Overwrite method in compiled library at run time

Question

I'm looking to overwrite a method in the com.sun.crypto.provider.AESCryptclass at run time to aid in reverse engineering a piece of malware, the malware uses a custom AES implementation that I am trying to replicate in the expandToSubKey method. How would I go about overwriting the method at run time so that I could setup a standard AES decrypt method to use my modified function

Answer 1

This is possible. There seem to be two approaches.

1. ClassTransformer Approach: Transform the byte code for the com.sun.crypto.provider.AESCrypt class when you start the java process using java assist. There is a very good blog outlining everything you need to do here.
2. Boot Classpath Approach: This is probably the easiest way to go. Java has a mechanism that allows you to patch core java classes for your application, this mechanism is the boot classpath and is described in this book.

Answer 2

You can create class with exactly same full name in your project, copy code from library's class into your new class and change pieces of code you want to change. When JVM classloader will be asked to load AESCrypt class it will first look for it in classes inside your project so your custom version of AESCrypt will be loaded.