Wednesday, June 20, 2012

A Trusted Java Applet to run?!@$@#?

This had been on my mind for a very long time but i haven't found the time to write about it.

I find it kind of strange to see so many websites out there that "Required a Trusted Java Applet to run" in order to download videos from various video sharing websites.

Why in the world would you want to run a Java applet which you have no access to, just to download a video?

So i took some time to see what is within the .jar file. The first target for today is http://keepvid.com
It looks normal like this.






Just by browsing the website, you won't be prompted to run the Java applet. However, if you enter a video link like the one below:

You will see that your browser will prompt you on whether you want to run the Java applet.



Let's take a look at the source code of the website now and we are able to find the location of the .jar file


By visiting http://keepvid.com/java/keepvid.213.jar we are able to download the .jar file

Basically, .jar is a container of a java compiled application. Now let's download a Java decompiler to decompile this shit. A very friendly and easy to use Java Decompiler is JD-GUI, http://java.decompiler.free.fr/

Using that, you are able to see the original source code and inspect whether KeepVid's Java applet is indeed non-malicious and safe to use.


As we can see from the image above, everything seems good. If you are really paranoid, just throw it to VirusTotal.com to let all the Anti-Virus analyse it. xDDD

Well, time to head back to solving challenges.


Cheers
0x4A61636F62



No comments:

Post a Comment