|
Java Reference ObfuscationA field or method reference is a field access or a method call. The following line of Java code represents references to the fieldSystem.out and to the method PrintStream.println(String) .
System.out.println("Hello world");
A field or method reference can be to a Java API as in the example above or it can be to your own fields or methods.
Zelix KlassMaster's Reference Obfuscation functionality allows you to obfuscate field or method references by replacing them with Reflection API or invokedynamic calls.
In the case of static field and method references, it also obscures the identity of the class containing the static member.
Zelix KlassMaster then encrypts the names of the fields, methods and classes that are accessed via the Reflection API or invokedynamic calls.
This allows you to selectively obscure field accesses and method calls in or to sensitive parts of your applications. It can make decompiled code quite incomprehensible.
It can also obscure key API calls which otherwise would allow a hacker to "zero in" on a particular part of your bytecode.
Note that Zelix KlassMaster's Method Parameter Changes functionality significantly "hardens" Zelix KlassMaster's Reference Obfuscation.
Please see the simple example below and the Reference Obfuscation Tutorial for more detail.
|
Method decompiledpublic static void method0() { System.out.println("HelloWorld"); } Method Reference Obfuscated and String Encrypted with Method Parameter Changing then decompiled
private static final String c;
public static void method0(final long n4) {
/*invokedynamic(j:(Ljava/io/PrintStream;Ljava/lang/String;JJ)V,
invokedynamic(\u00ee:(JJ)Ljava/io/PrintStream;,
-7703503747166308699L, n4),
HelloWorld.c,
-7703568321494008229L, n4)*/
}
|