4.1. JAVA
Thenewinstruction creates an object, but doesn’t call the constructor (it is called at offset 4).
Theset_a()method is called at offset 16.
Theafield is accessed using thegetstaticinstruction at offset 21.
4.1.17 Simple patching
First example
Let’s proceed with a simple code patching task.
public class nag
{
public static void nag_screen()
{
System.out.println("This program is not registered");
};
public static void main(String[] args)
{
System.out.println("Greetings from the mega-software");
nag_screen();
}
}
How would we remove the printing of “This program is not registered” string?
Let’s load the .class file into IDA:
Figure 4.1:IDALet’s patch the first byte of the function to 177 (which is thereturninstruction’s opcode):