PalidinoDH

Even so, you singled me and BattleScape out for not stripping code out of the OSRS deob. This code exists in every RSPS that uses the OSRS deob, which is at least a handful of servers. There is even a chance other revisions past 317 have this code as well since the OSRS deob is just an older version of 525/530/600+/700+/etc. It would have been one thing to post a thread to be cautious of RSPS in general, but that's not what this is. If you don't mind, can you elaborate on this? To execute multiple commands on one line, you would need & and spaces or semi-colons so that Windows recognizes a second command. Both spaces and semi-colons are blocked. I don't really see a way this is exploitable to even warrant this thread even after my previous reply.

First off, this code has nothing to do with RuneLite. It was and still is contained inside the official OSRS client, you can decompile the current version of OSRS to see for yourself. Secondly, if you look closely at the code, it only allows launching a URL. For whatever reason, Jagex chose to launch URLs this way. The code clearly states the command to be executed has to start with http or https. Not only that, but the entire command after that is made sure to only contain the characters "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?&=,.%+-_#:/*" to make sure it's a legitimate URL. No spaces are allowed to execute a second command after the URL. The command itself attempts to trigger your default browser to open the passed URL, it doesn't download something from a URL in the background. If you dig a little deeper, you'll also see that the command method is only even executed if another method using Desktop.getDesktop().browse fails. Next time, I would suggest contacting someone that could have explained what the code does after looking at it for 2 seconds instead of accusing me. Alternatively, being that I've been doing this for over 10 years and have never hacked clans in the past (they've been around BS for almost as long), you could have just asked me to explain what that is.