#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    4
    Rep Power
    0

    Jar applet - security


    Hello,

    My scope was to embed a web-based ssh client in my php site. So, I searched in the Internet and I found a jar that suited in my site.
    This jar file (is it allowed to post here which one I found?) is loaded through <applet>.

    My question is whether this file is secure or not, in the manner of fact that this ssh client gives you root permissions on systems, lets you type passwords and login remotely on other systems (using passwords again). Probably, this jar file could be harmful enough to collect passwords and send them somewhere else, isnt it?

    How can I confirm that this code is secure enough?
    (i.e. tcp dumping - to catch if that file communicates with somewhere else, antivirus scanning)

    Thanks a lot
  2. #2
  3. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,316
    Rep Power
    7171
    The only way to really be sure would be to analyze the source code for the applet.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    4
    Rep Power
    0
    Indeed. But I only have the .jar file. Do you have an easy way to view the .java files into it? (i.e. does Netbeans have such functionality?)

    i.e. since this is a ssh client program, the code must be really huge

    Originally Posted by E-Oreo
    The only way to really be sure would be to analyze the source code for the applet.
  6. #4
  7. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,316
    Rep Power
    7171
    You can extract the files from a JAR (google for this), however the JAR might not contain the original source files.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo