Imagine a bacon-wrapped Ferrari. Still not better than our free technical reports.
See all our reports

Celebrate the Programmer’s Day with ZeroTurnaround

We are very passionate about our work and our trade. So as the 0x100th day was nearing, we decided to celebrate it with a special challenge to all you developers out there! (and especially Java developers). And if you can solve then you would automatically pass through the first round of interviews at ZeroTurnaround :)

For bonus points write in the comments how long it took you and what tools did you use.

Have fun!

  • Bruno Canettieri

    Little under 2 hours…used asciitable, jad and eclipse.

    I am mainly a .Net programmer so I discover some new things about Java =D Thanks

  • Oleg Shelajev

    Well, I hope you enjoyed it until the end :)
    But thanks for the feedback, when we prepare another puzzle, we’ll make it more etude-ish and try to deny all simple workarounds.

  • Murka

    Took about 3 hours to complete. I fixed the 42!=100 part, but the rest seemed to require more than hex editing. Looked for some decompilers but none could spew out code that would recompile so i took a shortcut and just wrote code to xor the array and give me the next file. Upon reading it i instantly found the this_is_what_you_are_looking_for and familiar range of hex codes.
    Probably would have been easier if i had touched java before.

  • Harro

    It took me about 2 hours yesterday to get to the challenge class. I was stuck because I could not convert that twisted array to proper bytecode. The problem was the JD decompiler. Thanks to comments in this thread, I tried this morning with JAD and was able to get a valid class. Almost there. Using the same trick to solve the puzzle url I found the solution URL. I may now apply for a job with ZeroTurnaround? :)

    Thanks for the challenge! Now let’s get back to work ;)

    Tools used: IntelliJ, Java, JAD, WinHex (and JD decompiler, but let’s forget that)

  •  Ah, so we were not supposed to fix the concurrency bug after all?  I grabbed the lock array using reflection and made both locks the same object.  That way we would not have the deadlock.  No output, of course.  I eventually just grabbed the method name and used that.  Was that what I was supposed to do?

  • Yeah, the idea was to spot it from the thread dump.

  • Took me almost an hour. 
    I used a frhed hex editor, jd decompiler, jbe, jdb, and Google Chrome for the final step. It was lots of fun!

  • Ivar Mällas

    Link was sent to me at 9:55. You solved the puzzle was replied 11:36 (same day :) ).
    Used eclipse, jad and google. I cheated though because I read comments and got clues about the tools to use. Never used a decompiler before so learned something new today. Thanks!

  • Anonymous

    agrrr… wanna laugh? Go ahead… At first I used stand-alone JD-GUI
    (neither eclipse plugin nor command line) and the result didn’t look at
    that moment as surprising for me as it is probably for rest of You guys,
    who used solved the puzzle using jad… What I saw was a main method
    containing only bytecode instructions in form of comments like that:

      public static void main(String[] paramArrayOfString)

        throws java.lang.Exception


        // Byte code:

        //   0: iconst_0

        //   1: istore_3

        //   2: goto +140 -> 142

        //   5: iload_3

        //   6: ifne +12 -> 18

        //   145: goto -140 -> 5


        // Exception table:

        //   from    to    target    type

        //   5    15    5    java/lang/Exception


    But as far as I understand JRebel is a lot about modifying bytecode(with
    some kind of higher level tools, but still), then I thought that the
    challenge might require me to actually study and understand each
    bytecode instruction and decode it to Java source – in my mind I
    congratulated Römer for such a interesting challenge (I though that
    probably he is the mastermind behind the challenge and based on final
    URL I guess I was right)… Well, I did it – it just took me a lot of
    time ;)

    Even though at the moment I feel a bit embarrassed for playing
    translator from bytecode to java I’m slightly proud as well. I should
    have tried other decompilers as well and make my life easier, but then I
    wouldn’t have learned anything about bytecode – at least now I
    understand how JVM interpreters each of those bytecode instructions ;)

    Obviously I was very surprised at first when I read comments from here that some guys have solved it in one or two hours :D

    My toolkit:

    1) eclipse

    2) code to convert from hex to string – at the moment not as proud as Super Mario with his single-liner

    3) Avira antivirus – tnx for the hint ;)

    4) 7zip

    5) JD-GUI – should have used jad

    6) few web pages regarding bytecode. Biggest thanx to Anton – I almost
    read this article 3 times to squeeze most out of this article:

  • Maciej M

    About 2h used jad, online hex editor, and the best java ide – idea :)
    Really nice fun, thx 

  • I used our domestic product for fixing fixMe method and utilities jps and jstack from JDK to locate deadlock.

  • Toomas Tamm

    Took about two hours. I first had to photograph the ad (the huge banner at Akadeemia tee in Tallinn) and then used hexdump, emacs, java, jdc, and I tried to re-compile the java code with gjc, but that failed. I had found this thread by the time and did not waste time on the concurrency issue. Instead, I wrote a piece in C (so I also used gcc) to decode the last part and again, thanks to this page, immediately proceeded to decoding the final URL.

    This was my first contact ever with java, and I do not think I wrote any piece in C in the last ten years or so… I am not a programmer at all, although I did a lot of programming in my previous life.

  • 1,5h. Found it late, but a very cool test. Used Eclipse, Unix tools (dd) and Apache BCEL. It was a huge fun.

  • Paulius

    Old, but nice one. ~15min; XCode, unzip, JAD, online tool for HEX2ASCII

  • Ryan Schipper

    A little over an hour. I’m on OSX, so I used 0xED, JD-GUI and jad.
    Probably wasted half an hour because JD-GUI couldn’t decompile that first one.

    Nice red herrings.

  • Ryan Schipper

    I had the same issue with JD-GUI. Wasted five minutes hand-modifying the indexes only to find that it also couldn’t decompile the main. Jad to the rescue!

  • Ryan Schipper

    Importantly, no clues. =)

  • after 3 hours I did it.
    Nice challenge.
    I just hope that I could get an interview now … =)
    Just a tip, I tried out some java decompilers, but I was not getting the whole decompiled class, until I found jode.

  • Guest

    2 minutes: window’s charmap and notepad -_-u

  • I think you only got the first step done!