Greetings Geeks,
So i am not sure if i mentioned this previously, i'v been making good money for some period of time off of reverse engineering some popular Java based MMORPG , so of course i had to be good in reverse engineering generally and an expert in Java's specifically , for that i will throw in one very trivial and light exercise to test the capabilities of whoever is interested in this as ill be pasting the answer soon, and in case few were interested , this will persist and higher level exercises and answers would be posted by then =]
PS: this kind of contribution and what's coming next is going to be a bit risky , its just sharing nice security knowledge, so if interested don't abuse too much, just a little , be ethical as much as possible :):).
ReverseMe.java
public class ReverseMe
{
private final boolean success;//false by default
private boolean isLoginSuccessful()
{
return success;
}
}
Compile that into ReverseMe.class, and consider you don't have source and consider its obfuscated (Scrambled bytecode, real application case) so if you decompile it ,it will throw errors and wont decompile properly,and you are not permitted to write the whole source again for sure, because in a real application a class depends on many other classes /libs which are obfuscated as well ,so how are you going to hack that part of this simple app and bypass the login =)?
This exercise is due to 12/25/2011 , after that period , the answer will be posted if no one was able to come up with a solution