Backup is the first line of defense against any kind of data loss. Nevertheless, not many of us realize importance of backing up our source code until we have already lost it. This article explores the available tools and techniques to recover the java source code from a compiled java class file.
Problem:  Lost the Java source code
Solution: Decompile the Java Class File to discover the java source code. The solution assumes you have not lost the java compiled class files. You may not be able to successfully decompile the java “.class” if the some sort of Code Obfuscations tool is used.
The Tools and the Process
If you ever try to open a compiled java class file in a text editor, you may see some junk text as show in image 1.0. All of us have started our programming career with the most popular hello world program. A typical hello world program code is as follow…
/**
* The HelloWorldApp class implements an application that simply prints "Hello World!" to a standard output device.
*/
class HelloWorldApp {
    public static void main(String[] args) {
        System.out.println("Hello World!");    // Print String on standard output device
    }
}

Figure 1.0

Compiling the above code using javac gives us a HelloWorldApp.class file. The above Figure 1.0 is a screenshot of a compiled .class file for popular “Hello World” program. The class file is opened in MS-DOS EDITOR Program. I have intentionally used ms-dos editor, as notepad and other windows application would require the font to be set to “system” in order to view the extended ASCII characters.  Thus what you can deduce from above that the java source code is far more different from java class file or java’s compiled byte code. The long hours spent in formatting the code in readable form have no value to the compiler. Other that few readable character or strings there is nothing you can decipher out of a compiled byte code, which is a binary format.
There are several commercial and freeware tools available on the internet. One can find them using a quick Google search using the “java de-compiler” keywords. A de-compiler is program capable of decoding the java byte code and constructing the java source code out of it.  An obvious doubt in mind is, if you can get your Java source code file back together from the little pieces in the class file and If the de-compiler can produce exact java source code the way, you had written. The decompiled class file would generate source code without any comments in the code. It means that the those little pieces of information you had written around your code help you remember the logic applied will be lost in a generated source code from a java class file de-compilation process. This is because the “.class” file does not contain any comment. Compiler simply ignores all comments in the code while compiling the byte code.
As a programmer, even you can write your own tools that process other Java classes. This tutorial does not intend to teach you the method of writing a de-compiler program and it is beyond the scope of this tutorial. In the meantime, this discussion is only limited to de-compilation tools available in the market either free or for a price. In the following section, I would review some of the popular java de-compilers available on the net.
Javap: A Java program available in the Java SDK viz. javap can help you decompile the other Java programs. Javap is a command line tool installed along with JDK installation. The –c parameter must be passed to the program in order to disassemble the java byte code and generate source code.  The other useful parameters are –private to show all classes and members.
Mocha: Mocha is supposed to be a freeware as per the readme file contained in various distributions available on the net but on one site I came across some reference to Boarland’s exclusive claim on Mocha. Late HanPeter van Vliet of Netherlands wrote the Mocha program. Since mocha is a command line tool that must be used inside a DOS shell or command prompt. Mocha just showed the early Java hackers that it was possible to decompile Java Byte Code. The HelloWorld program above if decompiled using Mocha outputs as under:
/* Decompiled by Mocha from HelloWorld.class */
/* Originally compiled from HelloWorld.java */
import java.io.PrintStream;
public static void main(String astring[])
{
System.out.println("Hello, World");
}
public HelloWorld( )
{
}

As you can notice, the output is neither indented nor commented unlike your original code. Mocha though a freeware is not maintained any longer. It is believed to have some problems with some of the class file constructs generated by latest compilers.
Jad: Jad is a command line tool written in C++. It is free but a closed source program.  Jad can be downloaded from various mirrors (Location1, Location2, Location3) on the internet. Only binary distribution is available on the internet.
JD-GUI: Java Decompiler (JD) is a standalone graphical utility that can generate Java source codes out of java ".class" files. It allows you to view the methods and fields within the reconstructed source code inside the JD-GUI interface for instant access as shown in Image 1.1. The JD-GUI is free for non-commercial use.

Figure 1.1

It is therefore, implied that JD-GUI shall not be included or embedded into commercial software products. Nevertheless, JD-GUI may be freely used for personal needs in a commercial or non-commercial environment. JD-GUI is downloadable here.
Unlike commercial tools, the main challenge with freeware tools is about regular updates of the software to incorporate changes in the programming language. Several commercial de-compilers are available that are regularly updated in line with the changes introduced in the newer versions of Java or fix any known bugs.
How validate a de-compiler to verify if it is working fine?
You may validate a de-compiler to verify if the java de-compiler tool is working as expected by following below steps…
1.    Randomly pick up just any java code and compile it using javac.exe from in the JDK. It will generate the class file.
2.    Use one of the java decompiler to generate the source code from the “.class” file.
3.    Recompile the generated source code to a different location to generate a java “.class” file again.
4.    Compare the newly generated “.class” file with the “.class” file generated in step one above, byte-by-byte. If both the files are identical then the de-compiler tool is validated to work fine otherwise you may want to be double check before finalizing on the software.
In light of what is mentioned above you may not have any difficulty if ever you need to get your source code back from the java “.class” files. As mentioned above the physical access to “.class” files is a must in order to decrypt the byte code. However, it is still a better idea to backup your source code often than using a de-compiler.