├── BCELCodeman.iml
├── META-INF
    └── MANIFEST.MF
├── README.md
├── screenshot
    ├── decoded.png
    └── jar_example.png
└── src
    └── Main.java


/BCELCodeman.iml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <module type="JAVA_MODULE" version="4">
 3 |   <component name="NewModuleRootManager" inherit-compiler-output="true">
 4 |     <exclude-output />
 5 |     <content url="file://$MODULE_DIR$">
 6 |       <sourceFolder url="file://$MODULE_DIR$/src" isTestSource="false" />
 7 |     </content>
 8 |     <orderEntry type="inheritedJdk" />
 9 |     <orderEntry type="sourceFolder" forTests="false" />
10 |   </component>
11 | </module>


--------------------------------------------------------------------------------
/META-INF/MANIFEST.MF:
--------------------------------------------------------------------------------
1 | Manifest-Version: 1.0
2 | Main-Class: Main
3 | 
4 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # BCELCodeman
 2 | 
 3 | >  初次使用Java编写工具，由于网上找到的编码/解码工具不是很顺手，才制作了这款工具，功能比较单一，就做一件事情BCEL编码/解码。
 4 | 
 5 | > 其实工具是在护网期间做攻击溯源的过程中写的，目的是为了分析攻击者使用的fastjson payload。
 6 | 
 7 | ## How to use
 8 | 
 9 | > 主要功能就是将class文件编码为BCEL编码，或将BCEL编码还原为class，从而可以反编译出java源码。
10 | 
11 | > 使用Decode功能会自动在当前目录下生成**Decoded.class**, 由于BCEL编码存在$符号，请使用***单引号***对代码进行包裹
12 | 
13 | ```shell
14 | 
15 | Decode:
16 | java -jar BCELCodeman.jar d [BCEL_CODE]
17 | Encode:
18 | java -jar BCELCodeman.jar e [Class_Filepath]
19 | 
20 | ```
21 | 
22 | ![命令行使用示例](./screenshot/jar_example.png)
23 | 
24 | 解码后的class可以拖入IDEA进行反编译，对比原始java代码效果如下
25 | 
26 | ![反编译对比](./screenshot/decoded.png)
27 | 
28 | 


--------------------------------------------------------------------------------
/screenshot/decoded.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/f1tz/BCELCodeman/8eecb2227d54a10de6994a5ebd1f6ef41e56fff8/screenshot/decoded.png


--------------------------------------------------------------------------------
/screenshot/jar_example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/f1tz/BCELCodeman/8eecb2227d54a10de6994a5ebd1f6ef41e56fff8/screenshot/jar_example.png


--------------------------------------------------------------------------------
/src/Main.java:
--------------------------------------------------------------------------------
 1 | import com.sun.org.apache.bcel.internal.classfile.Utility;
 2 | 
 3 | import java.io.FileNotFoundException;
 4 | import java.io.FileOutputStream;
 5 | import java.io.IOException;
 6 | import java.nio.ByteBuffer;
 7 | import java.nio.channels.FileChannel;
 8 | import java.nio.file.Files;
 9 | import java.nio.file.Path;
10 | import java.nio.file.Paths;
11 | 
12 | public class Main {
13 |     public static void main(String[] args) {
14 |         String helpMsg = "---------Example---------\n"
15 |                         + "Decode:\n"
16 |                         + "java -jar BCELCodeman.jar d [BCEL_CODE]\n"
17 |                         + "Encode:\n"
18 |                         + "java -jar BCELCodeman.jar e [Class_Filepath]\n\n"
19 |                         + "  -=Coding By F1tz=-";
20 |         try{
21 |             switch (args[0]){
22 |                 case "d" :
23 |                     String bcelCode = args[1];
24 |                     decode(bcelCode);
25 |                     break;
26 |                 case "e" :
27 |                     String classPath = args[1];
28 |                     encode(classPath);
29 |                     break;
30 |                 default :
31 |                     System.out.println(helpMsg);
32 |             }
33 |         }catch (Exception e){
34 |             System.out.println(helpMsg);
35 |             return;
36 |         }
37 |     }
38 | 
39 |     public static void decode(String cdata){
40 |         String path = "./Decoded.class";
41 |         if(cdata.startsWith("$$BCEL$$")){
42 |             cdata = cdata.substring(8);
43 |         }
44 |         String cryptdata= cdata;
45 |         FileOutputStream fos = null;
46 |         FileChannel channel = null;
47 |         try {
48 |             fos = new FileOutputStream(path);
49 |             channel = fos.getChannel();
50 |             byte[] array =  Utility.decode(cryptdata,true);
51 |             ByteBuffer buffer = ByteBuffer.wrap(array);
52 |             channel.write(buffer);
53 |             System.out.println("[*] Decode BCELcode successfully, find Class file in ./Decoded.class");
54 |         } catch (FileNotFoundException e) {
55 |             e.printStackTrace();
56 |         } catch (IOException e) {
57 |             e.printStackTrace();
58 |         } finally {
59 |             try {
60 |                 channel.close();
61 |                 fos.close();
62 |             } catch (IOException e) {
63 |                 e.printStackTrace();
64 |             }
65 |         }
66 |     }
67 | 
68 |     public static void encode(String Classpath) {
69 |         Path path = Paths.get(Classpath);
70 |         try {
71 |             byte[] data = Files.readAllBytes(path);
72 |             String s = Utility.encode(data, true);
73 |             System.out.println("$$BCEL$$" + s);
74 |             System.out.println("\n[*] Encode BCELcode successfully. Have fun :)");
75 |         }catch (IOException e){
76 |             e.printStackTrace();
77 |         }
78 |     }
79 | }
80 | 


--------------------------------------------------------------------------------