Ciro Santilli
OurBigBook.comTODO it would be cool to have a look at the JARs and see if they have anything in common that makes for a good fringerprint. Would not help find new ones, but would help to confirm possible hits.
web.archive.org/web/20110208072027/http://newsupdatesite.com/update.jar unzips to:so it is fully obfuscated.
.
./c
./c/b
./c/b/b.class
./c/b/c.class
./c/b/d.class
./c/b/a
./c/b/a/a.class
./c/b/a/b.class
./c/b/a/c.class
./c/b/a/d.class
./c/a
./c/a/a.class
./c/a/b.class
./c/a/c.class
./b
./b/a
./b/a/a
./b/a/a/e.class
./b/a/a/f.class
./b/a/a/a.class
./b/a/a/b.class
./b/a/a/g.class
./b/a/a/c.class
./b/a/a/d.class
./META-INF
./META-INF/MANIFEST.MF
./a
./a/cre
./a/a
./a/a/b
./a/a/b/a.class
./a/a/a
./a/a/a/e.class
./a/a/a/applet.configs
./a/a/a/b
./a/a/a/b/e.class
./a/a/a/b/f.class
./a/a/a/b/b.class
./a/a/a/b/g.class
./a/a/a/b/c.class
./a/a/a/b/d.class
./a/a/a/b/a
./a/a/a/b/a/a.class
./a/a/a/b/a/b.class
./a/a/a/b/a/c.class
./a/a/a/c.class
./a/a/a/d.class
./a/a/a/a
./a/a/a/a/a.class./META-INF/MANIFEST.MFManifest-Version: 1.0
Ant-Version: Apache Ant 1.7.1
Created-By: 1.5.0_17-b04 (Sun Microsystems Inc.)Other files whose existence might help to fingerprint include:
a/a/a/applet.configs- empty
a/cre
A quick:does not reveal any obvious cryptography calls.
find . -type f | xargs strings | sort -uweb.archive.org/web/20110207204640/http://flyingtimeline.com/aircraft.jar is very similar looking.
META-INF/MANIFEST.MF is identical:Manifest-Version: 1.0
Ant-Version: Apache Ant 1.7.1
Created-By: 1.5.0_17-b04 (Sun Microsystems Inc.)web.archive.org/web/20110202185659/http://differentviewtoday.com/bwm.jar is a bit different with tree:and:
META-INF/MANIFEST.MF
a/a.class
b/a/a/a.class
b/a/a/b.class
b/a/a/c.class
b/a/b/a.class
b/a/b/b.class
b/a/b/c.class
b/a/b/d.class
b/a/b/e.class
b/a/bw.properties
b/a/c.class
c/a/a/a.class
c/a/a/b.class
c/a/a/c.class
c/a/a/d.class
c/a/b.class
c/a/c.class
c/a/d.class
c/a/e.class
c/b/a.class
c/b/b.class
c/b/c.classMETA-INF/MANIFEST.MF
Manifest-Version: 1.0
Ant-Version: Apache Ant 1.6.5
Created-By: 1.5.0_12-b04 (Sun Microsystems Inc.)