Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   java cracking (https://forum.exetools.com/showthread.php?t=13074)

giv 02-27-2012 18:59

Sorry for late repply....

Originally Posted by chessgod101 (Post 73758)
I have done java cracking once before on a target call smart math calculator and another called graphing calculator 3d(both by the same company). I used the JD Decompiler and JBE(Java bytecode Editor). I could write a tutorial if anyone is interested.

It will be quite interesting and i will be more than happy to watch.

remal 04-11-2012 03:53

I used to use ObjectWebs ASM (http://asm.ow2.org/) to disassemble Java bytecodes to Java code. Then modify that Java code, re-compile it, and use it to generate a proper bytecode file. It's a little bit round about but it works wonderfully and more versatile than patching alone.

Mkz 04-18-2012 03:04


Just though I might add my own tip for cracking java.
Notice: I know how to program in java (I also know the bytecode of course), and at least some basics are needed even if just for patching an instruction - objects, stack, etc.

Well, since I don't usually run under a debugger (IDA or higher-level), what I do sometimes is have a static look at the code - normally with JD - and find interesting spots. Examples: encrypted strings, strange file accesses, etc. Just by the nature of the java.*.* objects being used, you often get a pretty good idea of what's going on, and those can never be obfuscated like the programmer's code.
Then you need to patch the framework's code itself. "String", for instance, is a class you can easily change. Just fetch the java rt sources (it comes with the sdk), copy it to your own version, and for instance in the constructor just do a "System.out.println(this);".
Want the stacktrace as well to know where this string was created? Just add another statement with "new Exception().printStackTrace();" :D

The only thing left is to make java use your version of the rt classes instead of the original ones. Just add this modifier to the invocation:
java ... -Xbootclasspath/p:my_path\my_jar_with_changed_stuff.jar ...
There you go. All constructed strings (a LOT) will be written to the console, followed by the stack trace of the place they were created.

Extending this technique, I once also did something with the java.lang.Exception class. Changed the source so that every single exception wrote the stack trace to a log (be it the captured ones, the ones that happen during regular class loading, etc.) - creates a huge log but also allows you to know about everything that got raised and might not be even been propagated to error windows or log files.
Since the output is so huge, I later added some logic to it: created a settings file that could be supplied in the command line and where one could create regular expressions for the stack traces to ignore in order to hide "normal" exceptions that are raised a lot.
Unfortunately, this was quite some time ago and I no longer have the code at hand. Still it's not hard for someone to do it if needed.

marrom79 05-29-2012 18:47

There is rather a new tool, very similar to JBE (JBE is obsolete as it won't "patch" all .class files reliably when select features of java 1.6 are used) it's called DirtyJOE. In my opinion, its the easiest way/tool to reverse java. DirtyJOE has an Opcode library that will let you know what that particular java opcode or "bytecode instruction" signifies... http://dirty-joe.com/

I'm also happy to help... clarify and instruction or if you are simply looking for a way to do something...

As a decompiler, I recommend using DJ as it is very quick and simple... http://java.decompiler.free.fr/?q=jdgui

the basics to reverse java are...
1.Serch for the code to be patched with DJ;
2.Use winRAR and extract the .class file containing the "magic" section of code;
3.Get cracking with dirtyJOE.

For JNLP applications, you need first to dig out the relevant .jar files... they are all in the java cache folder...


wassim_ 06-18-2012 06:08

Password sniffing in Java
This is just an idea, I don't actually know much about Java but I do understand that Java code runs in a virtual machine (JVM) which is essentially a set of DLLs on windows, so shouldn't there be a way to set breakpoints directly in these DLLs while the virtual machine is interpreting and running a jar?
This could be useful for sniffing serials and the like for example...

besoeso 07-02-2012 23:11

Dr. Garbage Tools is a suite of Eclipse Plugins released under Apache Open Source license. Before is comercial.

-Bytecode Visualizer
  • inspect
  • understand
  • debug

-Sourcecode Visualizer
  • review
  • analyze
  • teach & learn
-Control Flow Graph Factory
  • generate
  • edit
  • export


Bunshee 06-23-2013 05:38


Thats great, i have everything a Java Application that i will Reversing.
Its a Car ODB Application from VW, and its written in Java by T-Systems.

The Application loads yourself in a Java VM Bytecode Address to the Memory...

No Tool from here is now working.... why?

ballad88 07-08-2013 17:37

ok. just study a java patch.

0xd0000 11-29-2013 11:59

My approach and personal favorites when approaching a Java Patch.

Use JD Gui to find what you¡¯re looking for and eventually JBE to patch, a recursive decompile with JAD and clear text search sometimes helps. JAD decompile can be done with cmd below. If you have multiple jars, just extract everything, then run the decompile.

JAD Recursive Decompile: for /R %F in (*.class) do jad -r -ff -s java %F

JD Gui - Must have, will allow full exploration of .JAR, as well as export of source.

JBE - Java Bytecode Editor can be used to patch whatever bytecode you desire, modifying the class directly without having to recompile. Will require more than a basic understanding of Java bytecode to use this effectively.

Once you have the patched .class you can simply just drop it back into the .jar with WinRar, or if you are working on a standalone .class then your basically done.

Hope this helps, patching Java can be interesting, especially ones that have string encryption functions.

I don't have direct links for these tuts, but they are pretty good, I will get them uploaded later.


0xd0000 11-29-2013 12:33


All packaged up here:


0xd0000 11-30-2013 08:22

This is new as of 11/29/2013

Java bytecode debugging

0xd0000 12-10-2013 12:41

Adding another app here - Similar to JBE
You need to be regged on tuts4you


MethodBodyEditor for Java
A Java class editor
Just Open the desired Java class (File->Open)
and then select the desired method from "Methods" tree
after that you will see a list with all instructions
of selected method. In order to edit instructions
double click on instruction or do a right click on the instruction
and select from menu "Show Opcode"
then simple enter the hexadecimal opcodes of new instructions
and click OK.
Finally save with File->Save.

CodeCracker 07-05-2014 19:40

Try BcelEditor
1 Attachment(s)
MethodBodyEditor for Java is for simple patches!

Try BcelEditor - full class editor, similar with CCK (Class Construction Kit).

Best regards,

wilson bibe 09-25-2014 15:02

JD-GUI 0.3.7


17 Aug 2014
Improved exploration of class files by replacing the modal dialogs by "stay on top" windows.
JD-GUI includes JD-Core 0.7.1.

CRC32 10-14-2014 22:04

JBE is really a good program.
But as far as I can see it, you can not directly change the opcodes in the program.
Should I fool myself, let me know.

All times are GMT +8. The time now is 14:14.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2023, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX