I've been wanting to reverse engineer this clients launcher in an effort to understand how the game was launching as a Java application despite it only having a PE32 executable alongside it.
The launching of the client goes as follows:
java -Xmx384M -Dfile.encoding="UTF-8" -cp TargetBinary.exe com.java.client.Client
Now I was curious what TargetBinary.exe actually was, as this was being ran on a *NIX system. Running file I observed this output.
TargetBinary.exe: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
The second part is the com.java.client.Client after the TargetBinary.exe, this stands out as a Java pathing which Client is my target.
Here are my questions:
- How can Java add the TargetBinary.exe to its classpath?
- As a followup, are there any recommendations to decompile it to the point where I can observe Client and more so understand how it was all packed together?
Being a Portable Executable (PE) the libs, code, etc should all be there inside the TargetBinary.exe and somehow Java knows what to do with it?
Thank you very much!
CodePudding user response:
Zip files are read from the back, so it's easy to put a zip (jar) file at the end of an executable file, and have it work as both.
See https://en.wikipedia.org/wiki/ZIP_(file_format)#Structure
Try running jar -tvf TargetBinary.exe to see the names of the classes and resources in the jar. If you make the file a dependency of a project in your IDE you can see decompiled code and navigate around the project, and run it and set breakpoints.