{"id":13843006,"url":"https://github.com/0xrumble/BytecodeScreen","last_synced_at":"2025-07-11T17:33:01.682Z","repository":{"id":61677357,"uuid":"552321402","full_name":"0xrumble/BytecodeScreen","owner":"0xrumble","description":null,"archived":false,"fork":false,"pushed_at":"2022-11-04T09:28:08.000Z","size":38343,"stargazers_count":51,"open_issues_count":1,"forks_count":4,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-08-05T17:35:30.331Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xrumble.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-10-16T10:23:57.000Z","updated_at":"2024-03-12T08:20:49.000Z","dependencies_parsed_at":"2023-01-21T18:46:46.825Z","dependency_job_id":null,"html_url":"https://github.com/0xrumble/BytecodeScreen","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrumble%2FBytecodeScreen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrumble%2FBytecodeScreen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrumble%2FBytecodeScreen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrumble%2FBytecodeScreen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xrumble","download_url":"https://codeload.github.com/0xrumble/BytecodeScreen/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225745404,"owners_count":17517633,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:01:53.145Z","updated_at":"2024-11-21T14:30:36.999Z","avatar_url":"https://github.com/0xrumble.png","language":"Java","funding_links":[],"categories":["Java"],"sub_categories":[],"readme":"# 【BytecodeScreen】\n本工具设计初衷是由前阵子的beichen师傅挖掘的CS的RCE漏洞，因为刚毕业还在适应新的工作，上个月就一直工作很忙，产品果然没我想的这么好做。终于在国庆假期，可以好好的学习一下主管的这篇文章[https://mp.weixin.qq.com/s/l5e2p_WtYSCYYhYE0lzRdQ](https://mp.weixin.qq.com/s/l5e2p_WtYSCYYhYE0lzRdQ)，看到这个部分的时候有了一些思考![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1665928648372-ca485d99-7cec-42ef-85ea-0befa86ee120.png#clientId=u093b1d65-1a51-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=196\u0026id=u9d5dc17b\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=245\u0026originWidth=701\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=50123\u0026status=done\u0026style=none\u0026taskId=ube076e0d-1b77-4695-8211-091f2132b22\u0026title=\u0026width=560.8)\n\n这里是主管总结的符合此情况的类的要求。找了一遍网上的工具（可能是我找的不够仔细并且IDEA用的不够熟练），我第一时间没有找到可以帮我快速筛选的工具，昨天看了pang0lin师傅的文章，发现好像是存在这样的情况。\n之前跟着threedr3am,Longgofo,4ra1n,su18等很多师傅的文章学习了GadgetInspector代码和原理相关的知识，由此借鉴了很多的代码从而完成了一款基于ASM来获取字节码信息筛选的工具来应对此等情况。\n项目使用展示：\n```python\nD:\\Desktop\\BytecodeScreen_jar\u003ejava -jar BytecodeScreen.jar -h\n  ____        _                     _       _____\n |  _ \\      | |                   | |     / ____|\n | |_) |_   _| |_ ___  ___ ___   __| | ___| (___   ___ _ __ ___  ___ _ __\n |  _ \u003c| | | | __/ _ \\/ __/ _ \\ / _` |/ _ \\\\___ \\ / __| '__/ _ \\/ _ \\ '_ \\\n | |_) | |_| | ||  __/ (_| (_) | (_| |  __/____) | (__| | |  __/  __/ | | |\n |____/ \\__, |\\__\\___|\\___\\___/ \\__,_|\\___|_____/ \\___|_|  \\___|\\___|_| |_|\n         __/ |\n        |___/\n                                                                       ---Author 0xrumble\n\n=======================================================================================================================\nUsage: \u003cmain class\u003e [options]\n  Options:\n    --debug\n      make debug\n      Default: false\n    -h, --help\n      Help Info\n    -i, --interface\n      JAVA InterFace Name\n    --jar\n      use base rt.jar\n      Default: false\n    -m, --method\n      JAVA Method Name\n    -p, --paramter\n      JAVA Method Paramter Type\n    -r, --return\n      JAVA Method Return Paramter Type\n    --static\n      try do static\n      Default: false\n    -s, --superclass\n      JAVA SuperClass\n    -j, --targetpath\n      JAVA Target PATH\n```\n# 参数介绍\n## 基础参数\n### 参数使用\n```python\n-h --help: 输出help页面属性。\n--debug:   开启debug属性。\n-j --targetpath : 指定项目的主要扫描目标，最终结果由指定的路径决定（所有参数中出现的继承类和接口也需要被此处指明，如果扫描类为rt.jar包内，也可以加上--jar参数表示扫描rt.jar包内的类）\n   1.后面跟一个文件夹路径，会读取这个文件夹及子文件夹。例如：\n\t\t\t\t\t\t\t-j D:\\Desktop\\testts\\target\\classes\n   2.后面跟一个jar文件路径，会读取这个文件夹及子文件夹。例如：\n\t\t\t\t\t\t\t-j D:\\Desktop\\testts\\out\\artifacts\\testts_jar\\testts.jar\n   3.后面跟一个txt文件路径，会读取这个txt文件内的内容。例如：\n                        \t-j D:\\Desktop\\123.txt  \n\t\t\t\t\t\t\t   内容为（每行一个上面的路径形式）：\n\t\t\t\t\t\t\t\t D:\\Desktop\\testts\\out\\artifacts\\testts_jar\\testts.jar\n\t\t\t\t\t\t\t\t D:\\Desktop\\testts\\target\\classes\n```\n## 方法参数\n### 参数分类：\n#### 1.基本类型\nint,byte,char,double,float,long,short,boolean    例如：{(int)}  {(byte)}\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666072867907-12d8085e-f5dd-4f1a-b837-7d984264d4e1.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=74\u0026id=u2fdbc47c\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=92\u0026originWidth=1149\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=12692\u0026status=done\u0026style=none\u0026taskId=u3730b874-854c-4ec6-89d1-557b05a2b10\u0026title=\u0026width=919.2)\n#### 2.特殊类型\nvoid   例如：{(void)}\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666073710905-0594afb2-2486-4b44-9bbb-5eb321771bf6.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=70\u0026id=u578297b6\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=88\u0026originWidth=631\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=7921\u0026status=done\u0026style=none\u0026taskId=u3dbe8689-aa0b-4faa-b32b-b0fc5580b69\u0026title=\u0026width=504.8)\n#### 3.对象类型\n普通对象：全限定类名。例如：{(java.lang.String)}     ,    {( java.lang.Boolean)}\n数组对象：全限定类名+[]  例如：一维数组：{(java.lang.String[])}，二维数组：{{java.lang.String[][]}}\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666072376549-55180b24-5c7e-40ea-a02c-f57db58254c4.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=225\u0026id=ufc7c8c2a\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=281\u0026originWidth=667\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=28169\u0026status=done\u0026style=none\u0026taskId=ub62833e9-6570-4ce1-97ba-ddf65f847c3\u0026title=\u0026width=533.6)\n#### 4.内部类\n普通内部对象变量：全限定类名+$+内部类名。例如：{(infra.config.Configuration$Module)}\n数组内部对象变量：全限定类名+$+内部类名+[]  例如：{(infra.config.Configuration$Module[])}\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666024362056-b73ed4ae-073b-4b10-9a25-ed08d6a9ec58.png#clientId=u80dffb66-fee4-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=217\u0026id=u8d31dfbc\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=271\u0026originWidth=1047\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=49509\u0026status=done\u0026style=none\u0026taskId=u496934e5-54d6-423b-aed0-f5c3193a5b3\u0026title=\u0026width=837.6)\n### 参数使用\n```python\n-i, --interface   指定实现的全路径接口名称（多个用,分割） 例如：\n                             -i org.example.Interface3,org.example.Interface2 \n-s, --superclass  指定继承的全路径父类名称,例如：\n                             -s org.example.class1\n\n-m, --method      指定方法名称，例如：\n                        (确定的传入参数)   -m {(setpar1)}\n                       （不确定的传入参数） -m {(set*)} \n\n-p, --paramter    指定全路径的传入参数名称，例如：\n                             (确定的传入参数，多个用,分割)   -p {(java.lang.String)}\n                             (不确定的传入参数)             -p {(*)}        \t\n                             (没有传入参数)                 -p {(void)}\n-r, --return      指定全路径的返回值名称，例如：\n                             (确定的返回值)                 -r {(java.lang.String)}\n                             (不确定的返回值）              -r {(*)} \n                             (没有传入参数)                 -r {(void)}\n\n--static          扫描static方法，默认不查找static方法\n--jar             扫描默认jre路径下的rt.jar包\n```\n# 工具使用\n## 例子1：无参构造函数\n1.规定方法名称（构造方法用\u003cinit\u003e）\n2.参数确定（为空）\n3.返回值确定（为空）\n```python\njava -jar BytecodeScreen.jar -j D:\\Desktop\\123.txt -m \"{(\u003cinit\u003e)}\"  -p {(void)} -r {(void)}\n```\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666078295492-0ec91113-e52b-40c8-b5f6-217a93fe1775.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=224\u0026id=u027d6e7c\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=280\u0026originWidth=1301\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=10281\u0026status=done\u0026style=none\u0026taskId=ud6fd03e4-eafb-4518-9e6a-2cc26578c17\u0026title=\u0026width=1040.8)\n## 例子2：查找特定方法\n1.查找set方法\n2.传入参数不限\n3.返回值为空\n```python\njava -jar BytecodeScreen.jar -j D:\\Desktop\\hcc\\123.txt -m {(set*)}  -p {(*)} -r {(void)}\n```\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666078037904-c4cc5bed-e871-41ee-acf6-416ba44092a4.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=328\u0026id=ubbddd460\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=410\u0026originWidth=1382\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=19754\u0026status=done\u0026style=none\u0026taskId=ub132f57f-adf6-4fc5-acd7-f0d3769e313\u0026title=\u0026width=1105.6)\n## 例子3：查找特定类方法\n1.继承xxxxx\n2.实现xxxxx的接口\n3.方法名包含xxxx\n4.参数包含xxxx\n5.返回值是xxxx\n```python\n-j D:\\Desktop\\123.txt -m \"{(class*)}{(\u003cinit\u003e)}\"  -p {(java.util.List,java.lang.String)}{(void)} -r {(java.lang.String)}{(void)} -s org.example.class8 -i org.example.interfaces1,org.example.Interface2\n```\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666080524131-95391dcb-4a07-4d0a-97b9-f5a3135307be.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=135\u0026id=u17571564\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=264\u0026originWidth=1473\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=9771\u0026status=done\u0026style=none\u0026taskId=ud7f7f977-b19c-41d5-86c1-14fd798c21b\u0026title=\u0026width=753)\n## 例子4（这里就只扫描rt.jar）：\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1665928648372-ca485d99-7cec-42ef-85ea-0befa86ee120.png#clientId=u093b1d65-1a51-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=196\u0026id=G740s\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=245\u0026originWidth=701\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=50123\u0026status=done\u0026style=none\u0026taskId=ube076e0d-1b77-4695-8211-091f2132b22\u0026title=\u0026width=560.8)\n```python\njava -jar BytecodeScreen.jar -j D:\\Desktop\\123.txt -m \"{(\u003cinit\u003e)}{(set*)}\" -p {(void)}{(java.lang.String)} -r {(void)}{(void)}  -s java.awt.Component\n```\n![image.png](https://cdn.nlark.com/yuque/0/2022/png/25851247/1666109233463-5078d781-2d63-4f3b-9a85-b06acb159c58.png#clientId=u999e8163-3235-4\u0026crop=0\u0026crop=0\u0026crop=1\u0026crop=1\u0026from=paste\u0026height=413\u0026id=u0a79e4a8\u0026margin=%5Bobject%20Object%5D\u0026name=image.png\u0026originHeight=516\u0026originWidth=1203\u0026originalType=binary\u0026ratio=1\u0026rotation=0\u0026showTitle=false\u0026size=47988\u0026status=done\u0026style=none\u0026taskId=ue473dd9a-eb06-4f62-be11-e6053636043\u0026title=\u0026width=962.4)\n具体使用一共18种情况：\n![image](https://user-images.githubusercontent.com/115286245/196492367-6fb3164a-8281-4ba6-853c-cf24e238a010.png)\n# 总结\n希望这个工具可以帮助到师傅们在工作学习中减少在不必要的方面浪费时间。也希望师傅们可以多挖漏洞，快速变强。如果有什么问题或者改进的想法，请多多提需求。\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xrumble%2FBytecodeScreen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xrumble%2FBytecodeScreen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xrumble%2FBytecodeScreen/lists"}