Commercial + java. Huh?
Being a semi-interpreted language (I'm not trying to start a religious war here), copy protection of java based software seems pretty lame at the moment (forever??). Yes, there are obfuscators out there, but at the end of the day, the .class files have to be processed by a JVM, leaving little to hide.
Now people have lots of reasons for decompiling, not all of them nefarious and in my case recently, I just wanted to see what the hell the code was actually doing, as well as make a note of any open source libraries used. Being provided with a Mac OS X app bundle, you first need to explore the contents (right click - Show Package Contents and the java files should be in Resources somewhere. Don't forget a .jar is just a .zip). Once you've found the goodies, you can start the decompilation process. My needs for a decompiling this particular app were simple: process a large number of class files in batch, keeping the directory structure intact, so that I could then use NetBeans to debug it as a new project.
There are number of tools out there to decompile Java, and a great one that has a neat GUI interface is Monsieur Emmanuel Dupuy's straightforwardly named 'JD-GUI'. While it produces nice looking code, deals with Java 6, and has a good interface, it only works on one .jar or .class file at a time. It's written in C++ using wxWidgets, which accounts for its speed. One great feature is that you can now take a whole .jar and save all its sources in a zip file with one click. Unfortunately, the author has no plans at this stage to release the code, or, maybe more usefully, 'JD-Core', the C++ library that does all the hard work, so for big java decompilation jobs, you'll have to go elsewhere unless you can be bothered decompiling each .jar individually. You can get JD-GUI at http://java.decompiler.free.fr/
The venerable JAD decompiler by Pavel Kouznetsov has been around forever, but is strangely now very difficult to find. The original domain kpdus.com has gone, but Tomas Varaneckas has kindly tracked it all down and is hosting all the versions on his own site at http://www.varaneckas.com/jad.
OK....armed with JAD, I began the task. A good process is a repeatable process, so here's a quick guide for anyone inclined to muck around with their own java decompilation.
1) Copy your compiled java directories somewhere new - jad can break stuff if you're not careful
2) Run jad using a few special options to recursively get all the .class files, rename the default suffix of the decompiled code from .jad to .java, and put the source code somewhere OUTSIDE the .class directories. Here's a bash script I wrote to do all this quickly:
#!/bin/bash
# use jad Java decompiler recursively on all 3 class dirs,
# putting .java files into ./src
# options are:
# -o overwrite without confirmation BE CAREFUL IN PRODUCTION DIR
# -r recursive .classs search
# -s append .java instead of .jad. BE CAREFULE IN PRODUCTION DIR
# -d the directory you want decompiled INTO eg. src
# Last parm: the files you want to decompile
# com/**/*.class = in dir com, ALL child directories, all .class files.
~/Desktop/jad158g/jad -o -r -sjava -dsrc com/**/*.class
~/Desktop/jad158g/jad -o -r -sjava -dsrc nmfl/**/*.class
~/Desktop/jad158g/jad -o -r -sjava -dsrc org/**/*.class
echo Finished decompiling com, nmfl, org.
The ** operator is interesting: it tells jad to recursively go as many layers deep as it need to pickup all the class file.
While the script runs, you'll probably get a few message saying jad couldn't completely interpret some things eg. try { catch { stuff, and some specific IO things in particular. I'm not sure if this is Java 6 specific or not.
Once you've run this script, go into the ./src directory and look at your nice new .java files. You'll get a new little header comment telling you Jad decompiled this work. Ignore the link - kpdus.com is no more.
Decompilation is great, but if the code's been obfuscated, you've still got a bit more work on your hand. I'm no expert at the obfuscation side of things, so I'll put my project into NetBeans, have some guesses at the bizarre class names (d4eJH etc). and maybe do some refactoring if I can work out what's going on.....
Stay tuned!
Now people have lots of reasons for decompiling, not all of them nefarious and in my case recently, I just wanted to see what the hell the code was actually doing, as well as make a note of any open source libraries used. Being provided with a Mac OS X app bundle, you first need to explore the contents (right click - Show Package Contents and the java files should be in Resources somewhere. Don't forget a .jar is just a .zip). Once you've found the goodies, you can start the decompilation process. My needs for a decompiling this particular app were simple: process a large number of class files in batch, keeping the directory structure intact, so that I could then use NetBeans to debug it as a new project.
There are number of tools out there to decompile Java, and a great one that has a neat GUI interface is Monsieur Emmanuel Dupuy's straightforwardly named 'JD-GUI'. While it produces nice looking code, deals with Java 6, and has a good interface, it only works on one .jar or .class file at a time. It's written in C++ using wxWidgets, which accounts for its speed. One great feature is that you can now take a whole .jar and save all its sources in a zip file with one click. Unfortunately, the author has no plans at this stage to release the code, or, maybe more usefully, 'JD-Core', the C++ library that does all the hard work, so for big java decompilation jobs, you'll have to go elsewhere unless you can be bothered decompiling each .jar individually. You can get JD-GUI at http://java.decompiler.free.fr/
The venerable JAD decompiler by Pavel Kouznetsov has been around forever, but is strangely now very difficult to find. The original domain kpdus.com has gone, but Tomas Varaneckas has kindly tracked it all down and is hosting all the versions on his own site at http://www.varaneckas.com/jad.
Let the decompilation begin...
OK....armed with JAD, I began the task. A good process is a repeatable process, so here's a quick guide for anyone inclined to muck around with their own java decompilation.
1) Copy your compiled java directories somewhere new - jad can break stuff if you're not careful
2) Run jad using a few special options to recursively get all the .class files, rename the default suffix of the decompiled code from .jad to .java, and put the source code somewhere OUTSIDE the .class directories. Here's a bash script I wrote to do all this quickly:
#!/bin/bash
# use jad Java decompiler recursively on all 3 class dirs,
# putting .java files into ./src
# options are:
# -o overwrite without confirmation BE CAREFUL IN PRODUCTION DIR
# -r recursive .classs search
# -s append .java instead of .jad. BE CAREFULE IN PRODUCTION DIR
# -d the directory you want decompiled INTO eg. src
# Last parm: the files you want to decompile
# com/**/*.class = in dir com, ALL child directories, all .class files.
~/Desktop/jad158g/jad -o -r -sjava -dsrc com/**/*.class
~/Desktop/jad158g/jad -o -r -sjava -dsrc nmfl/**/*.class
~/Desktop/jad158g/jad -o -r -sjava -dsrc org/**/*.class
echo Finished decompiling com, nmfl, org.
The ** operator is interesting: it tells jad to recursively go as many layers deep as it need to pickup all the class file.
While the script runs, you'll probably get a few message saying jad couldn't completely interpret some things eg. try { catch { stuff, and some specific IO things in particular. I'm not sure if this is Java 6 specific or not.
Once you've run this script, go into the ./src directory and look at your nice new .java files. You'll get a new little header comment telling you Jad decompiled this work. Ignore the link - kpdus.com is no more.
Decompilation is great, but if the code's been obfuscated, you've still got a bit more work on your hand. I'm no expert at the obfuscation side of things, so I'll put my project into NetBeans, have some guesses at the bizarre class names (d4eJH etc). and maybe do some refactoring if I can work out what's going on.....
Stay tuned!
Comments
Post a Comment