2

I'm trying to reverse engineering a .jar file (basically a group of .class files). However, there are two difficulties:

  1. Some of the variables, methods and classes are named with unicode characters, which cannot be properly displayed. This makes source editing very inconvenient.

  2. Some of the classes are named with Java keywords (such as if). Therefore Java compiler will complain when recompiling the reverse-engineered source files.

Are there any Java deobfuscators that can overcome these difficulties?

Cyker
  • 9,946
  • 8
  • 65
  • 93
  • The state of decompilers in Java is a sad story. I guess asking for de-compilers that even try to break obfuscators on top of that ... good luck with that. Besides: your question is clearly off-topic. You are asking for recommendation for off-site resources. – GhostCat Nov 05 '16 at 20:38
  • 1
    @GhostCat I'm not asking for decompilers. I'm looking for a way to change variable names in JAR files. A working Java deobfuscator supporting variable renaming is obviously the best way to solve this problem. If a decompiler has that feature, that's also a solution but not the question itself. By the way, all questions are recommendation questions. I'm looking for an answer to solve my problem but not comparison between tools. This doesn't looks very subjective, right? – Cyker Nov 05 '16 at 20:48
  • have you tried jd-gui? – Pradeep Pati Nov 05 '16 at 21:08
  • 1
    @PradeepPati Yes. It just cannot display unicode characters correctly. And it doesn't deal with Java keywords. I've already mentioned these problems in the question. – Cyker Nov 05 '16 at 21:11

2 Answers2

3

There are several tools that can rename Java identifers. For example, you can just run Proguard on it to rename everything.

That being said, I would suggest reconsidering your approach. Java compilation and decompilation are both lossy processes. Decompilation is useful for reverse engineering, but you generally cannot expect to be able to recompile the decompiled code. If it has previously been obfuscated, you may as well forget it.

The best way to modify obfuscated code is to use the Krakatau assembler and disassembler. Krakatau assembly can be reversibly transformed to and from bytecode, meaning you can edit arbitrary classes without messing things up, no matter how they have been obfuscated. The only downside is that you have to be familiar with Java bytecode.

Antimony
  • 37,781
  • 10
  • 100
  • 107
  • This answer looks good. Actually I've just worked out a Proguard config that works with my application. The result looks much nicer, even though there are still some public variables whose names must be kept intact. Also thank you for pointing out Krakatau. Actually I'm working on Android and there are smali/baksmali which look similar to that. I'd continue working to see whether things will finally work out. – Cyker Nov 05 '16 at 22:22
0

Cuchaz's Enigma supports renaming local variables. It's no longer being updated and runs on BCEL which is also no longer being updated. As long as you're not decompiling anything BCEL can't handle it should work just fine though.

Display Name
  • 942
  • 1
  • 10
  • 20