简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW) 日本語(JA) 한국어(KO) Melayu(MS) Français(FR) Deutsch(DE)
Home > Java > javaTutorial > body text

How can I effectively hide sensitive strings in obfuscated code?

DDD
Release: 2024-10-31 22:28:28
Original
154 people have browsed it

How can I effectively hide sensitive strings in obfuscated code?

Unveiling Hidden Strings in Obfuscated Code

Obfuscators like ProGuard can enhance code security by obfuscating visible strings, but they may not suffice for sensitive information such as URLs or licensing data.

Hiding Sensitive Strings

To conceal sensitive strings effectively, consider the following techniques:

  • Encoding: Encode strings using methods like Base64 to make them appear scrambled.
  • Encryption: Encrypt strings using algorithms like AES to render them unintelligible without the encryption key.

To implement these techniques, you can:

  1. Manually encrypt the string using a known key.
  2. Adjust your code to use the decrypted version of the string. For example:
<code class="java">// Before encryption
public class Foo {
    private String mySecret = "http://example.com";
}

// After encryption
public class Foo {
    private String encrypted = "<encrypted string>";
    private String key = "<encryption key>";
    private String mySecret = MyDecryptUtil.decrypt(encrypted, key);
}</code>
Copy after login

Locating the R Class

During decompilation, the R class is not always readily visible due to obfuscation. However, the ProGuard mapping file can provide insights into its location:

  • Locate the "classes" section in the mapping file.
  • Search for "R.java" to find the original path of the R class.
  • Navigate to that path in the decompiled code directory to access the R class.

Understanding R Class Numbers

Numbers like "2130903058" in decompiled code represent resource IDs. These numbers refer to resources in your project, such as layout files.

To find the corresponding resources:

  • Decompile the R.java file from the mapping file.
  • Search for the resource ID in the decompiled R.java file.
  • The corresponding resource (e.g., layout file) will be specified in the search results.

The above is the detailed content of How can I effectively hide sensitive strings in obfuscated code?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Previous article:How to Create Executable JAR Files in Eclipse with External Libraries? Next article:Should I create new PreparedStatements for each SQL operation or reuse the same one?
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
2
1730
How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?
From 2024-04-23 00:22:19
0
10
1885
The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.
From 2024-04-19 15:37:47
0
1
1597
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
1510
Where is the courseware about CSS mind mapping? Courseware
From 2024-04-16 10:10:18
0
0
1547
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!