Here is a CAP file possible containing a malware code, without source code, and also without an export file.
It is a CAP file for old platform version, i.e. GP211.
I have a big experience Java reverse-engineering in Classic JVM and Dalvik. But Java Card is lesser popular and closer platform. Most tools are for CLASS/JAR or DEX, not CAP.
I found the several tools (including some VMs who simulates the JCOP) which could disassemble a CAP file, but the CAP is quite big, and the working with assembly code is too complex and slow for me.
And we cannot simply do "CAP text bytecode -> Notepad++ --> some Java Bytecode editor -> Java bytecode".
Too many differences between CAP bytecode and Java bytecode. Not just method table, it is also a big amount of different opcodes.
Just decompile the converter.jar of a Java Card Kit (it is a tool which converts CLASS -> CAP) and see that conversion is a quite complex process.
I need some automated converter.
Meanwhile, I developing a set of smart card solutions and the "CAP decompiler" will be a good piece in the list.
Yes, I'm going to write it.
I plan to build it on top of Javassist from one side, some CAP disassembling library from the second one, and some standard Java decompiler(-s) from the third one.
But I should be sure that there are no analogs.
QUESTION IS HERE:
Is there some tool in the Earth which can convert Java Card *.cap to Java *.class (or decompile *.cap directly) or no?
I am not asking for a library (i found some libraries), I am asking for a tool. Runnable.
(Also if you know some pitfalls in this bytecode conversion I will be grateful if you'll describe them to me. Now I saw it as just a copying one opcode list to another one with a giant if...else if...else if...else if... or switch...case...case...case tree (and some misc staff i.e. conversion of access modifiers, fields, etc).
To generate .class files out of .cap file use normalizer tool which is part of recent Java Card SDK ('Classic-3.0.4' worked for me).
For example to convert helloworld.cap from gpshell sources use the following command (you will have to adjust api_export_files path to the appropriate directory):
normalizer.bat normalize -i helloworld.cap -p /path/to/api_export_files
Then you can decompile output file ( net/sourceforge/globalplatform/jc/helloworld/AAA.class) using your favorite java decompiler, giving e.g.:
package net.sourceforge.globalplatform.jc.helloworld;
import javacard.framework.APDU;
import javacard.framework.Applet;
import javacard.framework.Util;
public class AAA
extends Applet
{
private static final byte[] sfield_token255_descoff10_staticref0 = { 72, 101, 108, 108, 111, 32, 87, 111, 114, 108, 100, 33 };
public void process(APDU paramAPDU)
{
byte[] arrayOfByte = paramAPDU.getBuffer();
paramAPDU.setIncomingAndReceive();
Util.arrayCopyNonAtomic(sfield_token255_descoff10_staticref0, (short)0, arrayOfByte, (short)0, sfield_token255_descoff10_staticref0.length);
paramAPDU.setOutgoingAndSend((short)0, sfield_token255_descoff10_staticref0.length);
}
public static void install(byte[] paramArrayOfByte, short paramShort, byte paramByte)
{
new AAA();
}
private AAA()
{
register();
}
}
Some additional (random) notes:
this approach does not straightforwardly work for all applets (some output .class files for an applet I wrote earlier were refused by decompiler as invalid, but YMMV)
you need to provide export files for all the applet's imported packages, including:
Java Card API (the latest version always worked for me, but YMMV)
Global Platform API, SIM-toolkit related APIs, card vendor extensions or any other publicly available packages (if any of them are used)
other non-public packages (which might/will cause trouble -- I have never dealt with that so can't help)
to get list of imported package AIDs you can either check appropriate structures in the CAP file (I am not aware of any publicly available tool for this, sorry) or just try incrementally (normalizer gives error messages like "Cannot find export file for imported package " for missing export files)
export package for the .cap itself is not necessary
it will be probably more difficult to re-compile the applet from reverse-engineered sources than it is for desktop java (partly depends on the used decompiler capabilities)
if all you need is to check if someone did not introduce a backdoor into a binary .cap file then it will be much simpler to build a clean .cap file from trusted sources (ideally using the same compiler) and compare decompiler outputs for both clean and suspicious cap files
check legality of whatever-you-are-doing
Good luck!
For those who are trying to perform reverse engineering and getting below errors while running normalizer:
Cannot find export file for imported package a0:0:0:0:62:0:1
Please provide the correct export file
Java Card JDK api export files missing.
-p /Users/user/etc/jcard-sdk-3.0.5u3/api_export_files/
Cannot find export file for imported package a0:0:0:0:9:0:3:ff:ff:ff:ff:89:10:71:0:2
Please provide the correct export file
Sim Toolkit JDK export files are missing
-p /Users/user/etc/etc/43019-560/Annex_B_Export_Files
Here is the details for Sim Toolkit JDK installation
Here is the command line script for running normalizer on linux variants:
java -server -Djc.home=/Users/user/etc/jcard-sdk-3.0.5u3 -cp .:../lib/* com.sun.javacard.normalizer.Main normalize -i /Users/user/test.cap -p /Users/user/etc/jcard-sdk-3.0.5u3/api_export_files/ -p /Users/user/etc/43019-560/Annex_B_Export_Files/
I have a C++ project whose source files are distributed over several trees. Currently each is built into a static library and finally the main() function is compiled and linked with all those libraries through static link.
Now I am using SWIG to add TCL binding to the project. The examples I can find all are simple, just one C++ source.
My understanding is, I need to re-compile each library to be shared libraries, compile the SWIFT binding code to a shared library and link all these libraries into one. In TCL, I load that final one.
For example, here is my source tree:
dir1: s1.c
dir2: s2.c
dir3: swig_binding.c
My action plan to the above source tree is:
Update the Makefiles so that I have
dir1: libs1.so
dir2: libs2.so
dir3: libswig_binding.so
Link the 3 .so files into one, libswig_binding.so
Inside TCL, load libswig_binding.so
Do you see if I miss anything?
I'm using a 3rd party library that does serialization and deserialization of it's data, I need to feed the library a data file that I have stored under Resources.
I can't use FileUtils to read the contents of the file, I need to do let the 3rd party library do the reading of the file.
I need to get the full path of the file so the library can find it.
FileUtils::getInstance()->fullPathForFilename("file.map");
returns assets/file.map on Android which is not found by ifstream when given that path.
How do I read a file manually, given that it's located in Resources?
You can't use ifstream to operate with bundle resources on android because they're located in the apk file (in archive).
You can use the FileUtils::getInstance()->getDataFromFile("file.map") to get binary data and try to transfer it to your library.
Also You can look at this answer link to answer. It might help You too.
I have a jar file lets say a.jar and I have also a VB6.0 application called b.exe. So I want to use the functions of a.jar in the b.exe application. Please what would be the syntax to implement it. If you have any reference please share with me.
Can I call this jar file same as we call .dll files in vb6.0?
VB cannot directly interact with Java. But it can talk to VC++. VC++ can talk to Java. You need to use JNI (Java Native Interface) for this. So, write VC++ DLL that interacts with java and let the VB invoke the VC++ DLL functions. Hundreds of examples are available on the net for JNI.
http://docs.oracle.com/javase/7/docs/technotes/guides/jni/
I'm wondering where is the ideal place to store custom permissions in my web applications.
For example I have the following permissions:
AdminPermission
ReadPermission
WritePermission
At the moment I store these in the static utilities class as the constant string type objects.
Thank you
Somehow I guess you are talking about a Java app. You could try to externalize these resource in files, like in Tomcat (e.g. tomcat-users.xml).
Decided to go for a database approach with enums referencing records in xml config.