Thread: How Did They Obtain .jar Files Back then?

Page 1 of 2 12 LastLast
Results 1 to 10 of 11
  1. #1 How Did They Obtain .jar Files Back then? 
    Extreme Donator

    Join Date
    Feb 2014
    Posts
    336
    Thanks given
    4
    Thanks received
    5
    Rep Power
    20
    I'm curious as to how people obtained a .jar file all the way back then. Like when people first started decompiling the client, etcetera...
    I recall they began to make a downloadable installer and then runnable client back then, but as far as I recall, that was a .msi file, assuming C++. Prior to that, it was web based.
    Looks like on recent versions on Firefox, you can save webpages, though I'm not sure if that was a feature you could do all the way back then.
    Even if you could, I'm not sure if that saved the applet itself along with it. I don't think it would, because then that would be all of the game code out in plain sight. It looks like upon trying to save a web page with an applet, it does not save everything along with it. Bringing up the question again, how did they get their hands on this stuff?

    I'm seeing some stuff here about the server, but I'm not really sure how that was obtained either.
    https://www.moparisthebest.com/origrs2/
    Reply With Quote  
     

  2. #2  
    Registered Member
    Teemuzz's Avatar
    Join Date
    Oct 2009
    Posts
    2,755
    Thanks given
    1,212
    Thanks received
    422
    Rep Power
    934
    Navigate to jar file and ctrl s

    How mitb did it was check version with an automated tool and use a cmd line tool to download the client


    Iirc if you went to the Web page with a jar extension It'd had no applet paras and asked you what you would like to do with it aka save. The thing you're wondering with code in plain sight is also the reason why jagex invested heavily in obfuscation
    Reply With Quote  
     

  3. #3  
    Registered Member

    Join Date
    Oct 2014
    Posts
    192
    Thanks given
    31
    Thanks received
    15
    Rep Power
    81
    I wasn't around back then but i imagine they simply reverse engineered the runescape launcher to find that it is just an exe that is linked with the JVM libraries, and all it does is create a new JVM process and then loads the file called "JagexAppletViewer.jar" (found in the same directory as the launcher) into it, parsing a "config URL". Going to the URL in your browser will show you its literally just a config file that specifies things such as the language & where to find the game applet (the one that used to be displayed on browsers).
    Reverse engineering the JagexAppletViewer.jar file they found that it simply downloads the config from the URL, from there it reads where it can download the java applet, which it then also downloads & loads into the JVM. It then simply creates a JFrame and embeds this applet into it and then calls the applets start function to run it like it would in a browser.

    So with all that info, when they wanted to dump everything into a single executable jar file, they started by simply going the the URL specified by the config. Downloading the applet directly, which they then decompiled to java source code. This code wouldn't actually be runnable by itself, because it doesn't actually have a main method as its just an applet (its meant to be downloaded in a browser, which will then call its run method). Also it doesn't create any window by itself, because again, that's meant to be handled by the browser. To make it runnable they would simply add a new class with a main method that creates a JFrame and embeds the applet into it (just like jagex's JagexAppletViewer does).

    To get an actual runnable jar file you just recompile everything and package it into a .jar.
    Reply With Quote  
     

  4. #4  
    Registered Member
    Teemuzz's Avatar
    Join Date
    Oct 2009
    Posts
    2,755
    Thanks given
    1,212
    Thanks received
    422
    Rep Power
    934
    Quote Originally Posted by Aks3l View Post
    I wasn't around back then but i imagine they simply reverse engineered the runescape launcher to find that it is just an exe that is linked with the JVM libraries, and all it does is create a new JVM process and then loads the file called "JagexAppletViewer.jar" (found in the same directory as the launcher) into it, parsing a "config URL". Going to the URL in your browser will show you its literally just a config file that specifies things such as the language & where to find the game applet (the one that used to be displayed on browsers).
    Reverse engineering the JagexAppletViewer.jar file they found that it simply downloads the config from the URL, from there it reads where it can download the java applet, which it then also downloads & loads into the JVM. It then simply creates a JFrame and embeds this applet into it and then calls the applets start function to run it like it would in a browser.

    So with all that info, when they wanted to dump everything into a single executable jar file, they started by simply going the the URL specified by the config. Downloading the applet directly, which they then decompiled to java source code. This code wouldn't actually be runnable by itself, because it doesn't actually have a main method as its just an applet (its meant to be downloaded in a browser, which will then call its run method). Also it doesn't create any window by itself, because again, that's meant to be handled by the browser. To make it runnable they would simply add a new class with a main method that creates a JFrame and embeds the applet into it (just like jagex's JagexAppletViewer does).

    To get an actual runnable jar file you just recompile everything and package it into a .jar.
    Back in the day there was a signed and unsigned client, the signed one used the loader and using the unsigned client in the browser just ran the client jar directly with applet parameters where the signed one downloaded a dat3 (was just a zip(?) file with the classes iirc) file with the loader which added in the classes missing (in 500+ that was most of the fullscreen features and some other little quirks)

    Atleast around 562+ the unsigned client no longer saved cache files, it ran on memory because the file system was a part of the loader and not the client, presumably because they might use a flat file format in development

    The client class had a JFrame included it was never truncated with obfuscation, the main (run as application) method was always there
    Reply With Quote  
     

  5. #5  
    Moderator
    Ramenryoko's Avatar
    Join Date
    Jul 2006
    Posts
    174
    Thanks given
    4
    Thanks received
    6
    Rep Power
    36
    The jar files were easy to download if you knew the URL to grab them from back when I first started. Java applets aren't a thing anymore but before it was really easy to grab the jar as they were embedded in the web page. The jar contained obviously only obfuscated compiled Java files, .class files. Back in 05 when I first started working on private servers we were all using a de-obfuscated but non-refactored rev. 317 client (Except for Class7 which eventually got decompiled). The cache files if you played real RuneScape would download to your computer automatically as back then the cache was pre-loaded. With a minor tweak come rev 377 we were able to load the rev 377 through the 317 client.

    You could navigate to your user in Windows for example and get the .file_store_32 folder which contained all of Jagex's cache files. WinterLove made the first server which had no player, just scrolled through Edgeville randomly spawning items iirc back on the Kaitnieks forums. Since then a lot of people built off his server but these days there are many new sources that arent based off that first server.

    Hope this helps with a little bit of the history.
    Reply With Quote  
     

  6. #6  
    Extreme Donator

    Join Date
    Feb 2014
    Posts
    336
    Thanks given
    4
    Thanks received
    5
    Rep Power
    20
    Quote Originally Posted by Ramenryoko View Post
    The jar files were easy to download if you knew the URL to grab them from back when I first started.
    Can you specify an example?
    Reply With Quote  
     

  7. #7  
    Registered Member
    Teemuzz's Avatar
    Join Date
    Oct 2009
    Posts
    2,755
    Thanks given
    1,212
    Thanks received
    422
    Rep Power
    934
    Quote Originally Posted by Excavation View Post
    Can you specify an example?
    http://world1.runescape.com/client.jar


    Deadass
    Reply With Quote  
     

  8. Thankful users:


  9. #8  
    Extreme Donator

    Join Date
    Feb 2014
    Posts
    336
    Thanks given
    4
    Thanks received
    5
    Rep Power
    20
    Looks like they were able to do it back in Classic.
    This page tells a bit more info.
    http://evilcowgod.com/LBB/BOOK5/inde...S Cheating 5.0

    "mud client" assuming multi-user dungeon
    so the .jar file actually originates prior

    Looks like obtaining the .jar file was assumed known to be done back in 2005 as well to some extent
    https://web.archive.org/web/20050430...ead.php?t=1003
    Reply With Quote  
     

  10. #9  
    Registered Member
    Teemuzz's Avatar
    Join Date
    Oct 2009
    Posts
    2,755
    Thanks given
    1,212
    Thanks received
    422
    Rep Power
    934
    Quote Originally Posted by Excavation View Post
    Looks like they were able to do it back in Classic.
    This page tells a bit more info.
    http://evilcowgod.com/LBB/BOOK5/inde...S Cheating 5.0

    "mud client" assuming multi-user dungeon
    so the .jar file actually originates prior

    Looks like obtaining the .jar file was assumed known to be done back in 2005 as well to some extent
    https://web.archive.org/web/20050430...ead.php?t=1003
    Lmao they probably gave jagex the idea to mock up that reflection cheat check packet
    Reply With Quote  
     

  11. #10  
    Extreme Donator

    Join Date
    Feb 2014
    Posts
    336
    Thanks given
    4
    Thanks received
    5
    Rep Power
    20
    Quote Originally Posted by Teemuzz View Post
    The thing you're wondering with code in plain sight is also the reason why jagex invested heavily in obfuscation
    Do you know when they started obfuscation?
    Reply With Quote  
     

Page 1 of 2 12 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. How to make a .Jar file on Runeunity Base?
    By Drop X Rates in forum Help
    Replies: 2
    Last Post: 06-22-2017, 05:01 AM
  2. Replies: 5
    Last Post: 04-22-2014, 07:18 AM
  3. How to make a jar file?
    By RetaliationRSP in forum Help
    Replies: 9
    Last Post: 04-22-2014, 05:03 AM
  4. How to decompile JAR files
    By Origin's Bitch in forum Snippets
    Replies: 3
    Last Post: 02-06-2010, 04:35 PM
  5. how did they...
    By Joe in forum General
    Replies: 4
    Last Post: 12-28-2007, 10:47 PM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •