Menu
I want to evaluate a software solution where multiple people have submitted JAR files to perform a task on Windows.
Is it possible to check whether the JAR file performs any additional unwanted behaviors besides those it claims to perform on your machine?
533
On the command line, run the jar command like this: jar -tvf <jarname> . The 't' says "test", 'v' I believe means "verbose", and 'f' means "file". You can also open a JAR in any ZIP program.
Although JAR malware is not a very common attack vector, it cannot be ignored. The cross-platform applicability of JAR malware can enable attackers to infiltrate organizations in multiple areas, with just a single piece of malware.
Most JAR files are simply containers for data that another program needs to run with Java; therefore you cannot run these files and nothing will happen when you double-click them. Similarly, most executable JAR files are downloaded as installation files to install applications or programs.
First, you can use a JVM set with SecurityManager to do run your application in a way that it can have limited access to sensitive functions.
You can also set up a "sandbox" so the jar cannot have permissions outside of the sandbox... you could use chroot or a similar tool in a linux/unix environment.
62
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
