{"id":13573920,"url":"https://github.com/4ra1n/code-encryptor","last_synced_at":"2025-04-04T13:30:43.673Z","repository":{"id":193649029,"uuid":"687811453","full_name":"4ra1n/code-encryptor","owner":"4ra1n","description":"该项目已集成到 https://github.com/jar-analyzer/jar-obfuscator 使用JNI加密字节码，通过JVMTI解密字节码以保护代码，支持自定义包名和密钥，使用魔法禁止黑客dump字节码","archived":true,"fork":false,"pushed_at":"2024-05-14T07:10:11.000Z","size":21159,"stargazers_count":161,"open_issues_count":5,"forks_count":15,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-11-05T08:37:17.857Z","etag":null,"topics":["bytecode","bytecode-obfuscator","java-decompiler","java-obfuscation","java-obfuscator","java-security","jvm","jvmti"],"latest_commit_sha":null,"homepage":"https://github.com/jar-analyzer/jar-obfuscator","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/4ra1n.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.MD","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-06T03:54:41.000Z","updated_at":"2024-11-04T05:20:30.000Z","dependencies_parsed_at":"2024-01-16T09:43:20.413Z","dependency_job_id":"4caf29df-0e36-4aad-92da-06f13fca6151","html_url":"https://github.com/4ra1n/code-encryptor","commit_stats":null,"previous_names":["y4sec-team/code-encryptor-plus","4ra1n/code-encryptor"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fcode-encryptor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fcode-encryptor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fcode-encryptor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fcode-encryptor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/4ra1n","download_url":"https://codeload.github.com/4ra1n/code-encryptor/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247184889,"owners_count":20897847,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bytecode","bytecode-obfuscator","java-decompiler","java-obfuscation","java-obfuscator","java-security","jvm","jvmti"],"created_at":"2024-08-01T15:00:43.516Z","updated_at":"2025-04-04T13:30:38.659Z","avatar_url":"https://github.com/4ra1n.png","language":"C","funding_links":[],"categories":["C"],"sub_categories":[],"readme":"# code-encryptor\n\n## 该项目已集成到：https://github.com/jar-analyzer/jar-obfuscator\n\n[English Doc](doc/README-en.md)\n\n[![](https://img.shields.io/github/v/release/4ra1n/code-encryptor)](https://github.com/4ra1n/code-encryptor/releases/latest)\n![](https://img.shields.io/github/downloads/4ra1n/code-encryptor/total)\n\n## 介绍\n\n使用`JNI`加密字节码，通过`JVMTI`解密字节码以保护代码\n\n提供两份`DLL`文件，一份加密一份解密，实际运行只需使用解密`DLL`文件，支持自定义密钥和包名\n\n加密后的`Class`文件变成无法解析的畸形文件\n\n![jd-gui](img/002.png)\n\n除了开头保持了`Magic`部分，后续是无法解析的字节\n\n![hex](img/003.png)\n\n使用指定参数启动即可禁止 `Java Agent` 动态 `dump` 字节码\n\n![](img/007.png)\n\n对于更资深的黑客，他们会想到 `sa-jdi` 的 `HSDB` 来 `dump` 字节码\n\n我参考 `Beichen` 师傅议题的思路，从 `JVM` 里禁用了 `gHotSpotVMStructs` 函数\n\n支持 `Windows` 系统\n\n![WINDOWS](img/008.png)\n\n支持 `Linux` 系统\n\n![LINUX](img/009.png)\n\n## 快速开始\n\n加密解密部分使用`C`做一层加密，使用汇编做位运算二层加密，已提供编译好的`Release`版本`DLL/SO`文件嵌入`Jar`包中\n\n内置支持是`JDK-8`，其他版本未测试，理论上需要更换`JNI.h`头文件重新编译，已支持`Windows`和`Linux`\n\n加密你的`Jar`包：（指定`Jar`包和`package`加密包名以及密钥`key`）\n\n```shell\n java -jar code-encryptor.jar patch --jar your-jar.jar --package com.your.pack --key your-key\n```\n\n![](img/004.png)\n\n导出解密`DLL/SO`文件：（默认导出到`code-encryptor-temp`目录不建议修改）\n\n```shell\njava -jar code-encryptor.jar export\n```\n\n![](img/005.png)\n\n使用解密`DLL/SO`启动`Jar`包：（使用`-agentpath`参数）\n\n注意必须有两个参数`PACKAGE_NAME`和`KEY`\n\n注意：某些情况下可能第一次无法启动，重复使用命令启动即可\n\n```shell\njava -XX:+DisableAttachMechanism -agentpath:D:\\abs-path\\decrypter.dll=PACKAGE_NAME=com.your.pack,KEY=your-key --jar your-jar.jar\n```\n\n![](img/006.png)\n\n## 特点\n\n本项目相比于网上公开的文章/代码，优势和特点有以下几条：\n- 原文章固定了包名，用户想加密自己的包名需要重新编译`DLL`\n- 原文章加密和解密`DLL`是同一个，这样只用`JNI`调用下加密即可破解\n- 原文章的代码仅是`Demo`级别，无法直接上手测试和使用\n- 原文章没有加入具体的加密算法，仅是简单的运算，需要加强\n- 原文章的代码存在一些`BUG`和优化空间\n- 使用某些魔法操作，使字节码无法被 `dump` 进一步保证安全\n\n目前的加密解密算法：\n- 多次位运算，交换字节等\n- 基于`XXTEA`算法，多轮加密\n- 支持自定义密钥，进一步保护\n\n## 构建\n\n编译环境：\n- Windows 11 / Ubuntu 22.04\n- JDK 8 / Maven\n- MSVC + ml64 (Windows) / gcc + nasm (Linux)\n- CMake 3.x\n- Python 3.x\n\n## 其他\n\n不适用于启动扫描 `class` 的项目（典型的项目比如`SpringBoot`）\n\n正在想办法解决这个问题\n\n## 参考\n\n感谢以下项目或文章提供的思路：\n- https://mp.weixin.qq.com/s/89Bmvy_uY97TZm3vR9lyWw\n- https://juejin.cn/post/6844903487784894477\n- https://github.com/sea-boat/ByteCodeEncrypt\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F4ra1n%2Fcode-encryptor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F4ra1n%2Fcode-encryptor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F4ra1n%2Fcode-encryptor/lists"}