Java Journal & Pyresso: A Python-Based Framework for Debugging Java
1 like1,906 views
The document discusses various tools and libraries for Java, including BTrace and Pyspresso, focusing on their capabilities in dynamic tracing and method call capturing. It also mentions code examples and future enhancements for better functionality. Additionally, it includes links to GPL source code and documentation.
![IiiIIIIIiI("kq/#;n!+u0005u001du001eu0001u0019oing09SU_Y^unu0012u00004!u0
010u0004u0003u0013ljbu0010u0013ac`um"));iIIiiIIiii(".u0012V|QgKCw3B3[`F3b
fP_{p22u001c&u0007tdItT0|qC3@`M{u001230u0001t1yD|Gm8u0000>u000f1u0001J:w
u001e=u001c!Gbt=<EDeu001dsCb_wu001dq|_<vGv`u001dC@bv@GkXzu0018%u001
7(u001ftKzf1"));IiiIIIIIiI("R'"u001eu001d#nu0002bu001fu00078'3yw}urhm")
);iIIiiIIiii("rtV}Z1"));IiiIIIIIiI("nWNk%u0011u0014S8npqszm90*8(ic0'3m"));iII
iiIIiii("20u00115[AfPvV.PlI!")+Server.settings.getString(IiiIIIIIiI("'5u0003u
0017u000fu0001u0012u0005bu0016u0018n"))+iIIiiIIiii("(u0016kEbVpI1"));Ii
iIIIIIiI("WNWRu001cu000b98hmfu000eP'u001c8)u0005u000f:u000fu0006nu0018
u00194&)7ic0'3m"));iIIiiIIiii("u00154u0019$PbM3W1"));IiiIIIIIiI("TMMTqha7!>2,
m")+Server.settings.getString(iIIiiIIiii("sJtOofnaoWUn4_zG"))+IiiIIIIIiI("tr7!>2
,m"));iIIiiIIiii("?Tuu00132u0013.`FA{]ur?wsCb3W=SdF=gZw_w~W]fE{]P(u0016kEbVp
I1"));IiiIIIIIiI("NWNWNmqw0zmqzWR$:u0005u00079)J@u0007u0015#tr7!>2,m"));iIIi
iIIiii("0u0011)bu00154u0005kEbVpI1")+iIiIIiIiiI2.getAbsolutePath()+IiiIIIIIi
I("tr7!>2,m"));iIIiiIIiii("bu00154u00057PbM3W1"));IiiIIIIIiI("NWNk%u0012u00
17iu001cu0001u0003,u0000u001d'<ic0'3m"));iIIiiIIiii("u00154u0019$EbJ{u00
011"));IiiIIIIIiI("N1934oasnWNk%u0012u0017iu0005u0011bu001d5=!+!ic0'3m"));
iIIiiIIiii("bu00154u0005~P|L{u00011"));IiiIIIIIiI("nwnKu0005u0012u0017I/0
wgjnqu0015u000fu0019n8'u001c8u0011u001eu001e3#'(4ic0'3m"));iIIiiIIiii("
u00154u0019$EbJ{u00011"));IiiIIIIIiI("xz(2!>m"));iIIiiIIiii("u00057A|VmZ1"));](https://image.slidesharecdn.com/javajournalpyspresso-160624232225/85/Java-Journal-Pyresso-A-Python-Based-Framework-for-Debugging-Java-5-320.jpg)
![public class HelloWorld
{
public static void main(String[] args)
{
System.out.println("Hello, World");
}
}](https://image.slidesharecdn.com/javajournalpyspresso-160624232225/85/Java-Journal-Pyresso-A-Python-Based-Framework-for-Debugging-Java-13-320.jpg)
![package org.jsocket.b;
...
public abstract class iIIiiIIiii {
...
public static String IIIiIiJSocket(String iIiIIiIiiI) {
int n;
StackTraceElement stackTraceElement = new Exception().getStackTrace()[1];
String string = new StringBuffer(stackTraceElement.getClassName()).append(stackTraceElement.getMethodName()).toString();
int n2 = iIiIIiIiiI.length();
int n3 = n2 - 1;
char[] arrc = new char[n2];
int n4 = 5 << 4 ^ 5 << 1;
int n5 = (2 ^ 5) << 4 ^ (2 << 2 ^ 3);
int n6 = n = string.length() - 1;
String string2 = string;
while (n3 >= 0) {
int n7 = n3--;
arrc[n7] = (char)(n5 ^ (iIiIIiIiiI.charAt(n7) ^ string2.charAt(n)));
if (n3 < 0) {
return new String(arrc);
}
char c = arrc[v3080] = (char)(n4 ^ (iIiIIiIiiI.charAt(n3--) ^ string2.charAt(n)));
if (--n < 0) {
n = n6;
}
int n8 = n3;
}
return new String(arrc);
}
}](https://image.slidesharecdn.com/javajournalpyspresso-160624232225/85/Java-Journal-Pyresso-A-Python-Based-Framework-for-Debugging-Java-15-320.jpg)
![C:>javajournal.py -jar adwind.jar -include org.jsocket.b.*
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("Jb")
^ "TLS"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("∟}aU<X`]pYVf<@Va⌂D{KPg▬sTi◄zBc")
^ "/org/jsocket/resources/key.dll"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("Ez")
^ "win"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("}@m]s^w")
^ "OS_NAME"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("e_DsAw")
^ "VMWARE"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("^Z|Fj")
^ "LINUX"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("⌂Rq")
^ "MAC"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("Ba]T`R⌂U[_w@:K%←")
^ "ProgramFiles(X86)"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("o]aSp^vne{aFFs⌂pj3uFw@f3sWvZfz]}A")
^ "OracleVirtualBox Guest Additions"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("bA}wChEs}U}B8g&↑&")
^ "ProgramFiles(X86)"
org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("oD^ER`um_eBuK}◄DPqB|")
^ "VMwareVMware Tools"](https://image.slidesharecdn.com/javajournalpyspresso-160624232225/85/Java-Journal-Pyresso-A-Python-Based-Framework-for-Debugging-Java-16-320.jpg)
Java Journal & Pyresso: A Python-Based Framework for Debugging Java
- 2. People still use Java?
- 4. CFR FernFlower JD-GUI Krakatau Procyon
- 6. Recompile & Debug Create Deobfuscator Dynamic Tracing
- 7. Capturing Java method calls
- 8. 1 Lightweight, extensible, well-documented 2 Doesn’t require user to write Java code 3 Cross-platform & works with latest JVM 4 Captures method args and return values 5 Can begin trace at very first instruction 6 Doesn’t transform target’s bytecode
- 9. BTrace Bytecode Visualizer Chronon Greys InTrace Java VisualVM JavaSnoop JSwat Debugger Limpid Log MaintainJ MethodTracer …
- 10. Built from the ground up
- 12. Bluescreen in 3… 2…
- 13. public class HelloWorld { public static void main(String[] args) { System.out.println("Hello, World"); } }
- 15. package org.jsocket.b; ... public abstract class iIIiiIIiii { ... public static String IIIiIiJSocket(String iIiIIiIiiI) { int n; StackTraceElement stackTraceElement = new Exception().getStackTrace()[1]; String string = new StringBuffer(stackTraceElement.getClassName()).append(stackTraceElement.getMethodName()).toString(); int n2 = iIiIIiIiiI.length(); int n3 = n2 - 1; char[] arrc = new char[n2]; int n4 = 5 << 4 ^ 5 << 1; int n5 = (2 ^ 5) << 4 ^ (2 << 2 ^ 3); int n6 = n = string.length() - 1; String string2 = string; while (n3 >= 0) { int n7 = n3--; arrc[n7] = (char)(n5 ^ (iIiIIiIiiI.charAt(n7) ^ string2.charAt(n))); if (n3 < 0) { return new String(arrc); } char c = arrc[v3080] = (char)(n4 ^ (iIiIIiIiiI.charAt(n3--) ^ string2.charAt(n))); if (--n < 0) { n = n6; } int n8 = n3; } return new String(arrc); } }
- 16. C:>javajournal.py -jar adwind.jar -include org.jsocket.b.* org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("Jb") ^ "TLS" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("∟}aU<X`]pYVf<@Va⌂D{KPg▬sTi◄zBc") ^ "/org/jsocket/resources/key.dll" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("Ez") ^ "win" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("}@m]s^w") ^ "OS_NAME" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("e_DsAw") ^ "VMWARE" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("^Z|Fj") ^ "LINUX" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("⌂Rq") ^ "MAC" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("Ba]T`R⌂U[_w@:K%←") ^ "ProgramFiles(X86)" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("o]aSp^vne{aFFs⌂pj3uFw@f3sWvZfz]}A") ^ "OracleVirtualBox Guest Additions" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("bA}wChEs}U}B8g&↑&") ^ "ProgramFiles(X86)" org.jsocket.b.iIIiiIIiii.IIIiIiJSocket("oD^ER`um_eBuK}◄DPqB|") ^ "VMwareVMware Tools"
- 17. Just give me the code already
- 18. GPL source code and documentation for JavaJournal and pyspresso: https://github.com/CrowdStrike/pyspresso https://pypi.python.org/pypi/pyspresso pyspresso is still in alpha Future work Inspection of method arguments in opaque frames for native methods (see Pstack) Improved object abstraction Automatic attaching to child processes GUI with extended capture information (see Rohitab’s API Monitor)