[转载]Cracking String Encryption in Java Obfuscated Bytecode

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

Abstract
This paper discusses in technical detail the type of String Encryption used by popular java obfuscation
tools. The main motivation behind this work lies within the identification of attack vectors as well as
potential entry points of a given obfuscated application. Following a brief introduction, a methodology for
reverse engineering Java bytecode is presented. We focus on the encryption techniques deployed by the
following obfuscators: Zelix KlassMaster (version 4.5.0), RetroGuard (version 2.2.0), JShrink (version
2.3.7) and Dash-O (version 3.2.0). Ways to crack the corresponding levels of String encryption as well as
potential further attack vectors that such obfuscators might introduce are also examined. The findings of
this paper show that cracking String encryption within the above obfuscators is a task which can be
performed even in an automated way. In order to mitigate against the problem a brief proposal is outlined
stating the need for polymorphic obfuscators that have the ability to select from an algorithm pool
depending on the type of application as well as the level of obfuscation required.