RE: ArtistScope

["Yvan Boily" <yboily () seccuris com>]

It may be of debatable legality in your jurisdiction, however reverse
engineering starting from the disassembled code for the SecureImage java
applet that is used to view the .class file on the client should reveal some
fairly easy to decipher code that would reveal the complete algorithm.  One
would imagine that given the class file, the algorithm, and the lack of a
secret key, it should be trivial to write a decoder.  This is of course,
assuming that you would not be breaking any laws or license agreements in
doing so ;)  (No license agreement is presented when the Java applet is
loaded, nor is one implied or provided in the package when you download it
to view an image.

Yvan Boily

> -----Original Message-----
> From: Sajeeva S. Arangalla [mailto:flyguy () sajeeva net] 
> Sent: Thursday, August 19, 2004 4:28 PM
> To: webappsec () securityfocus com
> Subject: Re: ArtistScope
>
> Well i am (and also everyone else) aware of the screen 
> capture. Since this
> is the first thing that anyone would do try to get the images 
> :). But the
> prob
> is that some web masters use annoying java running test in 
> front of the
> imagine .. this can be done using Artist Scope Secure Image. So when u
> capture it like that u and up with a image full of garbage in 
> the middle !!!
> Of course u can use Photoshop to fix it .. but it's lot of 
> work and not
> worth the time ... So that's why i am interested in decoding 
> the .class
> file. There should be a way to extract the image inside these 
> class files
> right ???
>
> SSA