Skip to content

Getting Started

Jump to bottom Edit New page
Janmm14 edited this page Jul 24, 2021 · 5 revisions

Getting Started with Java-Deobfuscator

In this tutorial, you will learn how to use Java-Deobfuscator. Before diving into steps, keep in mind that we won't actually deobfuscate any jar until next tutorial. This tutorial is just about how you would prepare deobfuscator to run.

Installing and Preparing Files

  • Download the latest release of Java-Deobfuscator
  • Create a folder somewhere that you want to use as a workspace for deobfuscating processes
  • Move deobfuscator.jar to the workspace folder
  • (Optional) Create separate folders for input and output jars

In the next steps, we will prepare the workspace to run the deobfuscator properly, there are several ways that you can run java-deobfuscator, but the easiest and the most efficient way is using deobfuscator-gui.

Using deobfuscator-gui

  • Download the latest release of deobfuscator-gui
  • Move deobfuscator-gui.jar to the workspace folder

From the command-line

  • Create a config file named config.yaml in the workspace with the following contents
input: input.jar
output: output.jar
detect: false
transformers:
  - [fully-qualified-name-of-transformer]
  • And then run it with: java -jar deobfuscator.jar --config config.yaml
  • Optional: Create a script named run with .bat on Windows, .sh on Linux in the workspace folder with the commandline.
    Windows users might want to add pause at the end, so it can be directly launched by double-clicking on the file.

Configuration

As mentioned earlier, we won't actually deobfuscate any jar now. But we will configure how to. You don't actually have to do these steps now as you don't know which obfuscator used. Just practice.

From deobfuscator-gui

  • Run deobfuscator-gui.jar directly
    desc
  • Select your input and output jars
  • Select the transformers that you've chosen
  • Some transformers have specific options, right-click on selected transformers to see and edit those.
  • (Optional) Most deobfuscation processes require rt.jar, so you may have to add it in Path tab. Something like C:/Program/Files/Java/jdk{version}/jre/lib/rt.jar on Windows.
  • (Info) You can save and load configs by using the corresponding buttons. In the top menu you can set whether the gui should save its configuration on close automatically.

Using a configuration file

  • Open config.yaml
  • Replace input.jar with your jar's path
  • Replace output.jar with a path
  • (Optional) You can use input and output folders you've created earlier
  • On Windows, You will need to use backslashes(\) instead of forward slashes(/) while writing paths.
  • Look for transformers you need.
  • Replace [fully-qualified-name-of-transformer] with fully qualified names of the transformers that you've chosen

Here are two examples of config.yaml:

input: C:\jd-workspace\input\crackme.jar
output: C:\jd-workspace\output\crackme-deobf.jar
detect: false
transformers:
 - special.RadonTransformer
input: .\input\crackme.jar
output: .\output\crackme-deobf.jar
detect: false
transformers:
 - general.removers.SyntheticBridgeRemover
 - general.removers.LineNumberRemover
  • (Optional) Most deobfuscation processes require rt.jar in the path, so you may have to add this to your config.yaml 
path:
 - "C:/Program Files/Java/jdk{version}/jre/lib/rt.jar"

Now, you know how to use Java-Deobfuscator, even if we didn't actually deobfuscate something. In the next tutorial, you will try to deobfuscate an actual jar with the corresponding transformers given.

Next Tutorial - Deobfuscation

Add a custom footer
Add a custom sidebar
Clone this wiki locally