EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 11-06-2010, 17:09
ChupaChu's Avatar
ChupaChu ChupaChu is offline
Friend
 
Join Date: Dec 2007
Posts: 38
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
ChupaChu Reputation: 0
Arrow java cracking

I have run into interesting program.. its registration algorithms are completely in java, so I used IDA to disassemble a class file named something like "license_check.class" and it looks very easy to crack it.. but i did not know java opcodes, so i googled it up here:
http://en.wikipedia.org/wiki/Java_bytecode_instruction_listings

I'm still looking for "olly" like debugger for java, capable to do patches on the fly..

Is there anything like that?

p.s.
you can PM me with info if you don't want to reply here.

THANKS!
Reply With Quote
  #2  
Old 11-06-2010, 18:03
besoeso's Avatar
besoeso besoeso is offline
Family
 
Join Date: May 2010
Posts: 132
Rept. Given: 413
Rept. Rcvd 100 Times in 39 Posts
Thanks Given: 174
Thanks Rcvd at 17 Times in 11 Posts
besoeso Reputation: 100-199 besoeso Reputation: 100-199
you decompile the Java program with JD and then debug it with JDebugTool.

After load in Eclipse IDE, go to hot zone, patch it and compile.

Tools:

JD: http://java.decompiler.free.fr/

JDebugTool: http://www.debugtools.com/

Eclipse ide: http://www.eclipse.org/downloads/
Reply With Quote
The Following User Gave Reputation+1 to besoeso For This Useful Post:
The Old Pirate (11-06-2010)
  #3  
Old 11-07-2010, 03:14
ChupaChu's Avatar
ChupaChu ChupaChu is offline
Friend
 
Join Date: Dec 2007
Posts: 38
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
ChupaChu Reputation: 0
thanks mate, JD, and JDebugTool downloaded.. now downloading Eclipse IDE for Java Developers, (99 MB) will try and see how it goes.

Any good tutorials for JdebugTool usage, tips&tricks or similar?
Reply With Quote
  #4  
Old 11-07-2010, 11:09
2late 2late is offline
Friend
 
Join Date: Nov 2003
Posts: 41
Rept. Given: 5
Rept. Rcvd 6 Times in 3 Posts
Thanks Given: 5
Thanks Rcvd at 2 Times in 2 Posts
2late Reputation: 6
Quote:
Originally Posted by ChupaChu;70134I used IDA to disassemble a class file...
...[url
http://en.wikipedia.org/wiki/Java_bytecode_instruction_listings[/url]
A few weeks ago I used the same method; and still prefer patching instead of recompiling that requires installing seldom used bloatware.
DJ (http://www.neshkov.com/dj.html) has bytecode, sourcecode, and hex views, unfortunately those aren't synchronized (like the source/hex views in IDA).
Some good info on Java decompilers is at http://strategoxt.org/Transform/JavaDecompilers

Regards
Reply With Quote
  #5  
Old 11-08-2010, 22:55
NeOXOeN NeOXOeN is offline
VIP
 
Join Date: Jan 2005
Posts: 272
Rept. Given: 2
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 1
Thanks Rcvd at 2 Times in 2 Posts
NeOXOeN Reputation: 3
all tools that you need are up there.. only java sdk is missing:P
Reply With Quote
  #6  
Old 11-11-2010, 06:16
romero romero is offline
Friend
 
Join Date: Sep 2010
Posts: 37
Rept. Given: 11
Rept. Rcvd 24 Times in 6 Posts
Thanks Given: 34
Thanks Rcvd at 8 Times in 3 Posts
romero Reputation: 24
2 nice tuts
Reply With Quote
The Following 3 Users Gave Reputation+1 to romero For This Useful Post:
ahmadmansoor (11-11-2010), ivanov (11-15-2010), oVERfLOW (11-11-2010)
The Following User Says Thank You to romero For This Useful Post:
niculaita (01-11-2016)
  #7  
Old 11-11-2010, 18:57
nuemga2000 nuemga2000 is offline
Friend
 
Join Date: Jan 2002
Posts: 47
Rept. Given: 1
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
nuemga2000 Reputation: 2
Quote:
Originally Posted by NeOXOeN View Post
all tools that you need are up there.. only java sdk is missing:P
Which SDK is missing ? ...
... you can download the "normal" Java SDK's from SUN (Oracle) :
hxxp://www.oracle.com/technetwork/java/index.html
Reply With Quote
  #8  
Old 11-13-2010, 05:22
ChupaChu's Avatar
ChupaChu ChupaChu is offline
Friend
 
Join Date: Dec 2007
Posts: 38
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
ChupaChu Reputation: 0
IMHO IDA is excellent tool, we only lack a plugin that would act like when you hit "space" on code in olly - to accept new line of code, transcodes it into java opcodes, adjusts ponters and saves modified codes to some file.

Anyone ever hear of similar plugin for ida? Manually patchig byte by byte is PITA.
Not to mention recompiling never really worked for me, as no java coding experience here..
Reply With Quote
  #9  
Old 01-11-2011, 02:55
tonyweb tonyweb is offline
Family
 
Join Date: Jan 2009
Posts: 103
Rept. Given: 135
Rept. Rcvd 79 Times in 27 Posts
Thanks Given: 479
Thanks Rcvd at 73 Times in 42 Posts
tonyweb Reputation: 79
Well my 2 cents ...
I feel quite comfortable with tools like CCK (Class Construction Kit) and the new (not so stable) JBE (Java Bytecode Editor) ...

These are very useful for "small" patches because they allow to not recompile all stuff
However IMHO for all serious patches ... you have to recompile (even if most of the time you need a linux or mac box (or VM image ) ... for the case-sensitiveness)

Best Regards,
Tony
Reply With Quote
  #10  
Old 01-24-2011, 02:21
hobgoblin hobgoblin is offline
Friend
 
Join Date: Jan 2002
Posts: 123
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 0 Times in 0 Posts
hobgoblin Reputation: 0
Java tuts

Thanks for the java tuts above. Interesting field....:-)
Reply With Quote
  #11  
Old 06-27-2011, 18:16
cw2k
 
Posts: n/a
Thumbs up

Well JD andDJ Java 3.11.95(2009) with JAD Jad 1.5.8g(2001).7z is nice to see what's going on in the code.
When you just like to do some little magic - compiling the whole class file is often really painful, error prune or even not possible since there are to many errors / missing classes or whatever problems...

Before I open the *.class in IDA(enable in option/Disam/opcode byte=3) and a hexeditor. And wow the
CCK (Class Construction Kit)was a real revelation to me and exactly what I was looking for !!!
http://bcel.sourceforge.net/cck2_2.gif
(^As long as the [img] tag is not working here. you need the click")
Beside modifying the bytecode (That JBE also does) you can also delete or add lines and when doing so CCK also takes care about updating jmp and goto references.

Installation took me some time because I just downloaded BCEL.jar and tried to figure out how to run it. Well DL
http://bcel.sourceforge.net/downloads/BCEL.jar and
http://bcel.sourceforge.net/downloads/cck.jar
and then run it with
java.exe -jar cck.jar

Btw. if you like associate *.jar with javaw.exe like this. Well you can do it the clicky-clicky-way or in like this <windowskey+run>"cmd"<Enter>
Code:
>assoc .jar
.jar=WinRAR  <-wuups :D

>assoc .jar=jar_file
>ftype jar_file=%ProgramFiles%\Java\jdk1.6.0_26\jre\bin\javaw.exe -jar "%1"
Reply With Quote
The Following User Gave Reputation+1 to For This Useful Post:
chessgod101 (06-28-2011)
  #12  
Old 06-27-2011, 22:32
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 583
Rept. Given: 321
Rept. Rcvd 211 Times in 105 Posts
Thanks Given: 62
Thanks Rcvd at 68 Times in 30 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Hi all
my 5 cents into java RE-ng

there is a very nice tool called JMD, just give it a try when you see strings encrypted inside your files

nice video tut:
http://invokestatic.org/?p=88
Reply With Quote
  #13  
Old 06-28-2011, 02:11
chessgod101's Avatar
chessgod101 chessgod101 is online now
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 451
Rept. Given: 2,065
Rept. Rcvd 654 Times in 201 Posts
Thanks Given: 322
Thanks Rcvd at 323 Times in 65 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
I have done java cracking once before on a target call smart math calculator and another called graphing calculator 3d(both by the same company). I used the JD Decompiler and JBE(Java bytecode Editor). I could write a tutorial if anyone is interested.
Reply With Quote
The Following User Gave Reputation+1 to chessgod101 For This Useful Post:
JeRRy (06-29-2011)
  #14  
Old 06-29-2011, 18:03
CodeCracker CodeCracker is offline
Family
 
Join Date: Jun 2011
Posts: 80
Rept. Given: 12
Rept. Rcvd 180 Times in 35 Posts
Thanks Given: 3
Thanks Rcvd at 212 Times in 44 Posts
CodeCracker Reputation: 100-199 CodeCracker Reputation: 100-199
Cracking Java programs Part1/Part2:
http://forum.tuts4you.com/index.php?showtopic=19653
Reply With Quote
The Following 2 Users Gave Reputation+1 to CodeCracker For This Useful Post:
chessgod101 (07-01-2011), Corsten (07-04-2011)
  #15  
Old 08-30-2011, 10:20
jacalhu jacalhu is offline
Friend
 
Join Date: Aug 2011
Posts: 16
Rept. Given: 9
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
jacalhu Reputation: 4
java-decompiler web link:

http://www.java-decompiler.com/
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Java Cracking... deephousederek General Discussion 5 05-17-2005 07:55


All times are GMT +8. The time now is 09:51.


ICP05004977
vBulletin Security provided by vBSecurity v2.2.0 (Lite) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX