Java Decompilation

From FamiLAB Wiki
Revision as of 18:38, 18 August 2011 by Chorca (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Sun's Java programming language was unintentionally(?) designed to compile into bytecode which is easily reversible and even contains meaningful variable names. It's practically open source.

Decompilers

  • Jad
    • MIA, executables still available, still a great decompiler
    • Jadclipse plugin for Eclipse, you can try to open a .class file, and it will take 2 seconds to decompile and display the source code, like magic.
  • others?

Doors Opened

  • Apache Tomcat
    • Tomcat is Apache's Java web 'servlet' system. Weird string concatenation, and system access or whatever. For people who are used to java and want to develop web applications, they use tomcat.
    • directories/filenames in Tomcat do not mean directories or filenames at all. They mean something completely different. If you can get access to the .class files to decompile them, you can get a better understanding of what those variables really are.
  • Browser Applets
    • .jar files are just zip files that contain a directory structure that very easy to use and decompile. Recompiling might be a little harder, and maybe I should work on figuring that out!
    • Tomcat devs sometimes keep their client (applet) and server (servlet) code together in their codebases, and accidentally drop vital information in the applet .jar files. logins, test servers, secret files, etc.