Wednesday, June 1, 2016

Analyzing a Java JAR file

So you got a malicious email attachment that is a JAR file. You want to analyze it. First, a jar file is simply a zipped file, so use your favorite unzipping tool like 7zip or WinZip and extract the file. You'll find a bunch of java .class files which are simply java compiled code. To view and analyze that code, download a Java Decompiler like JAD. Then extract like below, and now you have a bunch of .java (Java code files) to analyze. You'll need to put on your programming skills as well as get past all the obfuscation techniques that the attacker put in place to make his code unreadable, but it's a start!

jad.exe -o -dtest -sjava *.class

More about neonprimetime

Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. php injection ali.txt walk-thru

Top Github Contributions
  1. Qualys Scantronitor 2.0

Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment