For protection of Java programs we usually use obfuscators. Obfuscators allow us to rename classes, methods and fields automatically and change bytecode control flow. Free and commercial types of obfuscators have this function. The main difference between free and commercial obfuscators is the string encryption feature.
Unfortunately, the software developers do not always understand the importance of this obfuscation feature and consider the string encryption necessary only after encountering various incidents of reverse-engineering, information theft and other.
Stringer Java Obfuscator is a good solution to make your applications more secure.
Primary goals of our product:
- String encryption
- Encryption is based on the AES algorithm with dynamic keys for each Java package
- The logic of decrypt functions is dynamically injects to the existing classes:
Fragment of decompiled class file before protection :public class App { public static void main(String args[]) { System.out.println("Hello World!"); } }
Fragment of decompiled class file after protection:
public class App { public static void main(String args[]) { System.out.println(main("\u916E\u2E67\uCB8D\u16B9\u479D\u7669\u3F20\uD7DC\u75C5\u30F1\uEC7E\uA26B\uEEB0\u2F0E\u4828\u19C6")); } .... }
- Prevention of maliciously modifying and using the internal logic of Java based applications by an attacker
- The call context protection for decrypting functions
- The ability of "sandboxing" for the following purposes: control access to the class fields and methods by reflection API, restrict to modify and access private fields, members and final fields. (Available only in Enterprise version)
None of the available products on the market allows these two functions work simultaneously.
At the same time Stringer has significantly smaller cost than existing commercial obfuscators with the encryption of strings on the market.