Quote:
Originally Posted by suddenLy
yep, the child process is javaw.exe.
When I try using command line, file integrity error pops.
Even if catching crack point through monitoring tool as you said, how can I find that byte code??
Anyway, thanks for your comments.
|
Check the 2 attached images, also uploaded to:
- hxxp://i65.tinypic.com/2nu0fie.png
- hxxp://i67.tinypic.com/xfcgtd.png
I launched JVisualVM, which is part of the Java SDK, and also uses the same approach: there's an executable which loads some java code in a spawned process.
The 1st image shows you the command line which could - I guess - be executed directly to launch the java code. It indicates the classpath (which libs to load), the parameters, the start class name, etc.
When you mention "file integrity error", I'm not sure if it's related to checks done by the java program, or if you didn't supply exactly everything it needed - including the correct working dir or environemnt variables.
The 2nd image is for a thread dump I requested from JVisualVM to a running java program (which happens to be JVisualVM itself) and you can see one of the threads' call stack.
If you want to, say, understand what the "org.openide.util.RequestProcessor$task.run" method does, you'll need to use the regular java tools to decompile its class file and take a look at its "decompiled source" or even the java bytecode if decompilation is not possible.
You'll need to search all the jars in the classpath to understand which one provides that class, so you can decompile it.