X hits on this document

311 views

0 shares

0 downloads

0 comments

28 / 120

5 Reversing and Patching Java Bytecode

Applications written in Java are generally well-suited to being reverse engineered.

To understand why, it’s important to understand the difference between machine code and

Java bytecode (Fig. 5.1 illustrates the execution of Java bytecode versus machine code):

Machine code: “Machine code or machine language is a system of instructions

and data executed directly by a computer's central processing unit” [14]. Machine

code contains the platform-specific machine instructions to execute on the target

processor.

Java bytecode: “Bytecode is the intermediate representation of Java programs just

as assembler is the intermediate representation of C or C++ programs” [15]. Java

bytecode contains platform-independent instructions that are translated to

platform-specific instructions by a Java Virtual Machine.

In Section 4, an attempt to recover the source of a simple “Hello World” C++ application

was unsuccessful when executables built using two different compilers were given as

input to the Boomerang decompiler. Much more positive results can be achieved for Java

bytecode because of its platform-independent design and high-level representation. On

Windows®, machine code is typically stored in files with the extensions *.exe, *.dll; the

file extensions for machine code vary per operating system. This is not the case with

Java bytecode as it is always stored in files that have a *.class extension. Related Java

classes, such as those for an application or class library, are often bundled together in an

archive file with a *.jar extension. The Java Language Specification allows at most one

20

Document info
Document views311
Page views312
Page last viewedSat Dec 03 23:54:17 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments