a Java bytecode watermarking and obfuscation research tool, is capable of applying
transformation (2), although not easily. Experimentation with SandMark V3.4 was not
promising since its “String Encoder” obfuscation function only worked on a trivial Java
program; it failed when given more substantial input such as some of the classes that
implement the Java version of the Password Vault application. It's clear from a survey of
existing Java bytecode obfuscators that a full-function, robust, open-source bytecode
obfuscator is sorely needed. Zelix Klassmaster, a commercial product capable of all the
three transformations mentioned above, is said to be the best overall choice of Java
bytecode obfsucator in . A 30-day evaluation version of Zelix Klassmaster can be
downloaded from the company's web site.
Of course one can always make small-scale modifications to Java bytecode with a
bytecode editor such as CafeBabe . Incidentally, CafeBabe gets its catchy name from
the fact that the hexadecimal value 0xCAFEBABE comprises the first four bytes of every
Java class file; this value is known as the “magic number” which identifies every valid
Java class file. To demonstrate applying transformations to Java bytecode, we'll target
the bytecode for program CheckLimitation.java whose source code is given in Table 8.1.
For this demonstration, assume that a reverse engineer is interested in eliminating the
limit on the number of passwords and that we are interested in protecting the software.
Begin obfuscating CheckLimtiation.java by applying transformation (1) Name
Obfuscation: rename all variables and methods in the bytecode so they no longer provide
hints to a reverser when the bytecode is decompiled or edited. Using ProGuard,