Zelix KlassMaster - Java Obfuscator

Java String Encryption

When a competitor or hacker decompiles an obfuscated application, they will use any clue they can to locate the classes of interest to them. The string literals that are embedded in your application provide critical insights. These literals may be:
  • The text of the labels or other GUI components on your dialogs,
  • The text of your error messages,
  • The text of your exception messages.
The competitor or hacker decompiles all your classes then performs simple string searches on the generated source code.

Zelix KlassMaster's String Encryption technology encrypts your String literals where they are stored in the Constant Pools of your class files. It then adds fragments of code to your classes so that your Strings are decrypted at runtime. See the examples below. However, note that Zelix KlassMaster's String Encryption isn't and cannot be fundamentally irreversible.

Bytecode name obfuscated then decompiled 


void a(String s) {
    if(!s.equals(a()))
        throw new SecurityException("Wrong Password");
    else
        return;
}

Bytecode String Encrypted then decompiled 

void a(String s) {
    if(!s.equals(a()))
        throw new SecurityException(b(c("N\001\177\022k9#q\017\177n\034b\030")));
    else
        return;
}