In software engineering, a WAR file (or Web application ARchive) is a JAR file used to distribute a collection of JavaServer Pages, Java Servlets, Java classes, XML files, tag libraries, static web pages (HTML and related files) and other resources that together constitute a web application.
Java Server Pages (JSPs) are an abstraction of Java Servlets. A Servlet is a class that implements the Java Servlet API. The Java Servlet API is a protocol that follows the request<->response programming model. Servlets are not limited to any particular protocol but usually HTTP is used and while Servlets typically generate HTML or XML content they are not limited to any particular data format.
Looking at the figure below we can see that a client (represented as the computer at the top center) makes a request (most likely an HTTP request) to a .JSP page (Example:
http://www.example.com/test.jsp). Once the request is received the JSP translator (such as a Tomcat server) translates the JSP page into a Java Servlet that is then compiled to Java byte code and execute in the Java Virtual Machine on the server. The result of executing the compiled Servlet is then returned as a response (most likely via a HTTP response) to the client machine.
The aim of this project is to provide an Atlas for Jimple frontend for processing Java WAR binaries. The project features are listed below.
- Import Wizard for processing Java WARs
- Extensible support for multiple JSP translator platforms
- Tested pre-compilation support for Tomcat 6, 7, 8, and 9
The high-level process that this plugin performs is the following:
- Unpack the WAR file and dump contents in an empty Eclipse Java project
- Add all the JAR files found in the
<project>/WEB-INFdirectory to the classpath
- Run ANT tasks to translate JSP pages to Class files and output to
- Bundle generated Class files into a JAR at
classes.jarto Jimple and output to
Ready to get started?
- First install the WAR Binary Processing plugin
- Then check out the provided tutorials to jump start your analysis