Description of the Exercise:
Use Java bytecode anti-reversing tools such as ProGuard, SandMark, and CafeBabe on the Java version of the Password Vault application to apply the anti-reversing techniques Eliminating Symbolic Information and Obfuscating the Program with the goal of making it more difficult to disable the trial limitation. Instead of attempting to implement a custom control flow obfuscation to inhibit static and dynamic analysis as was done in the solution to the Wintel Machine Code Anti-Reversing Exercise, apply one or more of the control flow obfuscations available in SandMark and observe its impact by decompiling the obfuscated bytecode using Jad. Show that the solution to the Java Bytecode Reversing and Patching Exercise can no longer be carried out as demonstrated.
Software for the Exercise:
- Password Vault Java Windows® installer
- ProGuard (java bytecode obfuscator)
- RetroGuard (java bytecode obfuscator)
- SandMark (java bytecode obfuscator)
- CafeBabe (java bytecode editor)
Solution to the Exercise:
For instructional purposes, an animated solution to the exercise in section 8.3 that demonstrates the use of anti-reversing tools introduced in section 8 was created using Qarbon Viewlet Builder and can be viewed using Macromedia Flash Player. The tutorial begins with the Java Password Vault application, ProGuard, SandMark, Jad, CafeBabe, and Sun’s Java JDK already installed on a Windows® XP machine.
Posted on May 7th, 2009 | By: teodoro
Comments are closed.