| |
JobfuscateTM 4.4a
Protect JavaTM .class files from prying eyes
An easy to use Java obfuscator that works!
| |
|
Jobfuscate allows software developers to obfuscate (protect) their
Java class files. Otherwise, without protection, anyone could use a Java
decompiler to effectively get back your Java source code!
We wrote Jobfuscate out of our frustration using other commercial Java
obfuscators. We tried many products and not one worked for our
Java code! Our protected programs would simply not run! That last thing
we needed (and you as a software developer) is to track down bugs that
are not yours, but a result of obfuscation.
The Problem: Java class files contain lots of symbolic information
from your source code, including all variable names and method
names that you used in your source code! This symbolic information
allows Java decompilers to very effectively reconstruct your source
code with the variable names you used. If you have not used
a Java decompiler, get one and try it out and you will be amazed.
Without obfuscation protection, you are giving
away your source code when you ship Java class files.
The Solution: Remove all symbolic information that can be
removed. Jobfuscate allows you to use fully descriptive variable
names and method names in your Java code. It then renames your
classes, variables and methods to meaningless names. No attempt
is made to alter the Java byte code because that is where all
other obfuscators cause bugs for you to track down.
Program Requirements:
- Microsoft Windows Vista/XP/2003/2000/Me/98
- Sun's Java Runtime Environment 1.5 (or later) installed
Jobfuscate.exe
is a command line tool that allows it to be easily integrated into
scripts and Java development environments.
When run with no arguments from the command line, the following
help is displayed:
Duckware (R) Java Class Obfuscator Registered Version 4.4a (build 4662)
Copyright (c) Duckware 2000-2013. All rights reserved.
Usage: jobfuscate [-options]* class*
-log:<file> redirects stdout/stderr to file
-out:<file> names output jar file (default: java.jar)
-store no compression in jar file
-x:<class> no class/method/field renaming in class
-xc exclude all class renaming
-xm exclude all method renaming
-xf exclude all field renaming
-xc:<class> exclude class renaming by pattern
-xm:<class.method> exclude method renaming by pattern
-xf:<class.field> exclude field renaming by pattern
-trial runs in trial mode (for debugging)
-sys:<class> identifies system classes by pattern
-serializable:<type> type = off|relaxed|strict
@<file> each line in <file> is an option
class main class file, plus other class files
Example:
set classpath=c:\test
jobfuscate -x:acme.* -xc -xm:io.*.run myprog.main
|
|
Getting Started: The easiest way to use Jobfuscate is to
use it as in this example:
set classpath=c:\test
jobfuscate -x:acme.* -xc -xm:io.*.run myprog.main
Namely, first configure a CLASSPATH so that a
"java yourprog.main" works,
then second just type
"jobfuscate yourprog.main".
|
|
Jobfuscate will
automatically find all dependency classes. However, under
certain circumstances (dynamic class loading; resource bundles),
this automatic discovery may fail to find all classes for your
application. So, carefully review the class
files found by jobfuscate and just add any classes to the command
line that were missed by jobfuscate.
Output: The output from running jobfuscate is a detailed log
of changes to class files. It is recommended that you redirect the
output to a file (or use the -log:<file> command line
option) so that you have a record of what changes were made
to class files. For example:
jobfuscate MyProg.Main >output.log
jobfuscate -log:YYYYMMDD-HHMMSS.log MyProg.Main
If your product prints stack traces when error conditions occur, this
output file will be invaluable to aid mapping obfuscated method names
in stack traces back into method names used in your source code.
Reflection: If your Java program uses reflection, be sure to
exclude those classes from being obfuscated by using the
"-x:<class>" command line option.
Serialization: Any class that implements the
java.io.Serializable interface will automatically be excluded
from obfuscation.
Class.forName(): Using "Class.forName()" in your
code will work just fine! However, remember that if you use a
class "getName()" that the obfuscated class name will be
returned. Namely, a "Class.forName("Testing").getName()"
will not return "Testing", but rather an obfuscated name
similar to "KX".
3. Jobfuscate Command Line Options
|
|
Usage: jobfuscate [-options]* class*
-log:<file> -
Redirect stdout/stderr from the program to the named file. To help
create unique filenames, the following, if present in the file name,
will be substituted with the appropriate date values:
YYYY, MM, DD, HH, MM, SS
-out:<file> -
Names the JAR output file. All files that jobfuscate processes will
be placed into the output JAR file.
-x:<class> -
Excludes the named class from any class, method, or field renaming.
The '*' wildcard can be used.
-xc -
Globally excludes all classes from being renamed (and by implication,
all packages).
-xm -
Globally excludes all methods in all classes from being renamed.
-xf -
Globall excludes all fields in all classes from being renamed.
-xc:<class> -
Excludes class renaming for the classes that match the given pattern.
The '*' wildcard may be used.
-xm:<class.method> -
Excludes method renaing for the methods that match the given pattern.
The '*' wildcard may be used.
-xf:<class.field> -
Excludes field renaing for the fields that match the given pattern.
The '*' wildcard may be used.
-trial -
Forces the product to run in trial mode, which causes renaming to occur,
but the original names are appended to the names. This can be very
useful for debugging and finding out which classes you may need to
manually exclude from being obfuscated.
-sys:<class> -
Identifies which classes are system classes and not to be touched by
jobfuscate. The '*' wildcard is almost always used. For example:
-sys:java.*.
@<file> -
Each line in the file represents a command line argument. Use if
the number of options you need to specify are too long for a DOS
command line prompt.
class* -
Specify the classses that you want jobfusate to protect. Usually, you
just need to specify the 'main' class for your application, and
jobfuscate will do all the work of finding the dependency classes.
However, in some cases (like resource bundles), it may miss classes,
so just manually add those to the command line.
4. How to register and pay for Jobfuscate?
|
|
Jobfuscate is shareware. Please try it for free.
In the trial, names will be obfuscated, but will be appended with the
original name. This intentially provides no obfuscation protection,
but it allows you to see that name that would be used and verify that
your classes continue to work after being obfuscated.
You must pay for the registered version, which provides full
obfuscation protection.
Jobfuscate is no longer available for purchase
Please refer to the
license usage information page
for details.
5. No Nonsense License Agreement
|
|
Jobfuscate is shareware. That means that you may try it for free
to see if it works for you.
If you like the software enough to keep using
it, you must pay for it. If you find
anything wrong with the software, let me know and I will try to fix the
problem immediately. My entire liability for your use of this software
shall not exceed the amount you paid for the software.
You may not reverse engineer or decompile the software.
You may not modify the software in any way.
The software may not be used on adult sites nor to display adult material.
License violations will result in license termination, forfeiture of license fees, and possible prosecution.
Jobfuscate does not prevent reverse engineering of your class files; it
just makes it more difficult.
Version/Date |
Changes made in release
|
4.4a - 08/29/2013 |
· Java 7u21 compatibility work
|
4.3h - 02/25/2009 |
· uses new jexepack packager
|
4.3f - 09/25/2008 |
· added '-store' command line option (no JAR compression)
|
4.3e - 10/21/2007 |
· uses new jexepack packager
|
4.3d - 10/09/2007 |
· uses new installer
|
4.3c - 09/17/2007 |
· install folder is added into PATH environment variable
|
4.3b - 09/11/2007 |
· use new JexePack
|
4.3a - 12/29/2006 |
· updated readme.html
|
4.2a - 09/02/2006 |
· sync to JexePack 6.0a
|
4.1a - 02/17/2006 |
· exe signed by 'Duckware'
|
4.0b - 12/19/2005 |
· more java 2 vm difference work
|
4.0a - 11/29/2005 |
· work around a java 2 vm difference from a java 1 vm
|
|
3.0a - 08/31/2002 |
· major new release supports renaming all classes/methods/fields
|
|
2.0a - 04/28/2002 |
· Released with a full install program
|
|
1.2b - 11/01/2001 |
· built with latest program launcher
|
1.2a - 07/09/2001 |
· improved verbose output
· first offered for sale to the public
|
1.1a - 05/23/2001 |
· private native methods no longer obfuscated
|
1.0x - 11/23/2000 |
· first release
|
|
7. How to Modify the PATH environment variable
|
|
Installing Jobfuscate should automatically add the jobfuscate.exe installation
folder into the PATH environment variable on Windows Vista/XP/2003/2000/NT.
Windows Vista/XP/2003/2000/NT: Right click on My Computer and select Properties;
Select Advanced tab; Click on the Environment Variables button; Select
the PATH variable; Click on the Edit button.
Windows ME: Go to Start / Run / 'msconfig'; Select the 'Environment' tab;
Select the PATH variable; Click on the Edit button.
Windows 98: Find "c:\autoexec.bat" within Windows Explorer; Right click on the
file; Select 'Edit'; Modify the "SET PATH=paths line that you see;
Then reboot your computer.
|