Page 4 of 5 FirstFirst 12345 LastLast
Results 46 to 60 of 72

Thread: BlackBerry OS

  1. #46
    Hexxx
    Guest
    Literals deobfuscation you can find in the source code that i've attached on the first page of this topic.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #47
    drbolsen
    Guest
    Just an example of our work:

    // Decompiled by coddec ##############################
    // Information ######################################

    package net.rim.device.api.io.http;

    abstract public class AuthScheme extends java.lang.Object

    {
    protected java.util.Hashtable _parms;


    public void setParameter (net.rim.device.api.io.http.AuthScheme param0, java.lang.String param1, java.lang.String param2)

    {
    enter_narrow
    aload_0_getfield
    aload_1
    aload_2
    invokevirtual java.util.Hashtable.put( java.util.Hashtable, java.lang.Object, java.lang.Object )
    pop
    return
    }

    .......

    }

    Here is the same class and method processed by "built-in" disassembler:

    Code Section
    routines 54036
    net.rim.device.api.io.http.AuthScheme.setParameter( net.rim.device.api.io.http.AuthScheme, java.lang.String, java.lang.String ) 0
    returns: 31486
    prototype: 34014
    codesize= 13
    (11)
    IsPublic
    attributes= 1
    setParameter 10072
    numstackmaps=0
    locals=3
    parms=3
    stack=3
    nlps= 63
    net.rim.device.api.io.http.AuthScheme.setParameter( net.rim.device.api.io.http.AuthScheme, java.lang.String, java.lang.String )
    enter_narrow 221
    aload_0_getfield 103
    .field_ 0
    aload_1 64
    aload_2 65
    invokevirtual 1
    java.util.Hashtable.put( java.util.Hashtable, java.lang.Object, java.lang.Object )-1
    parmcount= 3
    pop 205
    return 31
    Last edited by drbolsen; January 30th, 2007 at 15:44.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #48
    Hexxx
    Guest
    drbolsen, i could implement your decompiler as an IDA processor module if you share the knowledge. It will be much better than inventing another tool.
    Last edited by Hexxx; January 31st, 2007 at 06:05.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #49
    drbolsen
    Guest
    Quote Originally Posted by Hexxx View Post
    drbolsen, i could implement your decompiler as an IDA processor module if you share the knowledge. It will be much better than inventing another tool.
    Look, when we started our work we were completely confident that our script could do the most of work. But getting more and more inside we realized that it wouldn't be a such trivial task as it seemed at the begining.

    As you wrote earlier in this thread RIM used a bunch of tables. That probably wouldn't be a big problem but the links between the tables is a complete mess. There are tables, references tables, classes tables, fields tables , routine tables, type tables, fixup tables of everything mentioned before, etc. and plus these tables are not just only for one class file but for the entire package which may incude hundreds of classes, plus if you are still not convinced there are a size limit for a cod file which splits the cod file to modules so we have even more tables dealing with all relationships and crosslinks between modules. Believe me that we were quite disappointed when we figured that out.

    But fortunatelly for us we found another way and I actually think this way is much, much easier and faster then writing anything own, additional benefit of this way - it is almost error free because the guys from RIM already did this work for us So we can save a lot of time on beta-tests ...

    Additionally, probably I am wrong but I don't see any value to write a module for IDA. Dealing with bytecodes is a really boring exercise especially when you may have 100% working source code, make any changes you want in it then compile it again. I would probably like an idea to create a tool similar to Javabite to patch a cod file without re-compiling it again to for example change classes or fields attributes, or injecting some arbitrary code in it. But a module for IDA ? Trust me I use IDA quite often and I know it's a great tool but I think for java stuff it is not quite suitable.

    By the way our task is not complicated at all. We have written probably only two pages of code to achive our current results. The only obstacle I can see for now it is how add a decompilation module, but even this one is not very complicated considering a number of open-source java decompiliers around.

    Cheers
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #50
    Hexxx
    Guest
    Yes, the main aim of having processor module for IDA is to be able to patch the .cod files. By the way there's a source code for java processor module included in IDA SDK. So i think it should be an easy task to make it work with .cod files.

    We don't know how much time it will take you to finish the coddec and will you be able to finish it (life is so unpredictable). So it'll be good to have the some kind of basic tool - IDA processor module.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #51
    drbolsen
    Guest
    Quote Originally Posted by Hexxx View Post
    We don't know how much time it will take you to finish the coddec and will you be able to finish it (life is so unpredictable).
    LOL
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #52
    drbolsen
    Guest
    Update of our template
    http://drbolsen.wordpress.com/2007/02/01/update-of-cod-template/

    cheers
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #53
    Hexxx
    Guest
    Quote Originally Posted by drbolsen View Post
    LOL
    I saw too many good projects, which were never finished just because the author had suddenly lost the interest in continuing it.
    The sourceforge is full of such examples.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #54
    drbolsen
    Guest
    http://www.geocities.com/drbolsen/opcodes.txt

    there is a list of RIMs opcodes, the left column is an actual opcode in decimal format and the right column contains its relative mnemonic.

    cheers
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #55
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Thanks for the info, I'll include it here in the thread for archival purposes.

    OC(dec)Descr
    #0 breakpoint
    #1 invokevirtual
    #2 invokeinterface
    #3 invokenonvirtual
    #4 invokenonvirtual_lib
    #5 invokespecial
    #6 invokespecial_lib
    #7 invokestatic
    #8 invokestatic_lib
    #9 iinvokenative
    #10 invokenative
    #11 linvokenative
    #12 jumpspecial
    #13 jumpspecial_lib
    #14 enter
    #15 enter_wide
    #16 xenter
    #17 xenter_wide
    #18 synch
    #19 synch_static
    #20 clinit_wait
    #21 ireturn_bipush
    #22 ireturn_sipush
    #23 ireturn_iipush
    #24 ireturn
    #25 ireturn_field
    #26 ireturn_field_wide
    #27 areturn
    #28 areturn_field
    #29 areturn_field_wide
    #30 lreturn
    #31 return
    #32 clinit_return
    #33 noenter_return
    #34 aconst_null
    #35 iconst_0
    #36 bipush
    #37 sipush
    #38 iipush
    #39 lipush
    #40 ldc
    #41 unused_29
    #42 ldc_unicode
    #43 unused_2b
    #44 iconst_1
    #45 arrayinit
    #46 unused_2e
    #47 tableswitch
    #48 unused_30
    #49 iload
    #50 iload_wide
    #51 aload
    #52 aload_wide
    #53 lload
    #54 lload_wide
    #55 iload_0
    #56 iload_1
    #57 iload_2
    #58 iload_3
    #59 iload_4
    #60 iload_5
    #61 iload_6
    #62 iload_7
    #63 aload_0
    #64 aload_1
    #65 aload_2
    #66 aload_3
    #67 aload_4
    #68 aload_5
    #69 aload_6
    #70 aload_7
    #71 istore
    #72 istore_wide
    #73 astore
    #74 astore_wide
    #75 lstore
    #76 lstore_wide
    #77 istore_0
    #78 istore_1
    #79 istore_2
    #80 istore_3
    #81 istore_4
    #82 istore_5
    #83 istore_6
    #84 istore_7
    #85 astore_0
    #86 astore_1
    #87 astore_2
    #88 astore_3
    #89 astore_4
    #90 astore_5
    #91 astore_6
    #92 astore_7
    #93 putfield_return
    #94 putfield_return_wide
    #95 putfield
    #96 putfield_wide
    #97 lputfield
    #98 lputfield_wide
    #99 getfield
    #100 getfield_wide
    #101 lgetfield
    #102 lgetfield_wide
    #103 aload_0_getfield
    #104 aload_0_getfield_wide
    #105 putstatic
    #106 putstatic_lib
    #107 lputstatic
    #108 lputstatic_lib
    #109 getstatic
    #110 getstatic_lib
    #111 lgetstatic
    #112 lgetstatic_lib
    #113 i2b
    #114 i2s
    #115 i2c
    #116 i2l
    #117 l2i
    #118 ineg
    #119 lneg
    #120 iinc
    #121 iinc_wide
    #122 iadd
    #123 ladd
    #124 isub
    #125 lsub
    #126 imul
    #127 lmul
    #128 idiv
    #129 ldiv
    #130 irem
    #131 lrem
    #132 iand
    #133 land
    #134 ior
    #135 lor
    #136 ixor
    #137 lxor
    #138 ishl
    #139 lshl
    #140 ishr
    #141 lshr
    #142 iushr
    #143 lushr
    #144 lcmp
    #145 if_icmpeq
    #146 if_acmpeq
    #147 ifeq
    #148 if_icmpne
    #149 if_acmpne
    #150 ifne
    #151 if_icmpgt
    #152 ifgt
    #153 if_icmpge
    #154 ifge
    #155 if_icmplt
    #156 iflt
    #157 if_icmple
    #158 ifle
    #159 ifnull
    #160 ifnonnull
    #161 goto
    #162 goto_w
    #163 lookupswitch_short
    #164 lookupswitch
    #165 newarray
    #166 multianewarray
    #167 arraylength
    #168 newarray_object
    #169 newarray_object_lib
    #170 multianewarray_object
    #171 multianewarray_object_lib
    #172 baload
    #173 saload
    #174 caload
    #175 iaload
    #176 aaload
    #177 laload
    #178 bastore
    #179 castore
    #180 sastore
    #181 iastore
    #182 aastore
    #183 lastore
    #184 new
    #185 new_lib
    #186 clinit
    #187 clinit_lib
    #188 athrow
    #189 instanceof_array
    #190 checkcast_array
    #191 instanceof
    #192 instanceof_lib
    #193 checkcast
    #194 checkcast_lib
    #195 checkcastbranch
    #196 checkcastbranch_lib
    #197 checkcastbranch_array
    #198 instanceof_arrayobject
    #199 instanceof_arrayobject_lib
    #200 checkcast_arrayobject
    #201 checkcast_arrayobject_lib
    #202 monitorenter
    #203 monitorexit
    #204 nop
    #205 pop
    #206 pop2
    #207 dup
    #208 dup2
    #209 dup_x1
    #210 dup_x2
    #211 dup2_x1
    #212 dup2_x2
    #213 swap
    #214 unused_d6
    #215 isreal
    #216 op01xx
    #217 stringlength
    #218 stringaload
    #219 invokestaticqc
    #220 invokestaticqc_lib
    #221 enter_narrow
    #222 invokevirtual_short
    #223 ldc_nullstr
    #224 unused_e0
    #225 unused_e1
    #226 unused_e2
    #227 unused_e3
    #228 unused_e4
    #229 unused_e5
    #230 unused_e6
    #231 unused_e7
    #232 unused_e8
    #233 unused_e9
    #234 unused_ea
    #235 unused_eb
    #236 unused_ec
    #237 unused_ed
    #238 unused_ee
    #239 unused_ef
    #240 unused_f0
    #241 unused_f1
    #242 unused_f2
    #243 unused_f3
    #244 unused_f4
    #245 unused_f5
    #246 unused_f6
    #247 unused_f7
    #248 unused_f8
    #249 unused_f9
    #250 halt
    #251 threaddeath
    #252 unused_fc
    #253 unused_fd
    #254 unused_fe
    #255 unused_ff
    #256 fadd
    #257 dadd
    #258 fsub
    #259 dsub
    #260 fmul
    #261 dmul
    #262 fdiv
    #263 ddiv
    #264 frem
    #265 drem
    #266 fneg
    #267 dneg
    #268 i2f
    #269 i2d
    #270 l2f
    #271 l2d
    #272 f2i
    #273 f2l
    #274 f2d
    #275 d2i
    #276 d2l
    #277 d2f
    #278 fcmpl
    #279 fcmpg
    #280 dcmpl
    #281 dcmpg
    #282 stringarrayinit
    #283
    Btw, drbolsen, will you release your full information (and source code?) at the same time as the coddec tool, so that other good Blackberry reversers like Hexxx can build upon it further?
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  11. #56
    FuriouSTeaM
    Join Date
    Dec 2003
    Location
    Beetwen night and day :-)
    Posts
    12

    Post

    Quote Originally Posted by drbolsen View Post
    http://www.geocities.com/drbolsen/opcodes.txt

    there is a list of RIMs opcodes, the left column is an actual opcode in decimal format and the right column contains its relative mnemonic.

    cheers
    Well name ur price. I need it for private uses. Use PM

    Br

  12. #57
    drbolsen
    Guest
    Check this guys

    http://drbolsen.wordpress.com/2007/03/29/headers-from-8700-v410284_p200120-package/

    Cheers
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  13. #58
    JPsor
    Guest
    http://drbolsen.wordpress.com/2006/12/12/quick-winner/

    DrBolsen,

    I'm having trouble compiling the source you posted.

    I've seen the decompiled(JAD) version of the net.rim.tools.a.a from rapc.jar.

    When I try compiling the code, javac complains "package net.rim does not exist".

    No complaint about rapc.jar(with net.rim.tools.a.a.a).

    The command line I'm using is:
    javac -cp .\;rapc.jar;..\lib\net_rim_api.jar Program.java

    Program.java holding the code from your blog. Rapc.jar is in the current directory with Program.java.

    It must be something simple. I'd appreciate any help with this.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  14. #59
    drbolsen
    Guest
    Try to use this code instead

    ///////////////////////////////////////////////
    // net.rim.* works fine in X-Develop Pro but causes error message
    // when compile with javac

    import net.rim.tools.a.a.*;

    import java.io.*;

    public class Program

    {

    public static void main(String[] args)

    {

    net.rim.tools.a.a.a(args);

    }

    }

    save it as Program.java then compile using

    javac -classpath rapc.jar; Program.java

    run

    java -classpath rapc.jar; Program <args>

    I assume that rapc.jar is located in the same folder as Program.java

    I have checked on my comp it works.

    Hope that helps
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  15. #60
    JPsor
    Guest
    Quote Originally Posted by drbolsen View Post
    Try to use this code instead

    ///////////////////////////////////////////////
    // net.rim.* works fine in X-Develop Pro but causes error message
    // when compile with javac
    This works now.

    I have checked on my comp it works.

    Hope that helps
    Thanks
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •