|
|
#1
09-12-2019, 23:27
|
|||
|
|||
|
Reversing obfuscated and encrypted JAR file
I have tried numerous tools and haven't found much luck. I have a program that I have pretty much cracked but not completely. A handful of options need the jar file to run and if the jar file runs it closes out the program.
The program starts java.exe and it opens the encrypted jar file and runs it. I believe it was obfuscated with proguard. It has a few classes in it that show it decrypting the stream and reading the class files. However the majority of the files inside it are encrypted and you can't tell anything. I took a dump in visualvm.exe and I can see a lot of info but nothing stands out yet. Not sure if anyone has any advice on how I might be able to decrypt the classes so I can see it? This is the code of one of the loader files it has. All the public deobfuscation tools failed. I'm guessing since it's encrypted as well. I'm not very familiar with java yet so any pointers would help. Thanks! Code:
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.net.URLClassLoader;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
public class LoaderB
extends URLClassLoader
{
protected LoaderB(ClassLoader parent, LoaderB prevClsLoader)
{
super(new URL[0], parent);
}
public void init(String[] args) {}
static byte[] zip(byte[] data)
{
try
{
ByteArrayInputStream bais = new ByteArrayInputStream(data);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
GZIPOutputStream gzos = new GZIPOutputStream(baos);
byte[] b = new byte['?'];
int i = bais.read(b);
while (i != -1)
{
gzos.write(b, 0, i);
i = bais.read(b);
}
gzos.finish();
gzos.flush();
gzos.close();
return baos.toByteArray();
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
static byte[] load(InputStream is)
{
try
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] b = new byte['?'];
int i = is.read(b);
while (i != -1)
{
baos.write(b, 0, i);
i = is.read(b);
}
baos.flush();
baos.close();
return baos.toByteArray();
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public static byte[] unzip(byte[] data)
{
try
{
ByteArrayInputStream bais = new ByteArrayInputStream(data);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
GZIPInputStream gzis = new GZIPInputStream(bais);
byte[] b = new byte['?'];
int i = gzis.read(b);
while (i != -1)
{
baos.write(b, 0, i);
i = gzis.read(b);
}
baos.flush();
baos.close();
return baos.toByteArray();
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
static byte[] crypt(Crypter crypter, byte[] data)
{
try
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
OutputStream os = crypter.getOutputStreamE(baos);
os.write(data);
os.flush();
os.close();
baos.close();
return baos.toByteArray();
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
static byte[] decrypt(Crypter crypter, byte[] data)
{
try
{
ByteArrayInputStream bais = new ByteArrayInputStream(data);
InputStream is = crypter.getInputStreamD(bais);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] b = new byte['?'];
int i = is.read(b);
while (i != -1)
{
baos.write(b, 0, i);
i = is.read(b);
}
baos.flush();
baos.close();
return baos.toByteArray();
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
}
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Encrypted video file | yologuy | General Discussion | 15 | 10-07-2021 18:40 |
| Help with AES 128 encrypted file | phroyt | General Discussion | 6 | 04-28-2020 09:57 |
| Floss - Obfuscated String Solver - Automatically extract obfuscated strings | TechLord | General Discussion | 1 | 06-25-2016 16:45 |
| Is it possible to crack encrypted file? | wenij | General Discussion | 8 | 02-19-2005 20:20 |
Threaded Mode