Updated on 2020-01-05
jhsdb
jps -lvm
jhsdb clhsdb --pid 1234
buildreplayjars app
javassist
javac -cp javassist.jar -d 123 --release 8 ClassDump.java
jar -uf javassist.jar -C 123 .
-javaagent:javassist.jar
ClassDump.java
package instrument;
import javassist.ClassPool;
import java.io.ByteArrayInputStream;
import java.lang.instrument.ClassFileTransformer;
import java.lang.instrument.IllegalClassFormatException;
import java.lang.instrument.Instrumentation;
import java.security.ProtectionDomain;
public class ClassDump implements ClassFileTransformer {
public static void premain(String agentOps, Instrumentation inst) {
inst.addTransformer(new ClassDump());
}
@Override
public byte[] transform(ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws IllegalClassFormatException {
System.out.println(className);
try {
if (className != null && (className.contains("burp") || className.contains("portswigger"))) {
ClassPool
.getDefault()
.makeClass(new ByteArrayInputStream(classfileBuffer))
.writeFile("D:/Download/burpsuite/");
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
MANIFEST.MF
Manifest-Version: 1.0
Can-Redefine-Classes: true
Premain-Class: instrument.ClassDump