安装Java 17
https://www.oracle.com/java/technologies/javase/jdk17-archive-downloads.html
1 2 3 4 5 6 7 8 9
| export JDK_VERSION=jdk-17.0.3.1 tar xvf ${JDK_VERSION}_linux-x64_bin.tar.gz -C /usr/lib/jvm/ update-alternatives --install /usr/bin/java java /usr/lib/jvm/${JDK_VERSION}/bin/java 1 update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/${JDK_VERSION}/bin/javac 1 update-alternatives --install /usr/bin/jar jar /usr/lib/jvm/${JDK_VERSION}/bin/jar 1 update-alternatives --set java /usr/lib/jvm/${JDK_VERSION}/bin/java update-alternatives --set javac /usr/lib/jvm/${JDK_VERSION}/bin/javac update-alternatives --set jar /usr/lib/jvm/${JDK_VERSION}/bin/jar java -version
|
编译fernflower
1 2 3 4
| git clone https://github.com/JetBrains/intellij-community/ cd intellij-community/plugins/java-decompiler/engine/ ./gradlew build cp build/libs/fernflower.jar /tmp/
|
反编译jar文件
1
| java -cp fernflower.jar org.jetbrains.java.decompiler.main.decompiler.ConsoleDecompiler -dgs=true /tmp/cobaltstrike_4.5_original.jar /tmp/decompiled
|
编译修改好的Java程序
1 2 3 4
| javac -classpath CobaltStrike_4.5_original.jar Aggressor.java javac -classpath CobaltStrike_4.5_original.jar AggressorClient.java javac -classpath CobaltStrike_4.5_original.jar AuthCrypto.java javac -classpath CobaltStrike_4.5_original.jar BeaconData.java
|
DONE!
1 2 3 4
| jar uf cobaltstrike_4.5_original.jar Aggressor.class ... ... ...
|