diff --git a/jode/doc/Makefile.am b/jode/doc/Makefile.am index e6867e0..b0ce2fe 100644 --- a/jode/doc/Makefile.am +++ b/jode/doc/Makefile.am @@ -1,13 +1,14 @@ ## Input file for automake to generate the Makefile.in used by configure EXTRA_DIST = \ -applet.html.in \ +applet.html \ download.html.in \ -frame.html \ history.html \ jode.html \ license.html \ +links.html \ usage.html \ myproject.jos \ dasm_to_java.perl \ +gimp/jode-logo.xcf \ jode-logo.gif diff --git a/jode/doc/applet.html b/jode/doc/applet.html index 67fcea4..1b8a2cd 100644 --- a/jode/doc/applet.html +++ b/jode/doc/applet.html @@ -24,17 +24,18 @@
  • Usage
  • License
  • History
    • +
  • Links
  • Blue Sky

    • The JODE Applet

    - + -

    Sorry you need a java enabled browser to test a java applet :-p

    +

    Sorry you need a java enabled browser to test a java applet ;-)

    Don't read the rest, it only contains information about the applet.



    @@ -42,7 +43,7 @@ Press the start button to decompile Michael's Plasma applet. You may change the classpath and class name to point to a -class file of your choice. But note that most browsers doesn't allow +class file of your choice. But note that most browsers don't allow loading files from a different server.

    Save probably doesn't work, because it is forbidden by the browser.

    diff --git a/jode/doc/bluesky.html b/jode/doc/bluesky.html index b875be9..dfcf9c4 100644 --- a/jode/doc/bluesky.html +++ b/jode/doc/bluesky.html @@ -25,6 +25,7 @@
  • Download
  • Usage
  • License
    • +
  • Links
  • History
  • Blue Sky
    • @@ -73,10 +74,10 @@ MenuItem local_2 = new MenuItem("Save"); good names would be miOpen and miSave.

    -

    It is currently possible to assign a hint name,type pair to -a local. If the type matches, the local will be named after hint -name. This could be extended by giving them several weighted -hints and constructing the name in an intelligent way.

    +

    It is currently possible to assign a (hint name,type) pair +to a local. If the type matches, the local will be named after +hint name. This could be extended by giving them several +weighted hints and constructing the name in an intelligent way.

    Better deobfuscation features

    First there should be a good Renamer: Methods that simply diff --git a/jode/doc/download.html.in b/jode/doc/download.html.in index 3d1e403..43c9eaf 100644 --- a/jode/doc/download.html.in +++ b/jode/doc/download.html.in @@ -24,6 +24,7 @@

  • Usage
  • License
  • History
    • +
  • Links
  • Blue Sky
    • @@ -34,14 +35,13 @@ archives: jode-@VERSION@.tar.gz is the source @@ -60,19 +60,25 @@ href="http://sourceware.cygnus.com/cygwin/">cygwin and unzip.
    http://java.sun.com/products/jdk/1.1/index.htm
    -
    Collection classes and Swing for JDK 1.1:
    +
    Swing for JDK 1.1:
    - http://java.sun.com/beans/infobus/#DOWNLOAD_COLLECTIONS http://java.sun.com/products/jfc/index.html#download-swing
    JDK 1.2:
    http://java.sun.com/products/jdk/1.2/index.html
    -
    Getopt:
    +
    Getopt:
    http://www.urbanophile.com/arenn/hacking/download.html#getopt
    +
    Collection Classes:
    +
    I have written a small script that puts the collection classes +from the GNU Classpath Project into +its own package (org.gnu.java.util.collections). You can +download the source code (including +the script), or a precompiled jar file. +
    diff --git a/jode/doc/history.html b/jode/doc/history.html index a5d625b..89bafcc 100644 --- a/jode/doc/history.html +++ b/jode/doc/history.html @@ -24,6 +24,7 @@
  • Usage
  • License
  • History
    • +
  • Links
  • Blue Sky
    • diff --git a/jode/doc/jode.html b/jode/doc/jode.html index 7c2aa15..7f24581 100644 --- a/jode/doc/jode.html +++ b/jode/doc/jode.html @@ -8,7 +8,7 @@ java-decompiler, reverse engineering, free, GPL"> - + @@ -23,13 +23,14 @@ java-decompiler, reverse engineering, free, GPL">

    -Jode +Jode (WWW) @@ -83,9 +84,13 @@ config file (they can be conditionally, so that only one is actually excuted), jode refuses to mark it as final. This can make decompilation of method scoped classes wrong. -
  • There's a bug in ConstantAnalyzer (part of the obfuscator). It is -triggered very seldom, and produces incorrect code. Use it with -care.
    • + +
  • There's probably a bug in LocalOptimizer (part of the obfuscator). +It is triggered very seldom, and may produces incorrect code. If your +application doesn't work after obfuscation, or is refused by the +bytecode verifier, try again without the LocalOptimizer. If this was +the reason send me your class file ;-) +

    • Now follows a list of oddities, that will probably never get @@ -115,11 +120,10 @@ those that occur on some of the jode.test files, I would be very interested in a bug report (including the class file, if possible).

    -

    Sometimes JODE generates some GOTO expression and labels. This - shouldn't happen any more with code produced by javac or jikes. - But some flow obfuscator likes Zelix Klassmaster may provoke this. - In that case you can run the Obfuscator first (to optimize away the - flow obfuscation ;-).

    +

    Sometimes JODE generates some GOTO expression and labels. +This shouldn't happen any more with code produced by javac or jikes. +But some flow obfuscator may provoke this. In that case you can run +the Obfuscator first (to optimize away the flow obfuscation ;-).

    @@ -127,7 +131,7 @@ file, if possible).

    http://www.informatik.uni-oldenburg.de/~delwi/jode/jode.html, last -updated on 24-Okt-1999.

    +updated on 24-Jan-2000.

    diff --git a/jode/doc/license.html b/jode/doc/license.html index 264bf2c..f6db54f 100644 --- a/jode/doc/license.html +++ b/jode/doc/license.html @@ -24,6 +24,7 @@
  • Usage
  • License
  • History
    • +
  • Links
  • Blue Sky
    • diff --git a/jode/doc/links.html b/jode/doc/links.html new file mode 100644 index 0000000..622e907 --- /dev/null +++ b/jode/doc/links.html @@ -0,0 +1,68 @@ + + + +Java Optimize and Decompile Environment (JODE) + + + + + + + + + + + + + +
    JODE
    +Homepage +

    +Jode + +    		 +

    JODE Links

    +

    Other decompilers

    + +

    Other obfuscators

    +
      +
    • Hashjava is another free obfuscator. It is no longer maintained, though, since its successor was commercialized.
      • +
    • Zelix +Klassmaster does a very good flow optimization and also decrypts +strings. But JODE can now undo both.
      • +
    +

    Graphical User Interface

    + +
    + +
    + +

    +http://www.informatik.uni-oldenburg.de/~delwi/jode/usage.html, last +updated on 24-Jan-2000.

    + + + + diff --git a/jode/doc/myproject.jos b/jode/doc/myproject.jos index dd883d0..5e9cc24 100644 --- a/jode/doc/myproject.jos +++ b/jode/doc/myproject.jos @@ -1,28 +1,52 @@ # This is a sample script file to obfuscate my project +# The class path should include everything that is needed to run the +# project. Don't forget the java base classes (rt.jar or classes.zip). +classpath = "c:\\jdk1.2\\jre\\lib\\rt.jar","d:\\project\\java" + +# The jar, zip file or directory in which the obfuscated class files +# should be written. +dest = "obfuscated.zip" + +# Write the reverse translation table to translat.tbl. With the help of +# this table you can later undo the renaming. +revtable = "translat.tbl" + strip = "unreach","lvt","inner" +# this variable will tell, which classes and packages should be included +# in the obfuscated.jar package. load = new WildCard { value = "org.myorg.myproject" }, new WildCard { value = "org.myorg.mylib*" }, new WildCard { value = "org.otherorg.shortlib" } -preserve = new WildCard { value = "org.myorg.application.main.*" }, - new WildCard { value = "org.myorg.applet..()V" }, - new WildCard { value = "org.resources.bundle*..()V" }, +# this variable will tell, which classes and packages must not be +# renamed. +preserve = new WildCard { value = "org.myorg.ApplicationClass.main.*" }, + new WildCard { value = "org.myorg.AppletClass..()V" }, + new WildCard { value = "org.resources.BundleClass*..()V" }, new MultiIdentifierMatcher { and = new WildCard { value = "org.myorg.publiclib.*" }, new ModifierMatcher { access = "PUBLIC" } } -renamer = new KeywordRenamer { - backup = new StrongRenamer { - charsetStart = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" - charsetPart = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_" - charsetPackage = "abcdefghijklmnopqrstuvwxyz" - charsetClass = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - } +# There are different renamers currently. This is just an example that +# produces very good obfuscated code, that is still valid bytecode. +renamer = new StrongRenamer { + charsetStart = "aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ" + charsetPart = "aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ0123456789_$" + charsetPackage = "abcdefghijklmnopqrstuvwxyz" + charsetClass = "abcdefghijklmnopqrstuvwxyz" } -analyzer = new SimpleAnalyzer +# The constant analyzer does a great job to remove constant fields and +# deadcode. E.g. if you obfuscate the decompiler applet it will +# remove the whole debugging code, since the applet doesn't need it. +analyzer = new ConstantAnalyzer + +# The LocalOptimizer will reorder local variables to use fewer slots. +# It may still have some bugs, so remove it if your applet doesn't +# work (and send me the class). +# The RemovePopAnalyzer will remove instructions that were optimized +# away by the ConstantAnalyzer and LocalOptimizer. post = new LocalOptimizer, new RemovePopAnalyzer diff --git a/jode/doc/usage.html b/jode/doc/usage.html index 6848529..d556c68 100644 --- a/jode/doc/usage.html +++ b/jode/doc/usage.html @@ -3,7 +3,7 @@ Java Optimize and Decompile Environment (JODE) - + @@ -25,10 +25,12 @@    Command Line
       AWT Interface
       Swing Interface
    +   Java Interface
    Obfuscator

  • License
  • History
    • +
  • Links
  • Blue Sky
    • @@ -48,6 +50,13 @@ set CLASSPATH=C:\download\jode-xxx.jar;C:\swing\swingall.jar or for csh: 
    setenv CLASSPATH /tmp/jode-xxx.jar:/usr/local/swing/swingall.jar
    +
    +There is also a batch file for windows and a script file for unix, +that you can use. Adapt the CLASSPATH in the file and put it to a +convenient location. +
    +  jar -xvf jode-xxx.jar bin/jode.bat resp. bin/jode
+

    Command Line Interface

     @@ -66,7 +75,7 @@ The AWT Interface looks exactly like the applet. In fact the applet uses the AWT Interface. You start it after setting the CLASSPATH (see above), with -
    java jode.JodeWindow
    +
    java jode.decompiler.Window
    In the classpath line you can enter a number of jar files, zip files and directories separated by comma(,). Then enter the @@ -78,7 +87,10 @@ appear. You can save it via the save button. For the swing interface you need java version 1.2 or the separately available swing package (see download -page.
    +page. You can invoke it like this: +
    +java jode.swingui.Main --classpath classes.jar
+
    The swing interface will show the package hierarchie of all classes in the classpath on the left side. You can now select a class and the @@ -86,20 +98,57 @@ decompiled code will appear on the right side. Via the menu, you may change the classpath or switch between package hierarchie tree and class inheritence tree.
    -The swing interface is very nice, if you just want to work how -something works, and you don't have the source code. It is especially -useful to trace bugs through library code. It is not meant to -generate java files and so you won't find a save option -there.
    +The swing interface is very useful to browse through class files if +you don't have the source code. You can also use it to trace bugs in +library code. It is not meant to generate java files and so +you won't find a save option there.
    + +

    Java Interface

     + +If you want to integrate JODE into your own java program, you +can use the jode.decompiler.Decompile class. Note that +the GPL only allows you to integrate JODE into GPL programs. +Please contact me if, so I can put you on my link +page and keep you informed about new releases.
    + +You may use this stripped down jar +archive containing all necessery classes.

    Using the Obfuscator

    -To use the obfuscator you have to create a script file, say     myproject.jos, with -the following contents (You have to adapt it to match your project, of -course). It should contain the following options: +To use the obfuscator you should first create a script file, say myproject.jos. Then you can invoke the +obfuscator with: +
    +java jode.obfuscator.Main myproject.jos
+
    + +

    The script file should contain the following options:

    + +

    First select the classpath. You should include everything in the +classpath that you need to run your application. This also includes +the system class files (Sun puts them into classes.zip or +rt.jar))

    +
    +classpath = "c:\\jdk1.2\\jre\\lib\\rt.jar","d:\\project\\java",
+     "ftp://www.myorg.org/pub/classlib.jar"
+
    -

    First select what you want to strip. There are several +

    Specify where you want the obfuscated classes to go. I recommend +to write them directly into a zip file, but you can also give a +directory.

    +
    +dest = "obfuscated.zip"
+
    + +

    You can make JODE write its translation table. This table +can be used later to undo the name obfuscation, or you can look there +to decrypt exceptions you may get.

    +
    +revtable = "translat.tbl"
+
    + +

    Select what you want to strip. There are several possibilities, which can be separated by comma(,):

    unreach
    @@ -117,8 +166,11 @@ possibilities, which can be separated by comma(,):

    strip = "unreach","lvt","inner" -

    Select the packages and classes you want to obfuscate. You -should only include libraries, that you don't ship separately.

    +

    Select the packages and classes you want to obfuscate. You should +only include libraries, that you don't ship separately. If you give a +package, all classes and subpackages are loaded. You can also use +* as wild card, that matches everything (including dots). +

     load = new WildCard { value = "org.myorg.myproject" },
        new WildCard { value = "org.myorg.mylib*" },
@@ -133,9 +185,9 @@ name and the type signature to identify your method.  javap
 -s will show you the type signatures for your classes, but you
 may also use *, to select all methods with that name.
    
 
    -preserve = new WildCard { value = "org.myorg.application.main.*" },
-           new WildCard { value = "org.myorg.applet.<init>.()V" },
-           new WildCard { value = "org.resources.bundle*.<init>.()V" }
+preserve = new WildCard { value = "org.myorg.ApplicationClass.main.*" },
+           new WildCard { value = "org.myorg.AppletClass.<init>.()V" },
+           new WildCard { value = "org.resources.Bundle*.<init>.()V" },
 
    
 
 
    If you want to obfuscate (or just shorten) the identifier you can
@@ -153,12 +205,21 @@ option that is not very strong, but very confusing.
 
    KeywordRenamer
    
 
    Renames identifiers to keyword.  You can give your own list of
 keywords as parameters.  Resulting code is not decompilable directly,
-but it is legal bytecode.
    
+but it is not legal bytecode either.  Some paranoid
+web browsers refuse to run applets containing keywords as identifiers
+(and they are completely within the Java VM spec).
 
    -renamer = new KeywordRenamer
+renamer = new StrongRenamer
    +

    You can also create a renaming table with the same format as the +table written by revtable. The entries in the table get precedence +over renamer. Entries not in the table will get renamed by the +renamer.

    +

    +table = "translat.tbl"
+

    Now you can select the analyzer. The purpose of the analyzer is to mark all reachable methods, find out which methods @@ -168,22 +229,26 @@ for Enumerations). There are currently two analyzers.

    SimpleAnalyzer
    Straight forward analyzer. It is fast and will remove dead code on method basis.
    -
    ConstantAnalyzer
    +
    ConstantAnalyzer
    Strong analyzer that will determine, which fields and instructions have constant values. It will remove dead code on instruction basis -and replace constant instruction with a load constant, or remove them -completely.
    This analyzer is especially useful to revert Zelix -Klassmaster's flow obfuscation.
    +and replace constant instruction with a load of the constant, or +remove them completely.
    This analyzer is especially useful to +revert the flow obfuscation of some other obfuscators. 

    -analyzer = new SimpleAnalyzer
+analyzer = new ConstantAnalyzer

    Pre- and Post transformers transform the bytecode before -resp. after the Analyzer runs. Using this defaults should be -okay.

    +resp. after the Analyzer runs. Using this default should be okay. +You may remove the LocalOptimizer, though, if you have problems.

    +

    In the future I may add some new post transformers, that do string +encryption, flow obfuscation and similar things. If you want to write +your own Transformers please contact me, since the next version will +change the bytecode interface.

     post = new LocalOptimizer, new RemovePopAnalyzer
    @@ -195,8 +260,7 @@ post = new LocalOptimizer, new RemovePopAnalyzer

    http://www.informatik.uni-oldenburg.de/~delwi/jode/usage.html, last -updated on 24-Okt-1999.

    +updated on 30-Jan-2000.

    -