Java Applet Hacking
by Xprotocol
When you go to check your email, you type in your name and password and, if correct, you get access to your mail.
Email websites use what is known as CGI programs. These are programs stored on an email server used for many things like password prompts, online polls, etc. The only way to hack a CGI program is either by brute forcing someone's name or gaining illegal access to the server and searching for password files.
Many people have a non-virtual domain website (meaning they don't get a .com but something like www.geocities.com/Area51/Nebula/1416) which they probably get for free.
The server may not offer CGI tools or even a CGI bin to store your own programs. Even if the server has a CGI bin for your programs, you still need to know the language.
However, many websites and servers offer free Java applet source code for neat webpage design. Someone can easily get ahold of this code and put a password prompt on their website for friends or members. Since Java is a program about as much as HTML is, it can't be used for high security.
Any password prompt that is a Java applet just takes you to another site.
Example: You get a Java applet prompt at www.example.com. Entering the correct username and/or password will take you to www.example.com/home.html. Someone could easily guess this and go directly to the so called protected website with no password prompt.
However, if you try this with a CGI script you will get an "Incorrect name or password" message or a username and password prompt.
As you can see, Java is the much easier choice, but comes with less protection. Many non-virtual domain websites will use Java applets as a source of security. The neat thing for hackers is that these can be hacked very easily and without having to gain illegal access to that server. When I first came in contact with one of these things, I had no Java experience at all and very little programming knowledge. I broke through the barrier in about two days.
First, you may want to install an HTML editing utility such as FrontPage Express. If you can't get ahold of one, using Notepad will work just fine.
Find the password prompt that you want to break. Make sure that it is Java. At the bottom of your browser there should be a message that says "Applet Initialized." This means that the password prompt is Java. Using Internet Explorer, right-click on the page and choose edit or view source if you don't have an HTML editor.
In the editor, it displays the applet as pass1.class. In Notepad I get the entire HTML code with a string that looks like this:
This tells me that the applet uses two sources of code, psw1.class and psw1.jar.
psw1.class, however, is just the applet code and is contained within the HTML of www.example.com.
Using Internet Explorer, I type in: www.example.com/psw1.jar
This asks me if I want to download or open the file. Select open and choose Notepad when asked what to open the file with.
I search through all the code looking for a file. I find one we'll call text.txt. Using IE again, I type in: www.example.com/text.txt
There in front of me is a list of usernames and passwords. I can now use these to determine the hidden webpage. I type one in and it takes me to: www.example.com/home.html
I can now type directly into my browser this address without getting a password prompt.
Right now you might be wondering, "If I'm not breaking into the server and just going to a public website, is this illegal?" Well, yes and no, but no for the most part. The person might not be able to sue you because he did not use strong enough protection. However, you might not want to take the chance. If you really want to do this, go ahead and do it on a public computer.
The technique to breaking Java applet passwords is looking through all files associated with that page and looking for more until you get some sort of list.