FlatcodeJOB is a multi-layered hardening tool for Java 8 (32-bit)applications on Windows
platform. It combines control flow flattening, name obfuscation, code instrumentation, string
and switch-statement variable encryption as well as protection from debugging and code tampering.
For each obfuscated program, the attached CAB.dll library first generates a unique cryptography key
and a cypher then encrypts string constants and switch-statement variables of flattened methods.
At runtime, the CB.dll file appended to the obfuscated program deciphers the string constants
and switch-statement variables, as well as makes some code instrumentation.
FlatcodeJOB can also execute the obfuscated code as a sub process with the dynamically loaded simple
'HPROF' profiling agent*. This considerably facilitates post-obfuscation debugging and error correction.
* HPROF agent is a tool for heap and CPU profiling shipped with every JDK release.
The Installer for FlatcodeJOB can be downloaded from our website.
The FlatCodeJOB installation package is sealed within the flatcodejob_XX_setup.exe
file.
System requirements for running FlatcodeJOB
1. Java 8 (32-bit)
2. Any Windows platform
3. Disk space of ~ 70 MB
FlatcodeJOB supports class files from Java 1.4 to Java 1.8.
To uninstall, twice click the 'uninstall' file in the installation directory.
Create your project and in its root directory set the 'src' subdirectory. Copy
to this directory all source files of your project. Also, copy somewhere all necessary libraries
and proceed as described in 'Obfuscation Guide → First Steps'.
The following protection techniques are used by FlatcodeJOB on Java bytecode level:
1. Renaming - the names of all classes, methods, variables are replaced by random
combinations of letters and numbers, for example, 'QD8', 'V7d', sqU' and the
same name may be given to a class, method, or variable.
The corresponding names may be also replaced in resource files (.properties, .xml, .config).
2. Control flow flattening - splitting the nodes of the original method's control
flow graph and putting them inside an infinite switch loop with concealed and
encrypted dispatcher variables. The original control flow is reconstructed at
runtime.
3. Java code instrumentation - transformation of original bytecode and its reconstruction
at runtime.
4. String encryption - all string constants are encrypted and then deciphered at runtime
(note that FlatcodeJOB always encrypts string constants).
5. Native code implementation.
6. Protection against debugging and tampering.
OBFUSCATION PRACTICE
We recommend the following practice.
Depending on the level of protection you want to give to your application, you can only rename,
only obfuscate and instrument Java code, or choose both of them.
The corresponding sequences of actions may be
I. Rename → check → release
II. Obfuscation → check → release
III. Obfuscation → check, Rename → check, Rename + Obfuscation → check → release
1. Renaming is the most commonly used and quite effective obfuscation technique. When renaming,
particular attention should be paid to identifying all occurrences of the renamed words in the
corresponding string constants. FlatcodeJOB performs an extensive search for all altered names
within all string constants of the application.
A special tabbed pane is provided showing all string constants for each class so as the user
can indicate the portions of the string constants that have to be renamed (including reflections).
2. First run plain obfuscation procedure without renaming. At the obfuscation stage, select both the
'Profile with HPROF agent' and 'All methods' options and proceed as described in 'Obfuscation Guide
→ Plain Obfuscation' section. When obfuscation successfully finishes, press the 'Run sub process'
button and launch the obfuscated program as a sub process within the obfuscator (see 'Obfuscation
Guide → Sub process' section). Debug the program. If it runs go to the next step. If you encounter
errors or JVM crashes, read the NOTE below.
NOTE: Obfuscation is a process of substantial transformation of Java bytecode. Although
obfuscation bugs in FlatCodeJOB are constantly identified and fixed and the program does some
internal checks to avoid errors, they may sometimes occur. To work around the issue, try to refactor
the method that causes the error or exclude its obfuscation.
Rerun obfuscation or restart the obfuscator with another configuration.
When you are back at the beginning of the obfuscation stage, select the same 'Profile with HPROF agent'
option. Depending on the profiling results, select also any or all of the 'Obfuscation Guide →
Select methods.Restrictions' options.
REMINDER: 'Restriction by pattern' completely excludes (global exclusion) obfuscation of selected
packages or classes whereas 'Restriction by type' skips obfuscation of methods with or without
try-catch statements inside the selected classes.
Successively rerun obfuscation with these options and debug the program until the obfuscation becomes
faultless. When the methods causing errors were detected, either exclude them from obfuscation or
refactor the code.
3. At the end of obfuscation, the program creates a batch file in the project's root directory
for launching either a packed or an archived application. This batch file may be further edited
but it must be in consistence with the rules described in 'Obfuscation Guide → Launching
the Obfuscated Application' (if not, the application will not start).
Execute the batch file and check the program outside the obfuscator. Then go to the next step.
3. Test the obfuscated application comprehensively as it is made for release. If the test is
successfully completed, you may go to the renaming stage (or end the procedure of obfuscation).
Copyright � 2020 - 2023 Stephan
Samvelyan. All Rights Reserved.
Last modified on May 12, 2023