Tuesday 1 September 2015

JD: Java Decompiler

A decompiler is a program that performs the reverse operation to that of a compiler. Decompiers are not perfectly reconstruct the source code, but still they plays vital role in software reverse engineering. In this post, we are going to discuss about JD (Java Decompiler).

“Java Decompiler project” provide tools to decompile and analyze java source code. “Java decompiler project” provides core libraries, standalone User interface, plugins to IDES like Eclipse, Intellij. In this post we are going to see, how to use JD to decompile .class files.

Download Java decompiler GUI setup file from following location.

After downloading setup file, install and launch JD project.


Employee.java
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;

public class Employee implements Serializable {
 int id;
 String firstName, lastName;
 byte b[] = { 1, 2, 3, };

 Employee(int id, String firstName, String lastName) {
  this.id = id;
  this.firstName = firstName;
  this.lastName = lastName;
 }

 public static void main(String args[]) throws Exception {

  /* Serialize object */
  FileOutputStream fos = new FileOutputStream("ser.out");
  ObjectOutputStream out = new ObjectOutputStream(fos);
  Employee emp = new Employee(1, "Krishna", "Arjun");
  out.writeObject(emp);

  /* Deserialize object */
  FileInputStream fis = new FileInputStream("ser.out");
  ObjectInputStream in = new ObjectInputStream(fis);
  Employee emp1 = (Employee) in.readObject();

  System.out.println(emp1.id + " " + emp1.firstName + " " + emp1.lastName);
 }
}

Compile above java class, it generates Employee.class file. Open Employee.class file JD, you will see the source code for Employee class.



Decompiler shows following code.
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;

public class Employee implements Serializable {
 int id;
 String firstName, lastName;
 byte b[] = { 1, 2, 3, };

 Employee(int id, String firstName, String lastName) {
  this.id = id;
  this.firstName = firstName;
  this.lastName = lastName;
 }

 public static void main(String args[]) throws Exception {

  /* Serialize object */
  FileOutputStream fos = new FileOutputStream("ser.out");
  ObjectOutputStream out = new ObjectOutputStream(fos);
  Employee emp = new Employee(1, "Krishna", "Arjun");
  out.writeObject(emp);

  /* Deserialize object */
  FileInputStream fis = new FileInputStream("ser.out");
  ObjectInputStream in = new ObjectInputStream(fis);
  Employee emp1 = (Employee) in.readObject();

  System.out.println(emp1.id + " " + emp1.firstName + " " + emp1.lastName);
 }
}


In the same way, you can decompile jar files also.



No comments:

Post a Comment