Duckware
 You are here: Duckware » Jobfuscate   Contact us  

  JobfuscateTM 4.4a
Protect JavaTM .class files from prying eyes
An easy to use Java obfuscator that works!
 

 
  1. What is Jobfuscate?
Jobfuscate Manual Index
1. What is Jobfuscate
2. Using Jobfuscate
3. Command Line Options
4. How to register/order
5. License Agreement
6. Release History
7. How to modify PATH var
Jobfuscate allows software developers to obfuscate (protect) their Java class files. Otherwise, without protection, anyone could use a Java decompiler to effectively get back your Java source code!

We wrote Jobfuscate out of our frustration using other commercial Java obfuscators. We tried many products and not one worked for our Java code! Our protected programs would simply not run! That last thing we needed (and you as a software developer) is to track down bugs that are not yours, but a result of obfuscation.

Jobfuscate
The Problem: Java class files contain lots of symbolic information from your source code, including all variable names and method names that you used in your source code! This symbolic information allows Java decompilers to very effectively reconstruct your source code with the variable names you used. If you have not used a Java decompiler, get one and try it out and you will be amazed. Without obfuscation protection, you are giving away your source code when you ship Java class files.

The Solution: Remove all symbolic information that can be removed. Jobfuscate allows you to use fully descriptive variable names and method names in your Java code. It then renames your classes, variables and methods to meaningless names. No attempt is made to alter the Java byte code because that is where all other obfuscators cause bugs for you to track down.

Program Requirements:
  • Microsoft Windows Vista/XP/2003/2000/Me/98
  • Sun's Java Runtime Environment 1.5 (or later) installed
 
  2. Using Jobfuscate
Jobfuscate.exe is a command line tool that allows it to be easily integrated into scripts and Java development environments. When run with no arguments from the command line, the following help is displayed:

Duckware (R) Java Class Obfuscator Registered Version 4.4a (build 4662)
Copyright (c) Duckware 2000-2013. All rights reserved.

Usage: jobfuscate [-options]* class*

    -log:<file>           redirects stdout/stderr to file
    -out:<file>           names output jar file (default: java.jar)
    -store                no compression in jar file
    -x:<class>            no class/method/field renaming in class
    -xc                   exclude all class renaming
    -xm                   exclude all method renaming
    -xf                   exclude all field renaming
    -xc:<class>           exclude class renaming by pattern
    -xm:<class.method>    exclude method renaming by pattern
    -xf:<class.field>     exclude field renaming by pattern
    -trial                runs in trial mode (for debugging)
    -sys:<class>          identifies system classes by pattern
    -serializable:<type>  type = off|relaxed|strict
    @<file>               each line in <file> is an option
    class                 main class file, plus other class files

Example:
  set classpath=c:\test
  jobfuscate -x:acme.* -xc -xm:io.*.run myprog.main

Getting Started: The easiest way to use Jobfuscate is to use it as in this example:
  set classpath=c:\test
  jobfuscate -x:acme.* -xc -xm:io.*.run myprog.main
Namely, first configure a CLASSPATH so that a "java yourprog.main" works, then second just type "jobfuscate yourprog.main".

Jobfuscate will automatically find all dependency classes. However, under certain circumstances (dynamic class loading; resource bundles), this automatic discovery may fail to find all classes for your application. So, carefully review the class files found by jobfuscate and just add any classes to the command line that were missed by jobfuscate.

Output: The output from running jobfuscate is a detailed log of changes to class files. It is recommended that you redirect the output to a file (or use the -log:<file> command line option) so that you have a record of what changes were made to class files. For example:
jobfuscate MyProg.Main >output.log
jobfuscate -log:YYYYMMDD-HHMMSS.log MyProg.Main
If your product prints stack traces when error conditions occur, this output file will be invaluable to aid mapping obfuscated method names in stack traces back into method names used in your source code.

Reflection: If your Java program uses reflection, be sure to exclude those classes from being obfuscated by using the "-x:<class>" command line option.

Serialization: Any class that implements the java.io.Serializable interface will automatically be excluded from obfuscation.

Class.forName(): Using "Class.forName()" in your code will work just fine! However, remember that if you use a class "getName()" that the obfuscated class name will be returned. Namely, a "Class.forName("Testing").getName()" will not return "Testing", but rather an obfuscated name similar to "KX".
 
  3. Jobfuscate Command Line Options
Usage: jobfuscate [-options]* class*

-log:<file> - Redirect stdout/stderr from the program to the named file. To help create unique filenames, the following, if present in the file name, will be substituted with the appropriate date values: YYYY, MM, DD, HH, MM, SS

-out:<file> - Names the JAR output file. All files that jobfuscate processes will be placed into the output JAR file.

-x:<class> - Excludes the named class from any class, method, or field renaming. The '*' wildcard can be used.

-xc - Globally excludes all classes from being renamed (and by implication, all packages).

-xm - Globally excludes all methods in all classes from being renamed.

-xf - Globall excludes all fields in all classes from being renamed.

-xc:<class> - Excludes class renaming for the classes that match the given pattern. The '*' wildcard may be used.

-xm:<class.method> - Excludes method renaing for the methods that match the given pattern. The '*' wildcard may be used.

-xf:<class.field> - Excludes field renaing for the fields that match the given pattern. The '*' wildcard may be used.

-trial - Forces the product to run in trial mode, which causes renaming to occur, but the original names are appended to the names. This can be very useful for debugging and finding out which classes you may need to manually exclude from being obfuscated.

-sys:<class> - Identifies which classes are system classes and not to be touched by jobfuscate. The '*' wildcard is almost always used. For example: -sys:java.*.

@<file> - Each line in the file represents a command line argument. Use if the number of options you need to specify are too long for a DOS command line prompt.

class* - Specify the classses that you want jobfusate to protect. Usually, you just need to specify the 'main' class for your application, and jobfuscate will do all the work of finding the dependency classes. However, in some cases (like resource bundles), it may miss classes, so just manually add those to the command line.

 
  4. How to register and pay for Jobfuscate?
Jobfuscate is shareware. Please try it for free. In the trial, names will be obfuscated, but will be appended with the original name. This intentially provides no obfuscation protection, but it allows you to see that name that would be used and verify that your classes continue to work after being obfuscated. You must pay for the registered version, which provides full obfuscation protection.
Jobfuscate is no longer available for purchase
Please refer to the license usage information page for details.
 
  5. No Nonsense License Agreement
Jobfuscate is shareware. That means that you may try it for free to see if it works for you. If you like the software enough to keep using it, you must pay for it. If you find anything wrong with the software, let me know and I will try to fix the problem immediately. My entire liability for your use of this software shall not exceed the amount you paid for the software. You may not reverse engineer or decompile the software. You may not modify the software in any way. The software may not be used on adult sites nor to display adult material. License violations will result in license termination, forfeiture of license fees, and possible prosecution. Jobfuscate does not prevent reverse engineering of your class files; it just makes it more difficult.
 
  6. Release History
Version/Date    Changes made in release
4.4a - 08/29/2013  · Java 7u21 compatibility work
4.3h - 02/25/2009  · uses new jexepack packager
4.3f - 09/25/2008  · added '-store' command line option (no JAR compression)
4.3e - 10/21/2007  · uses new jexepack packager
4.3d - 10/09/2007  · uses new installer
4.3c - 09/17/2007  · install folder is added into PATH environment variable
4.3b - 09/11/2007  · use new JexePack
4.3a - 12/29/2006  · updated readme.html
4.2a - 09/02/2006  · sync to JexePack 6.0a
4.1a - 02/17/2006  · exe signed by 'Duckware'
4.0b - 12/19/2005  · more java 2 vm difference work
4.0a - 11/29/2005  · work around a java 2 vm difference from a java 1 vm
3.0a - 08/31/2002  · major new release supports renaming all classes/methods/fields
2.0a - 04/28/2002  · Released with a full install program
1.2b - 11/01/2001  · built with latest program launcher
1.2a - 07/09/2001  · improved verbose output
· first offered for sale to the public
1.1a - 05/23/2001  · private native methods no longer obfuscated
1.0x - 11/23/2000  · first release
 
  7. How to Modify the PATH environment variable
Installing Jobfuscate should automatically add the jobfuscate.exe installation folder into the PATH environment variable on Windows Vista/XP/2003/2000/NT.

Windows Vista/XP/2003/2000/NT: Right click on My Computer and select Properties; Select Advanced tab; Click on the Environment Variables button; Select the PATH variable; Click on the Edit button.

Windows ME: Go to Start / Run / 'msconfig'; Select the 'Environment' tab; Select the PATH variable; Click on the Edit button.

Windows 98: Find "c:\autoexec.bat" within Windows Explorer; Right click on the file; Select 'Edit'; Modify the "SET PATH=paths line that you see; Then reboot your computer.

Copyright © 2000-2024 Duckware