Intro

Byteman helps to insert code and change stuff on the run – after compiling, therefore – Java Code. This is quite interesting.

Byteman

Byteman can be downloaded from here and have some good tutorials here

To execute:

Well, we just run java with the agent:

java -javaagent:/path/byteman.jar=script:myrule.btm [-jar] [application] [arguments]

           WARNING THE -JAR AND THE APPLICATION ARE THE LAST ARGUMENTS!

Rule – basic

RULE Make it me

CLASS Hello

METHOD main

AT ENTRY

IF TRUE

DO args[0] = “Andrew”;

ENDRULE

      This rule is gonna replace the first argument in args by Andrew, who is the guy that made the presentation.

Rule – adv by patching in a real method

1. RULE trace ClientSocketFactory
2. CLASS org.jboss.security.ssl.ClientSocketFactory
3. METHOD <init>
4. IF true
5. DO traceStack(“Invoking constructor of ClientSocketFactory\n”, 20)
6. ENDRULE

This rule basically creates a stack trace of  20 lines when the invocation of the init method of ClientSocketFactory.

Other apps

Other apps can be used combined with Byteman so then we can see more stuff, Thermostat is a good one. I’ll add more on this later.

REFs

[1] Byteman.jboss.org

[2] Andrew Dinn youtube vide on DevNation 2016

[3] Programmer’s Guide is quite interesting and clarifying especially for traceStack.