Fingerprinting and Cracking Java Obfuscated Code

Presented at DEF CON 15 (2007), Aug. 3, 2007, 6 p.m. (20 minutes).

The process of obfuscating intermediate platform independent code, such as Java bytecode or Common Intermediate Language (CIL) code aims to make the source code generated by reverse engineering much less useful to an attacker or competitor. This talk focuses on the examination of fingerprinting particular obfuscators and provides a tool capable of cracking key obfuscation processes performed. As more programming languages use intermediate platform techniques on compiled code, the vision behind this talk is to further provide a methodology in reversing obfuscated applications. The demonstration of the tool developed on a number of cases will show how such a methodology can be put in place for cracking obfuscation techniques.


Presenters:

  • Subere
    Subere: There is a world of numbers, hiding behind letters, inside computers that stimulates the brain of Subere. Currently, he is focusing on research relating to coding standards, practices and ways of exploiting development code. This focus entails the breaking and making of client-side standalone as well as web applications. As such things need doing for a living and can take their toll he has recently joined Information Risk Management, based in London. His area of expertise is in source code audits, bytecode interpretations and reverse engineering. He has performed a number of source code audits and application security assessments on an international level.

Links:

Similar Presentations: