This repository has been archived by the owner on Dec 4, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 5c54160
Showing
55 changed files
with
2,495 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| name: java action | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ "master" ] | ||
|
|
||
| jobs: | ||
|
|
||
| build: | ||
|
|
||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: Set up JDK 8 | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: '8' | ||
| distribution: 'temurin' | ||
| cache: maven | ||
| - name: Build with Maven | ||
| run: mvn -B package --file pom.xml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| name: linux action | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
|
|
||
| build: | ||
|
|
||
| runs-on: ubuntu-latest | ||
| if: github.event_name == 'workflow_dispatch' | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: environment init | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install -y ca-certificates | ||
| sudo apt-get install zip unzip wget ninja-build gcc g++ openjdk-8-jdk nasm python3 execstack | ||
| - name: get cmake | ||
| run: | | ||
| wget https://cmake.org/files/v3.28/cmake-3.28.0-linux-x86_64.tar.gz | ||
| tar -zxvf cmake-3.28.0-linux-x86_64.tar.gz | ||
| - name: build | ||
| run: | | ||
| cd native | ||
| ../cmake-3.28.0-linux-x86_64/bin/cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_MAKE_PROGRAM=ninja -G Ninja -S . -B build-release | ||
| ../cmake-3.28.0-linux-x86_64/bin/cmake --build build-release --target all | ||
| python3 main.py | ||
| zip -r build-linux.zip target/* | ||
| - name: upload | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: build-artifact | ||
| path: native/build-linux.zip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| target/ | ||
| !.mvn/wrapper/maven-wrapper.jar | ||
| !**/src/main/**/target/ | ||
| !**/src/test/**/target/ | ||
|
|
||
| ### IntelliJ IDEA ### | ||
| .idea/modules.xml | ||
| .idea/jarRepositories.xml | ||
| .idea/compiler.xml | ||
| .idea/libraries/ | ||
| *.iws | ||
| *.iml | ||
| *.ipr | ||
|
|
||
| ### Eclipse ### | ||
| .apt_generated | ||
| .classpath | ||
| .factorypath | ||
| .project | ||
| .settings | ||
| .springBeans | ||
| .sts4-cache | ||
|
|
||
| ### NetBeans ### | ||
| /nbproject/private/ | ||
| /nbbuild/ | ||
| /dist/ | ||
| /nbdist/ | ||
| /.nb-gradle/ | ||
| build/ | ||
| !**/src/main/**/build/ | ||
| !**/src/test/**/build/ | ||
|
|
||
| ### VS Code ### | ||
| .vscode/ | ||
|
|
||
| ### Mac OS ### | ||
| .DS_Store | ||
|
|
||
| ### Others ### | ||
| .idea/ | ||
| cmake-build-debug/ | ||
| cmake-build-release/ | ||
| build-release/ | ||
| *.exe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| ## 0.1 | ||
|
|
||
| 第一个版本: | ||
| - code-encryptor-plus-0.0.1-cli.jar | ||
| - code-encryptor-plus-0.0.1-gui.jar | ||
|
|
||
| 提供 GUI 和 CLI 两个版本,CLI 版本分为 patch 和 export 两个命令 | ||
| - patch 命令用于加密输入的 jar 包 | ||
| - export 命令用于导出对应的 dll 解密库 | ||
|
|
||
| GUI 版本的使用和 CLI 版本基本一致,具体参考 README 文件 | ||
|
|
||
| 目前的加密算法: | ||
| - 汇编实现的多层位运算,交换字节等 | ||
| - 三次XXTEA算法,抽取 10-34 位字节 | ||
|
|
||
| 适用环境: | ||
| - Windows 64 位 (Linux环境需要重写) | ||
| - JDK 8 (其他版本可以自行编译) | ||
|
|
||
| ## 0.2 | ||
|
|
||
| 两个重要功能的更新: | ||
| - 支持了`linux`系统 | ||
| - 支持了自定义加密密钥 | ||
|
|
||
| 更新日志: | ||
| - 基于`gcc`和`nasm`支持`linux x86_64 (amd64)` | ||
| - 支持`Windows`和`Linux`任意密钥加密解密 | ||
| - 使用`execstack`为`so`库修改堆栈可执行属性 | ||
| - 汇编中部分寄存器忘记恢复状态导致某些`JVM`崩溃 | ||
| - 修复`linux`中字符串处理函数的缓冲区溢出问题 | ||
| - 修改`README`部分应该使用`-agentpath`启动 | ||
| - 优化重构`Java`层代码,抽出工具类等 | ||
| - 避免重复宏定义的问题 | ||
|
|
||
| ## 0.3 | ||
|
|
||
| 修改`JVM`阻止通过`HSDB`以`dump`字节码,支持`linux`和`windows` | ||
|
|
||
| 更新日志: | ||
| - [FEATURE] 参考`beichen`师傅议题阻止dump字节码的方法 #6 | ||
| - [FEATURE] 应该对完整的所有的字节码进行加密 #3 | ||
| [FEATURE] GUI 加入密钥部分 #2 | ||
| - [FEATURE] GUI 和命令行都应该加入自动生成运行命令部分 #7 | ||
| - [FEATURE] 优化打印的日志以及调试信息 #4 | ||
| - [FEATURE] ENGLISH DOC #1 | ||
| - 代码和文档的优化 | ||
|
|
||
| 提供 GUI 和 CLI 两个版本,CLI 版本分为 patch 和 export 两个命令 | ||
| - patch 命令用于加密输入的 jar 包 | ||
| - export 命令用于导出对应的 dll 解密库 | ||
|
|
||
| GUI 版本的使用和 CLI 版本基本一致,具体参考 README 文件 | ||
|
|
||
| ## 0.4 | ||
|
|
||
| 更新日志: | ||
| - 优化`native`层的代码 | ||
| - 优化`README`说明文档 | ||
|
|
||
| 提供 GUI 和 CLI 两个版本,CLI 版本分为 patch 和 export 两个命令 | ||
| - patch 命令用于加密输入的 jar 包 | ||
| - export 命令用于导出对应的 dll/so 解密库 | ||
|
|
||
| GUI 版本的使用和 CLI 版本基本一致,具体参考 README 文件 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| FROM ubuntu:22.04 | ||
|
|
||
| LABEL author="4ra1n" | ||
| LABEL github="https://github.com/4ra1n" | ||
|
|
||
| ENV CODE_ENC_VER 0.4 | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| RUN apt-get update && apt-get install -y ca-certificates --reinstall | ||
|
|
||
| RUN echo "\ | ||
| deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy main restricted universe multiverse\n\ | ||
| deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse\n\ | ||
| deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse\n\ | ||
| deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse" | tee /etc/apt/sources.list \ | ||
| && apt-get update && apt-get install -y zip unzip wget ninja-build gcc g++ openjdk-8-jdk nasm python3 execstack | ||
|
|
||
| COPY . . | ||
|
|
||
| RUN wget https://cmake.org/files/v3.28/cmake-3.28.0-linux-x86_64.tar.gz && \ | ||
| tar -zxvf cmake-3.28.0-linux-x86_64.tar.gz | ||
|
|
||
| ENV PATH="${PATH}:/app/cmake-3.28.0-linux-x86_64/bin" | ||
|
|
||
| RUN cd native && \ | ||
| cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_MAKE_PROGRAM=ninja -G Ninja -S . -B build-release && \ | ||
| cmake --build build-release --target all && \ | ||
| python3 main.py && \ | ||
| zip -r ../build.zip target/* | ||
|
|
||
| CMD ["echo", "build code-encryptor ${CODE_ENC_VER} completed - /app/build.zip"] | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| MIT License | ||
|
|
||
| Copyright (c) 2023 4ra1n | ||
|
|
||
| Permission is hereby granted, free of charge, to any person obtaining a copy | ||
| of this software and associated documentation files (the "Software"), to deal | ||
| in the Software without restriction, including without limitation the rights | ||
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
| copies of the Software, and to permit persons to whom the Software is | ||
| furnished to do so, subject to the following conditions: | ||
|
|
||
| The above copyright notice and this permission notice shall be included in all | ||
| copies or substantial portions of the Software. | ||
|
|
||
| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
| IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
| FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
| AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
| LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
| OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
| SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,107 @@ | ||
| # code-encryptor | ||
|
|
||
| [English Doc](doc/README-en.md) | ||
|
|
||
| [](https://github.com/4ra1n/code-encryptor/releases/latest) | ||
|  | ||
|
|
||
| ## 介绍 | ||
|
|
||
| 使用`JNI`加密字节码,通过`JVMTI`解密字节码以保护代码 | ||
|
|
||
| 提供两份`DLL`文件,一份加密一份解密,实际运行只需使用解密`DLL`文件,支持自定义密钥和包名 | ||
|
|
||
| 加密后的`Class`文件变成无法解析的畸形文件 | ||
|
|
||
|  | ||
|
|
||
| 除了开头保持了`Magic`部分,后续是无法解析的字节 | ||
|
|
||
|  | ||
|
|
||
| 使用指定参数启动即可禁止 `Java Agent` 动态 `dump` 字节码 | ||
|
|
||
|  | ||
|
|
||
| 对于更资深的黑客,他们会想到 `sa-jdi` 的 `HSDB` 来 `dump` 字节码 | ||
|
|
||
| 我参考 `Beichen` 师傅议题的思路,从 `JVM` 里禁用了 `gHotSpotVMStructs` 函数 | ||
|
|
||
| 支持 `Windows` 系统 | ||
|
|
||
|  | ||
|
|
||
| 支持 `Linux` 系统 | ||
|
|
||
|  | ||
|
|
||
| ## 快速开始 | ||
|
|
||
| 加密解密部分使用`C`做一层加密,使用汇编做位运算二层加密,已提供编译好的`Release`版本`DLL/SO`文件嵌入`Jar`包中 | ||
|
|
||
| 内置支持是`JDK-8`,其他版本未测试,理论上需要更换`JNI.h`头文件重新编译,已支持`Windows`和`Linux` | ||
|
|
||
| 加密你的`Jar`包:(指定`Jar`包和`package`加密包名以及密钥`key`) | ||
|
|
||
| ```shell | ||
| java -jar code-encryptor.jar patch --jar your-jar.jar --package com.your.pack --key your-key | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| 导出解密`DLL/SO`文件:(默认导出到`code-encryptor-temp`目录不建议修改) | ||
|
|
||
| ```shell | ||
| java -jar code-encryptor.jar export | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| 使用解密`DLL/SO`启动`Jar`包:(使用`-agentpath`参数) | ||
|
|
||
| 注意必须有两个参数`PACKAGE_NAME`和`KEY` | ||
|
|
||
| 注意:某些情况下可能第一次无法启动,重复使用命令启动即可 | ||
|
|
||
| ```shell | ||
| java -XX:+DisableAttachMechanism -agentpath:D:\abs-path\decrypter.dll=PACKAGE_NAME=com.your.pack,KEY=your-key --jar your-jar.jar | ||
| ``` | ||
|
|
||
|  | ||
|
|
||
| ## 特点 | ||
|
|
||
| 本项目相比于网上公开的文章/代码,优势和特点有以下几条: | ||
| - 原文章固定了包名,用户想加密自己的包名需要重新编译`DLL` | ||
| - 原文章加密和解密`DLL`是同一个,这样只用`JNI`调用下加密即可破解 | ||
| - 原文章的代码仅是`Demo`级别,无法直接上手测试和使用 | ||
| - 原文章没有加入具体的加密算法,仅是简单的运算,需要加强 | ||
| - 原文章的代码存在一些`BUG`和优化空间 | ||
| - 使用某些魔法操作,使字节码无法被 `dump` 进一步保证安全 | ||
|
|
||
| 目前的加密解密算法: | ||
| - 多次位运算,交换字节等 | ||
| - 基于`XXTEA`算法,多轮加密 | ||
| - 支持自定义密钥,进一步保护 | ||
|
|
||
| ## 构建 | ||
|
|
||
| 编译环境: | ||
| - Windows 11 / Ubuntu 22.04 | ||
| - JDK 8 / Maven | ||
| - MSVC + ml64 (Windows) / gcc + nasm (Linux) | ||
| - CMake 3.x | ||
| - Python 3.x | ||
|
|
||
| ## 其他 | ||
|
|
||
| 不适用于启动扫描 `class` 的项目(典型的项目比如`SpringBoot`) | ||
|
|
||
| 正在想办法解决这个问题 | ||
|
|
||
| ## 参考 | ||
|
|
||
| 感谢以下项目或文章提供的思路: | ||
| - https://mp.weixin.qq.com/s/89Bmvy_uY97TZm3vR9lyWw | ||
| - https://juejin.cn/post/6844903487784894477 | ||
| - https://github.com/sea-boat/ByteCodeEncrypt |
Oops, something went wrong.