WebApp Sec mailing list archives
Re: Code Cracking in Java
From: "Suresh Ponnusami" <surya () nsecure net>
Date: Wed, 12 May 2004 18:04:11 +0530
hi chitresh, Nice approach towards .class files. You can use the Class Construction Kit (CCK) for editing the *.class files. It would have been much easier. Editing the .class files in hex editor does not work all the time. Class Construction Kit can do anything you wish on the .class files. There are lot more ways to overcome the restrictions in .class files, even if it is obfuscated / encrypted. All said, .class files are very vulnerable to attack due to their platform independent nature and open architecture. (Oops! i might spark a debate due to this statement!). But sadly, it is true. Also, read the Java JVM vulnerabilities by LSD Group. cheers, Suresh Ponnusami, Technical Architect, NSECURE SOFTWARE PVT LIMITED, INDIA ----- Original Message ----- From: Chitresh Sen Subject: Code Cracking in Java Code Cracking in Java Scope [Content Too Long, Removed for Readability]
Current thread:
- Code Cracking in Java Chitresh Sen (May 12)
- Re: [security] Code Cracking in Java Allen Firstenberg (May 12)
- RE: Code Cracking in Java Oleg Dubovskoy (May 12)
- Re: Code Cracking in Java Peter Conrad (May 12)
- Re: Code Cracking in Java Rogan Dawes (May 12)
- RE: Code Cracking in Java Don Tuer (May 12)
- <Possible follow-ups>
- Re: Code Cracking in Java Suresh Ponnusami (May 12)
- Re: Code Cracking in Java Frank O'Dwyer (May 13)
- Code Cracking in Java (Chitresh ) Chitresh Sen (May 17)
- RE: Code Cracking in Java Maxim Kostioukov (May 13)