What is a good java deobfuscation

604    Asked by NakanoHase in Java , Asked on Oct 12, 2022

 I am using JD-GUI to decompile Java JAR files, but the problem is that it leaves many errors, such as duplicate variables which I have to fix myself and check to see if the program still works (if I fixed the errors correctly).

I also tried Fernflower, but that leaves blank classes if it's missing a dependency.

I'd like to know which decompiler:

gives the least amount of errors

deobfuscates the most.


Answered by Nakayama Ueno

Old and Lacking Entries


Some time ago, everyone’s decompiler of choice was jad. Currently, the project is dead (in addition, it wasn’t open source), but still you see a lot of people referring to it.

Java DeObfuscation Also an older tool from fileoffset.com, but still works more or less. The interface is rather clunky to use for larger projects, but the tool is open source.

JODE JODE is a java package containing a decompiler and an optimizer for Java. This package is freely available under the GNU GPL. It hasn’t been updated for quite some time.

AndroChef Proprietary tool to decompile Android programs and Java files, available here. Not worth the money given the alternatives, just as DJ Decompiler.

Candle An open source decompiler by Brad Davis. I’m mentioning it for completeness, but is far away from being feature complete.

Modern Tools

JD-Gui Probably one of the most widely used tools for Java decompilation, as it is easy to use and provides a graphical user interface which allows it to quickly open up and inspect a class file or JAR. You can find it over here.

FernFlower Very new and promising analytical Java decompiler (becoming an integral part of IntelliJ 14).

It’s a command line tool. This one is able to show the Unicode parameters with their full name.

CFR

Free, and open source. This one aims to decompile modern Java features, including Java 12 switch expressions, Java 8 lambdas (pre and post Java beta 103 changes), Java 7 String switches etc., though it is itself written in Java 6.

Also a command line tool. This one does an even better job and is slightly faster.

Procyon

Open source, and also aims to deal with Java 8 features (lambdas, :: operator). Needs Java 7 to run.

Krakatau Krakatau is interesting because it has been written in Python. It currently contains three tools: a decompiler and disassembler for Java class files and an assembler to create class files.

Does not yet support Java 8 features.

Soot

Soot is a framework for analysing and transforming Java and Android applications, originally developed by the Sable Research Group of McGill University. It’s not very commonly used as a decompiler, as it also defines an intermediate bytecode language.

Recaf

A Java Bytecode editor and reverse engineering tool aimed at being intuitive to use. It can present bytecode through multiple decompilers (CFR, FernFlower, Procyon) or in a table layout to allow displaying class elements that are indecipherable in standard decompilers. Recaf uses context-sensitive menus to interact with classes, methods, and fields, allowing users to search for use cases, rename items, and edit definitions in a disassembled format.

It supports jars, wars, classes, and extracting classes from running Java processes.

It is written completely in Java and is fully open source.

Konloch’s Bytecode Viewer

An Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java Decompiler, GUI DEX2Jar, GUI Jar2DEX, GUI Jar-Jar, Hex Viewer, Code Searcher, Debugger and more.

Written completely in Java, and it’s open source.

It uses FernFlower, Procyon and CFR for decompilation, makes this an awesome visual tool using state-of-art decompilers:

Enigma

A tool specifically geared for deobfuscation:

Originally used to deobfuscate Minecraft versions. Uses Procyon internally.

A more up to date fork can be found here

It’s fun to note that a lot of effort into decompilers and de-obfuscators for Java is the result of the modding scene around Minecraft, one of the most popular games implemented in Java.

Source: http://blog.macuyiko.com/post/2015/a-quick-look-at-java-decompilers.html



Your Answer

Interviews

Parent Categories