Database Reference
In-Depth Information
will also capitalize on the fact that our integer divided by itself is 1 and subtracted from itself is 0. Once
we get the bytes of the original connection string, we can reuse that original connection string as our
return string. Several places in
OJSCode
we get a byte array from a String by calling the
String.getBytes()
method. Let's rewrite that as a method called
traverse()
to replace
String.getBytes()
. We will allow
traverse()
to take a
null
and to get the bytes of
location
string in that case. Further, we will create an
additional member in
OracleJavaSecure
, named lower case
l
(ell) that we will set equal to
location
, and
we will point at that instead. Now our code looks like Listing 11-6.
Listing 11-6.
Obfuscated Logic, Step 2
static String encode( String encodeThis ) {
byte[] eTBytes =
traverse
( encodeThis );
byte[] xBytes =
traverse()
;
encodeThis = "";
String oneByte = "*";
int twoI
= Integer.parseInt(
String.valueOf( Integer.toHexString(
(int)(oneByte.charAt(twoI - twoI))).charAt(twoI - twoI)));
GT: do {
oneByte = Integer.toHexString(
(int)eTBytes[encodeThis.length()/twoI] ^
(int)xBytes[( encodeThis.length()/twoI ) %
xBytes.length] );
if( oneByte.length() == (
twoI/twoI
) )
encodeThis += "0";
encodeThis += oneByte;
if(
( ( encodeThis.length()/twoI ) % eTBytes.length )
== (
twoI - twoI
) )
{
System.arraycopy
( xBytes, twoI - twoI,
eTBytes, twoI * 0, twoI );
break GT;
}
} while( true );
return decodeThis;
}
static byte[]
traverse
( String encodeThis ) {
int twoI = 0;
if( encodeThis == null )
encodeThis = OracleJavaSecure.l
;
byte[] eTBytes = new byte[encodeThis.length()];
do eTBytes[twoI] = (byte)(encodeThis.charAt(twoI++));
while( twoI < eTBytes.length );
return eTBytes;
}
We have also added some misdirection. Now, in the final
if
statement of our
do while
loop, before
we break to the
GT
label, we do an
arraycopy()
. We copy the first two bytes from our “other” byte array to
the beginning of our connection string bytes. This is essentially meaningless, because we are through
dealing with those arrays; however the tactic of misdirecting is often used in obfuscating code.
