Binary patching of Java classes for fun and profit - Jfokus 2011
•Als PPTX, PDF herunterladen•
2 gefällt mir•1,453 views
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (14)
Andere mochten auch
Ähnlich wie Binary patching of Java classes for fun and profit - Jfokus 2011
Ähnlich wie Binary patching of Java classes for fun and profit - Jfokus 2011 (18)
Mehr von Anton Arhipov
Mehr von Anton Arhipov (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Binary patching of Java classes for fun and profit - Jfokus 2011
- 2. Binary patching of Java classes for funand profit Jfokus 2011, Stockholm
- 3. whoami Anton Arhipov ZeroTurnaround JRebel http://arhipov.blogspot.com @antonarhipov @javarebel
- 4. What’s Binary Patching? Ninja.class’ Ninja.class 1010101010111000101010101010100010001000111011011101011 1010101010111100001010101010100010001000111011011101110
- 5. Why Binary Patching? ClassLoader MyClass.class JRebel agent New code: 10010100100100101011001010 MyObject
- 6. Why Binary Patching? ClassLoader MyClass.class Framework JRebel agent New code: 10010100100100101011001010 MyObject
- 7. Why Binary Patching? ClassLoader MyClass.class Framework JRebel agent New code: 10010100100100101011001010 MyObject Configuration (XML, annotations)
- 8. How? Using –javaagentto hook into class loading process Using bytecode manipulation libraries (e.g. Javassist)
- 9. java.lang.instrument importjava.lang.instrument.ClassFileTransformer; import java.lang.instrument.Instrumentation; public class Agent { public static void premain(String args, Instrumentationinst) throws Exception { inst.addTransformer(new ClassFileTransformer { … }); } }
- 10. java.lang.instrument importjava.lang.instrument.ClassFileTransformer; import java.lang.instrument.Instrumentation; public class Agent { public static void premain(String args, Instrumentationinst) throws Exception { inst.addTransformer(new ClassFileTransformer { … }); } } META-INF/MANIFEST.MF Agent-Class: Agent
- 11. java.lang.instrument importjava.lang.instrument.ClassFileTransformer; import java.lang.instrument.Instrumentation; public class Agent { public static void premain(String args, Instrumentationinst) throws Exception { inst.addTransformer(new ClassFileTransformer { … }); } } META-INF/MANIFEST.MF Agent-Class: Agent java –javaagent:agent.jar …
- 12. java.lang.instrument + Javassist newClassFileTransformer() { public byte[] transform(ClassLoaderloader, String className, Class<?>classBeingRedefined, ProtectionDomainprotectionDomain, byte[] classfileBuffer){ } }
- 13. java.lang.instrument + Javassist newClassFileTransformer() { public byte[] transform(ClassLoaderloader, String className, Class<?>classBeingRedefined, ProtectionDomainprotectionDomain, byte[] classfileBuffer){ ClassPoolcp= ClassPool.getDefault(); CtClassct= pool.makeClass(new ByteArrayInputStream(classfileBuffer)); } }
- 14. java.lang.instrument + Javassist newClassFileTransformer() { public byte[] transform(ClassLoaderloader, String className, Class<?>classBeingRedefined, ProtectionDomainprotectionDomain, byte[] classfileBuffer){ ClassPoolcp= ClassPool.getDefault(); CtClassct= pool.makeClass(new ByteArrayInputStream(classfileBuffer)); transformClass(ct, cp); } }
- 15. java.lang.instrument + Javassist newClassFileTransformer() { public byte[] transform(ClassLoaderloader, String className, Class<?>classBeingRedefined, ProtectionDomainprotectionDomain, byte[] classfileBuffer){ ClassPoolcp= ClassPool.getDefault(); CtClassct = pool.makeClass(new ByteArrayInputStream(classfileBuffer)); transformClass(ct, cp); returnct.toBytecode(); } }
- 16. JRebel SDK
- 17. Javassist + JRebel cp.importPackage("org.zeroturnaround.javarebel");
- 18. Javassist + JRebel cp.importPackage("org.zeroturnaround.javarebel"); ct.addInterface( cp.get(ClassEventListener.class.getName()));
- 19. Javassist + JRebel cp.importPackage("org.zeroturnaround.javarebel"); ct.addInterface( cp.get(ClassEventListener.class.getName())); ct.addMethod(CtNewMethod.make( "public void onClassEvent(inteventType, Class clazz) {"+ "cache.evict();" + "}", ct));
- 20. Javassist + JRebel CtClassct = … CtConstructor[] cs = ct.getConstructors();
- 21. Javassist + JRebel CtClassct = … CtConstructor[] cs = ct.getConstructors(); for (CtConstructor c : cs) { if(c.callsSuper()) { c.insertAfter("ReloaderFactory.getInstance() .addClassReloadListener($0);"); } }
- 22. Javassist + JRebel CtClassct = … ct.getDeclaredMethod("service") .insertBefore( "ReloaderFactory.getInstance() .checkAndReload(Application.class);");
- 23. Integration Highlights Implement ClassEventListener Register listener instance to JRebel Trigger the re-load event ReloaderFactory#addClassReloadListener(…); ReloaderFactory#checkAndReload(…);
- 24. Pros/Cons
- 25. Pros/Cons
- 26. Pros/Cons
- 27. Thx! Want JRebel free? Come to our booth!
Hinweis der Redaktion
- The what/why/how of runtime binary patching of JAVA applications, frameworks and application servers to provide custom integration. We will follow the JRebel integration story from dirty bytecode insertions to readable Java code patches. The session is intended for advanced Java developers interested in patching or integrating with binary java applications. We will look at the different problems that arise when doing runtime binary patching of different Java applications and frameworks. * What and why is a binary patching? * Tools, methods and tips. * Sample use-cases of binary patching different systems * Pros/cons
- Agent implementation: any class with premain, Agent-Class in manifest
- Agent implementation: any class with premain, Agent-Class in manifest
- Agent implementation: any class with premain, Agent-Class in manifest
- Add smiley face
- Add smiley face