Sunday, August 21, 2011

Protecting Jar files from Decompilation by Code Obsfuscation using SmokeScreen


Today every program has a threat from decompilation and reverse Engineering.This threat is not limited to Executable(.exe) files ,Jar files (.jar) can be unpacked and reverse engineered easily than an Executable(.exe) file.The Java program source code can be easily be reconstructed from the class files.

This does not mean that .jar files are Insecure.Several methods can be used to Protect or Pack a Jar file.Code Obfuscation is means of protecting a Java File by Complicating or Obfuscation of the Source Code.Many code Obfuscation tools are available and Smoke Screen is one of it.

Smoke Screen has a clean user Interface and Codes can be obfuscated with the click of button.You can get Smoke Screen from its official website http://www.leesw.com/smokescreen/ 

Now i will tell you how to protect a .jar file by using smokescreen

1)Open Smoke Screen and Select the Jar file you want to Protect by Clicking the Browse Button Next to the Source Tab.

2)Give the Name and Path of the Protected /Obfuscated Jar file By Clicking the Browse Button next to the Destination tab.

3)Click on Start.Wait for the Process to Finish.Done! The Protected jar file can be obtained from the Destination location you specified.

2 comments:

  • Anonymous says:
    December 2, 2011 at 7:46 AM

    This is nice and all but what does it really give you?

    If they have your source code, they can run it, debug it, use it. At worst it just a small step to remove licence verification or things like that.

    If the application call home, it is easy to monitor the network or even change the transmited or received content to whatever they want.

    Security on client side doesn't exist. Code obfuscation will just annoy thoses having to work with the jar... Primary, thoses that will have to maintain and debug it with unusable stack traces. But this prevent nothing.

    In particular they can still use your code like an API with its entry point and extend it.

  • Techman says:
    December 2, 2011 at 9:55 AM

    Thanks for Commenting.As you have said if a code can be read by the machine then it can read by a human.No program is completely secure from reverse engineering.Although the security measures like Code Obfuscation or Online Validation makes Deconstruction and Recompilation Difficult,the threat of Reverse Engineering is inevitable.

Post a Comment

Subscribe

The Source Codes Published in this Blog can be used freely for Educational purposes but should not be reproduced on any other Blog or Website without the consent of the author.