78515

Obfuscated code contains same member variable names

Question:

I have an obfuscated jar which is part of a deployed application in Tomcat on my machine. The jar consists of some weird code with same variable names. I used jshrink in order to decompile the code.

static private org.apache.commons.logging.Log a; private org.springframework.context.MessageSource a; private org.springframework.context.support.MessageSourceAccessor a; static private LicenseBean a; static private ThreadLocal a; private javax.servlet.ServletContext a; private String a; public LicenseBean() { a = null; a = null; a = this; }

Is it an issue with decompilation process? My question is how does JVM handle this if the decompilation process is correct?

Answer1:

Some obfuscators use control symbols for making identifiers harder to read. This concerns especially situations where code is printed to a console which interprets these symbols instead of printing their escaped icon. It could therefore be that these names are actually obfuscated as for example:

U+0061 U+200B * n

where U+0061 represents a and U+200B is the zero-length width symbol which is entailed an incremented amount of times for each of the n identifiers. In a normal editor, all identifiers would then displayed as a.

In general, Java byte code does not allow duplicate identifiers for fields of a class but it allows identifiers which are not normal legal in Java source code. If your code runs, the Unicode theory is the most likely explanation. Maybe your decompiler also misses these characters or and they are not even put into the source code. Try to read the byte code (javap output) of the above class file with an editor which displays <em>invisible Unicode</em> to verify this theory.

Answer2:

That code is not valid Java code, it is possible that jshrink didn't manage to decompile the code correctly, the usual decompiler behavior is based on a <em>best-effort</em> technique.

Try to decompile it using <a href="http://www.benf.org/other/cfr/" rel="nofollow">CFR</a>, it's a wonderful Java decompiler that usually produces valid code.

Recommend

  • JSF Deploy Error “at javax.faces.context.FacesContext.isProcessingEvents(FacesContext.java:300)”
  • Obfuscated code contains same member variable names
  • php mail() returning false, but not in command line
  • connecting to a grails app database
  • Is there a way to check if I'm inside a servlet request with Guice?
  • Possible to decompile DLL written in C?
  • Object and struct member access and address offset calculation
  • How can I sort a a table with VBA with given text condition?
  • How to make a tree having multiple type of nodes and each node can have multiple child nodes in java
  • sending/ receiving email in Java
  • Arrow is showed instead of the material design version hamburger icon. Why doesn't syncState in
  • How to set my toolbar fixed while scrolling android
  • AT Commands to Send SMS not working in Windows 8.1
  • Cannot Parse HTML Data Using Android / JSOUP
  • Data Validation Drop Down Box Arrow Disappearing
  • Linker errors when using intrinsic function via function pointer
  • Windows forms listbox.selecteditem displaying “System.Data.DataRowView” instead of actual value
  • JTable with a ScrollPane misbehaving
  • Understanding cpu registers
  • How do I configure my settings file to work with unit tests?
  • LevelDB C iterator
  • apache spark aggregate function using min value
  • unknown Exception android
  • Sorting a 2D array using the second column C++
  • How can i traverse a binary tree from right to left in java?
  • failed to connect to specific WiFi in android programmatically
  • How can I use threading to 'tick' a timer to be accessed by other threads?
  • How do I use LINQ to get all the Items that have a particular SubItem?