130n@calvinlai.com
  • About Calvin Lai (fkclai)
  • My Work
  • Cyber Security
    • Cyber Security Centre (CSC)
      • Why we need a CSC
      • CSC Team Structure: Roles, Functions, and Tools
        • Key Function & Role
        • Tools & Platforms
        • People
        • Outsource Strategy
      • HRMC Executive Paper
  • Detection and Response
    • Playbook: Threat Prioritization & Automated Response Strategies
      • Scenario: Detecting and Mitigating a Ransomware Attack
      • Scenario: DC Sync Attack Detected and Mitigated
      • Scenario: Pass-the-Hash (PtH) Attack Detected and Contained
      • Scenario: Phishing Campaign with Malware / Credential Theft Detected and Mitigated
  • Application Architecture
    • Comparison of MVC , N-tier and Microservice Architecture
  • Application Security
    • OAuth, SAML, and OpenID Connect: Key Differences and Use Cases
    • Secure Coding Principles
    • HTTP Header Security Principles
    • Mitigating Broken Object Level Authorization (BOLA)
    • Spring Boot Validation
    • Output Encoding in JavaServer Faces (JSF)
    • Session Management Security Issues
    • Common API Security Problems
      • Broken Authentication
      • Excessive Data Exposure
      • Lack of Resources & Rate Limiting
      • Broken Function Level Authorization
      • Unsafe Consumption of APIs
    • JAVA Exception Handling
    • File Upload Validation
    • OAuth 2.0 Security
      • Insecure Storage of Access Tokens
    • Microservice Security
      • Sample Coding Demo
        • Service Implementation
        • Client Interaction
      • Security Solution for Microservices Architecture
    • Modifying and Protecting Java Class Files
      • Modify a Class File Inside a WAR File
      • Direct Bytecode Editing
        • Steps to Directly Edit a Java Class File
          • Update: Java Bytecode Editing Tools
      • Techniques to Protect Java Class Files
        • Runtime Decryption in WebLogic
    • JAVA Program
      • Secure, Concurrent Web Access Using Java and Tor
      • Creating a Maven Java project in Visual Studio Code
  • Exploit/CVE PoC
    • ZeroLogon Exploit
    • Remote Retrieved Chrome saved Encrypted Password
    • Twitter Control an RCE attack
  • Hacking Report (HTB)
    • Hits & Summary
      • Tools & Cheat Sheet
    • Windows Machine
      • Love 10.10.10.239
      • Blackfield 10.10.10.192
      • Remote 10.10.10.180
      • Sauna 10.10.10.175
      • Forest 10.10.10.161
      • Sniper
      • Json
      • Heist
      • Blue
      • Legacy
      • Resolute
      • Cascade
    • Linux Machine
      • Photobomb 10.10.11.182
      • Pandora 10.10.11.136
      • BountyHunter 10.10.11.100
      • CAP 10.10.10.245
      • Spectra 10.10.10.229
      • Ready 10.10.10.220
      • Doctor 10.10.10.209
      • Bucket 10.10.10.212
      • Blunder 10.10.10.191
      • Registry 10.10.10.159
      • Magic
      • Tabby
  • Penetration Testing
    • Web Application PenTest
    • Network/System PenTest
    • Mobile Penetration Test
      • Certificate Pinning
        • Certificate Pinning Bypass (Android)
          • Root a Android Device
          • Setup Proxy Tool - Burp Suite
      • Checklist
  • Threat Intelligence
    • Advanced Persistent Threat (APT) groups
      • North Korean APT Groups
      • Chinese APT Groups
      • Russian APT Groups
      • Other APT
  • Red Team (Windows)
    • 01 Reconnaissance
    • 02 Privileges Escalation
    • 03 Lateral Movement
    • 04 AD Attacks
      • DCSync
    • 05 Bypass-Evasion
    • 06 Kerberos Attack
    • 99 Basic Command
  • Exploitation Guide
    • 01 Reconnaissance
    • 02 Port Enumeration
    • 03 Web Enumeration
    • 04 Windows Enum & Exploit
      • Windows Credential Dumping
        • Credential Dumping: SAM
        • Credential Dumping: DCSync
      • Kerberos Attack
      • RDP
    • 05 File Enumeration
    • 06 Reverse Shell Cheat Sheet
      • Windows Reverse Shell
      • Linux Reverse Shell
    • 07 SQL Injection
    • 08 BruteForce
    • 09 XSS Bypass Checklist
    • 10 Spring Boot
    • 11 WPA
    • 12 Payload list
  • Vuln Hub (Writeup)
    • MrRobot
    • CYBERRY
    • MATRIX 1
    • Node-1
    • DPwwn-1
    • DC7
    • AiWeb-2
    • AiWeb-1
    • BrainPan
  • CTF (Writeup & Tips)
    • CTF Tools & Tips
    • Hacker One
    • CTF Learn
    • P.W.N. University - CTF 2018
    • HITCON
    • Pwnable
      • 01 Start
  • Useful Command/Tools
    • Kali
    • Windows
    • Linux
  • Offensive Security Lab & Exam
    • Lab
    • Tools for an Offensive Certification
      • Strategy for an Offensive Exam Certification
        • CVEs
        • Privilege Escalation
        • Commands
        • Impacket
  • ISO 27001
    • Disclaimer
    • What is ISO 27001
      • Implementation
    • Documentation
    • Common Mistake
    • Q&A
      • Can internal audit to replace the risk assessment
      • Is it sufficient for only the IT department head to support the ISO 27001 program
      • Does the Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP) are the same?
    • ISO 27001 Controls and Domains
      • 1. Information Security Policies
      • 2. Organization of Information Security
      • 3. Human Resource Security
      • 4. Asset Management
      • 5. Access Control
      • 6. Cryptographic Controls
      • 7. Physical and Environmental Security
      • 8: Operational Security
      • 9. Communications Security
      • 10. System Acquisition, Development, and Maintenance
      • 11. Supplier Relationships
      • 12: Information Security Incident Management
      • 13. Information Security Aspects of Business Continuity Management
      • 14. Compliance
Powered by GitBook
On this page
  • 1. Decompiling and Editing Class Files
  • 2. Direct Bytecode Editing
  • 3. Techniques to Prevent Unauthorized Modifications

Was this helpful?

  1. Application Security

Modifying and Protecting Java Class Files

Java class files are an essential part of any Java application, containing the bytecode that the Java Virtual Machine (JVM) executes. There are various scenarios where you might need to modify a class file, such as fixing bugs, adding new features, or changing configuration values. This guide will explore two main approaches for modifying Java class files, along with techniques to protect them from unauthorized modifications.

1. Decompiling and Editing Class Files

Decompiling involves converting Java bytecode back into readable source code. This method is useful for making extensive changes to the code. Here are the steps:

  1. Extract the WAR File:

    • Use an archive tool (e.g., 7-Zip, WinRAR) to unzip the WAR file and access its contents.

  2. Locate the Class File:

    • Find the specific class file you need to modify within the extracted contents.

  3. Decompile the Class File:

    • Use a Java decompiler (e.g., JD-GUI, CFR) to convert the class file into Java source code.

  4. Modify the Source Code:

    • Edit the decompiled source code to make the necessary changes.

  5. Recompile the Class File:

    • Use the Java Compiler (javac) to compile the modified source code back into a class file.

  6. Replace and Repack:

    • Replace the modified class file in the WAR structure and repackage the WAR file using the jar tool.

  7. Deploy the WAR File:

    • Deploy the modified WAR file to your application server.

2. Direct Bytecode Editing

Directly editing the bytecode is suitable for making minor changes, such as modifying string constants or numeric values. This approach does not require decompiling the class file.

  1. Open the Class File:

    • Use a bytecode editor (e.g., Java Bytecode Editor (JBE)) to open the class file.

  2. Locate the Constant Pool:

    • Find the specific constant or value you need to modify within the class file.

  3. Edit the Bytecode:

    • Make the necessary changes directly in the bytecode editor.

  4. Save and Repack:

    • Save the modified class file and replace it in the WAR structure. Repackage the WAR file.

  5. Deploy the WAR File:

    • Deploy the modified WAR file to your application server.

3. Techniques to Prevent Unauthorized Modifications

Protecting Java class files from unauthorized modifications and reverse-engineering is crucial for maintaining the integrity and security of your application. Here are some common techniques:

  1. Obfuscation:

    • Transforms the code to make it difficult to understand and reverse-engineer while preserving functionality.

    • Tools: ProGuard, yGuard, Zelix KlassMaster.

  2. Encryption:

    • Encrypts class files or parts of them to prevent unauthorized access.

    • Tools: AES encryption libraries.

  3. Code Signing:

    • Signs class files with a digital signature to ensure integrity and authenticity.

    • Tools: Jarsigner.

  4. Native Code Conversion:

    • Converts sensitive parts of the Java application to native code using JNI.

    • Tools: GCJ, Excelsior JET.

Reminder : Always back up original files, verify dependencies for proper compilation, and thoroughly test changes in a staging environment to ensure safe and reliable deployment without unexpected errors.

  • Backup Step: Before proceeding with any modifications, create a backup of the original WAR file. This ensures you can revert to the original version in case of errors during the modification process.

  • Dependencies Check: When recompiling the modified Java source file, ensure that all necessary dependencies are included in the classpath. Missing dependencies may lead to runtime errors or prevent the application from functioning as intended.

  • Testing Before Deployment: After modifying and repackaging the WAR file, test the updated application in a staging or development environment before deploying it to production. This minimizes risks and ensures the changes behave as expected under real conditions.

PreviousSecurity Solution for Microservices ArchitectureNextModify a Class File Inside a WAR File

Last updated 1 month ago

Was this helpful?