Intro
Byteman helps to insert code and change stuff on the run – after compiling, therefore – Java Code. This is quite interesting.
Byteman
Byteman can be downloaded from here and have some good tutorials here
To execute:
Well, we just run java with the agent:
java -javaagent:/path/byteman.jar=script:myrule.btm [-jar] [application] [arguments]
WARNING THE -JAR AND THE APPLICATION ARE THE LAST ARGUMENTS!
Rule – basic
RULE Make it me
CLASS Hello
METHOD main
AT ENTRY
IF TRUE
DO args[0] = “Andrew”;
ENDRULE
This rule is gonna replace the first argument in args by Andrew, who is the guy that made the presentation.
Rule – adv by patching in a real method
- RULE trace ClientSocketFactory
- CLASS org.jboss.security.ssl.ClientSocketFactory
- METHOD <init>
- IF true
- DO traceStack(“Invoking constructor of ClientSocketFactory\n”, 20)
- ENDRULE
This rule basically creates a stack trace of 20 lines when the invocation of the init method of ClientSocketFactory.
Other apps
Other apps can be used combined with Byteman so then we can see more stuff, Thermostat is a good one. I’ll add more on this later.
REFs
[1] Byteman.jboss.org
[2] Andrew Dinn youtube vide on DevNation 2016
[3] Programmer’s Guide is quite interesting and clarifying especially for traceStack.