Covert Java - Techniques For Decompiling, Patching, And Reverse Engineering, 2004.pdf

(3942 KB) Pobierz
800 East 96th Street, Indianapolis, Indiana 46240
Covert Java: Techniques for Decompiling, Patching,
and Reverse Engineering
Copyright
2004 by Sams Publishing
All rights reserved. No part of this book shall be reproduced, stored in a
retrieval system, or transmitted by any means, electronic, mechanical,
photocopying, recording, or otherwise, without written permission from
the publisher. No patent liability is assumed with respect to the use of the
information contained herein. Although every precaution has been taken
in the preparation of this book, the publisher and author assume no
responsibility for errors or omissions. Nor is any liability assumed for
damages resulting from the use of the information contained herein.
International Standard Book Number: 0-672-32638-8
Library of Congress Catalog Card Number: 2003116632
Printed in the United States of America
First Printing: May 2004
07
06
03
04
4
3
2
1
Associate Publisher
Michael Stephens
Acquisitions Editor
Todd Green
Development Editor
Sean Dixon
Managing Editor
Charlotte Clapp
Project Editor
Elizabeth Finney
Production Editor
Megan Wade
Indexer
Mandie Frank
Bulk Sales
Sams Publishing offers excellent discounts on this book when ordered in
quantity for bulk purchases or special sales. For more information, please
contact
U.S. Corporate and Government Sales
1-800-382-3419
corpsales@pearsontechgroup.com
For sales outside of the United States, please contact
International Sales
1-317-428-3341
international@pearsontechgroup.com
Proofreader
Katie Robinson
Technical Editor
Craig Pfeifer
Publishing
Coordinator
Cindy Teeters
Multimedia Developer
Dan Scherf
Interior Designer
Gary Adair
Cover Designer
Gary Adair
Page Layout
Brad Chinn
Trademarks
All terms mentioned in this book that are known to be trademarks or
service marks have been appropriately capitalized. Sams Publishing cannot
attest to the accuracy of this information. Use of a term in this book
should not be regarded as affecting the validity of any trademark or service
mark.
Warning and Disclaimer
Every effort has been made to make this book as complete and as accurate
as possible, but no warranty or fitness is implied. The information
provided is on an “as is” basis. The author and the publisher shall have
neither liability nor responsibility to any person or entity with respect to
any loss or damages arising from the information contained in this book.
Contents at a Glance
Introduction .................................................................................................1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
A
B
C
Getting Started..............................................................................................5
Decompiling Classes...................................................................................13
Obfuscating Classes ....................................................................................27
Hacking Non-Public Methods and Variables of a Class.............................43
Replacing and Patching Application Classes .............................................51
Using Effective Tracing ...............................................................................63
Manipulating Java Security ........................................................................69
Snooping the Runtime Environment.........................................................75
Cracking Code with Unorthodox Debuggers ............................................81
Using Profilers for Application Runtime Analysis .....................................89
Load-Testing to Find and Fix Scalability Problems..................................105
Reverse Engineering Applications ............................................................121
Eavesdropping Techniques .......................................................................127
Controlling Class Loading........................................................................139
Replacing and Patching Core Java Classes...............................................149
Intercepting Control Flow........................................................................155
Understanding and Tweaking Bytecode ..................................................165
Total Control with Native Code Patching ...............................................185
Protecting Commercial Applications from Hacking................................201
Commercial Software License ..................................................................227
Resources...................................................................................................233
Quiz Answers ............................................................................................239
Index .........................................................................................................249
Table of Contents
Introduction
1
Getting Started
1
5
Techniques Overview—When and Why to Use Each Method ..................5
Improving Productivity with File Managers ...............................................7
FAR and Total Commander ................................................................8
Java IDEs ...........................................................................................10
Sample Application Functionality and Structure .....................................11
Quick Quiz .................................................................................................12
In Brief .......................................................................................................12
2
Decompiling Classes
13
Determining When to Decompile ............................................................13
Knowing the Best Decompilers .................................................................14
Decompiling a Class ..................................................................................16
What Makes Decompiling Possible? .........................................................22
Potential Problems with Decompiled Code ..............................................23
Quick Quiz .................................................................................................25
In Brief .......................................................................................................25
3
Obfuscating Classes
27
Protecting the Ideas Behind Your Code ....................................................27
Obfuscation As a Protection of Intellectual Property ...............................28
Transformations Performed by Obfuscators .............................................29
Stripping Out Debug Information ...................................................29
Name Mangling ................................................................................29
Encoding Java Strings .......................................................................30
Changing Control Flow ...................................................................31
Inserting Corrupt Code ....................................................................32
Eliminating Unused Code (Shrinking) ............................................33
Optimizing Bytecode ........................................................................33
Knowing the Best Obfuscators ..................................................................33
Potential Problems and Common Solutions ............................................34
Dynamic Class Loading ...................................................................34
Reflection ..........................................................................................35

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin