(keitai-l) Re: Hacking Java sites

From: Cedric NICOLAS <cedric.nicolas_at_helo.biz>
Date: 09/03/03
Message-ID: <EMENLGFFBIJFDIMDOEBOMEHLDBAA.cedric.nicolas@helo.biz>
Thank you all for your answers. It's seems that it is quite impossible to
protect code in good way. Anyway our objective will be to increase the time
to hack the code in order that it would reduce the interest to do it and
then protect business of official content providers.

-----Message d'origine-----
De : keitai-l-bounce@appelsiini.net
[mailto:keitai-l-bounce@appelsiini.net]De la part de Boris Granveaud
Envoyé : mercredi 3 septembre 2003 08:34
À : keitai-l@appelsiini.net
Objet : (keitai-l) Re: Hacking Java sites


>The problem with this approach is that there is only a very limited
>number of ways
>that you can pop up that dialog and these method calls can not be
>removed by
>obfuscation.  All a hacker needs to do is find instances of these
>method calls in the
>decompiled code, modify:compile:test until they find the one that
>generates the
>dialog in question and then simply add code to bypass your dialog -
>could be as
>simple as commenting it out.
>
>If you think obfuscation is going to protect your code I suggest you
>try reverse
>engineering something - I would recommend JAD as a decompiler.  It is
>disturbingly
>easy for J2ME stuff.
>
>
a few "second generation" obfuscators do a pretty good job at reordering
byte code instructions so that it doesn't correspond to a real Java
source. For example, here is a code obfuscated with Zelix Klassmaster,
and decompiled by DJ Java Decompiler:

      k1 = d.c;
       ai = a[i1];
       j1 = 0;
       if(k1 == 0) goto _L2; else goto _L1
_L1:
       ai[j1];
_L9:
       if(k1 != 0) goto _L4; else goto _L3
_L3:
       JVM INSTR ifne 32;
          goto _L5 _L6
_L5:
       break MISSING_BLOCK_LABEL_30;
_L6:
       continue; /* Loop/switch isn't completed */
       false;
_L4:
       return;

Of course, this doesn't stop real hackers of modifying directly the
bytecode. But at least it stops the "rookies".

B.

>Steve Oldmeadow
>
>
>This mail was sent to address boris@granveaud.com
>Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/
>
>
>


--
Boris Granveaud
http://www.granveaud.com/




This mail was sent to address cedric.nicolas@helo.biz
Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/
Received on Wed Sep 3 10:17:39 2003