Re: [PEN-TEST] Java Decompilers

[Tirath Rai <Tirath () SCANIT BE>]

Hey,

IMHO Mocha works well, its earned its place in my pen test toolset.
It does choke on some class files, perhaps about a quarter of them.
This is not because they are deliberately obsfucated but I guess its
just not built for all occasions. Still it does produce nice readable
code which can be re-compiled with minor adjustments. Decent resource:
http://www.meurrens.org/ip-Links/java/codeEngineering/tercentennial.html

I also use JavaDump, it rips out key things from a class file, output is

in HTML form. This is fine if you just want a very basic picture.

If you want to go a level lower and the class files you are looking at
are obfuscated or your decompilers are choking on them perhaps you can
use the disassembler which comes with JDK. The -c flag prints out
disassembled code. The JVM spec book is on the Sun Java site and other
docs to help you it figure out are out there. Besides it can be 'fun'
figuring out disassembled class files, if you have too much time on your

hands ;)

Tirath Rai

SCANIT
http://www.scanit.be