Kimera Disassembler
Disassembly is the process of examining the contents of a Java class. Whereas a reverse compiler will reconstruct the source code of the applet, a disassembler will print the low-level Java bytecodes as they are shipped on the network. A disassembly service is useful for debugging, auditing and post-mortem crash and security violation analysis. In the course of testing our verifier implementation with automatically generated class files, we found that we needed a tool to examine the class files that trigger security flaws in Java implementations.

While Sun provides an option to javap to disassemble class files, we found that its output is not suitable for parsing and assembly. This need for an assembler-compatible disassembler prompted us to write our own. We have developed a Java disassembler that generates jasmin compatible output from Java class files.

We have used our disassembler for debugging as well as post-mortem analysis of JVM security attacks. The disassembler output has hypertext links in order to aid easy code browsing. The output can be directly fed into the jasmin assembler.

Kimera disassembly service is accessible from the web. You can run the disassembler on a class you would like to examine by providing a URL to the class you are interested in (the default is a sample applet from JavaSoft). The submitted class files are logged.

HTML output Text output

Emin Gün Sirer

Project Kimera
Department of Computer Science and Engineering
© 1997, University of Washington