Full Disclosure mailing list archives
Re: Re: Java class obfuscation
From: Darren Reed <avalon () caligula anu edu au>
Date: Fri, 20 Jun 2003 11:41:14 +1000 (Australia/ACT)
In some mail from northern snowfall, sie said:
I was wondering if anyone has any documents compairing the different java class / method obfusction tools that are available. I am in particular currious to know about the ones that are very easy to bypass vs. those that are extremely difficult.You can't obfuscate java interpreted byte code just like you can't obfuscate CPU machine code. The JVM would have to be altered to ingest your obfuscated machine code. Every type of obfuscation can be defeated as soon as it loads the byte-code into memory for analysis by the JVM. Thus, you may not have readible byte-code on the disk, but, you *will* have it in core.
The aim of obfuscation is to make it hard(er) for decompilers to work, not make it unreadable. The trouble in attempting to get from the output of "gcc -O2" back to C code (in comparison to "gcc -g") is the aim. Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Java class obfuscation KF (Jun 19)
- Re: Java class obfuscation northern snowfall (Jun 19)
- Re: Re: Java class obfuscation Darren Reed (Jun 19)
- Re: Re: Java class obfuscation northern snowfall (Jun 19)
- Re: Re: Java class obfuscation Nicolas RUFF (lists) (Jun 20)
- Re: Re: Java class obfuscation Darren Reed (Jun 19)
- <Possible follow-ups>
- RE: Java class obfuscation Hall, Philip (Jun 19)
- RE: Java class obfuscation Mike S (Jun 20)
- Re: RE: Java class obfuscation KF (Jun 20)
- Re: Java class obfuscation northern snowfall (Jun 19)