Hi, I have a file which contains the contents of a binary attribute from an LDAP directory, and I've been trying to 'decipher' the contents of this attribute. After a bit of searching around, it appeared that this attribute looks basically like a serialized Java object. I went to, and pointed it my dump/file, and sure enough, it came back with 'Java serialization data, version 5'.
Gson is a Java Library widely used to convert Java Objects into their JSON representation and vice versa. Getting Started. Let's start by creating a new Java We need to add the gson library in our project in order for us to use it. If you are using Maven, add the latest version of gson to the POM file.
I was wondering if there is either a tool, or if it would be possible to write a small Java program to 'decipher' this file, i.e., such that I could print/display the variables/objects that are in the file? I'm not looking for anything really fancy, but need to be able to see the variable contents and, if possible, the associated variable names. I'm not an experienced Java programmer, so my apologies if this is a somewhat vague question. For your reference, here's a partial hex dump of one of files: 00000000 AC ED 00 05 74 00 0F 72-65 71 5F 69 73 73 75 65.t.reqissue 00000010 64 5F 63 65 72 74 75 72-00 02 5B 42 AC F3 17 F8 dcertur.B. 00000020 06 08 54 E0 02 00 00 78-70 00 00 03 08 AC ED 00.T.xp.
00000030 05 73 72 00 33 6E 65 74-73 63 61 70 65 2E 73 65.sr.3netscape.se 00000040 63 75 72 69 74 79 2E 78-35 30 39 2E 58 35 30 39 curity.x509.X50 43 65 72 74 49 6D 70 6C-24 43 65 72 74 69 66 69 CertImpl$Certifi 00000060 63 61 74 65 52 65 70 31-B7 B9 E3 43 D3 33 68 27 cateRep1.C.3h' 00000070 02 00 02 5B 00 05 64 61-74 61 31 74 00 02 5B 42.data1t.B 00000080 4C 00 05 74 79 70 65 31-74 00 12 4C 6A 61 76 61 L.type1t.Ljava 00000090 2F 6C 61 6E 67 2F 53 74-72 69 6E 67 3B 78 70 75 /lang/String;xpu 000000A0 72 00 02 5B 42 AC F3 17-F8 06 08 54 E0 02 00 00 r.B.T. 000000B0 78 70 00 00 02 77 30 82-02 73 30 82 01 DC A0 03 xp.w0.s0. 000000C0 02 01 02 02 01 0A 30 0D-06 09 2A 86 48 86 F7 0D.0.H. 000000D0 01 01 05 05 00 30 6D 31-0B 30 09 06 03 55 04 06.0m1.0.U. 000000E0 13 02 55 53 31 0B 30 09-06 03 55 04 08 13 02 56.US1.0.U.V 000000F0 41 31 0F 30 0D 06 03 55-04 07 13 06 4F 61 6B 74 A1.0.U.Oakt 00000100 6F 6E 31 0E 30 0C 06 03-55 04 0A 13 05 4A 69 6D on1.0.U.Jim 00000110 43 6F 31 12 30 10 06 03-55 04 0B 13 09 54 65 73 Co1.0.U.Tes 00000120 74 20 44 65 70 74 31 1C-30 1A 06 03 55 04 03 13 t Dept1.0.U. 00000130 13 43 65 72 74 69 66 69-63 61 74 65 20 4D 61 6E.Certificate Man 00000140 61 67 65 72 30 1E 17 0D-30 34 30 36 32 39 32 31 ager0.0400150 35 30 31 37 5A 17 0D 30-34 31 32 32 36 32 Z.04120160 30 31 37 5A 30 6B 31 17-30 15 06 03 55 04 03 13 017Z0k1.0.U.
00000170 0E 6A 69 6D 6E 65 77 2E-66 6F 6F 2E 63 6F 6D 31.jimnew.foo.com1 00000180 14 30 12 06 03 55 04 0B-13 0B 54 65 73 74 20 44.0.U.Test D 00000190 65 70 74 20 33 31 0F 30-0D 06 03 55 04 0A 13 06 ept 31.0.U. 00000320 63 E9 50 4D FC 24 10 A8-7A DA 4D C3 8C 74 00 05 c.PM.$.z.M.t.
00000330 58 2E 35 30 39 74 00 0C-72 65 71 75 65 73 74 4E X.509t.requestN 00000340 6F 74 65 73 75 71 00 7E-00 01 00 00 00 28 AC ED otesuq.(. 00000350 00 05 74 00 21 54 45 53-54 20 53 45 52 56 45 52.t.!TEST SERVER 00000360 20 43 45 52 54 20 46 4F-52 20 52 45 51 55 45 53 CERT FOR REQUES 00000370 54 20 23 31 30 37 74 00-0B 72 65 71 75 65 73 74 T #107t.request 00000380 54 79 70 65 75 71 00 7E-00 01 00 00 00 11 AC ED Typeuq. 00000390 00 05 74 00 0A 65 6E 72-6F 6C 6C 6D 65 6E 74 74.t.enrollmentt 000003A0 00 10 69 73 45 6E 63 72-79 70 74 69 6F 6E 43 65.isEncryptionCe 000003B0 72 74 75 71 00 7E 00 01-00 00 00 0B AC ED 00 05 rtuq. 000003C0 74 00 04 74 72 75 65 74-00 0C 63 65 72 74 5F 72 t.truet.certr 000003D0 65 71 75 65 73 74 75 71-00 7E 00 01 00 00 04 DF equestuq. 000003E0 AC ED 00 05 74 04 D8 2D-2D 2D 2D 2D 42 45 47 49.t.-BEGI 000003F0 4E 20 4E 45 57 20 43 45-52 54 49 46 49 43 41 54 N NEW CERTIFICAT 00000400 45 20 52 45 51 55 45 53-54 2D 2D 2D 2D 2D 0D 0A E REQUEST-.
00000410 4D 49 49 44 52 6A 43 43-41 71 38 43 41 51 41 77 MIIDRjCCAq8CAQAw 00000420 61 7A 45 58 4D 42 55 47-41 31 55 45 41 78 4D 4F azEXMBUGA1UEAxMO 00000430 61 6D 6C 74 62 6D 56 33-4C 6D 5A 76 62 79 35 6A amltbmV3LmZvby5j 00000440 62 32 30 78 46 44 41 53-42 67 4E 56 42 41 73 54 b20xFDASBgNVBAsT 00000450 0D 0A 43 31 52 6C 63 33-51 67 52 47 56 77 64 43.C1Rlc3QgRGVwdC 00000460 41 7A 4D 51 38 77 44 51-59 44 56 51 51 4B 45 77 AzMQ8wDQYDVQQKEw. 00000820 4A 53 47 44 32 5A 6C 59-32 31 49 69 7A 69 0D 0A JSGD2ZlY21Iizi. Click to expand.It is a good question. One of the big objections people have to serialized or other binary formats in the way they have got stung in past not knowing which class files are needed to reconstitute a stream, and perhaps no longer having them since they have evolved. People are often sloppy about documenting binary formats or tracking which formats belong with which files. I hope some day that information will be as much as part of the file as the timestamp. Bill Wilkinson did a fair bit of poking around to figure out how serialisation works.
Perhaps he has some notes buried he would share. I have been trying for a long time to get him to publish his promised essay.
Perhaps if you ask too. See Pass on what you find. Perhaps I can work this up into a student project outline. First you want to figure out just what is in the pickled stream. I think it may well be enough to reconstruct some Java source for the various classes (without the transients or methods). At least then you could recover the data.
Figure this out by serialising some trivial objects and gradually adding complexity. You will need a hex viewer. It is a good question. One of the big objections people have to serialized or other binary formats in the way they have got stung in past not knowing which class files are needed to reconstitute a stream, and perhaps no longer having them since they have evolved.
People are often sloppy about documenting binary formats or tracking which formats belong with which files. I hope some day that information will be as much as part of the file as the timestamp. Bill Wilkinson did a fair bit of poking around to figure out how serialisation works. Perhaps he has some notes buried he would share. I have been trying for a long time to get him to publish his promised essay. Perhaps if you ask too.
See Pass on what you find. Perhaps I can work this up into a student project outline. First you want to figure out just what is in the pickled stream. I think it may well be enough to reconstruct some Java source for the various classes (without the transients or methods). At least then you could recover the data. Figure this out by serialising some trivial objects and gradually adding complexity. You will need a hex viewer.
It is a good question. One of the big objections people have to serialized or other binary formats in the way they have got stung in past not knowing which class files are needed to reconstitute a stream, and perhaps no longer having them since they have evolved.
People are often sloppy about documenting binary formats or tracking which formats belong with which files. I hope some day that information will be as much as part of the file as the timestamp. Bill Wilkinson did a fair bit of poking around to figure out how serialisation works. Perhaps he has some notes buried he would share. I have been trying for a long time to get him to publish his promised essay. Perhaps if you ask too.
See Pass on what you find. Perhaps I can work this up into a student project outline. First you want to figure out just what is in the pickled stream. I think it may well be enough to reconstruct some Java source for the various classes (without the transients or methods). At least then you could recover the data. Figure this out by serialising some trivial objects and gradually adding complexity.
You will need a hex viewer. Click to expand. Hi, I was just doing some reading about what actually goes on when Java serializes, and I was wondering.
Is it possible that the reason that I'm getting what appears to be garbage in the 'String Contents' might be that the program that is creating the blob may be using an older version of JRE/JVM/Java/whatever? I was reading 'Core Java' book, and it mentions that the format for the output from serialization has changed over time. What I'm thinking is if I'm running J2SDK 1.4.whatever, and, say, the system that is producing the blob is using an older version of Java, and if the older version serialized in a different format than the newer version I'm using, would that be causing this problem??? Quoted: I'm not an experienced Java programmer, so my apologies if this is a somewhat vague question. It is a good question. One of the big objections people have to serialized or other binary formats in the way they have got stung in past not knowing which class files are needed to reconstitute a stream, and perhaps no longer having them since they have evolved.
People are often sloppy about documenting binary formats or tracking which formats belong with which files. I hope some day that information will be as much as part of the file as the timestamp. Bill Wilkinson did a fair bit of poking around to figure out how serialisation works. Perhaps he has some notes buried he would share. I have been trying for a long time to get him to publish his promised essay.
Perhaps if you ask too. See Pass on what you find. Perhaps I can work this up into a student project outline. First you want to figure out just what is in the pickled stream. I think it may well be enough to reconstruct some Java source for the various classes (without the transients or methods). At least then you could recover the data.
Figure this out by serialising some trivial objects and gradually adding complexity. You will need a hex viewer. Click to expand.Hi, I was just doing some reading about what actually goes on when Java serializes, and I was wondering. Is it possible that the reason that I'm getting what appears to be garbage in the 'String Contents' might be that the program that is creating the blob may be using an older version of JRE/JVM/Java/whatever? I was reading 'Core Java' book, and it mentions that the format for the output from serialization has changed over time. What I'm thinking is if I'm running J2SDK 1.4.whatever, and, say, the system that is producing the blob is using an older version of Java, and if the older version serialized in a different format than the newer version I'm using, would that be causing this problem??? It is a good question.
One of the big objections people have to serialized or other binary formats in the way they have got stung in past not knowing which class files are needed to reconstitute a stream, and perhaps no longer having them since they have evolved. People are often sloppy about documenting binary formats or tracking which formats belong with which files.
![Serialized Serialized](http://www.javaquizplayer.com/examples/text-editor-2.png)
I hope some day that information will be as much as part of the file as the timestamp. Bill Wilkinson did a fair bit of poking around to figure out how serialisation works. Perhaps he has some notes buried he would share. Click to expand.Let's start simple. What do you get in the output file when you save an object with one int field public int field. Give the int a distinctive value like 0x01234567. I would expect to find perhaps class names and field names.
What happens when you dump two of them? I would expect the class and field name once, and some sort of reference to a offset in the stream or a token number for the second one. Now try this with a single string as the object. Then with a string in an Object. Then with a byte and an int in an object.
Then a reference to an X in an X object. Then dump out a small chain of objects, just writing the first one.
Expect to find length bytes, type info, token definitions. Make a theory.
Use that theory to make a prediction. Then test the prediction.
Repeat until you can explain all the sample files you can create.