Prisma Cloud Compute: How to verify packages inside packaged JAR functions

Prisma Cloud Compute: How to verify packages inside packaged JAR functions

2540
Created On 09/26/24 18:35 PM - Last Modified 06/20/25 17:33 PM


Objective


The article describes steps to perform when verifying what packages are enclosed inside a packaged JAR file. This will also help in identifying packages inside functions which are being scanned by Prisma Cloud. 

Environment


  • Prisma Cloud Compute Edition (upto V34.01.129)
  • Prisma Cloud Runtime Edition. 

Procedure


For Windows Systems:

cd path\to\your\jarfile 
mkdir new_folder 
copy yourfile.jar new_folder 
cd new_folder 
jar -xf yourfile.jar 
findstr /s /i /c:"" * > output.txt

For Linux Systems:

Unzip their jar and find any files inside with that version in their name

jar xf /path/to/jarfile.jar
find . -type f -name "*<version_of_package>*"

OR

Unzip their jar and find any files inside with that version in their contents

jar xf /path/to/jarfile.jar
grep -r "<version_of_package> "

The output of these files will display all the packages with the concerned version number. This will make it easier to deduce whether the package that is being reported is actually in the JAR/function or not.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000TpBkCAK&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language