Tweet
Tweet

Slide 1

Slide 1 text

Keep calm, it’s reverse engineering time Alissa Bonas @mikeyteva

Slide 2

Slide 2 text

“Run Forrest, Run” Alissa Bonas @ Midwest.io 2015

Slide 3

Slide 3 text

When is it needed? ● Add a new feature ● Fix a bug ● Investigate an issue in a production environment ● Maintaining legacy code ● Integration with another system or component Alissa Bonas @ Midwest.io 2015

Slide 4

Slide 4 text

A whole new world Alissa Bonas @ Midwest.io 2015

Slide 5

Slide 5 text

“My momma always said, life was like a box of chocolates. You never know what you’re gonna get” Alissa Bonas @ Midwest.io 2015

Slide 6

Slide 6 text

How can we succeed here? Alissa Bonas @ Midwest.io 2015

Slide 7

Slide 7 text

The easiest way Ask the person who developed it Alissa Bonas @ Midwest.io 2015

Slide 8

Slide 8 text

Alissa Bonas @ Midwest.io 2015

Slide 9

Slide 9 text

However... Alissa Bonas @ Midwest.io 2015

Slide 10

Slide 10 text

Alissa Bonas @ Midwest.io 2015 Is it an open source project? ● Check the docs / wiki ● Ask in the community ○ mailing list ○ forum ○ irc ○ open an issue / ticket with a question

Slide 11

Slide 11 text

Alissa Bonas @ Midwest.io 2015

Slide 12

Slide 12 text

Back to basics ● Technology / Programming language ● Source control ● Running tests ● Build / Run / Deploy Alissa Bonas @ Midwest.io 2015

Slide 13

Slide 13 text

Detecting languages example

Slide 14

Slide 14 text

Look for hints ● File extensions ● .gitignore ● README.md Alissa Bonas @ Midwest.io 2015

Slide 15

Slide 15 text

Look for more hints ● pom.xml / build.xml ● Gemfile / gemspec ● Requirements.txt / setup.py ● bower.json Alissa Bonas @ Midwest.io 2015

Slide 16

Slide 16 text

Scope the task Alissa Bonas @ Midwest.io 2015

Slide 17

Slide 17 text

Minor changes ● Fix typos ● Add more info to a log statement ● Persist a field that already exists in an object Alissa Bonas @ Midwest.io 2015

Slide 18

Slide 18 text

In search we trust ● Search for strings in the code repository ● Search existing logs for object names Alissa Bonas @ Midwest.io 2015

Slide 19

Slide 19 text

Medium size changes ● Add a new field to an object / model ○ process and persist ○ use it in all code layers ● Upgrade the version of a third party library ○ regression is your nemesis ○ minor version upgrade != major version upgrade Alissa Bonas @ Midwest.io 2015

Slide 20

Slide 20 text

Follow the trail ● Follow existing fields to understand the flow ● Follow the tests ○ learn how to add new tests ○ check if tests pass after code changes Alissa Bonas @ Midwest.io 2015

Slide 21

Slide 21 text

Major changes ● Refactor a module / component ● Add a new functionality which requires a deep understanding of the system ● Performance is key and must not be harmed Alissa Bonas @ Midwest.io 2015

Slide 22

Slide 22 text

The need to distill ● Architecture of the system ● Understand the relevant flows and use cases Alissa Bonas @ Midwest.io 2015

Slide 23

Slide 23 text

Number 1 factor is... Alissa Bonas @ Midwest.io 2015

Slide 24

Slide 24 text

Time Alissa Bonas @ Midwest.io 2015

Slide 25

Slide 25 text

Alissa Bonas @ Midwest.io 2015

Slide 26

Slide 26 text

Goal: Identify entry points ● UI / REST / Backend ● Class hierarchy ● Identify and learn frameworks Alissa Bonas @ Midwest.io 2015

Slide 27

Slide 27 text

Get to know the code better ● Is there a dependency injection mechanism? ● How do the components communicate ● Configuration keys to enable more info in the logs Alissa Bonas @ Midwest.io 2015

Slide 28

Slide 28 text

Get to know the system better ● Identify persistency ○ data store type ○ how the data is stored ● Know your container ○ web server ○ application server Alissa Bonas @ Midwest.io 2015

Slide 29

Slide 29 text

Product configuration files ● Search for static files location ● Check how they are used and changed ○ directly ○ loaded into the database Alissa Bonas @ Midwest.io 2015

Slide 30

Slide 30 text

Multi process system ● Identify the processes ● How do they communicate with each other ● High availability / symmetric Alissa Bonas @ Midwest.io 2015

Slide 31

Slide 31 text

Multithreaded considerations ● Sync or async code flow ● Usage of thread pools Alissa Bonas @ Midwest.io 2015

Slide 32

Slide 32 text

After several iterations ● Create a sequence diagram ● UML ● Understand ○ the main path ○ fallback, retries, etc. Alissa Bonas @ Midwest.io 2015

Slide 33

Slide 33 text

Iterating over the code is like solving a puzzle Alissa Bonas @ Midwest.io 2015

Slide 34

Slide 34 text

Alissa Bonas @ Midwest.io 2015

Slide 35

Slide 35 text

Creating anchors “In climbing, a piton (/ˈpiːtɒn/; also called a pin or peg) is a metal spike (usually steel) that is driven into a crack or seam in the rock with a hammer, and which acts as an anchor to protect the climber against the consequences of a fall, or to assist progress in aid climbing” (wikipedia) Alissa Bonas @ Midwest.io 2015

Slide 36

Slide 36 text

Creating anchors ● Read the code ● If we can debug - put breakpoints ● Read existing logs ● Understand through unitests Alissa Bonas @ Midwest.io 2015

Slide 37

Slide 37 text

Creating anchors continued ● Change the log level ● Add more logging statements ● Check history in source control - commits and comments Alissa Bonas @ Midwest.io 2015

Slide 38

Slide 38 text

Creating anchors - IDE Bookmarks Alissa Bonas @ Midwest.io 2015

Slide 39

Slide 39 text

Creating anchors - the analog way ● Works too! Alissa Bonas @ Midwest.io 2015

Slide 40

Slide 40 text

Backend Alissa Bonas @ Midwest.io 2015

Slide 41

Slide 41 text

Example - utilities to explore the JVM ● JConsole ● VisualVM ● (more tools exist) Alissa Bonas @ Midwest.io 2015

Slide 42

Slide 42 text

Getting more hints ● Explore threads names ● Take a thread dump - explore thread source ● Take a heap dump - explore classes ● Check which objects a map/list/set contains Alissa Bonas @ Midwest.io 2015

Slide 43

Slide 43 text

Hint on the database Hint on the scheduler Alissa Bonas @ Midwest.io 2015

Slide 44

Slide 44 text

Network analyzer / packet sniffer ● Software that intercepts and logs traffic ○ decodes data ○ shows packet fields ● For example - Wireshark ● Define filters for efficiency Alissa Bonas @ Midwest.io 2015

Slide 45

Slide 45 text

Example Alissa Bonas @ Midwest.io 2015

Slide 46

Slide 46 text

Goal ● Send a SOA envelope to a service ● Sender - Ruby code ● Target - Java SOA service Alissa Bonas @ Midwest.io 2015

Slide 47

Slide 47 text

Reports Engine 1 Reports Engine 2 Reports Engine 3 UI Reports Engine 4 http /engine1 http /engine2 http /engine3 http /engine4 SOA Tomcat SOA SOA SOA SOA Alissa Bonas @ Midwest.io 2015

Slide 48

Slide 48 text

Steps ● Basic understanding what SOA is ● Intercept traffic of the existing Java code ● Learn how a SOA envelope should look like ● Write Ruby code to create a SOA envelope Alissa Bonas @ Midwest.io 2015

Slide 49

Slide 49 text

Frontend Alissa Bonas @ Midwest.io 2015

Slide 50

Slide 50 text

Frontend ● Which libraries are used ● Search for strings / translation files ● Search for icon files location and usage ● Learn how UI calls backend Alissa Bonas @ Midwest.io 2015

Slide 51

Slide 51 text

Browser developer tools ● FireBug ● Chrome developer tools Alissa Bonas @ Midwest.io 2015

Slide 52

Slide 52 text

Following the code ● Which css and js are downloaded ● Add watches in the script tab ● Use ‘debugger;’ to set a breakpoint ● Inspect elements Alissa Bonas @ Midwest.io 2015

Slide 53

Slide 53 text

Inspect the logo 32px * 32px SVG info Alissa Bonas @ Midwest.io 2015

Slide 54

Slide 54 text

Following network requests Alissa Bonas @ Midwest.io 2015

Slide 55

Slide 55 text

Analyzing response Alissa Bonas @ Midwest.io 2015

Slide 56

Slide 56 text

Analyzing response - zoom in JSON response Alissa Bonas @ Midwest.io 2015

Slide 57

Slide 57 text

Analyzing response - zoom in JSON response Alissa Bonas @ Midwest.io 2015

Slide 58

Slide 58 text

Useful options ● Network tab ● Copy as curl ● Copy response ● Copy link address Alissa Bonas @ Midwest.io 2015

Slide 59

Slide 59 text

REST Client ● Learn how REST API is designed Alissa Bonas @ Midwest.io 2015

Slide 60

Slide 60 text

In short...

Slide 61

Slide 61 text

Alissa Bonas @ Midwest.io 2015

Slide 62

Slide 62 text

Thank you! @mikeyteva

Slide 63

Slide 63 text

Graphics credits ● Signpost by Lubos Volkov ● Clock by Kid Mountain ● Idea by Matt Wasser ● Gauge by Joel Avery from the Noun Project ● Tomcat-logo by The Apache Tomcat Project Team ● Loop by useiconic.com from the Noun Project ● Magnifying Glass by Musket from the Noun Project ● Puzzle Piece by icon 54 from the Noun Project ● Writing by Creative Stall from the Noun Project ● Sherlock by James Keuning, the Noun Project ● Twitter by Lubos Volkov, the Noun Project ● Mug by Alex Getty from the Noun Project ● Diamond by MarkieAnn Packer from the Noun Project ● Questions by Rediffusion from the Noun Project ● Movies posters - http://www.impawards.com/