Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it wrong to re-obfuscate obfuscated code? [closed]

Tags:

java

obfuscation

I've used java obfuscators in the past and some are easy to reverse engineer. I've thought maybe it wasn't obfuscated enough.

Is it wrong or problematic to apply two-stage obfuscation?

  1. Obfuscate with ProGuard
  2. Finish it off with a commercial product Zelix Klassmaster

--

Or is that a bad approach? Should only one obfuscator be used?

like image 302
Kyle Avatar asked Dec 18 '11 02:12

Kyle

People also ask

Can you reverse engineer obfuscated code?

The results show that it is possible to reverse engineer obfuscated code but some parts. Obfuscation does protect the code, as all the variable names are changed and every unused method are removed, as well as some methods changed to non-con- ventional ways to program.

Can you obfuscate obfuscated code?

Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program. Encrypting some or all of a program's code is one obfuscation method.

How do you fix obfuscated codes?

Press F12 to open Developer Tools inside Chrome. Now switch to the Scripts tab, right-click and choose De-obfuscate source. That's it!

Does obfuscation affect performance?

Name obfuscation does not affect the performance and should always be used. You can virtualize methods that are not computationally intensive. Otherwise, control flow obfuscation should be used.

2 Answers

As long as the code still runs correctly, then no matter what numbers of obfuscator you use, it should be OK. Remember that the main concern of using obfuscator is to make the code unreadable as far as possible while maintaining its correctness.

like image 103
LeleDumbo Avatar answered Sep 28 '22 06:09

LeleDumbo

re-obfuscating obfuscated code is a well know method of unobfuscating code. e.g. you can obfuscate classes to have names that do not form valid windows file names like 

class COM1 { ... }

decompiling that would result in a file named COM1.java, which is not a valid windows filename and thus breaks many decompilers.

The solution would be to first re-obfuscate using a dictionary of names like class1, class2, method1, method2, field1, field2 and then decompile. The decompiled code will now not only be more valid to decompile, but more readable too.

Using obfuscators in serial would usually result in obfuscated code as strong as the last obfuscator used. (i.e. the chain is as strong as the last link)

I suggest you stick to one obfuscator but make sure you understand each and every option in the obfuscation process and how easy it is to undo.

like image 43
Matiaan Avatar answered Sep 28 '22 07:09

Matiaan
Sign in to Comment

Related questions

C compiler written in java
How do I make Weblogic 10 prefer the jars in myApp.war:/WEB-INF/lib/ without throwing VerifyErrors?
Log4j database appender
Should I use a pool of objects, a singleton or static methods in a multi-threaded environment?
How to generate a unique identifier of a fixed length in Java?
java library for legal move generation in chess [closed]
"Generic" solution for primitive array?
Do I need to install SQLite so that SQLiteJDBC works?
EJB 3.1 container managed concurrency vs. synchronized
Difference in LinkedList and ArrayList implementation? [duplicate]
Singly linked list in java
Main differences between JSF 1.2 and 2.0
Load spring context in an EJB based application
How to use WebSockets with Play Framework?
Specifying memory limits with hadoop
Java - why System and Runtime classes have identical methods?
Compute the different ways to make (money) change from $167.37?
MVVM pattern in java
Is there a C# equivalent of Java's Annotation Processing Tool (apt)?
How to find annotated classes in OSGi bundle

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!