I'm diving into a university final project focused on debugging JVM bytecode from production applications, especially when that bytecode has been stripped of debugging information (like what's found in release JARs). I'm looking for insights on specific use cases for manual dynamic analysis of this type of bytecode, particularly when the original source code isn't available. Has anyone here faced similar challenges? What tools do you typically rely on, both public and in-house? Also, it seems tools like ProGuard often strip down debug info in these scenarios. Have you encountered any helpful strategies to work around that?
1 Answer
I've dealt with a challenge similar to this during my dissertation. I had to modify an existing Android app using reverse engineering without the source code. The technique I developed involved extracting specific functions or classes and getting them into a compilable state. I could recompile my new code alongside the already compiled code, letting me work on specific parts without needing to decompile the entire app.
For example, if I wanted to implement a new functionality, I’d find a way to insert a new function call that delegates to a static method. For manual dynamic analysis, you could look into Java Agents, which can modify bytecode at runtime. Tools like ByteBuddy can be useful for this. I can see potential for building basic debug tools around these methodologies!
That's fascinating! Did you find that Java Agents allowed for more flexibility when modifying classes during runtime? I'm curious how complexities scale when hooking methods. How did you manage the trade-off between ease of engineers' usage and potential system manipulation?