Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

embedding a jar file into a class??  RSS feed

 
victor yelevich
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So i was being nosy today and cracked open the jar file for the java blue prints catalolg installer (bpcatalog-1.0.1_01-installer.jar). I see a meta-inf directory and a manifest file inside that. I also see a bpcatalog.class file at the root of the jar. Standard stuff right? Except for fact that the class file is a bit plump, 3.73 MB to exact. That made me go "huh?". So I decomile the class and see some code that looks like this:



looks like the class extracts an installer jar out of itself and then executes it



So I thought this was kind of neat was wondering if anyone has seen this before. Makes me wonder how I would go about stuffing a jar into a class my self.
 
Norm Radder
Ranch Foreman
Posts: 2240
28
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What do you get out when the code is executed?

Why is the byte array XORed with 0xaa?
 
victor yelevich
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
when u "run" the jar it creates a new jar, runs that jar which is the installer for the blue prints solutions. I'm not sure what the XOR is all about. it seems to have some sort of a signature in the file that it verifies against it may have somethin to do with it. I can post all of the source as it was decomiled by dj java decompiler.
 
Norm Radder
Ranch Foreman
Posts: 2240
28
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Interesting idea. I wonder how the data for the jar file was stuffed into the class file. Must have compiled the class, measured it and had a utility program copy and stuff the jar file bytes into the class file.
Need to look at the JVM Specifications book to see what's allowed in a class file.
What is the value of k1? It appears to be the offset into the class file to the start of the jar file bytes.
I wonder if the XOR of 0xaa is a decoding to keep the contents of the jar sort of hidden until the extraction step. But if the temp file is left laying around why bother???
 
victor yelevich
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
the temp file is created with delete on exit :-/

I don't care too much about the install jar itself althogh i'd like to see what's inside that since they have gone through all that to hide it. i kind of want to figure out how to do the same.
 
victor yelevich
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
here is the source ... if it helps any

 
Norm Radder
Ranch Foreman
Posts: 2240
28
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the code.
I guess that they want to hide the code in the jar file. Can it be obtained by somehow by freezing the OS, rebooting the system or ?

I wonder if the jar file is appended to the end of the class file with a copy program that XORs it to hide it a bit. The skip length is determined by compiling the program one time and looking at its length and then inserting that length into the code. The answer should be in the code you've posted.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!