| Author |
Problem while trying to hack flah... |
simple
Member
Posts: 3
Location:
Joined: 08.05.09
Rank: Newbie |
|
Hi,
I am new here. I apologize if I poste this in the wrong section but I need a little help...
I download a game swf file and try to hack the game but I found part of the code has been obfuscated...
Here is part of the code...
#initclip 2
function ()
{
\x03 = 2772 % 511 * true;
return (eval("\x03"));
} // End of the function
var \x01 = 714 + \x04\x05();
while (\x01 = eval("\x01") + 12, eval("\x01") == 907)
{
\x01 = eval("\x01") + 39;
break;
} // end while
if (eval("\x01") == 691)
{
\x01 = eval("\x01") - 235;
} // end if
\x01 = eval("\x01") + 621;
...
I am thinking there ma be a way to decrypt the code but does anyone have any idea what I can do? |
|
| Author |
RE: Problem while trying to hack flah... |
p4plus2
Member
Posts: 167
Location:
Joined: 31.03.08
Rank: God |
|
When flash is compiled into byte code(kinda like java) name mashing occurred. This is also what happens in other languages like C/C++ making them difficult to be decompiled(as well as several other factors). The compiler will sometimes use a basic naming structure to help make things easier but it will never be easy. On top of this there are also other transformations applied to the code when compiled such as changing datatypes around into a more computer legible version.
This data has not been obfuscated, this is just what happens from decompiling a swf file. Furthermore, it would have required a password if it was truly obfuscated.
"You can't be something your not,
Be yourself by yourself
Stay away from me" ~Walk, Pantera
"Playing an acoustic guitar is like having sex with your clothes on" ~Dave Mustaine |
|
| Author |
RE: Problem while trying to hack flah... |
simple
Member
Posts: 3
Location:
Joined: 08.05.09
Rank: Newbie |
|
Hi p4plus2,
Thanks for the explanations. I am curious if there is a way to revert all those weird codes back to their orginal form?
I have seen someone uploaded another swf but all the codes are visible in their origial form... |
|
|
| Author |
RE: Problem while trying to hack flah... |
p4plus2
Member
Posts: 167
Location:
Joined: 31.03.08
Rank: God |
|
Older versions of the swf did not mangle names nearly as much. With the introduction of actionscblockedript 3 is when we begin to see code which is much less human readable. The best thing I could suggest would be trying various decompilers until you come across one that will give variables and functions artificial names, but don't hold your breathe odds are there probably is not one out there yet. Sothink, trillix, and flash decompiler gold all had no successes for me.
"You can't be something your not,
Be yourself by yourself
Stay away from me" ~Walk, Pantera
"Playing an acoustic guitar is like having sex with your clothes on" ~Dave Mustaine |
|
|
| Author |
RE: Problem while trying to hack flah... |
simple
Member
Posts: 3
Location:
Joined: 08.05.09
Rank: Newbie |
|
Thanks for the detailed explanation. 
I think I found out what program what used to produced such codes...
Knowing what program it is originated from, would it be possible to reverse engineer the program to obtain the encryption routine or help decrypt the encoded actionscblockedript in someway? |
|
|
| Author |
RE: Problem while trying to hack flah... |
p4plus2
Member
Posts: 167
Location:
Joined: 31.03.08
Rank: God |
|
In some situations knowing the program used can help but in the case of flash, from my experience at least, this does not seem to apply. Flash seems to have a very distinct naming structure that must be followed in order for the idea to function properly. The following links may be of particular interest you if the internal workings of flash works.
http://www.adobe.com/devnet/swf/pdf/swf_file_format_spec_v10.pdf
EDIT:
be prepared its 278 pages long. I have not read the document myself(but I plan to), and it will likely go way more in depth than you need. Remember ctrl-f is your friend.
"You can't be something your not,
Be yourself by yourself
Stay away from me" ~Walk, Pantera
"Playing an acoustic guitar is like having sex with your clothes on" ~Dave Mustaine
Edited by p4plus2 on 12-05-09 01:09 |
|
|
Main:
