![]() ![]() Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site. After the classes areidentified, they can be decompiled and studied as described in Chapter 2.Working with debuggers is covered in detail in Chapter 9, "Cracking Codewith Unorthodox Debuggers." A key for working withobfuscated applications is to use the regular interface (UI or programming API)to navigate to a feature of interest and then to rely on the debugger to learnabout the class or classes that implement the feature. They enableyou to set a breakpoint and trace the method executions. Good debuggers display in-depth information about running threads,call stacks for each thread, loaded classes, and objects in memory. Remote debugging enables the debugger to attach itself to anapplication running in debug mode and is a preferred way of cracking theapplication. Java has a standardAPI for debuggers called Debugger API (duh!) that is capable of local as well asremote debugging. To find a good starting point fordecompiling, the application needs to be run in debug mode. Most IDEs come withdebugging capabilities, but our case will require a heavyweight debugger capableof working without the source code. It is stilltechnically possible to decompile the application entry point and work your waythrough the control flow for a decent-size application, but it is notfeasible.įor flow-obfuscated code, the most sensible method of learning theapplication implementation is using a good old debugger. With string encoding, thesearch will yield no results because the strings are not stored as plain text.Package names and class names can no longer be used to learn about theapplication structure and to select a good starting point. For example, the most effective way of locating a startingpoint is text searching through the class files. Chapter 2, "Decompiling Classes," presentedseveral techniques for reverse engineering of applications, but obfuscation candefeat many of them. The key point is finding a good startingpoint for decompiling. Unless flow control obfuscation is used, reading and working with theobfuscated code is not that difficult. Does it guarantee that the application will not be hacked? Not atall! Does a good obfuscator make it hard to hack an application?Absolutely. ![]() Now that we have spent so much time talking about how to protect intellectualproperty through obfuscation, a few words are due on the strength of theprotection. Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |