Jump to content
Frequently Asked Questions
  • Are you not able to open the client? Try following our getting started guide
  • Still not working? Try downloading and running JarFix
  • Help! My bot doesn't do anything! Enable fresh start in client settings and restart the client
  • How to purchase with PayPal/OSRS/Crypto gold? You can purchase vouchers from other users
  • mysql and java .jar


    Ales

    Recommended Posts

    Hello guys, i am working  on application  in java which will connect to mysql database remotely.

     

    However, i have in java all information about database such as hostname, username and password and table name. A user would have to download jar file and login to system (similliar to all bot softwares), but i am afraid of security risks

     

    All jar files can be decompiled and everyone can see source code. They would get all information about database. Is this a security risk and what should i do instead?

     

     

    Thank you , i wanted to ask this on overstackforum but they kept blocking my title. 

    Link to comment
    Share on other sites

    Okay so heres how you're going to do it fam. Ok so you're gonna have a server yafeelme? ok and your gonna have a client okyafeelme?

     

    Ok heres the short explanation

     

    server is run on your computer or vps or something ok? basically it will handle everything such as logging in, logging out, passing data. Since this is on your side they won't have any details on your database etc...

     

    ok so the client is next

     

    the client is what they run it will send shit like username and password when entered to the server and then wait for a response like .... login(user, pass) return true (logged in yes false no bad guy). store. actually fam pass back something unique ya feel then u go do like getScript(user, scriptid, uniqueshit) then the server will check verify authentic ya feel?? then if all still checks out it will get the script from database then pass it to this client ayyy right??? ok so thats basically secure. Just do note if you use your own personal computer you will be displaying your internets ip and badman like novak will pay 3k to get it ddosed. so be safe use protection lots of condoms (only 1 at a time 2 condoms at once can make it break yafeel>??) ok so have fun and remember subscriber for me!

    Link to comment
    Share on other sites

    • 2 weeks later...

    Ignore the guy above, try Obfustications, there are free ones out there :D

    Absolutely not, do NOT put your database details or any private details on the client side.

    Link to comment
    Share on other sites

    Absolutely not, do NOT put your database details or any private details on the client side.

    If he obfusticated the code and the info are in a string, the information will be lost

    Link to comment
    Share on other sites

    If he obfusticated the code and the info are in a string, the information will be lost

    I dont think you understand what obfuscation is. It would still be the same string, do you mean hashed maybe? If youre talking about modifying the string so the user cant view the details, how do you expect it to work to connect to the database then lol

     

     

    shud always do script > php > database         database > php > script

    or not php because php is disgusting

    Link to comment
    Share on other sites

    Absolutely not, do NOT put your database details or any private details on the client side.

     

     

    Ignore the guy above, try Obfustications, there are free ones out there :D

     

     

    If he obfusticated the code and the info are in a string, the information will be lost

     

     

    shud always do script > php > database         database > php > script

     

     

    Never put important data like database credentials in your scripts/programs, even with all the obfuscation in the world it can easily be found.

     

     

    I dont think you understand what obfuscation is. It would still be the same string, do you mean hashed maybe? If youre talking about modifying the string so the user cant view the details, how do you expect it to work to connect to the database then lol

     

     

    or not php because php is disgusting

     

    i just save it to java properties file.. or would you advice me to use webservice

    Link to comment
    Share on other sites

    Archived

    This topic is now archived and is closed to further replies.

    ×
    ×
    • Create New...

    Important Information

    We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.