X hits on this document





67 / 120

a Java bytecode watermarking and obfuscation research tool, is capable of applying

transformation (2), although not easily. Experimentation with SandMark V3.4 was not

promising since its “String Encoder” obfuscation function only worked on a trivial Java

program; it failed when given more substantial input such as some of the classes that

implement the Java version of the Password Vault application. It's clear from a survey of

existing Java bytecode obfuscators that a full-function, robust, open-source bytecode

obfuscator is sorely needed. Zelix Klassmaster, a commercial product capable of all the

three transformations mentioned above, is said to be the best overall choice of Java

bytecode obfsucator in [19]. A 30-day evaluation version of Zelix Klassmaster can be

downloaded from the company's web site.

Of course one can always make small-scale modifications to Java bytecode with a

bytecode editor such as CafeBabe [30]. Incidentally, CafeBabe gets its catchy name from

the fact that the hexadecimal value 0xCAFEBABE comprises the first four bytes of every

Java class file; this value is known as the “magic number” which identifies every valid

Java class file. To demonstrate applying transformations to Java bytecode, we'll target

the bytecode for program CheckLimitation.java whose source code is given in Table 8.1.

For this demonstration, assume that a reverse engineer is interested in eliminating the

limit on the number of passwords and that we are interested in protecting the software.

Begin obfuscating CheckLimtiation.java by applying transformation (1) Name

Obfuscation: rename all variables and methods in the bytecode so they no longer provide

hints to a reverser when the bytecode is decompiled or edited. Using ProGuard,


Document info
Document views437
Page views438
Page last viewedMon Jan 16 11:33:43 UTC 2017