0

I'm trying to reverse-engineer Java-Web-Start application for fun. It's ukrsibbank's JWS app (here's its jnlp-file: https://my.ukrsibbank.com/ua/staraccess/ibank2ua.jnlp). Reason why I'm doing it is way far from evil intents (but who knows how far I can go :) ), I really do it for educational purposes and personal fun. May be I'll manage to implement my own solution for this app as currently it is waaay far from excellence.

Ok, to make long story short: currently I managed to trace the app's some http(s) payloads by using JMeter as a proxy (I followed this article: How to record a JNLP/ Java Web Start application with JMeter). I can see requests and responses which retrieve the app's some jar/xml/cert/etc. files but when I start using the app itself no more http(s) requests/responses are tracked by JMeter.

Is there a way to track all communications between Java-Web-Start app and web services/protocols/servers/other web resources it turns to?

I'm not that good with tools for tracking/sniffing http/soap/etc. payloads, I started using JMeter only today. All suggestions/links/ideas are appreciated.

fastovezz
  • 1
  • 5
  • JNLP will tell JWS what jar to use and which class to instantiate in that jar to start the application. THat's it. If you want to follow up, you need to get into details of the JAR itself and see how it communicates with server. – Alfabravo Feb 11 '19 at 18:55
  • Hi @Alfabravo. Thanks for your reply. I believe I misused some terms. I've just changed all "jnlp application" entries to "Java-Web-Start application". I understand, that jnlp file is a JWS app's descriptor so to say which tells where and which app's components, i.e. jars, to retrieve from. I decompiled *.class files from jars of this JWS app but got java sorces extremely obfuscated to the extent when they can hardly be understood. My idea is to trace all the data transferred between this JWS app and web servers it communicates to and based on that data to reengineer new app. – fastovezz Feb 11 '19 at 22:02
  • I use JMeter for this but I only managed to trace first several http(s) requests/respinses which transfered jars, cacerts, xmls forming this JWS app but when logged in to the app and I started using it no more http requests/responses were tracked by JMeter. Maybe this JWS app uses not the http(s) protocol to communicate to its servers. And maybe it could be seen from code which way this JWS app communicates to the outer world. But as I said it's decompuled code is extremely obfuscated and thus hard to understand. – fastovezz Feb 11 '19 at 22:03
  • So may be there are some other tools which allow to sniff app's communication with the outer world and to find out which protocols/channels it uses. I'm asking to help me wirh ideas how find out those communication channels and to track data sent via them. – fastovezz Feb 11 '19 at 22:05
  • Yes there are plenty. Just google for network sniffer E.g. https://www.wireshark.org/#download – Lonzak Feb 11 '19 at 23:25
  • Thank you @Lonzak. – fastovezz Feb 12 '19 at 10:50

0 Answers0