ebook img

Decompiling Java PDF

272 Pages·2004·6.411 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Decompiling Java

Decompiling Java GODFREY NOLAN APress Media, LLC Decompiling Java Copyright © 2004 by Godfrey Nolan Originally published by Apress in 2004 Softcover reprint of the hardcover 1s t edition 2004 Lead Editor: Gary Cornell Technical Reviewer: John Zukowski Editorial Board: Steve Anglin, Dan Appleman, Ewan Buckingham, Gary Cornell, Tony Davis, John Franldin, Jason Gilmore, Chris Mills, Steve Rycroft, Dominic Shakeshaft, Jim Sumser, Karen Watterson, Gavin Wray, John Zukowski Project Manager: Tracy Brown Collins Copy Edit Manager: Nicole LeClerc Copy Editor: Rebecca Rider Production Manager: Kari Brooks Production Editor: Katie Stence Proofreader: Linda Seifert Compositor and Artist: Kinetic Publishing Services, LLC Indexer: Rebecca Plunkett Cover Designer: Kurt Krames Manufacturing Manager: Tom Debolski Ubrary of Congress Cataloging-in-Publicatlon Data Nolan, Godfrey. Decompiling Java I Godfrey Nolan. p.cm. Includes index. ISBN 978-1-4302-5469-0 ISBN 978-1-4302-0739-9 (eBook) DOI 10.1007/978-1-4302-0739-9 1. Java (Computer program language) 1. TitIe. QA76.73.J38N65 2004 005.13'3-dc22 2004014051 AU rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1 Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an "as is" basis, without warranty. Although every precaution has been taken in the preparation of this work, neither the author(s) nor Apress shall have any liability to any person or entity with respect to any 10ss or damage caused or alleged to be caused directly or indirectly by the information contained in this work. In memory ofH anpeter Van Vliet Contents at a Glance About the Author ................................................... ix About the Technical Reviewer ..................................... xi Acknowledgments ................................................... xiii Chapter 1 Introduction ......................................... 1 Chapter 2 Ghost in the Machine ............................... 17 Chapter 3 Tools of the Trade ................................. 61 Chapter 4 Protecting Your Source: Strategies for Defeating Decompilers .............................. 79 Chapter 5 Decompiler Design ................................. 121 Chapter 6 Decompiler Implementation ........................ 159 Chapter 7 Case Studies ....................................... 237 Appendix Classfile Grammar ................................. 247 Index .............................................................. 255 v Contents About the Author ................................................... ii About the Technical Reviewer ..................................... xi Acknowledgments ................................................... xiii Chapter 1 Introduction ....................................... 1 Compilers and Decompilers ......................................... 2 Virtual Machine Decompilers ....................................... 3 Why Java? ........................................................... 3 History: Basic Chronology ......................................... 6 Legal Issues ........................................................ 9 Moral Issues ....................................................... 12 Protecting Yourself ............................................... 13 Book Outiine ....................................................... 15 Conclusion ......................................................... 16 Chapter 2 Ghost in the Machine ........................... 17 The JVM: An Exploitable Design? ................................. 18 Inside a Class file ................................................ 22 Conclusion ......................................................... 60 Chapter 3 Tools of the Trade .............................. 61 Employing Hexadecimal Editors ................................... 61 The Problem of Insecure Code .................................... 64 Disassemblers ...................................................... 67 Decompilers ........................................................ 72 Obfuscators ........................................................ 75 Conclusion ......................................................... 76 vii Contents Chapter 4 Protecting Your Source: Strategies for Defeating Decompilers .................... 79 Compilation Flags ................................................. 81 Writing Two Versions of the Applet or Application ............ 86 Employing Obfuscation ............................................. 88 Web Services and Server-Side Execution ........................ 106 Encryption ........................................................ 108 Digital Rights Management ....................................... 109 Fingerprinting Your Code ........................................ 110 Selling the Source Code ......................................... 117 Native Methods ................................................... 117 Conclusion ........................................................ 119 Chapter 5 Decompiler Design .............................. 121 Introduction ...................................................... 122 Defining the Problem ............................................. 125 (De)Compiler Tools ............................................... 128 Strategy .......................................................... 141 Parser Design ..................................................... 149 Conclusion ........................................................ 157 Chapter 6 Decompiler Implementation .................... 159 ClassToXML Output: An Overview ................................. 159 Jlex Specification ............................................... 165 CUP Specification ................................................ 170 Test Suite ........................................................ 182 Summarizing Decompiler Implementation ......................... 233 Conclusion ........................................................ 236 Chapter 7 Case Studies ..................................... 237 Case Studies ...................................................... 237 Conclusion ........................................................ 244 Appendix Class file Grammar .............................. 247 Index ............................................................. 255 viii About the Author Godfrey Nolan is President of RIIS LLC, where he specializes in web site optimization. He has written numerous articles for different magazines and newspapers in the US, the UK, and Ireland. Godfrey has had a healthy obsession with reverse engineering bytecode ever since he wrote "Decompile Once, Run Anywhere," which first appeared in Web Techniques in September 1997. ix About the Technical Reviewer John Zukowski is a freelance writer and strategic Java consultant for JZ Ventures, Inc. His latest endeavor is to create a next-generation mobile phone platform with SavaJe Technologies. Look for the 1.5 edition of his Definitive Guide to Swing for Java 2 in the fall of 2004 (also published by Apress}. xi Acknowledgments THERE ARE COUNTLESS PEOPLE I have to thank in some small way for helping me with this book. Apologies if I've forgotten anyone. • My wife, Nancy, and also my children, Rory and Dayna, for putting up with all the times I've missed a family outing while writing this book. And we're talking lots and lots of missed outings. • Jonathon Kade, for all your hard work helping with the decompiler and Chapter 6 in general. • Gary Cornell, without whom this book would never have seen the light of day. • Tracy Brown Collins and Rebecca Rider at Apress, for putting up with my countless missed deadlines. Do I need to say lots and lots again? • John Zukowski, for all the helpful comments. And yes, I'm still ignoring the one about having a comma in Hello World. • Dave and Michelle Kowalske and all my other in-laws, for knowing when not to ask, "Is that book finished yet?" • Finally, to my parents, who have always taught me to aim high and who have supported me when, more often than not, I fell flat on my face. xiii

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.