0

I have some Binary file and I suspected in was created with Java. Is there a way to find out which environment created that file (for example if its Java or gcc). And if it was created with Java, how can I determine the version of the Java.

I know the file command and the output I get is:

ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), not stripped

It does not say much. So I used the ldd command:

    linux-vdso.so.1 =>  (0x00007ffff7ffe000)
    libpthread.so.0 => /lib64/libpthread.so.0 (0x00007ffff7dbf000)
    libdl.so.2 => /lib64/libdl.so.2 (0x00007ffff7bba000)
    libutil.so.1 => /lib64/libutil.so.1 (0x00007ffff79b7000)
    librt.so.1 => /lib64/librt.so.1 (0x00007ffff77ae000)
    libuuid.so.1 => /lib64/libuuid.so.1 (0x00007ffff75a8000)
    libm.so.6 => /lib64/libm.so.6 (0x00007ffff732d000)
    libc.so.6 => /lib64/libc.so.6 (0x00007ffff6fb1000)
    /lib64/ld-linux-x86-64.so.2 (0x0000555555554000)

Still does not tell me much. Are there other methods?

EDID: I think that my question does meet with the "XY-Problem". I'll try to understand the issue. I'm trying to determine if my tool (lets call it toolA) uses Java and if it does - does it take it from the enamorment or is it hardcoded. My tool uses other tools so it is possible that one of them uses Java. I have a special tool (lets call it toolX) which tracks all the touched files while toolA is running. From the output, I found out that the Java comes from the binary file I talked. I found out that it uses Java1.6 but I'm not sure if it is coming from my environment or if it hardcoded. Also, I can't check if it's hardcoded because it is a Binary file. What to do?

vesii
  • 2,760
  • 4
  • 25
  • 71
  • What do you mean by "created with Java"? – melpomene Jun 03 '19 at 17:00
  • @melpomene Build or compiled with Java. I have found out that my Tool uses that file and has a Java process coming from it. My goal is to understand what Java is used (does it takes the Java from my environment or is it hardcoded). – vesii Jun 03 '19 at 17:03
  • 2
    If you mean `javac`, that does not produce native code (it generates bytecode for the JVM). – melpomene Jun 03 '19 at 17:04
  • If it was compiled with Java it wouldn't be an ELF. If it was a Java artifact simple decompilation or even just looking at the class files would say what version of Java it expected. Any number of tools can be used to create an executable, whether or not you can determine that tool depends on what created it. Even then you may *still* not know, because an executable could be created from something that transpiles to C/etc. which would then be compiled by GCC (or any other compiler). What *specific* problem are you trying to solve? Rarely is knowing the specific tool of much value. – Dave Newton Jun 03 '19 at 17:08
  • Are you compiling Java to native code? (https://stackoverflow.com/q/2991799/72178) – ks1322 Jun 03 '19 at 17:11
  • 1
    This smells like an [XY problem](https://meta.stackexchange.com/questions/66377/what-is-the-xy-problem). – melpomene Jun 03 '19 at 17:12
  • Java does allow you to compile down to native code, if I recall correctly. Are you doing that in your programs? – jww Jun 03 '19 at 17:39
  • Hi guys, thanks for the replies. I updated the question. – vesii Jun 03 '19 at 17:44

0 Answers0