1 Introduction
During the crawling process on the App side, when we encounter unknown parameters, we often need to reverse crack the App, and use Python to implement the parameter generation logic.
The generation logic of some App parameters may have been written into multiple JAR files. At this time, we only need to execute the JAR with Python
This article will talk about how Python calls methods in JAR
2. Merge JAR
Taking Android App as an example, assuming that the encryption parameter generation logic is in multiple JARs, we first need to merge all the JAR files into one JAR file
PS: For AAR files, you can decompress them with decompression software first, and then merge JARs
Merging JAR is divided into 2 steps:
Unzip the JAR
Merge all source code
2-1 Unzip JAR
After installing the JDK, use the jar -xvf command to decompress a single JAR, which will generate a JAVA compiled class file in the same directory according to the package name
# Unzip the JAR one by one
# Generate class files locally
jar -xvf a.jar
jar -xvf b.jar
jar -xvf c.jar
2-2 Merge all source code
Use the jar -cvfM command to generate a new JAR from all the local class files
# Combine all source codes in the current directory into one JAR
# Among them: output.jar represents the new JAR
jar -cvfM output.jar .
3. Python calls JAR
First, we install the dependency package: jpype
# Install dependencies
pip3 install JPype1
Assume that the encryption logic implementation code in JAR is as follows:
package com.xingag.common;
public class EncryHelper {
public String encrypt(String content) {
//Encryption logic
}
}
Using Python to call methods in JAR is divided into 3 steps:
Start the JVM
Instantiate the JAVA object and call the corresponding method
Shut down the JVM
3-1 Start JVM
import jpype
# JAR local path
jar_path = os.path.join(os.path.abspath('.'), './output.jar')
# Start jvm
jpype.startJVM(jpype.getDefaultJVMPath(), "-ea", "-Djava.class.path=%s" % (jar_path))
3-2 Instantiate JAVA objects and call methods
According to the package name of the called method, use the JClass() method in jpyte to instantiate the JAVA object, and finally call the method of the JAVA object.
It should be noted that since Java is an instance method, you need to instantiate the object first, and then call the method; if it is a static method, you can call the method directly
# Through the package name, instantiate the JAVA object
EncryClass = jpype.JClass("com.xingag.common.EncryHelper")
encryClass = EncryClass()
# Call the encryption method in JAVA
content_encry = encryClass.encrypt("xag")
print(content_encry)
3-3 Shut down JVM
You can choose to actively shut down the JVM or automatically shut down after the Python program runs to release resources
import jpype
# Close jvm
jpype.shutdownJVM()
4. Finally
Python directly calls methods in JAR, which can help us reuse wheels and reduce the workload of crawlers!