Java reversing tips

Perhaps this post should be titled "Java un-reversing tips" since I'll start by assuming you've decompiled your .class files, modified the sources and are ready to get the modified jar running again.

A few things have to happen. First, you probably should have only de-compiled the single .java file you were interested in modifying. In my experience decompilers are far from perfect, so each file takes a bit of coercing before it will compile again.

The command you'll want to use to recompile that single file is something like:

javac -cp ../original.jar com/whatever/DecompiledAndModified.java

This will let DecompiledAndModified.java's dependencies resolve against the original.jar so you don't have to mess with more sources.

Assuming you've unzipped the jar somewhere (mkdir -p /tmp/original && cd /tmp/original && unzip original.jar), you'll want to remove any security checksums in the META-INF folder. There might be more than this, but here's a start:

rm META-INF/*.SF META-INF/*.RSA
echo 'Manifest-Version: 1.0' > META-INF/MANIFEST.MF

Copy the .class file output from the javac command above into the folder of unzipped sources, overwriting the original, and zip it all back up:

zip -r ../modified.jar *

Run it!