0

I have an hp server with capability of kvm redirection for remote administration. It is made via java applet. I have downloaded an application itself from this url: http://ip_of_lo100/M2.JAR. I am able to run it with java -jar M2.JAR. Now I want to make it automatically connect to remote console, so I do not need to copy paste values of server address, username and password every time.

In the source code of web page with applet I can see the following code:

<APPLET CODE="com.serverengines.mahogany.MahoganyViewer.class" mayscript="true"ARCHIVE = "M2.JAR" WIDTH="400" HEIGHT="250"alt="JavaScript has been disabled or is not supported by your web browser which is needed by the Virtual KVM/Media applet. Please correct this problem.">
<PARAM NAME="NonSecure_KVMPort" VALUE="80">
<PARAM NAME="sessiontype" VALUE="kvm" >
<PARAM NAME="port" VALUE="5901" >
<PARAM NAME="ipaddress" VALUE="172.17.10.77" >
<PARAM NAME="sessiontype" VALUE="kvm" >
<PARAM NAME="httpdata" VALUE="72E36147CB88E76E6B6A8ECB9FADB95B208CB9509682452D1DDA3EC715C91B031C83F3F842D109E34378933F3E14649F" >
<PARAM NAME="username" VALUE="admin" >
<BR><p class="errorcolor">JavaScript has been disabled or is not supported by your web browser which is needed by the Virtual KVM/Media applet. Please correct this problem.</p></APPLET>

I have no idea why they used sessiontype twice. Then I tried to launch jar file like this:

java -jar M2.jar \
NonSecure_KVMPort="80" \
sessiontype="kvm" \
port="5901" \
ipaddress="172.17.10.77" \
sessiontype="kvm" \
httpdata="72E36147CB88E76E6B6A8ECB9FADB95B208CB9509682452D1DDA3EC715C91B031C83F3F842D109E34378933F3E14649F" \
username="admin"

and that worked: I got the remote console without (kinda) copy-pasting anything to java application.

But the problem is that this httpdata value is different all the time. So I need to visit web page anyway (probably with curl).

But I wanted to launch remote console something like follopwing:

java -jar M2.jar \
ipaddress="172.17.10.77" \
username="admin" \
password="mypassword"

But the application seems to not know such a parameter "password", it just immediately exits.

So I wanted to explore a jar file itself to determine which parameters does it accept. Is that possible?

Edit: For this specific problem, I have found this project which allows you to launch console automatically.

Ashark
  • 643
  • 7
  • 16
  • 1
    You can try your luck with tools like JD-GUI. Have you looked into https://stackoverflow.com/questions/272535/how-do-i-decompile-java-class-files ? – GhostCat Nov 27 '20 at 09:57
  • 2
    But note: note that your JAR might be obfuscated, or the OWNER of that code might explicitly tell you in the terms of service that reverse engineering isn't allowed. You better check such things first! – GhostCat Nov 27 '20 at 09:57
  • Another thing to try would be to see if it has a `--help` or `-h` option, or if you can provoke it into outputting some kind of "usage" message. – Stephen C Nov 27 '20 at 10:04
  • 1
    A third possibility: search for or ask the vendor for documentation! – Stephen C Nov 27 '20 at 10:05
  • It's actually pretty rare for a jar to work as both an Applet and a stand-alone application, so you're already in luck. I'd have expected that to not work at all. – Joachim Sauer Nov 27 '20 at 10:09
  • @StephenC there is no --help or -h, application exits. I wanted the same thing for exe file long time ago, and the solution was to use strings. https://stackoverflow.com/questions/8869219/how-can-i-find-out-if-an-exe-has-command-line-options I thought it would be something similar for jar files. – Ashark Nov 27 '20 at 10:15
  • 1
    No it isn't. If you want to make progress, try GhostCat's suggestions. – Stephen C Nov 27 '20 at 10:42
  • @GhostCat thanks for your JD-GUI advise. There is a search inside application. Seems the only file that has "PARAM" substing is com.serverengines.mahogany/MahoganyViewer.class. There are some extra parameters, but not for password. And by the way looks like they interpret password as httpdata: `public static final String PARAM_PASSWORD = "httpdata";` I have tried to use httpdata with my password, but no luck. – Ashark Nov 27 '20 at 11:00
  • As said, besides reverse engineering, your best option is to get in contact with the people "owning" that product. – GhostCat Nov 27 '20 at 12:07

1 Answers1

1

Thanks to commenters of the question. I am summarizing received info in the form of an answer.

No, it is not possible to clearly determine possible jar arguments.

The only options are:

  • contact the developer/vendor and ask them to provide documentation
  • try your luck with tools like JD-GUI
  • reverse engineer the jar file
Ashark
  • 643
  • 7
  • 16