Ales 2 Posted April 5, 2016 Hello guys, i am working on application in java which will connect to mysql database remotely. However, i have in java all information about database such as hostname, username and password and table name. A user would have to download jar file and login to system (similliar to all bot softwares), but i am afraid of security risks All jar files can be decompiled and everyone can see source code. They would get all information about database. Is this a security risk and what should i do instead? Thank you , i wanted to ask this on overstackforum but they kept blocking my title.
BigBone 4 Posted April 5, 2016 Okay so heres how you're going to do it fam. Ok so you're gonna have a server yafeelme? ok and your gonna have a client okyafeelme? Ok heres the short explanation server is run on your computer or vps or something ok? basically it will handle everything such as logging in, logging out, passing data. Since this is on your side they won't have any details on your database etc... ok so the client is next the client is what they run it will send shit like username and password when entered to the server and then wait for a response like .... login(user, pass) return true (logged in yes false no bad guy). store. actually fam pass back something unique ya feel then u go do like getScript(user, scriptid, uniqueshit) then the server will check verify authentic ya feel?? then if all still checks out it will get the script from database then pass it to this client ayyy right??? ok so thats basically secure. Just do note if you use your own personal computer you will be displaying your internets ip and badman like novak will pay 3k to get it ddosed. so be safe use protection lots of condoms (only 1 at a time 2 condoms at once can make it break yafeel>??) ok so have fun and remember subscriber for me!
Calle 25 Posted April 16, 2016 Ignore the guy above, try Obfustications, there are free ones out there
Mad 86 Posted April 16, 2016 Ignore the guy above, try Obfustications, there are free ones out there Absolutely not, do NOT put your database details or any private details on the client side.
Calle 25 Posted April 16, 2016 Absolutely not, do NOT put your database details or any private details on the client side. If he obfusticated the code and the info are in a string, the information will be lost
Pandemic 2853 Posted April 16, 2016 Never put important data like database credentials in your scripts/programs, even with all the obfuscation in the world it can easily be found.
Mad 86 Posted April 16, 2016 If he obfusticated the code and the info are in a string, the information will be lost I dont think you understand what obfuscation is. It would still be the same string, do you mean hashed maybe? If youre talking about modifying the string so the user cant view the details, how do you expect it to work to connect to the database then lol shud always do script > php > database database > php > script or not php because php is disgusting
Ales 2 Author Posted April 24, 2016 Absolutely not, do NOT put your database details or any private details on the client side. Ignore the guy above, try Obfustications, there are free ones out there If he obfusticated the code and the info are in a string, the information will be lost shud always do script > php > database database > php > script Never put important data like database credentials in your scripts/programs, even with all the obfuscation in the world it can easily be found. I dont think you understand what obfuscation is. It would still be the same string, do you mean hashed maybe? If youre talking about modifying the string so the user cant view the details, how do you expect it to work to connect to the database then lol or not php because php is disgusting i just save it to java properties file.. or would you advice me to use webservice
Calle 25 Posted April 24, 2016 i just save it to java properties file.. or would you advice me to use webservice webservice if possible
Recommended Posts
Archived
This topic is now archived and is closed to further replies.