Netbeans 混淆

发布于 2024-07-23 10:35:06 字数 331 浏览 8 评论 0原文

我对混淆非常陌生，并且对 ant 没有太多经验。请有人为我提供一种使用 ProGuard（或任何其他开源混淆器）混淆常规 Java 应用程序的方法。目前我正在使用 NetBeans 6.5.1，并且只有在创建 JAVA ME（而不是像我这样的 Java 应用程序）时才能看到混淆功能。我看过 http://wiki.netbeans.org/DevFaqModuleObfuscation，但不明白他们在说什么。

感谢您的任何意见。

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

戏舞 2024-07-30 10:35:06

您指向的常见问题解答是为了混淆 NetBeans 模块。这是一个相当复杂的用例，因此我假设它不是您感兴趣的常规应用程序。

非常简单：混淆过程更改了类、方法和字段的名称，使其更很难对您的应用程序进行逆向工程。

这会导致一些问题：

JVM 要求您的应用程序在公共类中具有 public static void main( String args[] )，因此
如果您使用任何类型的内省，您必须告诉 proguard 不要更改此名称，您必须保护相关名称不被更改
其他情况，如手册中所述

此外， proguard 删除未使用的代码。如果您有任何已使用但未直接引用的类，则还必须-keep它们。

proguard 文档包含一个如何混淆简单应用程序的示例。下面是解释的示例（带有一些不太容易混淆的名称）：

-injars       application.jar        # obfuscate all the classes in the named jars
-outjars      obfuscated.jar         # save all the obfuscated classes to the named jar
-libraryjars  <java.home>/lib/rt.jar # these are all the libraries that the application uses
-printmapping obfuscation.map        # save a file linking the original names to the obfuscated ones
                                     # this helps understanding stack traces from the obfuscated application

# we need to keep our main class and the application entry point
-keep public class com.mycompany.Application {
    public static void main(java.lang.String[]);
}

除非您指定 -dontshrink，否则 proguard 将删除任何未保留的代码或未从任何保留的代码中引用的代码。因此，在上面的配置中，任何未被 main 方法（间接）引用的代码都将被删除。

Proguard 包含一个可用于与 NetBeans 工作流集成的 Ant 任务。我建议首先在没有 Ant 的情况下进行手动实验，因为这可以消除过程中的复杂因素之一。使用 NetBeans 构建应用程序 jar，然后尝试使用上述配置进行混淆（如有必要，请充实）。确保测试混淆的应用程序，因为无数的事情都可能出错。一旦您有了有效的混淆器配置，请尝试将 Ant 任务添加到构建文件中，以自动执行 NetBeans 中的混淆过程。

The FAQ you point to is for obfuscating NetBeans modules. This is quite a complicated use case, so I will assume that it is not the regular application you are interested in.

Very briefly: the obfuscation process changes the names of classes, methods and fields to make it more difficult to reverse engineer your application.

This causes some issues:

the JVM requires your application to have a public static void main( String args[] ) in a public class, so you must tell proguard not to change this name
if you are using any sort of introspection, you have to protect the relevant names from being changed
other cases, as explained in the manual

Additionally, proguard strips out unused code. If you have any classes that are used but not referenced directly, you have to -keep them as well.

The proguard documentation includes an example of how to obfuscate a simple application. Here is the example explained (with some less confusing names):

-injars       application.jar        # obfuscate all the classes in the named jars
-outjars      obfuscated.jar         # save all the obfuscated classes to the named jar
-libraryjars  <java.home>/lib/rt.jar # these are all the libraries that the application uses
-printmapping obfuscation.map        # save a file linking the original names to the obfuscated ones
                                     # this helps understanding stack traces from the obfuscated application

# we need to keep our main class and the application entry point
-keep public class com.mycompany.Application {
    public static void main(java.lang.String[]);
}

Unless you specify -dontshrink, proguard will remove any code not kept or not referenced from any kept code. So in the above configuration, any code not referenced (indirectly) by the main method will be removed.

Proguard includes an Ant task that can be used to integrate with the NetBeans workflow. I would suggest experimenting manually first though, without Ant, as that takes one of the complicating factors out of the process. Build your application jar with NetBeans and then try to obfuscate with the above configuration (fleshed out if necessary). Make sure to test the obfuscated application, as innumerable things can go awry. Once you have a working proguard configuration, try adding an Ant task to your build file to automate the obfuscation process within NetBeans.

回复收藏 0 原文