Skip to content
This repository has been archived by the owner on Dec 4, 2024. It is now read-only.

Commit

Permalink
update readme
Browse files Browse the repository at this point in the history
  • Loading branch information
4ra1n committed Jan 16, 2024
1 parent 7f5147c commit da6154b
Show file tree
Hide file tree
Showing 5 changed files with 114 additions and 58 deletions.
31 changes: 0 additions & 31 deletions .github/ISSUE_TEMPLATE/bug-report.md

This file was deleted.

20 changes: 0 additions & 20 deletions .github/ISSUE_TEMPLATE/feature-request.md

This file was deleted.

14 changes: 8 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
# code-encryptor-plus
# code-encryptor

[![](https://img.shields.io/github/v/release/Y4Sec-Team/code-encryptor-plus)](https://github.com/Y4Sec-Team/code-encryptor-plus/releases/latest)
![](https://img.shields.io/github/downloads/Y4Sec-Team/code-encryptor-plus/total)
[English Doc](doc/README-en.md)

[![](https://img.shields.io/github/v/release/4ra1n/code-encryptor)](https://github.com/4ra1n/code-encryptor/releases/latest)
![](https://img.shields.io/github/downloads/4ra1n/code-encryptor/total)

## 介绍

Expand Down Expand Up @@ -42,15 +44,15 @@
加密你的`Jar`包:(指定`Jar`包和`package`加密包名以及密钥`key`

```shell
java -jar code-encryptor-plus.jar patch --jar your-jar.jar --package com.your.pack --key your-key
java -jar code-encryptor.jar patch --jar your-jar.jar --package com.your.pack --key your-key
```

![](img/004.png)

导出解密`DLL/SO`文件:(默认导出到`code-encryptor-plus-temp`目录不建议修改)
导出解密`DLL/SO`文件:(默认导出到`code-encryptor-temp`目录不建议修改)

```shell
java -jar code-encryptor-plus.jar export
java -jar code-encryptor.jar export
```

![](img/005.png)
Expand Down
105 changes: 105 additions & 0 deletions doc/README-en.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
# code-encryptor

[![](https://img.shields.io/github/v/release/4ra1n/code-encryptor)](https://github.com/4ra1n/code-encryptor/releases/latest)
![](https://img.shields.io/github/downloads/4ra1n/code-encryptor/total)

## Introduction

Encrypt bytecode using `JNI`, and decrypt it via `JVMTI` to protect the code.

Provides two `DLL` files, one for encryption and the other for decryption. For actual operation, only the decryption `DLL` is needed. Supports custom keys and package names.

The encrypted `Class` files become malformed and uninterpretable.

![jd-gui](../img/002.png)

Apart from the initial `Magic` part, the subsequent bytes are uninterpretable.

![hex](../img/003.png)

Launching with specified parameters can prevent `Java Agent` from dynamically dumping the bytecode.

![](../img/007.png)

For more experienced hackers, they might think of using `sa-jdi`'s `HSDB` to dump the bytecode.

Taking inspiration from Master Beichen's discussion, I disabled the `gHotSpotVMStructs` function inside the `JVM`.

Supports `Windows` system.

![WINDOWS](../img/008.png)

Supports `Linux` system.

![LINUX](../img/009.png)

## Quick Start

The encryption and decryption use `C` for one layer of encryption and assembly for bitwise operation in the second layer. Compiled `Release` versions of `DLL/SO` files are provided to embed in the `Jar` package.

Built-in support is for `JDK-8`; other versions have not been tested. In theory, it requires replacing the `JNI.h` header file and recompiling. It supports both `Windows` and `Linux`.

Encrypt your `Jar` package: (Specify `Jar` package, `package` encryption package name, and `key`)

```shell
java -jar code-encryptor.jar patch --jar your-jar.jar --package com.your.pack --key your-key
```

![](../img/004.png)

Export the decryption `DLL/SO` file: (Default export to `code-encryptor-temp` directory, not recommended to modify)

```shell
java -jar code-encryptor.jar export
```

![](../img/005.png)

Launch the `Jar` package with the decryption `DLL/SO`: (Use the `-agentpath` parameter)

Note that two parameters `PACKAGE_NAME` and `KEY` are required.

Note: In some cases, it may not start the first time. Repeat the command to start.

```shell
java -XX:+DisableAttachMechanism -agentpath:D:\abs-path\decrypter.dll=PACKAGE_NAME=com.your.pack,KEY=your-key --jar your-jar.jar
```

![](../img/006.png)

## Features

Compared to publicly available articles/codes on the internet, this project has the following advantages and features:
- The original article fixed the package name, requiring users who want to encrypt their own package names to recompile the `DLL`.
- In the original article, the encryption and decryption `DLL` were the same, making it vulnerable to simple `JNI` call decryption.
- The original article's code was only at the `Demo` level and not ready for direct testing and use.
- The original article lacked a specific encryption algorithm, only employing simple operations that needed strengthening.
- There were some `BUGs` and optimization spaces in the original article's code.
- Employing certain magic operations to prevent bytecode from being `dumped`, further ensuring security.

Current encryption and decryption algorithms:
- Multiple bitwise operations, byte swapping, etc.
- Based on the `XXTEA` algorithm, with multiple rounds of encryption.
- Supports custom keys for further protection.

## Building

Compilation Environment:
- Windows 11 / Ubuntu 22.04
- JDK 8 / Maven
- MSVC + ml64 (Windows) / gcc + nasm (Linux)
- CMake 3.x
- Python 3.x

## Others

Not suitable for projects that scan for `class` files at startup (typical projects like `SpringBoot`).

Currently working on solving this issue.

## References

Thanks to the following projects or articles for their ideas:
- https://mp.weixin.qq.com/s/89Bmvy_uY97TZm3vR9lyWw
- https://juejin.cn/post/6844903487784894477
- https://github.com/sea-boat/ByteCodeEncrypt
2 changes: 1 addition & 1 deletion src/main/java/org/y4sec/encryptor/core/Constants.java
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ public interface Constants {
String DecrypterSo = "libdecrypter.so";
String EncryptorDLL = "libencryptor.dll";
String EncryptorSO = "libencryptor.so";
String TempDir = "code-encryptor-plus-temp";
String TempDir = "code-encryptor-temp";
String NewFileSuffix = "encrypted";
String DllFile = ".dll";
String SOFile = ".so";
Expand Down

0 comments on commit da6154b

Please sign in to comment.