Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to realize the Anti-encryption of Java Program

2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Share

Shulou(Shulou.com)06/02 Report--

This article mainly shows you "how to achieve Java program anti-encryption", the content is easy to understand, clear, hope to help you solve your doubts, the following let the editor lead you to study and learn "how to achieve Java program anti-encryption" this article.

First of all, let's take a look at the anti-encryption of the Java program, which is commonly known as the Crack process. Only by understanding this process can we effectively encrypt our program.

Usually we get two kinds of Crack packages of Java programs, one belongs to KeyGen (registration code generator), and the other belongs to replacement modification.

Let's take a look at the first one. When we find the KeyGen of an application, we always admire the person who made KeyGen and think he is very good, but if you analyze it carefully, why can he make KeyGen? Only

He knows very well about the encryption algorithm of this Java program; who are these people? One is the people in that company, which is impossible, unless there is infighting, that is, conjecture, counter-deduction, is this possible? Ha ha, even more impossible, so where does this algorithm come from? Hehe, it is the secret itself that often reveals the secret. In retrospect, how does the Java application know if the registration code you entered is correct? Oh, then you should start with the application.

Get its encryption algorithm, of course, KeyGen does not matter. (but there are exceptions, and if it is encrypted with the public key, there is no choice but to use the second method. )

This method is only suitable for situations where only one registration number is needed and nothing else is needed. The classic stands for Borland JBuilder & Optimizeit Suite

Let's take a look at the second one, why use replacement modification? Which part did we change? Don't think about it, it must be the part of License authentication, why don't we find the encryption algorithm like the above method? There are two reasons: (1) using the above method can not be done; (2) Java programs not only need Key, but also other License configuration; in this case, we just need to find the class for License verification and modify and replace it.

This method is used in any situation, the classic stands for BEA WebLogic

After the above analysis, our question is focused. The key is how to find the part for License authentication or encryption algorithm. We need three tools: one is the standard JVM:) provided by Sun, and the other is you.

Patience and carefulness:), one is Jad (classic Java decompiler).

The first step is positioning, which is also the most critical step. Let's take Together For JBuilder Edition as an example to start Together and see what it looks like. Oh, come up and ask me for License;Ok.

Every relationship, exit; find Together's startup Bat file, find its startup command: java., OK, give a parameter when Java starts: "- Xrunhprof:cpu=times", save, in startup, or to

License, quit, at this time, we can find that in this directory more than a "java.hprof.txt" file, open a look, is I want the JVM Dump file, a lot of content ah, it doesn't matter, slowly look.

We can see that there are a lot of familiar things in this file: java.*/com.sun.*/javax.* and so on, but this is not what we care about, we want com.togethersoft.* or some zd.d without a package name, and so on. (by the way, almost all Java applications will be confused, but the principle of confusion is also very simple, which we'll talk about later. ) first look for anything related to License, Serach, hey, sure enough, line 474: com.togethersoft.together.impl.ide.license.LicenseSetup.execute ([DashoPro-V2-050200]: Unknown line), look in the Jar package in the pile of classpath on Ok (WinRAR is recommended), and decompile it with Jad after finding it. Once you see, this is not confused, but you use a zae class, you will know that the confusion has passed, ignore it first. Let's take a look at the following sentence IdeLicenseAccess.setLicense (zae1), Ok then finds IdeLicenseAccess, , all License verification goes to this class, object-oriented idea is good, hehe:)

After the location is set, the next thing is to modify the two classes according to the guessed method, mask the actual contents of the execute method in LicenseSetup, modify IdeLicenseAccess, so that most of the validations return true, and then compile and replace; don't be happy too early, it's not over yet, be responsible! Start Together, sure enough, now do not License, there is a startup screen, go in, but a gray, what happened, a look at the console, a bunch of errors, it does not matter, afraid not to make mistakes, find the root cause, there is a problem with the IdeLicenseUtil class, and then decompile, modify, replace; this is done. Start it again, test it, OK.

In this way, a Java application is done. It's actually very simple to see.

When it comes to confusion, you probably know that Java's Class decompilation without confusion won't change the names of methods and variables. what's the reason for this? This is going to go back to the structure of the Class file. To put it simply, the Class file contains another constant pool (constant pool), which contains the names of variables and methods, and so on. What we usually call confusion is to confuse the things in this constant pool with a tool, so that we can fool the decompiler and you. Hehe:) that's why sometimes things that are decompiled can't be compiled in the past.

The above is all the content of this article "how to realize the anti-encryption of Java program". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Development

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report