All geek questions in one place

How is obfuscation done in Java?

Today I came across a confusing class (well, a lot of confusing classes in the bank), and I have no idea how this kind of obfuscation is done.

Example:

protected void a(ChannelHandlerContext β˜ƒ, ByteBuf β˜ƒ, ByteBuf β˜ƒ) throws Exception { int β˜ƒ = β˜ƒ.readableBytes(); if (β˜ƒ < this.c) { β˜ƒ.b(0); β˜ƒ.writeBytes(β˜ƒ); } else { byte[] β˜ƒ = new byte[β˜ƒ]; β˜ƒ.readBytes(β˜ƒ); β˜ƒ.b(β˜ƒ.length); this.b.setInput(β˜ƒ, 0, β˜ƒ); this.b.finish(); while (!this.b.finished()) { int β˜ƒ = this.b.deflate(this.a); β˜ƒ.writeBytes(this.a, 0, β˜ƒ); } this.b.reset(); } } }

As you see above, all parameter variables are Bigfoot. How can this be undone? Just like this is done first; How can the JVM process these and execute code without any problems?

To clarify, I will not use this code, it is just for educational purposes. I take the Computer Science course at school as we learn Java and talk about limitations like decompilation. I am interested in learning more, so I decided to study large projects, especially servers. This piece of code is pulled from the Spigot server for Minecraft (the game), which is the fork of the Bukkit server for Minecraft, which was supposed to be open.

+6
source share
3 answers

First of all, you should notice that these are parameters that have this unicode, not methods. Why is it important? Parameters do not have to indicate names, as they are mainly indexed by a number reference. However, it can be specified, and I assume that most java runtimes do not actually check this name, since it is not required for execution. Otherwise, class names, method names, and field names are, however, necessary.

About how you mention Spigot, Spigot is truly open source. However, you most likely decompiled a class that was originally from the Mojang Minecraft source server, which is not open source and really confusing.

Edit: in the case when you want to explore these classes, I recently found a tool called Bytecode Viewer, which is available at https://github.com/Konloch/bytecode-viewer This tool has several decompilers, as well as some options for viewing more bytecode, for example, the version of the class file. An example of a found function contains the following bytecode data:

  <localVar:index=1 , name=β˜ƒ , desc=D, sig=null, start=L1, end=L2> <localVar:index=3 , name=β˜ƒ , desc=D, sig=null, start=L1, end=L2> <localVar:index=5 , name=β˜ƒ , desc=D, sig=null, start=L1, end=L2>

Indeed, as you can see, the Unicode name was set the same way, but this does not matter, since at the end the indices (1,3,5) are used to refer to these variables.

+10
source 
 protected void a(ChannelHandlerContext β˜ƒ, ByteBuf β˜ƒ, ByteBuf β˜ƒ)

This is not true. You cannot have multiple parameters with the same name. You may not be reading Unicode text with the correct text format.

+1
source

The text editor displays the Unicode character value.

I just tested for an eclipse, and names with Unicode characters are acceptable.

  public String publicationXmlUrl(int \u9090currentPage) {

But there is no writing with values:

  public String publicationXmlUrl(int β™₯currentPage) {
0
source

Source: https://habr.com/ru/post/989556/

More articles:


All Articles