标签:pos tor pil xxx iat oal val detection rop
第一步:
Java的pom.xml文件中要加入导出lib的插件。如下:
<build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <configuration> <source>1.8</source> <target>1.8</target> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-dependency-plugin</artifactId> <version>3.0.1</version> <executions> <execution> <id>copy-dependencies</id> <phase>package</phase> <goals> <goal>copy-dependencies</goal> </goals> <configuration> <outputDirectory>target/lib</outputDirectory> <excludeArtifactIds> spring-boot-devtools,junit </excludeArtifactIds> <overWriteSnapshots>true</overWriteSnapshots> </configuration> </execution> </executions> </plugin> </plugins> </build>
第二步:
执行命令 mvn clean install 执行打包。
第三步:
使用ZKM工具(一种Java里用来混淆代码的工具)进行打包。这里要注意,这个工具有两种使用方式。第一种是使用界面来混淆,第二种是用命令行来混淆。我们第一次混淆的时候使用界面,这样可以导出一个配置文件。第二次的时候就是用命令行了,直接加载这个配置文件混淆即可。
界面混淆命令:
java -jar ZKM.jar
首次混淆成功后可以导出一下配置文件:
/******************************************************************************/
/* Generated by Zelix KlassMaster 8.0.8 ZKM Script Helper 2018.08.23 15:39:22 */
/******************************************************************************/
classpath "/home/wp/jdk/lib/rt.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/async-http-client-1.9.21.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/commons-codec-1.9.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/commons-io-2.6.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/commons-logging-1.2.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/druid-0.2.9.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/ehcache-3.4.0.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/fastjson-1.2.47.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/freemarker-2.3.27-incubating.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/hamcrest-core-1.3.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/httpclient-4.5.2.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/httpcore-4.4.4.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/jackson-core-asl-1.8.8.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/jackson-mapper-asl-1.8.8.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/JavaEWAH-1.1.6.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/jsch-0.1.54.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/jzlib-1.1.1.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/kylin-kap-2.5.6.1008.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/linq4j-0.5.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/log4j-1.2.17.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/log4j-api-2.11.0.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/log4j-core-2.11.0.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/mysql-connector-java-5.1.34.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/netty-3.10.1.Final.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/org.eclipse.jgit-5.0.0.201805301535-rc2.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/parseq-2.6.34.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/redshift-jdbc42-no-awssdk-1.2.10.1009.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/slf4j-api-1.7.7.jar"
"/home/wp/Code/BaseInterface/code/BaseInterface/target/lib/slf4j-log4j12-1.7.7.jar";
open "/home/wp/Code/BaseInterface/code/BaseInterface/target/BaseInterface-0.0.1-SNAPSHOT.jar";
exclude *. and
*.* and
*.* * and
*.* *(*) and
public *.^* and
*.* public * and
*.* protected * and
*.* public *(*) and
*.* protected *(*);
obfuscateFlowExclude com.amazon.* and
com.alibaba.* and
com.googlecode.* and
com.jcraft.* and
com.linkedin.* and
com.mysql.* and
com.ning.* and
freemarker.* and
junit.* and
mozilla.* and
net.* and
org.*;
obfuscate changeLogFileIn=""
changeLogFileOut="ChangeLog.txt"
obfuscateFlow=extraAggressive
exceptionObfuscation=heavy
encryptStringLiterals=enhanced
mixedCaseClassNames=ifInArchive
aggressiveMethodRenaming=true
localVariables=keepVisibleMethodParameters
lineNumbers=delete
autoReflectionHandling=normal
obfuscateReferences=none
obfuscateReferenceStructures=inSpecialClass;
saveAll archiveCompression=all "/home/wp/Code/";
其中自动生成的trim部分要删除,这是优化代码的,没什么用。然后exclude是用来排除的。
命令行混淆的代码:
java -jar ZKM.jar 123.txt
其中123.txt就是配置文件。
第三步:
这一步就是要把混淆好的代码上传到私有仓。首先,要配置一下自己电脑Maven根目录下的conf/Setting.xml文件。配置如下:
<?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- | This is the configuration file for Maven. It can be specified at two levels: | | 1. User Level. This settings.xml file provides configuration for a single user, | and is normally provided in ${user.home}/.m2/settings.xml. | | NOTE: This location can be overridden with the CLI option: | | -s /path/to/user/settings.xml | | 2. Global Level. This settings.xml file provides configuration for all Maven | users on a machine (assuming they‘re all using the same Maven | installation). It‘s normally provided in | ${maven.conf}/settings.xml. | | NOTE: This location can be overridden with the CLI option: | | -gs /path/to/global/settings.xml | | The sections in this sample file are intended to give you a running start at | getting the most out of your Maven installation. Where appropriate, the default | values (values used when the setting is not specified) are provided. | |--> <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> <!-- localRepository | The path to the local repository maven will use to store artifacts. | | Default: ${user.home}/.m2/repository <localRepository>/path/to/local/repo</localRepository> --> <!-- interactiveMode | This will determine whether maven prompts you when it needs input. If set to false, | maven will use a sensible default value, perhaps based on some other setting, for | the parameter in question. | | Default: true <interactiveMode>true</interactiveMode> --> <!-- offline | Determines whether maven should attempt to connect to the network when executing a build. | This will have an effect on artifact downloads, artifact deployment, and others. | | Default: false <offline>false</offline> --> <!-- pluginGroups | This is a list of additional group identifiers that will be searched when resolving plugins by their prefix, i.e. | when invoking a command line like "mvn prefix:goal". Maven will automatically add the group identifiers | "org.apache.maven.plugins" and "org.codehaus.mojo" if these are not already contained in the list. |--> <pluginGroups> <!-- pluginGroup | Specifies a further group identifier to use for plugin lookup. <pluginGroup>com.your.plugins</pluginGroup> --> </pluginGroups> <!-- proxies | This is a list of proxies which can be used on this machine to connect to the network. | Unless otherwise specified (by system property or command-line switch), the first proxy | specification in this list marked as active will be used. |--> <proxies> <!-- proxy | Specification for one proxy, to be used in connecting to the network. | <proxy> <id>optional</id> <active>true</active> <protocol>http</protocol> <username>proxyuser</username> <password>proxypass</password> <host>proxy.host.net</host> <port>80</port> <nonProxyHosts>local.net|some.host.com</nonProxyHosts> </proxy> --> </proxies> <!-- servers | This is a list of authentication profiles, keyed by the server-id used within the system. | Authentication profiles can be used whenever maven must make a connection to a remote server. |--> <servers> <!-- server | Specifies the authentication information to use when connecting to a particular server, identified by | a unique name within the system (referred to by the ‘id‘ attribute below). | | NOTE: You should either specify username/password OR privateKey/passphrase, since these pairings are | used together. | <server> <id>deploymentRepo</id> <username>repouser</username> <password>repopwd</password> </server> --> <!-- Another sample, using keys to authenticate. <server> <id>siteServer</id> <privateKey>/path/to/private/key</privateKey> <passphrase>optional; leave empty if not used.</passphrase> </server> --> <server> <id>XXXX-XXXX(私有仓名称)</id> <username>XXXX-XXXX</username> <password>******</password> </server> </servers> <!-- mirrors | This is a list of mirrors to be used in downloading artifacts from remote repositories. | | It works like this: a POM may declare a repository to use in resolving certain artifacts. | However, this repository may have problems with heavy traffic at times, so people have mirrored | it to several places. | | That repository definition will have a unique id, so we can create a mirror reference for that | repository, to be used as an alternate download site. The mirror site will be the preferred | server for that repository. |--> <mirrors> <!-- mirror | Specifies a repository mirror site to use instead of a given repository. The repository that | this mirror serves has an ID that matches the mirrorOf element of this mirror. IDs are used | for inheritance and direct lookup purposes, and must be unique across the set of mirrors. | <mirror> <id>mirrorId</id> <mirrorOf>repositoryId</mirrorOf> <name>Human Readable Name for this Mirror.</name> <url>http://my.repository.com/repo/path</url> </mirror> --> <!-- 阿里云仓库 --> <mirror> <id>alimaven</id> <mirrorOf>central</mirrorOf> <name>aliyun maven</name> <url>http://maven.aliyun.com/nexus/content/repositories/central/</url> </mirror> <!-- 中央仓库1 --> <mirror> <id>repo1</id> <mirrorOf>central</mirrorOf> <name>Human Readable Name for this Mirror.</name> <url>http://repo1.maven.org/maven2/</url> </mirror> <!-- 中央仓库2 --> <mirror> <id>repo2</id> <mirrorOf>central</mirrorOf> <name>Human Readable Name for this Mirror.</name> <url>http://repo2.maven.org/maven2/</url> </mirror> </mirrors> <!-- profiles | This is a list of profiles which can be activated in a variety of ways, and which can modify | the build process. Profiles provided in the settings.xml are intended to provide local machine- | specific paths and repository locations which allow the build to work in the local environment. | | For example, if you have an integration testing plugin - like cactus - that needs to know where | your Tomcat instance is installed, you can provide a variable here such that the variable is | dereferenced during the build process to configure the cactus plugin. | | As noted above, profiles can be activated in a variety of ways. One way - the activeProfiles | section of this document (settings.xml) - will be discussed later. Another way essentially | relies on the detection of a system property, either matching a particular value for the property, | or merely testing its existence. Profiles can also be activated by JDK version prefix, where a | value of ‘1.4‘ might activate a profile when the build is executed on a JDK version of ‘1.4.2_07‘. | Finally, the list of active profiles can be specified directly from the command line. | | NOTE: For profiles defined in the settings.xml, you are restricted to specifying only artifact | repositories, plugin repositories, and free-form properties to be used as configuration | variables for plugins in the POM. | |--> <profiles> <!-- profile | Specifies a set of introductions to the build process, to be activated using one or more of the | mechanisms described above. For inheritance purposes, and to activate profiles via <activatedProfiles/> | or the command line, profiles have to have an ID that is unique. | | An encouraged best practice for profile identification is to use a consistent naming convention | for profiles, such as ‘env-dev‘, ‘env-test‘, ‘env-production‘, ‘user-jdcasey‘, ‘user-brett‘, etc. | This will make it more intuitive to understand what the set of introduced profiles is attempting | to accomplish, particularly when you only have a list of profile id‘s for debug. | | This profile example uses the JDK version to trigger activation, and provides a JDK-specific repo. <profile> <id>jdk-1.4</id> <activation> <jdk>1.4</jdk> </activation> <repositories> <repository> <id>jdk14</id> <name>Repository for JDK 1.4 builds</name> <url>http://www.myhost.com/maven/jdk14</url> <layout>default</layout> <snapshotPolicy>always</snapshotPolicy> </repository> </repositories> </profile> --> <!-- | Here is another profile, activated by the system property ‘target-env‘ with a value of ‘dev‘, | which provides a specific path to the Tomcat instance. To use this, your plugin configuration | might hypothetically look like: | | ... | <plugin> | <groupId>org.myco.myplugins</groupId> | <artifactId>myplugin</artifactId> | | <configuration> | <tomcatLocation>${tomcatPath}</tomcatLocation> | </configuration> | </plugin> | ... | | NOTE: If you just wanted to inject this configuration whenever someone set ‘target-env‘ to | anything, you could just leave off the <value/> inside the activation-property. | <profile> <id>env-dev</id> <activation> <property> <name>target-env</name> <value>dev</value> </property> </activation> <properties> <tomcatPath>/path/to/tomcat/instance</tomcatPath> </properties> </profile> --> <profile> <id>shinho-datalake</id> <repositories> <repository> <id>XXXX-XXXX(私有仓名称)</id> <name>XXXX-XXXX(私有仓名称)</name> <url>http://XXX.XXX.XX.XX:port/repository/XXXX-XXXX(私有仓名称)/</url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>true</enabled> </snapshots> </repository> </repositories> </profile> </profiles> <!-- activeProfiles | List of profiles that are active for all builds. | <activeProfiles> <activeProfile>alwaysActiveProfile</activeProfile> <activeProfile>anotherAlwaysActiveProfile</activeProfile> </activeProfiles> --> </settings>
主要是加了一个<server>节点,用来配置账号名和密码,还有最底下的<profile>,用来配置私有仓地址。
这一步完成了之后,我们就可以使用Maven命令行来上传jar包到私有仓了。
mvn deploy:deploy-file -DgroupId=com.xxx.bi -DartifactId=baseinterface -Dversion=$1 -Dpackaging=jar -Dfile=/home/wp/Code/BaseInterface-0.0.1-SNAPSHOT.jar -Durl=http://xxx.xxx.xx.xx:port/repository/XXXX-XXXX/ -DrepositoryId=XXXX-XXXX
当然,这样的步骤全部加起来可以放到一个shell里,很方便的。
cd /home/wp/Code
rm BaseInterface-0.0.1-SNAPSHOT.jar
cd /home/wp/Code/BaseInterface/code/BaseInterface
mvn clean install
echo "1123"
cd /home/wp/ZKM
java -jar ZKM.jar 123.txt
echo "321"
mvn deploy:deploy-file -DgroupId=com.xxx.bi -DartifactId=baseinterface -Dversion=$1 -Dpackaging=jar -Dfile=/home/wp/Code/BaseInterface-0.0.1-SNAPSHOT.jar -Durl=http://xxx.xxx.xx.xx:port/repository/XXXX-XXXX/ -DrepositoryId=XXXX-XXXX
其中$1是参数,在使用这个shell的时候是这样的。
./zkm.sh 1.0.0-TEST
后面的参数是打包的版本号。
最后,在简单的写一下ZKM界面的应用方式:
标签:pos tor pil xxx iat oal val detection rop
原文地址:https://www.cnblogs.com/wpcnblog/p/9531201.html