我想使用Java混淆器来混淆我的源代码。由于Proguard得到了最多的建议,因此我使用了它。我按照以下方式配置了我的build.xml:
<target name="-post-jar">
<property name="proguard.jar.path" value="D:/pro/proguard.jar" />
<taskdef resource="proguard/ant/task.properties"
classpath="${proguard.jar.path}" />
<echo message="Obfuscating ${dist.jar}..."/>
<mkdir dir="${build.dir}/obfuscated"/>
<proguard printmapping="${build.dir}/obfuscated/${application.title}.map"
renamesourcefileattribute="SourceFile" ignorewarnings="true">
<injar file="${dist.jar}" />
<outjar file="${build.dir}/obfuscated/${application.title}.jar" />
<libraryjar path="${javac.classpath}" />
<libraryjar file="${java.home}/lib/rt.jar" />
<libraryjar file="${java.home}/lib/jce.jar" />
<keepattribute name="InnerClasses" />
<keepattribute name="SourceFile" />
<keepattribute name="LineNumberTable" />
<keepattribute name="Deprecated" />
<keepattribute name="*Annotation*" />
<keepattribute name="Signature" />
<keepattribute name="Exceptions" />
<keep access="public">
<field access="public protected" />
<method access="public protected" />
</keep>
<keepclassmembernames access="public">
<method type ="java.lang.Class"
name ="class$"
parameters="java.lang.String" />
<method type ="java.lang.Class"
name ="class$"
parameters="java.lang.String,boolean" />
</keepclassmembernames>
<keepclasseswithmembernames>
<method access="native" />
</keepclasseswithmembernames>
<keepclassmembers extends="java.lang.Enum">
<method access="public static"
type="**[]"
name="values"
parameters="" />
<method access="public static"
type="**"
name="valueOf"
parameters="java.lang.String" />
</keepclassmembers>
<keepnames implements="java.io.Serializable"/>
<keepclassmembers implements="java.io.Serializable">
<field access ="final"
type ="long"
name ="serialVersionUID" />
<field access ="!static !transient"
name ="**"/>
<field access ="!private"
name ="**"/>
<method access ="!private"
name ="**"/>
<method access ="private"
type ="void"
name ="writeObject"
parameters="java.io.ObjectOutputStream" />
<method access ="private"
type ="void"
name ="readObject"
parameters="java.io.ObjectOutputStream" />
<method type ="java.lang.Object"
name ="writeReplace"
parameters="" />
<method type ="java.lang.Object"
name ="readResolve"
parameters="" />
</keepclassmembers>
</proguard>
<copy file="${build.dir}/obfuscated/${application.title}.jar" tofile="${dist.jar}" overwrite="true"/>
<delete dir="${build.dir}/obfuscated"/>
</target>
但是会导致以下错误:
java.lang.UnsupportedOperationException: Method must be overridden in [proguard.optimize.peephole.ClassMerger] if ever called
at proguard.classfile.util.SimplifiedVisitor.visitAnyClass(SimplifiedVisitor.java:47)
at proguard.classfile.util.SimplifiedVisitor.visitLibraryClass(SimplifiedVisitor.java:59)
at proguard.classfile.LibraryClass.accept(LibraryClass.java:301)
at proguard.classfile.ProgramClass.subclassesAccept(ProgramClass.java:433)
at proguard.optimize.peephole.VerticalClassMerger.visitProgramClass(VerticalClassMerger.java:83)
at proguard.classfile.ProgramClass.accept(ProgramClass.java:346)
at proguard.classfile.ClassPool.classesAccept(ClassPool.java:125)
at proguard.optimize.Optimizer.execute(Optimizer.java:565)
at proguard.ProGuard.optimize(ProGuard.java:307)
at proguard.ProGuard.execute(ProGuard.java:116)
at proguard.ant.ProGuardTask.execute(ProGuardTask.java:316)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:291)
at sun.reflect.GeneratedMethodAccessor137.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.Target.execute(Target.java:392)
at org.apache.tools.ant.Target.performTasks(Target.java:413)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1399)
at org.apache.tools.ant.Project.executeTarget(Project.java:1368)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
at org.apache.tools.ant.Project.executeTargets(Project.java:1251)
at org.apache.tools.ant.module.bridge.impl.BridgeImpl.run(BridgeImpl.java:285)
at org.apache.tools.ant.module.run.TargetExecutor.run(TargetExecutor.java:539)
at org.netbeans.core.execution.RunClassThread.run(RunClassThread.java:153)
- 模糊化并不能防止决心坚定的黑客窃取代码。
- 无法使用ProGuard软件的人有大约百万分之一的机会创造出值得窃取的东西。我的建议是a) 加倍努力地进行应用程序更新。这样,黑客们就要“攻击一个移动的目标”。b) 出售支持而非软件。
- Andrew Thompson