Monday, August 20, 2007

Java decompilers and obfuscators

A Java decompilers are special type of decompiler which takes a class file as input and produces Java source code as output. Decompilers are very useful tools when you lost your source code. I have used only JODE from the below list. As you see, there are many free/open source decompiler and obfuscator alternatvices.

Decompilers
  • JODE - is a java package containing a decompiler and an optimizer for java. The decompiler reads in class files and produces something similar to the original java file.
  • JREVERSEPRO - a Java Decompiler/Disassembler, and reverse engineering utility written entirely in Java. The utlimate objective of this project is to provide a decompiler that generates a Java object-based structure that can be programmatically inspected using a specific API.
  • Jdec - is a java decompiler which currently supports classes compiled using java compiler from SUN Microsystems LTD
  • Dava - is a decompiler for arbitrary Java bytecode. It can be used to decompile bytecode produced by Java compilers, compilers for other languages (AspectJ, SML, C) that generate Java bytecode and tools like Java bytecode obfuscators, instrumentors and optimizers.
  • Jad - is a Java decompiler that reads one or more Java class files and converts them into Java source files which can be compiled again. Jad is a 100% pure C++ program and it generally works several times faster than decompilers written in Java. Jad doesn't use the Java runtime for its functioning, therefore no special setup is required. Jad is free for non-commercial use.
  • DJ Java Decompiler - is Windows* decompiler and disassembler for Java that reconstructs the original source code from the compiled binary CLASS files. DJ Java Decompiler is able to decompile complex Java applets and binaries, producing accurate source code.
  • HomeBrew Decompiler - Have you ever lost the source code to a Java program and thought there was no way to get your code back? Well fret no longer, HomeBrew Decompiler to the rescue!
  • DCompiler - The aim of this project is to develop a decompiler for java which is platform independent and has options to obfuscate the class file also. The project takes class file as input and decompiles it and provides the source file.
  • JCavaj Java Decompiler - is a free Java-based Java Decompiler. It reconstructs the original source code from a compiled binary CLASS file. You can decompile java applets, jar and zip files producing accurate java source code.
Obfuscators
  • Jarg - reduces the size of a jar file in which java class files are stored. As a result of processing by jarg, since a Java class file is optimized, it becomes quicker, and since it is renamed, it becomes that it is harder to be analyzed. That is, jarg is 'Java Optimizer', and it is 'Java Obfuscator' and is also 'Java Shrinker' or 'Java Reducer'.
  • Jshrink - is a Java obfuscator that extracts the minimal set of class files for an application, removes unused code and data, obfuscates symbolic names, finalizes code for optimized execution, and stores the results in a Java jar file.
  • yGuard - is a free Java bytecode obfuscator and shrinker that improves your software deployment by prohibiting unwanted access to your source code and drastically shrinking the processed Jar files at the same time.
  • JavaGuard - is a general purpose bytecode obfuscator, designed to fit effortlessly into your regular build and testing process, providing peace of mind that your valuable Java code is more secure against decompilation and other forms of reverse engineering.
  • Smokescreen - is a Java obfuscator. Aside from being able to change symbolic names, it can also modify the bytecode instructions in methods thereby obfuscating control flow. This makes the resulting obfuscated classes much more difficult to decompile.
  • RetroGuard - a general purpose Java obfuscator, is designed to fit effortlessly into your regular build and testing process, providing peace of mind that your valuable Java bytecode is more secure against decompilation. Free for academic or not-for-profit use, or open source development
  • ProGuard - is a free Java class file shrinker, optimizer, and obfuscator. It can detect and remove unused classes, fields, methods, and attributes. It can then optimize bytecode and remove unused instructions. Finally, it can rename the remaining classes, fields, and methods using short meaningless names. The resulting jars are smaller and harder to reverse-engineer.
  • JBCO - is a Java bytecode obfuscator. Obfuscators transform code to be more complex, esoteric, or otherwise obscure in order to hinder reverse-engineering nad decompilation attacks. JBCO is able to operate on Java class files or source and produces obfuscated Baf, Jasmin, or class files.
  • The Marvin Obfuscator - rewrites Java applications in a way that makes it almost impossible to decompile them and understand their inner workings.
See Also;
Checkout;
On internet, you’ll find several Java decompilers FAQs to help you resolve java plug-in errors. Trustworthy hosting providers i.e. hostmonster and ipowerweb provide dedicated servers, cheap domain name registration along with online help to install java plug-ins.

11 comments:

anjan bacchu said...

hi there,

does anyone know if any of the above decompilers and obfuscators work with Generics(java 1.5 and java 1.6) ?

Most of the tools have not been updated to work with generics and are showing their age.

BR,
~A

Bayarsaikhan said...

Hi anjan?

I didn't used all of them but JODE.
If decompiler says that it is compatible with 1.5+, it can work. The best one you should try is JODE i guess.

Good luck.

Anonymous said...

Hi Anjan,

Maybe you need http://marto.homeunix.org:9091/sjcr ?

This is my home PC so it is not always up.

Note: my disassembler only complements the listed above. It doesn't even try to read the methods' bodies, it only shows the information which is not available in the other decompilers - generics, annotations, enums, varargs, etc.

Cheers
Martin

Anonymous said...

Anjan,

Generics are only used compile-time. In the bytecode, there is no reference whatsoever to generics. A decompiler could try to recreate generics info (although it's not sure that was the original code), but an obfuscater doesn't have to know about generics.

Anonymous said...

Hi Anonymous :-),

Did you check this blog http://blog.interface21.com/main/2006/09/29/exploiting-generics-metadata/ ?

There is an information about generics in the bytecode.

Have a try with the following class:


@NestedAnns({
@NestedAnn (
name="findCustomerByName",
value="select c FROM Customer c WHERE c.name = :name"
),
@NestedAnn(
name="findCustomerbyOrderId",
value="select c FROM Customer c JOIN c.orders o WHERE o.orderId = :id"
)
})

public class Pojo<L extends CharSequence> extends TreeMap<Long, TreeSet<L>> implements Runnable, Cloneable, TypeInterface<Number, String>, Serializable {

private static final long serialVersionUID = 1L;

protected int getInt(String... varargs) {
return -1;
}

public <T extends Iterable & Closeable> setMap(Map<Number, String> a) {
}
}

public @interface NestedAnns {

NestedAnn[] value();

}

@Retention(RetentionPolicy.RUNTIME)
public @interface NestedAnn {

String name();

String value();
}

public interface TypeInterface<A, B> {

Map<A, B> getMap();

void setMap(Map<A, B> a);

}


Cheers
Martin

Anonymous said...

this article has annoyed me - it lists decompilers without giving an idea of each projects' respective liveness or level of functionality :/

OnlinePharmacy said...

gHX34B Your blog is great. Articles is interesting!

Anonymous said...

java bytecode to native code compilers make way much powerful obfuscation than any of the cited bytecode to bytecode transformers

Free compiler (1.5 supported):
http://gcc.gnu.org/java/

Commercial (1.6 fully supported):
http://www.excelsior-usa.com/jet.html

DonAmir said...

Great post!
I have to use a decompiler and now I'm surfing web to find the best one and people say JAD is the best, I gonna search more and will share the result with you.

Anonymous said...

Hi,
The new version of DJ Java Decompiler 3.11 is ready http://www.neshkov.com/
With many new features: Annotation support, new search tool "Search for files inside compressed archives" (JAR, ZIP, WAR, EAR, APK), new tools: "Imports Viewer" and "Methods Viewer" with sorting capabilities, calculate DEX file signature and checksum, "Tree View" button in "Archiver", decompile "Whole class tree" option

ivmai said...

DJ Java Decompiler uses Jad as a decompiler engine.
Jad is good but hasn't been maintained for ages (the latest version is jad1.5.8g). To workaround Jad limitations (mostly for Java 1.4 and 1.5+ classes) and/or improve the quality of decompiled code, there's a helper tool - JadRetro (the java generics are not supported but the generated source is functionally equivalent to the original in most cases).

It's easy to use with Jad:

jadretro filename*.class
jad filename.class