-1

I'm downloading a File from the Internet (How to download and save a file from Internet using Java?) but I dont want the File to be created before it gets runned. So what I thought was : I download the file put it in a file new File("myJar.jar"); and now instead of doing Runtime.getRuntime().exec("java -jar myJar.jar"); <= (I would need to create the file...) I will unzip the jar and get the bytes of every class and put them into the Classloader to run the program. Is this a good way or what would you recommend? Java: How to load Class stored as byte[] into the JVM? <= Will this run the program if I load every class from the jar?

Edit: This should be done to make crackers a hard time getting the file.

Edit 2: And how would it be possible if its not a jar but a .exe? This is needed when I compile the jar to native code, then its an .exe, so crackers cant get the code out of the jvm.

John E.
  • 55
  • 1
  • 8
  • 1
    Right, what is the problem you're really trying to solve here? Why do you not want the file to be created before it gets run? – Joe C Jul 30 '17 at 09:15
  • To make crackers a hard time, they would have to acces their ram to get the file. – John E. Jul 30 '17 at 09:24
  • 1
    But the file is already available on the Internet. Surely a cracker who really wanted this file so badly would just get it from there? – Joe C Jul 30 '17 at 09:25
  • To get the file from the Internet is not easy you would need to find the link and the Launcher (which contains the download link) is compiled to native code, so you cant read the strings, right? – John E. Jul 30 '17 at 09:27
  • 2
    No. A cracker would just have to use a HTTP sniffer to find where you dowload the file from. – JB Nizet Jul 30 '17 at 09:30
  • 1
    That doesn't matter. Once the cracker has the packets that were downloaded using @JBNizet's HTTP sniffer, (s)he can then use those to create the file. – Joe C Jul 30 '17 at 09:36
  • 1
    So I'm going to come back to my original question: what is the *real* problem you are trying to solve here? You clearly do not want users to have access to the JAR file, but what is the reason for that? Perhaps we can help you to solve that problem, and not the one you think you want to solve. – Joe C Jul 30 '17 at 09:41
  • I dont want the Jar to be cracked because its a project with ~60h of work. – John E. Jul 30 '17 at 09:43
  • XY problem. What you are asking about won't solve that. – user207421 Jul 30 '17 at 10:36
  • @EJP I only want help for the problem discribed above and not for anything else, thanks. – John E. Jul 30 '17 at 10:48

1 Answers1

0

Try using URLClassLoader that does the job for you. You can later find META-INF/manifest.mf with findResource(...) method, read it, figure out main class, find it and call its main(...) method, doing exactly the same thing as you would be doing with java -jar ...

Filip Malczak
  • 3,124
  • 24
  • 44
  • Will this work if the download is password protected (as the OP said in a comment earlier)? – Joe C Jul 30 '17 at 09:37
  • Missed the part about the password. Will edit the answer with appropriate solution, which is based on in-memory byte stream. – Filip Malczak Jul 30 '17 at 10:25
  • Fair enough. Glad you've got it ;) – Filip Malczak Jul 30 '17 at 10:42
  • And what if the file is not a jar but its an .exe? @FilipMalczak? – John E. Jul 30 '17 at 11:07
  • You won't be able to run .exe inside JVM - it can only run Java bytecode (mind that Jython, Clojure, etc also compile to Java bytecode, even though these are different languages than Java). .exe file needs to be orchestrated by Windows operating system (or any system that has needed API, e.g. Linux with Wine) - to run it from Java you need Runtime.getRuntime().exec(...) – Filip Malczak Jul 30 '17 at 11:14
  • So I would need to create the file?@Filip Malczak – John E. Jul 30 '17 at 11:23
  • Most probably, yeah. I guess it is possible to have some virtual filesystem and trick Windows into thinking that some part of RAM is really a file, but I suppose that is real overcomplication. – Filip Malczak Jul 30 '17 at 11:49