%9F%A5%E8%AF%86%E7%AE%A1%E7%90%86/","section":"标签","summary":"","title":"知识管理","type":"tags"},{"content":"这里是随笔正文。由于属于短篇记录，关闭了文章顶部的焦点大图 (showHero) 和目录 (showToc)，以获得更纯粹的阅读体验。此文章会自动展示在导航栏的“生活记录”版块下。\n","date":"2026-07-07","externalUrl":null,"permalink":"/posts/weekly-reflection-01/","section":"文章","summary":"这里是随笔正文。由于属于短篇记录，关闭了文章顶部的焦点大图 (showHero) 和目录 (showToc)，以获得更纯粹的阅读体验。此文章会自动展示在导航栏的“生活记录”版块下。\n","title":"周末随笔：数字极简与知识管理","type":"posts"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/ast/","section":"标签","summary":"","title":"AST","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/babel/","section":"标签","summary":"","title":"Babel","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/javascript/","section":"标签","summary":"","title":"JavaScript","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/ob%E6%B7%B7%E6%B7%86/","section":"标签","summary":"","title":"OB混淆","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/categories/webjs%E9%80%86%E5%90%91/","section":"Categories","summary":"","title":"WebJS 逆向","type":"categories"},{"content":"这里是 WebJS 逆向演示文章的正文。\n一、 JavaScript 混淆背景 # 现代 Web 应用的安全防护普遍依赖于前端混淆，例如常见的 Obfuscator 混淆。要分析其核心加密参数的生成逻辑，必须先剥离多层嵌套混淆。\n二、 什么是 AST # AST (Abstract Syntax Tree, 抽象语法树) 是源代码语法结构的一种抽象表示。在 Node.js 环境中，我们可以使用 Babel 提供的解析器、遍历器和生成器，安全高效地重构代码。\n三、 自动化还原混淆实战 # 3.1 字符串解密还原 # 1 2 3 4 5 6 7 8 9 10 11 12 13 // 使用 Babel 对 OB 混淆中的大数组还原 const parser = require(\u0026#34;@babel/parser\u0026#34;); const traverse = require(\u0026#34;@babel/traverse\u0026#34;).default; const generator = require(\u0026#34;@babel/generator\u0026#34;).default; const code = `var _0xabc = [\u0026#39;data\u0026#39;, \u0026#39;log\u0026#39;]; console.log(_0xabc[0]);`; const ast = parser.parse(code); traverse(ast, { MemberExpression(path) { // 自动替换数组成员为字面量 } }); 3.2 控制流平坦化还原 # 控制流平坦化通过 switch-case 结构打乱了原有的顺序执行逻辑，通过 AST 我们可以重构其基本的程序控制块（Basic Block）依赖。\n四、 结论 # 基于 AST 的静态解密，极大地提高了对高强度前端混淆代码的逆向分析效率，是现代 Web 爬虫和协议安全研究人员的必备技能。\n","date":"2026-07-07","externalUrl":null,"permalink":"/posts/webjs-reverse-engineering/","section":"文章","summary":"随着前端防护强度的提升，手动解密混淆 JavaScript 代码变得越来越低效。本文将通过分析 AST（抽象语法树）的原理，使用 Babel 构建一个自动化解密混淆代码的脚手架，实现对字符串解密、控制流平坦化还原等高难度还原工作。","title":"基于 AST 抽象语法树的 JavaScript 混淆代码自动还原实践","type":"posts"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/categories/%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B/","section":"Categories","summary":"","title":"逆向工程","type":"categories"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B/","section":"标签","summary":"","title":"逆向工程","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/android/","section":"标签","summary":"","title":"Android","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/categories/app%E9%80%86%E5%90%91/","section":"Categories","summary":"","title":"APP 逆向","type":"categories"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/frida/","section":"标签","summary":"","title":"Frida","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/hook/","section":"标签","summary":"","title":"Hook","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E5%8F%8D%E8%B0%83%E8%AF%95/","section":"标签","summary":"","title":"反调试","type":"tags"},{"content":"这里是高画质视觉演示文章的正文。\n一、 引言 # 在移动安全领域，加固技术和反调试技术不断演进。为了对目标应用进行深度的协议分析 and 业务逻辑研究，我们必须具备绕过主流反调试手段的能力。\n二、 常见的反调试机制 # 2.1 ptrace 独占检测 # Android 系统的调试功能基于 ptrace 系统调用。当一个进程已经被 ptrace 附加（Attach）时，其他进程（包括调试器）就无法再次附加。\n1 2 3 4 5 6 7 8 9 #include \u0026lt;sys/ptrace.h\u0026gt; #include \u0026lt;unistd.h\u0026gt; void anti_debug_ptrace() { if (ptrace(PTRACE_TRACEME, 0, 1, 0) \u0026lt; 0) { // 已经被附加，执行退出逻辑 _exit(1); } } 2.2 Status 文件检测 # 运行中的进程会在 /proc/self/status 文件中记录其追踪者进程的 PID（TracerPid）。如果该值不为 0，说明当前进程正在被调试。\n三、 Frida 绕过反调试实战 # 为了绕过上述检测，我们可以使用 Frida Hook 底层的 libc 函数（例如 fopen、ptrace），在底层函数返回前篡改返回值或读取的数据。\n1 2 3 4 5 6 7 8 9 10 11 12 13 // Frida 绕过 ptrace 检测示例 Interceptor.attach(Module.findExportByName(\u0026#34;libc.so\u0026#34;, \u0026#34;ptrace\u0026#34;), { onEnter: function (args) { var request = args[0].toInt32(); if (request === 16) { // PTRACE_TRACEME console.log(\u0026#34;[Anti-Debug] Intercepted PTRACE_TRACEME\u0026#34;); } }, onLeave: function (retval) { // 强制返回 0，模拟成功 ptrace retval.replace(0); } }); 四、 总结 # 对抗是一个动态平衡的过程。通过深入底层的 Hook，我们可以对大部分加壳和反调试手段进行降维打击。\n","date":"2026-07-07","externalUrl":null,"permalink":"/posts/advanced-reverse-engineering/","section":"文章","summary":"在进行 Android 逆向工程时，反调试和加壳是两个最常见的障碍。本文将详细探讨常见的反调试实现（如 ptrace 独占、/proc/self/status 检查、时间差检测等），并利用 Frida 编写通用的对抗脚本，最后结合实例演示如何进行内存 dex 自动脱壳。","title":"基于 Frida-Dectect 的高级反调试对抗与动态脱壳技术","type":"posts"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E8%84%B1%E5%A3%B3/","section":"标签","summary":"","title":"脱壳","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E5%AE%89%E5%85%A8%E7%A0%94%E7%A9%B6/","section":"标签","summary":"","title":"安全研究","type":"tags"},{"content":"","date":"2026-07-07","externalUrl":null,"permalink":"/tags/%E6%8F%92%E6%A1%A9/","section":"标签","summary":"","title":"插桩","type":"tags"},{"content":"这里是文章正文内容。通过上面的 categories 设置，本文将自动归入逆向工程分类。\n","date":"2026-07-07","externalUrl":null,"permalink":"/posts/reverse-engineering-tutorial/","section":"文章","summary":"这里是文章正文内容。通过上面的 categories 设置，本文将自动归入逆向工程分类。\n","title":"基于 Frida 的 Android 动态插桩技术解析","type":"posts"},{"content":"这是“关于我”页面。你可以编写自己的个人简介、教育背景、工作经历以及联系方式。\n","date":"2026-07-07","externalUrl":null,"permalink":"/about/","section":"首页","summary":"这是“关于我”页面。你可以编写自己的个人简介、教育背景、工作经历以及联系方式。\n","title":"关于我","type":"page"},{"content":"这是“开源项目”页面。你可以在这里列出并介绍你参与或主导的开源项目。\n","date":"2026-07-07","externalUrl":null,"permalink":"/projects/","section":"首页","summary":"这是“开源项目”页面。你可以在这里列出并介绍你参与或主导的开源项目。\n","title":"开源项目","type":"page"},{"content":"","externalUrl":null,"permalink":"/authors/","section":"Authors","summary":"","title":"Authors","type":"authors"},{"content":"","externalUrl":null,"permalink":"/categories/python%E6%9E%B6%E6%9E%84/","section":"Categories","summary":"","title":"Python架构","type":"categories"},{"content":"","externalUrl":null,"permalink":"/series/","section":"Series","summary":"","title":"Series","type":"series"},{"content":"","externalUrl":null,"permalink":"/categories/%E6%95%B0%E6%8D%AE%E9%87%87%E9%9B%86/","section":"Categories","summary":"","title":"数据采集","type":"categories"}]