X hits on this document

381 views

0 shares

0 downloads

0 comments

70 / 120

Encoder” function in SandMark implements an encryption strategy for literals in the

bytecode that is similar to the one which was demonstrated at the source code level in the

Wintel machine code anti-reversing background section: each string literal is stored in a

weakly encrypted form and decrypted on-demand by a bundled decryption function.

Table 8.3 contains the Jad decompilation result for the CheckLimitation.java bytecode

that was first obfuscated using ProGuard and subsequently obfuscated using the “String

Encoder” functionality in SandMark.

Table 8.3. Jad decompilation of SandMark (and ProGuard) obfuscated bytecode.

01: public class CheckLimitation { 02:

03: 04: 05: 06: 07: 08: 09: 10: 11: 12: 13: 14: 15:

private static int a = 5; private ArrayList b;

public CheckLimitation() {

b = new ArrayList(); }

public boolean a(String arg0) {

if(b.size() >= a) {

System.out.println(Obfuscator.DecodeString("\253\315\253\315\uFF9E\u2A3 Du5D69\u2AA5\u3884\u91CF\u5341\u5604\uDF5B\uA902\uB6C8\u0C8E\u6761\u1F3 5\u359D\uBD96\uADA4\u946F\u85EE\uE8A0\u9274\u5867\u2C9F\u3077\u5E67\u2A 0B\u90D2\uB839\u58FC\uBE95\u0EBA\uDDF4\u313C\uB751\uFA9D\u166C\u42A3\u6 D1D\uB25A\uA15E\u026E\u6ECE\u908C\u557B\u6ABD\uC5D5\u800C\uD38A\u3D97\u FB5E\uC4C2\uBBAC\u9ADC\u253E\u769E\u4D32\u4FB3\u0CC7"));

19:

b.add(arg0);

20:

System.out.println((new

17:

} else

18:

{

16:

return false;

StringBuilder()).append(Obfuscator.DecodeString("\253\315\253\315\uFF9E \u2A31\u5D75\u2AB1\u3884\u91E0\u533C\u5654\uDF6E\uA919\uB6DE\u0CD9\u676 3\u1F26\u3581\uBDDF\uADE1")).append(arg0).append(Obfuscator.DecodeStrin g("\253\315\253\315\uFFEC\u2A58\u5D7A\u2AB3\u388F\u91D8\u5378\u5604\uDF 7C\uA91F\uB6CE\u0CCD\u6769\u1F27\u3596\uBD99\uADBC\u9476\u85EF\uE8F9\u9

62

Document info
Document views381
Page views382
Page last viewedFri Dec 09 23:50:12 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments