Go Back   Exetools > General > General Discussion


Thread Tools Display Modes
Old 06-05-2022, 00:05
Chuck954 Chuck954 is offline
Join Date: Jul 2018
Posts: 51
Rept. Given: 0
Rept. Rcvd 11 Times in 9 Posts
Thanks Given: 27
Thanks Rcvd at 59 Times in 36 Posts
Chuck954 Reputation: 11
java self-contained application packaging cracking

I have an app that uses a JAR file for security. It used to open up javaw.exe. Working on cracking a newer version and it looks like it uses a self-contained application packaging. That's what I think this is. If it just used javaw.exe I could attach a java debugger.

The program now uses DLL files to access the JAR file. Anyone know of a way to attach a java debugger to something like this? Any suggestions?

I've decrypted the JAR file but it but it'd be nice to be able to manipulate the data in real time.
Reply With Quote
Old 06-05-2022, 04:58
chants chants is offline
Join Date: Jul 2016
Posts: 651
Rept. Given: 21
Rept. Rcvd 43 Times in 26 Posts
Thanks Given: 594
Thanks Rcvd at 984 Times in 444 Posts
chants Reputation: 43
It sounds unclear that this new version has anything to do with Java. After all a JAR is just a ZIP archive with a special Metadata folder and Metadata files. If DLLs are being used and Javas executables are not running, then it would been to be reversed like any native code app.
Reply With Quote
Old 08-19-2022, 08:19
zen zen is offline
Join Date: Aug 2022
Posts: 9
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 27
Thanks Rcvd at 23 Times in 8 Posts
zen Reputation: 1
I ran into something like this when cracking CISCAT Pro, it was a "install4j" package as the app itself - so instead of having and installer that deploys the software, the software that run is each time is an installer package that decrypts to a temp directory (which is why my current crack is a race condition in powershell (but works great)). (it did use a dll file in the process as well)

Anyway if that is what happened in your case then it might help to know that these things (Exe4j for example) bundle the actual java code in a pack200 format, and then for some mysterious-to-me reason they xor it all with x88. You said you already decrypted the jar so maybe this isn't your issue... ? If you have a jar and the program is just java, then it seems you should be able to set your manifest Main-Class and run it.

edit: i just realized these posts are years old. oh well, maybe someone else working on a java package will see this and find use.
Reply With Quote
The Following User Says Thank You to zen For This Useful Post:
niculaita (08-19-2022)
Old 08-20-2022, 00:57
sendersu sendersu is offline
Join Date: Oct 2010
Posts: 982
Rept. Given: 327
Rept. Rcvd 219 Times in 112 Posts
Thanks Given: 198
Thanks Rcvd at 458 Times in 258 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
anyone knows how to attach to running java app and debug it on bytecode level? (similar as dnSpy it's super magic over .net assemblies)
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

All times are GMT +8. The time now is 10:51.

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2023 )