Repository: f1tz/BCELCodeman
Branch: main
Commit: 8eecb2227d54
Files: 4
Total size: 3.6 KB

Directory structure:
gitextract_b32o8_r2/

├── BCELCodeman.iml
├── META-INF/
│   └── MANIFEST.MF
├── README.md
└── src/
    └── Main.java

================================================
FILE CONTENTS
================================================

================================================
FILE: BCELCodeman.iml
================================================
<?xml version="1.0" encoding="UTF-8"?>
<module type="JAVA_MODULE" version="4">
  <component name="NewModuleRootManager" inherit-compiler-output="true">
    <exclude-output />
    <content url="file://$MODULE_DIR$">
      <sourceFolder url="file://$MODULE_DIR$/src" isTestSource="false" />
    </content>
    <orderEntry type="inheritedJdk" />
    <orderEntry type="sourceFolder" forTests="false" />
  </component>
</module>

================================================
FILE: META-INF/MANIFEST.MF
================================================
Manifest-Version: 1.0
Main-Class: Main



================================================
FILE: README.md
================================================
# BCELCodeman

>  初次使用Java编写工具，由于网上找到的编码/解码工具不是很顺手，才制作了这款工具，功能比较单一，就做一件事情BCEL编码/解码。

> 其实工具是在护网期间做攻击溯源的过程中写的，目的是为了分析攻击者使用的fastjson payload。

## How to use

> 主要功能就是将class文件编码为BCEL编码，或将BCEL编码还原为class，从而可以反编译出java源码。

> 使用Decode功能会自动在当前目录下生成**Decoded.class**, 由于BCEL编码存在$符号，请使用***单引号***对代码进行包裹

```shell

Decode:
java -jar BCELCodeman.jar d [BCEL_CODE]
Encode:
java -jar BCELCodeman.jar e [Class_Filepath]

```

![命令行使用示例](./screenshot/jar_example.png)

解码后的class可以拖入IDEA进行反编译，对比原始java代码效果如下

![反编译对比](./screenshot/decoded.png)



================================================
FILE: src/Main.java
================================================
import com.sun.org.apache.bcel.internal.classfile.Utility;

import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;

public class Main {
    public static void main(String[] args) {
        String helpMsg = "---------Example---------\n"
                        + "Decode:\n"
                        + "java -jar BCELCodeman.jar d [BCEL_CODE]\n"
                        + "Encode:\n"
                        + "java -jar BCELCodeman.jar e [Class_Filepath]\n\n"
                        + "  -=Coding By F1tz=-";
        try{
            switch (args[0]){
                case "d" :
                    String bcelCode = args[1];
                    decode(bcelCode);
                    break;
                case "e" :
                    String classPath = args[1];
                    encode(classPath);
                    break;
                default :
                    System.out.println(helpMsg);
            }
        }catch (Exception e){
            System.out.println(helpMsg);
            return;
        }
    }

    public static void decode(String cdata){
        String path = "./Decoded.class";
        if(cdata.startsWith("$$BCEL$$")){
            cdata = cdata.substring(8);
        }
        String cryptdata= cdata;
        FileOutputStream fos = null;
        FileChannel channel = null;
        try {
            fos = new FileOutputStream(path);
            channel = fos.getChannel();
            byte[] array =  Utility.decode(cryptdata,true);
            ByteBuffer buffer = ByteBuffer.wrap(array);
            channel.write(buffer);
            System.out.println("[*] Decode BCELcode successfully, find Class file in ./Decoded.class");
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } finally {
            try {
                channel.close();
                fos.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }

    public static void encode(String Classpath) {
        Path path = Paths.get(Classpath);
        try {
            byte[] data = Files.readAllBytes(path);
            String s = Utility.encode(data, true);
            System.out.println("$$BCEL$$" + s);
            System.out.println("\n[*] Encode BCELcode successfully. Have fun :)");
        }catch (IOException e){
            e.printStackTrace();
        }
    }
}