Jump to content

JEB decompiler

Edit links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Peetz1 (talk | contribs) at 19:26, 23 September 2018. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

JEB
Original author(s)Nicolas Falliere
Developer(s)PNF Software, Inc.
Stable release
2.3.14 / June 1, 2018; 6 years ago (2018-06-01)[1]
Preview release
3.0-beta.2 / September 13, 2018; 5 years ago (2018-09-13)
Written inJava
Operating systemMicrosoft Windows, Mac OS X, Linux
PlatformJava, Eclipse RCP
TypeReverse engineering
LicenseProprietary
Websitewww.pnfsoftware.com

JEB is a disassembler and decompiler software for Android applications[2] and native machine code. It decompiles Dalvik bytecode to Java source code, and MIPS, ARM, x86 32-bit, x86 64-bit machine code to C source code. The assembly and source outputs are interactive and can be refactored. Users can also write their own scripts and plugins to extend JEB functionality.

JEB 2.2 introduced Android debugging modules for Dalvik and native (Intel, ARM, MIPS) code. Users can "seamlessly debug Dalvik bytecode and native machine code, for all apps [...] including those that do not explicitly allow debugging".[3]

JEB 2.3 introduced native code decompilers. The first decompiler that shipped with JEB was a MIPS 32-bit interactive decompiler.

The latest major release, JEB 3, is currently in beta stage.

History

JEB is the first Dalvik decompiler to provide interactive output, as reverse-engineers may examine cross-references, insert comments, or rename items, such as classes and methods. Whenever possible, the correspondence between the bytecode and the decompiled Java code is accessible to the user. Although JEB is branded as a decompiler, it also provides a full APK view (manifest, resources, certificates, etc.). An API allows users to customize or automate actions through scripts and plugins, in Python and Java.

The name may be a reference to the well-known security software IDA, as "JEB" = rot1("IDA").

Decompilers

As of JEB 3.0-beta, JEB can decompile:

  • Dalvik bytecode to Java
  • MIPS machine code to C
  • ARM machine code to C
  • Intel x86/x86-64 machine code to C
  • WebAssembly bytecode to C

Other Plugins

JEB ships with a sizable number of disassemblers and debugger plugins [4].

JEB allows parsing of any file format, via the addition of native or third-party plugins. Examples include: a PDF parser plugin (proprietary), an XLS document plugin (open-sourced).

See also

References

  1. ^ JEB changelist
  2. ^ Chell et al. The Mobile Application Hacker's Handbook Page 240-241. 2015
  3. ^ JEB Product Description page
  4. ^ Features Matrix
Retrieved from "https://en.wikipedia.org/w/index.php?title=JEB_decompiler&oldid=860891270"