Java Binary Enhancement Tool 3 R1 review
DownloadThe Java Binary Enhancement Tool (JBET) is a general Java program analysis and manipulation tool
|
|
The Java Binary Enhancement Tool (JBET) is a general Java program analysis and manipulation tool. Existing class files can be disassembled, reassembled, or edited programmatically through the JBET API. JBET can also be used to create new Java class files from scratch. JBET uses a convenient internal representation of all the contents of Java binary (.class) files, allowing the user to edit the classes easily, in a structured manner.
JBET was developed as part of the DARPA Self-Protecting Mobile Agents project under the OASIS and Active Networks programs (contract number N66001-00-C-8602) in order to study automated software obfuscation.
The Java language was chosen for this project because of the (relative) ease of constructing binary editing tools provided by the large amount of type information present in the class files. Our two reports, the Obfuscation Techniques Evaluation Report, and the Obfuscation Report, are available from the download area. The obfuscation tool developed is not part of this release.
JBET was also used in the DARPA/AFRL Survivable Server project (contract number F30602-00-C-0183) to add additional security checks to the Java Standard Library. (The Java SecurityManager API does not support many desirable security checks, such as continued authorization of file accesses after opening.)
JBET was used to replace the native method references in the Java standard library with stubs that call a pluggable security policy. This tool, called Jpolicy, is also available for download at this website. Jpolicy is very incomplete at this time, but may be interesting to those working in Java security or changing the standard library themselves.
The internal representation of Java class files used by JBET is intented to make it easy for programmers to write Java binary code transforms. Each element of Java class files has a corresponding internal data structure: ClassInfo for entire classes, MethodInfo for methods, FieldInfo for fields, Snippit for code blocks, and Instruction for individual instructions. Snippit and Instruction understand Java opcode syntax and semantics, allowing automated creation of valid Java programs. A Java-compatible class verifier is also included.
Some code transforms are difficult to program directly by manipulating Java instructions. For those transforms, a directed acyclic graph (DAG) representation of code is available. In the DAG representation, each basic block has a corresponding DAG, with a set of input and output nodes. Edges in the graph connect "producer" nodes (such as constants, or the result of calculations) to "user" nodes (such as method calls or other calculations). Methods are divided into basic blocks and control flow is stored at the basic block level (possible because Java has only fixed jump targets)
JBET requires a Java 1.4 virtual machine to run, although it can operate on class files from earlier Java versions. The packaging and build environment supplied supports Linux and Windows with Cygwin; however, the build process is simple and could be performed manually on other platforms. Perl is required for regression testing.
Jpolicy requires a Java 1.4 virtual machine to build, either Linux or Windows NT/XP with Cygwin. gcc is required for building on Windows (supplied with Cygwin). The runtime system can be either Java 1.3 or 1.4 (with Sun's JVM only), running on Linux or Windows NT/XP. Windows 9x and Windows 2000 may work as well, but have not been tested.
Installation
1. Install jdk 1.4.1.
2. Set CLASSPATH to jdk1.4.1/jre/lib/rt.jar
3. cd src; make
4. If that didn't work, examine the makefile. java or javac may not be in the path.
5. To build a jar file that can be used with "java -jar jbet.jar", run "make jar".
6. If you have perl installed, run the tests with "make test".
Optionally, run "make regen; make test".
Make a symbolic link from jbet3/bin/jbet to somewhere in your path.
Usage
JBET uses the JNI format for class names, and JNI type and method descriptors. For a summary of this syntax, use 'jbet help syntax'. Sun's JVM specification may also be helpful.
To look at a class disassembly, use 'jbet print'. Try disassembling a class you have source for, and was built with debug info (-g): 'jbet -P < classpath > print < classname >'. Sun's JVM specification has an instruction reference.
Java Binary Enhancement Tool 3 R1 keywords