Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to run jar program after obfuscator #3

Closed
577fkj opened this issue Dec 15, 2022 · 11 comments
Closed

Unable to run jar program after obfuscator #3

577fkj opened this issue Dec 15, 2022 · 11 comments

Comments

@577fkj
Copy link

577fkj commented Dec 15, 2022
edited
Loading 

Error: Unable to initialize main class cn.fkj233.classfuck.Main
Caused by: java.lang.VerifyError: JVMVRFY021 已抛出对象不可抛出 类=cn/fkj233/classfuck/Main,方法=main([Ljava/lang/String;)V,pc=312
Exception Details:
  Location:
    cn/fkj233/classfuck/Main.main([Ljava/lang/String;)V @312: JBifeq
  Reason:
    A stackmap frame is expected at branch target 319.
  Exception Handler Table:
    bci [1651, 1692] => handler: 1744

-keep class cn.fkj233.classfuck.Main {
	*;
}
-keep class javassist.** {
	*;
}
-obfuscate-arithmetic,high class cn.fkj233.** {
	*;
}
-obfuscate-constants class cn.fkj233.** {
	*;
}
-obfuscate-control-flow class cn.fkj233.** {
	*;
}
-obfuscate-strings class cn.fkj233.** {
	*;
}

-keepattributes *Annotation*
-keepattributes Signature
-keepattributes InnerClasses
-keepattributes InnerClasses,EnclosingMethod

-obfuscationdictionary dic.txt
-classobfuscationdictionary dic.txt
-packageobfuscationdictionary dic.txt

-dontoptimize
-dontpreverify
-dontwarn
@romainthomas
Copy link
Member

I confirm that the root cause of this error is likely dProtect, could you attach the Java code associated with this error?

@577fkj
Copy link
Author

577fkj commented Dec 15, 2022
edited
Loading

I confirm that the root cause of this error is likely dProtect, could you attach the Java code associated with this error?

public class Main {
    /**
     * 入口方法
     *
     * @param args 参数
     */
    public static void main(String[] args) {
        Scanner scanner = new Scanner(System.in);

        //参数配置
        CmdLineOption cmd = new CmdLineOption();
        cmd.addOption("packages", true, "加密的包名(可为空,多个用\",\"分割)");
        cmd.addOption("pwd", true, "加密密码");
        cmd.addOption("code", true, "机器码");
        cmd.addOption("exclude", true, "排除的类名(可为空,多个用\",\"分割)");
        cmd.addOption("file", true, "加密的jar/war路径");
        cmd.addOption("libjars", true, "jar/war lib下的jar(可为空,多个用\",\"分割)");
        cmd.addOption("classpath", true, "依赖jar包目录(可为空,多个用\",\"分割)");
        cmd.addOption("cfgfiles", true, "需要加密的配置文件(可为空,多个用\",\"分割)");
        cmd.addOption("Y", false, "无需确认");
        cmd.addOption("debug", false, "调试模式");
        cmd.addOption("C", false, "生成机器码");
        cmd.parse(args);

        if (cmd.hasOption("C")) {
            makeCode();
            return;
        }

        //全部参数(需要加密的class路径,lib下的jar,包名,排除的class,依赖jar包路径,密码,机器码,需要加密的配置文件)
        String path=null,libjars,packages,excludeClass,classpath,password=null,code,cfgfiles;

        //没有参数手动输入
        if (args == null || args.length == 0) {
            while (StrUtils.isEmpty(path)) {
                Log.print("请输入需要加密的jar/war路径:");
                path = scanner.nextLine();
            }

            Log.print("请输入jar/war包lib下要加密jar文件名(多个用\",\"分割):");
            libjars = scanner.nextLine();

            Log.print("请输入需要加密的包名(可为空,多个用\",\"分割):");
            packages = scanner.nextLine();

            Log.print("请输入需要排除的类名(可为空,多个用\",\"分割):");
            excludeClass = scanner.nextLine();

            Log.print("请输入依赖jar包目录(可为空,多个用\",\"分割):");
            classpath = scanner.nextLine();

            Log.print("请输入要加密的配置文件名(可为空,多个用\",\"分割):");
            cfgfiles = scanner.nextLine();


            Log.print("请输入机器码(可为空):");
            code = scanner.nextLine();

            while (StrUtils.isEmpty(password)) {
                Log.print("请输入加密密码:");
                password = scanner.nextLine();
            }
        }else{//在参数中取
            path = cmd.getOptionValue("file", "");
            libjars = cmd.getOptionValue("libjars", "");
            packages = cmd.getOptionValue("packages", "");
            excludeClass = cmd.getOptionValue("exclude", "");
            classpath = cmd.getOptionValue("classpath", "");
            password = cmd.getOptionValue("pwd", "");
            code = cmd.getOptionValue("code", "");
            cfgfiles = cmd.getOptionValue("cfgfiles", "");
        }

        //test数据
        if ("1".equals(path)) {
            path = "/Users/roseboy/fsdownload/yiyon-package-liuyuan-1.0.0.jar";
            libjars = "yiyon-*.jar,aspectjweaver-1.8.13.jar,a.jar";
            packages = "cn.fkj233.classfuck.*";//包名过滤
            excludeClass = "org.spring.*";//排除的类
            password = "123456";
            classpath = "/Users/roseboy/code-space/apache-tomcat-8.5.32/lib";
            cfgfiles = "*.yml";
        } else if ("2".equals(path)) {
            path = "/Users/roseboy/code-space/pig_project/target/pig_project_maven.war";
            packages = "cn.fkj233";//包名过滤
            excludeClass = "org.spring";//排除的类
            password = "#";
            classpath = "/Users/roseboy/code-space/apache-tomcat-8.5.32/lib";
        } else if ("3".equals(path)) {
            path = "/Users/roseboy/Desktop/iyun.node.dicomserver.jar";
            packages = "com,org";//包名过滤
            password = "1234";
        }

        Log.println();
        Log.println("加密信息如下:");
        Log.println("-------------------------");
        Log.println("1. jar/war路径:      " + path);
        Log.println("2. lib下的jar:       " + libjars);
        Log.println("3. 包名前缀:          " + packages);
        Log.println("4. 排除的类名:        " + excludeClass);
        Log.println("5. 加密配置文件:      " + cfgfiles);
        Log.println("6. ClassPath:       " + classpath);
        Log.println("7. 密码:             " + password);
        Log.println("8. 机器码:           " + code);
        Log.println("-------------------------");
        Log.println();

        String yes;
        if (cmd.hasOption("Y")) {
            yes = "Y";
        } else {
            Log.println("确定执行吗?(Y/n)");
            yes = scanner.nextLine();
            while (!"n".equals(yes) && !"Y".equals(yes)) {
                Log.println("Yes or No ?[Y/n]");
                yes = scanner.nextLine();
            }
        }
        IoUtils.close(scanner);

        if (!"Y".equals(yes)) {
            Log.println("已取消!");
            return;
        }
        Log.println("处理中...");
        List<String> includeJarList = StrUtils.toList(libjars);
        List<String> packageList = StrUtils.toList(packages);
        List<String> excludeClassList = StrUtils.toList(excludeClass);
        List<String> classPathList = StrUtils.toList(classpath);
        List<String> cfgFileList = StrUtils.toList(cfgfiles);
        includeJarList.add("-");

        JarEncryptor encryptor = new JarEncryptor(path, password.trim().toCharArray());
        encryptor.setCode(StrUtils.isEmpty(code) ? null : code.trim().toCharArray());
        encryptor.setPackages(packageList);
        encryptor.setIncludeJars(includeJarList);
        encryptor.setExcludeClass(excludeClassList);
        encryptor.setClassPath(classPathList);
        encryptor.setCfgfiles(cfgFileList);
        try {
            String result = encryptor.doEncryptJar();
            Log.println("加密完成,请牢记密码!");
            Log.println("==>" + result);
        } catch (Exception e) {
            //e.printStackTrace();
            Log.println("ERROR: " + e.getMessage());
        }
    }

    /**
     * 生成机器码
     */
    public static void makeCode() {
        String path = JarUtils.getRootPath(null);
        path = path.substring(0, path.lastIndexOf("/") + 1);

        String code = new String(SysUtils.makeMarchinCode());
        File file = new File(path, "classfuck-code.txt");
        IoUtils.writeTxtFile(file, code);
        Log.println("Server code is: " + code);
        Log.println("==>" + file.getAbsolutePath());
        Log.println();
    }
}

@romainthomas
Copy link
Member

Thank you, since this code depends on the classes StrUtils, JarEncryptor, could you attach code that I can compile to reproduce the error?

@577fkj
Copy link
Author

577fkj commented Dec 15, 2022
edited
Loading

Thank you, since this code depends on the classes StrUtils, JarEncryptor, could you attach code that I can compile to reproduce the error?

helloword.zip
jdk-17.0.1.12-openj9

@577fkj
Copy link
Author

577fkj commented Dec 15, 2022

Thank you, since this code depends on the classes StrUtils, JarEncryptor, could you attach code that I can compile to reproduce the error?

helloword.zip jdk-17.0.1.12-openj9

"C:\Program Files\Semeru\jdk-17.0.1.12-openj9\bin\java.exe" -jar obf-helloword.jar
错误: 无法初始化主类 test.main
原因: java.lang.VerifyError: JVMVRFY021 已抛出对象不可抛出 类=test/main,方法=O0o0(Ljava/lang/String;)Ljava/lang/String;,pc=40
Exception Details:
  Location:
    test/main.O0o0(Ljava/lang/String;)Ljava/lang/String; @40: JBificmpge
  Reason:
    A stackmap frame is expected at branch target 347.

@577fkj
Copy link
Author

577fkj commented Dec 15, 2022

New bug....

"C:\Program Files\Semeru\jdk-17.0.1.12-openj9\bin\java.exe" -jar dprotect.jar -injars helloword-1.0-SNAPSHOT.jar -outjar obf-helloword.jar @proguard.pro
dProtect, version 1.0.0
Unexpected error
java.lang.NullPointerException: Cannot invoke "java.util.List.isEmpty()" because "strings" is null
        at dprotect.obfuscation.strings.StringObfuscator.<init>(StringObfuscator.java:57) ~[dprotect.jar:1.0.0]
        at dprotect.obfuscation.CodeObfuscator.runStringObfuscation(CodeObfuscator.java:171) ~[dprotect.jar:1.0.0]
        at dprotect.obfuscation.CodeObfuscator.obfuscate(CodeObfuscator.java:100) ~[dprotect.jar:1.0.0]
        at dprotect.obfuscation.CodeObfuscator.execute(CodeObfuscator.java:74) ~[dprotect.jar:1.0.0]
        at proguard.pass.PassRunner.run(PassRunner.java:24) ~[dprotect.jar:1.0.0]
        at dprotect.DProtect.obfuscate(DProtect.java:507) ~[dprotect.jar:1.0.0]
        at dprotect.DProtect.execute(DProtect.java:204) ~[dprotect.jar:1.0.0]
        at dprotect.DProtect.main(DProtect.java:664) ~[dprotect.jar:1.0.0]

-keep class test.main {
	public static void main(...);
}
#-obfuscate-arithmetic,high class test.** { *; }
#-obfuscate-constants class test.** { *; }
#-obfuscate-control-flow class test.** { *; }
#-obfuscate-strings class test.** { *; }

-keepattributes *Annotation*
-keepattributes Signature
-keepattributes InnerClasses
-keepattributes InnerClasses,EnclosingMethod

-obfuscationdictionary dic.txt
-classobfuscationdictionary dic.txt
-packageobfuscationdictionary dic.txt

-dontoptimize
-dontpreverify
-dontwarn

@romainthomas
Copy link
Member

Thank you, the last bug is fixed with f9da3a0

@577fkj
Copy link
Author

577fkj commented Dec 15, 2022

Thank you, the last bug is fixed with f9da3a0

Ok, I got it.

#3 (comment)
This problem seems to be caused by string encryption. It can work normally without string encryption.

@577fkj
Copy link
Author

577fkj commented Dec 15, 2022

image

@romainthomas
Copy link
Member

Removing -dontpreverify in you configuration fixes the issue.

@nthieu90official
Copy link

Thank you, the last bug is fixed with f9da3a0

Hi @romainthomas,
Which version will be included this fix?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@romainthomas @577fkj @nthieu90official