What's more difficult to reverse engineering: Application or jar containing Applet?

Question

What's more difficult to reverse engineering: Application or jar containing Applet?

I know it's easy to reach the source code of a java application but is that possible for a

jar containing applet like this one in this html?

<HTML>
<HEAD>
</HEAD>
<BODY>
<H3><HR WIDTH="100%">Applet HTML Page<HR WIDTH="100%"></H3>
<P>
<applet code = 'poster' 
archive = 'poster.jar', 
width = 100%, 
height = 700/>
</P>
<HR WIDTH="100%">
</BODY>
</HTML>

Answer 1

There is no difference, you can download poster.jar, by pointing your browser to the URL of the web page, without the final file name and adding poster.jar to it.

Alternatively, you can use firebug, go in the Net view, find poster.jar, right click on it and choose "Copy Location", then paste it in a new tab.

Once downloaded you can examine it.

Answer 2

In the end, an applet referencing a jar file will download that jar, furthermore, the jar in the applet will be public, so it will be possible to download it by pointing at its URL.

If you want to difficult reverse-engineering of your java packages, you can always use bytecode obfuscation . There are several tools out there (ie ProGuard ).

Answer 3

相对的“难点”不取决于底层应用程序是什么（当然，对于Java而言），而是取决于是否应用了某种代码混淆技术。

Answer 4

I know it's easy to reach the source code of a java application

No it isn't, unless you post it on the Internet.

If you are referring to JAR files, all JAR files can be decompiled, although you can make it harder via obfuscation. Application or applet makes no difference to that.