安装Java 17
https://www.oracle.com/java/technologies/javase/jdk17-archive-downloads.html
1
2
3
4
5
6
7
8
9
| export JDK_VERSION=jdk-17.0.3.1
tar xvf ${JDK_VERSION}_linux-x64_bin.tar.gz -C /usr/lib/jvm/
update-alternatives --install /usr/bin/java java /usr/lib/jvm/${JDK_VERSION}/bin/java 1
update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/${JDK_VERSION}/bin/javac 1
update-alternatives --install /usr/bin/jar jar /usr/lib/jvm/${JDK_VERSION}/bin/jar 1
update-alternatives --set java /usr/lib/jvm/${JDK_VERSION}/bin/java
update-alternatives --set javac /usr/lib/jvm/${JDK_VERSION}/bin/javac
update-alternatives --set jar /usr/lib/jvm/${JDK_VERSION}/bin/jar
java -version
|
编译fernflower
1
2
3
4
| git clone https://github.com/JetBrains/intellij-community/
cd intellij-community/plugins/java-decompiler/engine/
./gradlew build
cp build/libs/fernflower.jar /tmp/
|
反编译jar文件
1
| java -cp fernflower.jar org.jetbrains.java.decompiler.main.decompiler.ConsoleDecompiler -dgs=true /tmp/cobaltstrike_4.5_original.jar /tmp/decompiled
|
编译修改好的Java程序
1
2
3
4
| javac -classpath CobaltStrike_4.5_original.jar Aggressor.java
javac -classpath CobaltStrike_4.5_original.jar AggressorClient.java
javac -classpath CobaltStrike_4.5_original.jar AuthCrypto.java
javac -classpath CobaltStrike_4.5_original.jar BeaconData.java
|
DONE!
1
2
3
4
| jar uf cobaltstrike_4.5_original.jar Aggressor.class
...
...
...
|