SourceAgain and Java Decompilation - Updated 12/09/01 |
SourceAgain Professional begins a new generation of development tools for professional developers. Through state of the art flow analysis, SourceAgain Professional not only decompiles Java byte code, it also produces debugging information for the newly generated source file. The result is seamless debugging of executables, even though original source is not available.
A decompiler produces source code from a binary executable. This is the inverse operation of a compiler, which produces an executable from source code written in a particular source language. Decompilers have been developed for many source languages such as C and Smalltalk.
Programs which are written in Java are particularly amenable to decompilation because Java source code is typically compiled to Java byte code. Java byte code is a platform independent abstraction layer which can be executed through a Java Virtual Machine. The core design of Java byte code makes decompilation considerably easier than most development languages currently in use. Java byte code contains interface and type information which is not normally present in executables written in other source languages. This information is available so that Java programs can be verified as "safe" prior to their execution.
SourceAgain Professional was originally designed with the professional developer in mind. A common problem that arises when developing applets and applications in Java is difficulty understanding the semantics of third party class libraries. These libraries frequently operate differently on multiple platforms making the portability of the Java programming language largely a myth. SourceAgain Professional allows the developer to see the best possible documentation about a third party library: source code equivalent to the original.
SourceAgain Professional is particularly useful for recovery of lost or accidentally destroyed source code. While most developers are quite careful to make frequent backups of source, disaster still may occur. When it does, SourceAgain can recover days, weeks, or even months of development time. All that is needed for recovery is a recent executable.
Security professionals find SourceAgain useful in determining if applets or applications written in Java have a hostile or malicious design. The best way to determine the behavior of an executable without first running it is to look at the source code.
Analysis of compilers and optimizers is another excellent use of SourceAgain. To determine the effectiveness of several compilers and optimizers, a user can compile the original source code and then decompile it with SourceAgain. The reconstructed source code will clearly reveal which optimizations were applied when generating the executable.
SourceAgain examines Java byte code to produce a flow graph. From this graph, SourceAgain determines a collection of statements (i.e. while, for, if, throw, etc) which when compiled could produce such a graph. Therefore the resulting source code may not be identical to the original, but will indeed have the same semantics.
While decompiling Java byte code is easier than decompiling native executables, it is still a difficult task. Prior attempts at decompilation have been largely unsuccessful. SourceAgain, the leading decompiler on the market, illustrates that decompilation is not only possible, but useful to the developer.
Yes, if restricted to legal uses in the section "Why is a Java decompiler useful?" For the same reasons that one can photocopy a few pages from a book, a developer may disassemble or decompile executable content. We are protected by the notion of "fair-use". Reverse engineering of an entire application and shiping under a different name clearly violates both our license agreement with our end users, and this notion of "fair-use". It is not our objective to see our tool used in this manner.
The output of all current compilers on the market can be readily decompiled with SourceAgain. SourceAgain also works on most arbitrary byte code streams. These byte codes may have been hand crafted or the result of a compiler from a different source language.
There are a few constructs in arbitrary byte code which we do not currently handle. While we intend to be able to decompile all verifiable byte code, the usefulness of some of the generated code may be limited.
SourceAgain Personal is a standalone, command-line tool. It runs on Windows 95/98/2000/NT/XP and most UNIX platforms, including Solaris, Linux, and IRIX.
SourceAgain Professional adds one very important and useful feature. It augments byte code with debugging information. This allows programmers to step through code they never had WITHOUT recompiling. SourceAgain Pro generates a new source file and massages the original class file with debugging information that corresponds to the newly generated source file. A backup of the original class file is also created.
SourceAgain Pro is most useful when you are debugging code built on top of libraries, which describes almost all code written in Java. Debugging Java programs is easier and more productive with SourceAgain Pro.
On UNIX, SourceAgain Pro has a command line option to massage the class file. When the new class file is used inside any debugger, the newly generated source code will be shown.
Current obfuscators work by renaming symbols and types in the byte code to unreadable or otherwise illegal names. SourceAgain supports cross-module name unmangling. It renames all illegal names and types in an intelligent manner. The result is highly readable code even when the executable has been obfuscated. Since simple renaming does not fundamentally change the execution of the byte code, algorithms are still quite clear when decompiled with SourceAgain.
We worked on this problem for many years and determined that strong obfuscation is impossible. While name mangling provides a level of protetion, provably strong results are not possible.
SourceAgain and the Ahpah name are trademarks of Ahpah Software, Inc. All other trademarks are the registered property of their respective owners.
[Home] [Company Info] [Products] [Sales] [Support]
©2004 Ahpah Software, Inc.
info@ahpah.com