sábado, 22 de agosto de 2015

Changing the Language Rules

For years we have seen countless attacks on various platforms, in this case explain one in Java, which can be reproduced in other languages ​​and platforms; all developers and security analysts take for granted the fact that if programs well your code can keep you safe, the truth is not true, everything can be transformed from something immutable to something mutable, and then changed into what you want now reflections support the many languages ​​among them are Java, JavaScript, Objective-C, Perl, PHP, Python, R, Ruby, C# and others.

Just imagine what would happen if an application could change the default Java or may access protected and hidden features, imagine that someone makes are the other way round Boolean = false true, false = true, the numbers have different values 0 = 1, 2 = 0, etc., or worse to a function FINAL or PRIVATE and it is not, is really simple, this is possible and someone will make a large scale, but it is already doing.

Below we will show some pictures that prove and describe our Morpher lib.

An class on other package

Runtime modification

Morpher library

Tests

The truth is only one, can change whatever we want wherever we want, modify constructors, methods and fields and be turned on hooking classes/methods, overwrite classes/methods and bypass more things on the source code at runtime.

No hay comentarios: