[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Warnings on the download page

 - http://metasploit.com/research/misc/decloak/ (this starts Java)

Your Java applet could be improved. (hmm... I see you are using a Datagram Socket...)

The latest Java API includes functionality for making non-proxied connections (i.e. you can specify directly whether the applet's connection out will be proxied or non-proxied; this setting overrides any browser settings and any settings in the Java Control panel). What is particularly interesting about this is that this behaviour is intentional.

I discovered this back in January 2006 and wrote about it in a tech report. I can give you a pointer to the tech report if you are interested. I also have a demo which I will eventually post a URL for here once I clean it up a bit.