Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
recovering java classes
#1
I have the exe file most likely created by exe4j and I would like to recover java classes.
Unfortunately search for string 'PK' don't work as described in a few tutorials.

'PK exist but only bytes 50 4B are matching
for example

50 4B 1B EE 10 1E 7F

and it should be 50 4B 03 04

any idea ??

Krzysztof
Reply
#2
The easiest way to do this is to dump the JVM's loaded classes.

You can do this by using a modified java agent, editing the JVM rt.jar library itself.

You may be able to do this using Java Snoop - http://www.aspectsecurity.com/tools/javasnoop I've personally never tried using it, I've either patched the JVM directly or used a Java Agent.
Reply
#3
The exe4j targets I have encountered extracted their jars and other files to a folder in the temp directory and executed them from there. I may make a tutorial for this later on to accompany the one I made for launch4j.
Reply
#4
(07-27-2015, 01:37 PM)chessgod101 Wrote:  The exe4j targets I have encountered extracted their jars and other files to a folder in the temp directory and executed them from there. I may make a tutorial for this later on to accompany the one I made for launch4j.

That would be awesome, your tutorials are really instructive!
Reply
#5
Breakpoint CreateFileA & CreateFileW.
Simply copy the jar whenever WriteFile is executed . (That's how I used to do it.)
Reply
 


Forum Jump:


Users browsing this thread: 1 Guest(s)

About The Bytecode Club

We're a community focused on Reverse Engineering, we try to target Java/Android but we also include other langauges/platforms. We pride ourselves in supporting and free and open sourced applications.

Website