Chapter 1. Getting Started

IN THIS CHAPTER

Techniques Overview—When and Why to Use Each Method

Table 1.1 presents a brief overview of techniques that are discussed in more detail in the corresponding chapters. Use this as a road map to getting started with this book.

Table 1.1. Techniques Overview

CHAPTER

TECHNIQUE

USEFUL FOR

2

Decompiling classes

Recovering lost source code

Learning the implementation of a feature or trick

Troubleshooting undocmented code

Fixing urgent bugs in production or third-party code

Evaluating how your code might be hacked

3

Obfuscating classes

Protecting bytecode from decompiling

Protecting the intellectual property inside the bytecode

Preventing the applications from being hacked

4

Hacking non-public methods and variables of a class

Accessing functionality that exists but is not exposed

Changing the values of internal variables

5

Replacing and patching application classes

Changing the implementation of a class without having to rebuild the entire library

Altering the functionality of a third-party application or framework

6

Using effective tracing

Creating applications that are easy to maintain and troubleshoot

Learning the internal workings of an application

Inserting debug information into the existing applications to understand the implementation details

7

Manipulating Java security

Adding or removing restrictions on access to critical system resources

8

Snooping the runtime environment

Determining the values of system properties

Determining the system information, such as the number of processors and memory limits

Determining a network configuration

9

Cracking code with unorthodox debuggers

Hacking applications that do not have good tracing

Analyzing the control flow of multithreaded applications

Cracking obfuscated applications

10

Using profilers for application runtime analysis

Investigating heap usage and garbage collection frequency to improve performance

Browsing object allocation and references to find and fix memory leaks

Investigating thread allocation and synchronization to find the locking and data race problems and to improve performance

Investigating an application at runtime to gain a better understanding of its internal structure

11

Load testing to find and fix scalability problems

Creating automated test scripts that simulate a load on a system

Analyzing how well the application meets the service level requirements such as scalability, availability, and failover

12

Reverse engineering applications

Hacking the user interface elements such as messages, warnings, prompts, images, icons, menus, and colors

13

Eavesdropping techniques

Intercepting HTTP communication between the browser and the Web server

Intercepting communication between the RMI client and server

Intercepting SQL statements and values from the JDBC driver

14

Controlling class loading

Implementing a custom class loader to control how and from what source the classes are loaded

Using the custom class loader to instrument the bytecode on-the-fly

Creating classes programmatically at runtime

15

Replacing and patching core Java classes

Changing the implementations of system classes to alter core behavior

Enhancing the core functionality of the JDK to suit the application's needs

Fixing bugs in the JDK implementation

16

Intercepting control flow

Reacting gracefully to system errors such as out of memory and stack overflow

Capturing the output to System.out and System.err

Intercepting calls to System.exit()

Reacting to JVM shutdown

Intercepting any method call, object allocation, or thread lifecycle event via JVMPI

17

Understanding and tweaking bytecode

Altering class implementation at the bytecode level

Programmatically generating bytecode

Instrumenting bytecode to introduce new logic

18

Total control with native code patching

Patching the implementation of native functions

Augmenting the JVM behavior on the lowest level

19

Protecting commercial applications from hacking

Protecting sensitive information using Java cryptography

Securing data integrity with digital signatures

Implementing secure license policy to unlock features of commercial applications

Improving Productivity with File Managers

The techniques discussed here serve the purpose of increasing the productivity of the development. At the end of the day, quality and productivity are what differentiate expert programmers from novice programmers, and because this book is meant to turn readers into experts, I feel it is my duty to introduce a few productivity tools. Hacking and regular development require manipulation of files and directories, and getting the right tool can make doing so much easier. Obviously, it is up to you to decide whether to use a tool. You should remember that most of the tools require upfront investment in installing, configuring, and learning—not to mention the possible license fees. But as with most tools, the investment pays off very quickly.

We are going to look at two advanced replacements for the combination of Windows Explorer, Notepad/Text Editor, and CMD.EXE. We will focus on Windows because that is where most of the Java development is taking place, but productivity tools might be available on other platforms as well. It might sound silly that we're starting an advanced Java book by talking about Notepad and CMD.EXE, but a large number of the developers I have seen are still using it, so I want to present a better alternative.

Windows Explorer is a simple shell easily understood by regular users, but it is not capable of helping with the tasks a programmer needs to perform. A very simple example is creating and running a .bat file. Using the default Windows interface, you would have to navigate to the target directory, click the mouse through a few dialog boxes to create a new file, and then open that file in Notepad and edit it. To run the file, you could double-click it, but any output or errors would be lost with the CMD window that was automatically opened by Explorer. A better way, therefore, is to open a CMD.EXE, navigate to the directory, and then run the file. In the end, you must deal with three open windows that are not synchronized or interrelated. A better alternative is using integrated file management software that combines a directory navigating interface with a text editor, a command line for running scripts, archive support, and a multitude of features that make common tasks easy.

FAR and Total Commander

File and Archive Manager (FAR) and Total Commander are both advanced file managers for Windows that trace their roots back to the DOS days and Norton Commander. Distributed as shareware, they can be used without time limitation until you are ready to register for a small fee. They are packed with features for searching files, changing file attributes, and working with multiple files and directories. They have built-in networking and FTP support that presents remote FTP sites in a panel that looks just like a local directory panel. FAR has a powerful built-in editor that can be configured for color highlighting. Both environments have extensive sets of keyboard shortcuts, and FAR supports plug-ins. Both tools support browsing the content of archive files, such as JAR and Zip files, in a panel just like browsing a subfolder. This makes software such as WinZip unnecessary, and what is even better is that the user does not have to deal with different current directories and user interfaces, as is the case when working with nonintegrated software. Table 1.2 provides a list of features and a side-by-side comparison of FAR and Total Commander.

Table 1.2. FAR Versus Total Commander

FEATURE

FAR

TOTAL COMMANDER

Create, copy, view, edit, and delete for files and folders

Excellent

Excellent

Internal and external viewer/editor

Excellent

Good (no internal editor)

Seamless browsing of archive contents (JAR, Zip, and so on)

Excellent

Excellent

Extensive customization of features and UI

Excellent

Good

Windows-like look and feel

Poor

Good

Customizable user menus

Excellent

Excellent

Built-in Windows network support

Yes

Yes

Built-in FTP client

Yes

Yes

Keyboard shortcuts

Excellent

Good

Filename filters

Excellent

Excellent

Quick View

Fair

Excellent

Command, folder, view, and edit history

Excellent

Good

Customizable file associations

Excellent

Good

Files highlighting

Excellent

Excellent

Memory footprint

4MB–14MB

4MB–10MB

Plug-in API and availability of various plug-ins

Excellent (more than 500 plug-ins)

Not available

Registration cost of one copy

$25

$28

Overall rating

Excellent

Good

Although both tools provide a better alternative to Windows Explorer reinforced with other software, FAR proves to be more powerful. Even in its default packaging, it provides more features and productivity gains than Total Commander. In addition, with more then 500 plug-ins written by other developers, its functionality is virtually boundless. The downside of FAR is its somewhat unappealing user interface, although it is something you can get used to. Total Commander, shown in Figure 1.1, looks more like Windows Explorer; if you don't need the ultimate customization and functionality, it can be a better choice.

Total Commander.

Figure 1.1. Total Commander.

Regardless of your preferences, please try an integrated file manager, even if you feel it is difficult to use. It will pay off in the long run!

Java IDEs

Most of the techniques in this book do not involve a lot of coding, and with a tool like FAR, you can easily accomplish all the required tasks. However, integrated development environments (IDEs) make coding much easier, so this section presents a brief overview of the leading IDEs and a recommendation of the one to use.

Today, when it comes to IDEs the question is not whether you should use IDEs or not, but which IDE you should use. A lot of it has to do with development background and personal preferences, so I won't spend a lot of time talking about them. The two leading free IDEs are Eclipse (http://www.eclipse.org) promoted by IBM and NetBeans (http://www.netbeans.org) promoted by Sun. Both are good, although Eclipse has a little more steam and following. The best commercial IDEs are IntelliJ IDEA, Borland JBuilder, and Oracle JDeveloper.

Because you will be working with low-level coding and hacking, your best bet is a flexible IDE with a small memory footprint. My personal favorite is IDEA because of its flexibility, intuitive interface, and abundance of shortcuts and refactoring features. It is not free, so if you can't afford a license, my second recommendation is Eclipse.

Sample Application Functionality and Structure

Throughout most of this book, we will be working with the same sample application. It is not very sophisticated, but it does contain a basic set of components found in most standalone Java programs. This section describes the application and its implementation.

Chat is a simple TCP/IP chat implementation in Java. It enables users to exchange instant messages via the network. Chat maintains a history of the conversation and uses colors to differentiate between the sent and received messages. It has a menu bar and About dialog box. Chat can be started using chat.bat script in the distrib/bin directory. Figure 1.2 shows Chat running.

The Chat application.

Figure 1.2. The Chat application.

Chat is implemented using Java Swing for the user interface and RMI for network communication. When running, each instance of Chat creates an in-process RMI registry that is used by other instances to post messages to the user. Users are required to enter the hostname of the user to which they want to post a message. When the user sends a message, Chat looks up the remote server object and calls a method on it. For testing purposes, messages can be sent to "localhost", in which case the same message is added to the conversation as was sent and received.

The UML class diagram for Chat is shown in Figure 1.3.

A Chat class diagram.

Figure 1.3. A Chat class diagram.

The Chat directory structure follows the de-facto standards for Java application development. The “home” folder for the application directories is called CovertJava. The subdirectories it contains are listed in Table 1.3.

Table 1.3. Chat Application Directory Structure

DIRECTORY NAME

DESCRIPTION

bin

Contains the scripts and the development and test scripts

build

Contains Ant's build.xml and other build-related files

classes

Compiler output directory for .class files

distrib

Contains the application in its distribution form

distribin

Contains scripts that run the application

distribconf

Contains configuration files, such as Java policy files

distriblib

Contains libraries used to run the application

distribpatches

Contains patches for classes

lib

Contains libraries used to build the application

src

Contains application source files

A Chat application can be built by Ant using build.xml in the build directory.

Quick Quiz

1:

Which techniques can be used to learn about the internal implementation of an application?

2:

Which techniques can be used to change the internal implementation of an application?

3:

Which techniques can be used to capture the communication between a client and a server?

4:

Which Windows applications are substituted by FAR and Total Commander?

In Brief

  • Various techniques presented in this book can be used to learn about the internals of implementation to hack an application or to work with the JDK at the system level.

  • Integrated file management applications increase productivity and are worth the investment.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.222.107.104