Protect flash files.
Since korowkin Korovkin and I had rested the mp3 habrapleer for the second time ( here again , here about the first time ), I decided to do self-education :)
So, SWF protection, etc.
SWF is an open standard where the code is converted to assembler-like, which then decompilers successfully decompile back to fla.
Thanks to Uznick 's, I found the program Amayeta SWF Encrypt, which the code converts to the form:
')
etc.
That is, apparently, by replacing functions with their opcodes, obfuscation and shuffling the code. For which office many thanks. Downloaded on the site. The serial is in eMule.
Then I sketched a code that checks from where the swf file is running and blocks the wrong domains.
Plus, if you have any links are transferred to the swf, you also need to check for their correctness. So how can you not steal and just make the player play the wrong files :)
Pictures, drawing and the like are unfortunately not coded: (So far, I hope.
There is an option for their protection to load them from the outside after verification.
So, SWF protection, etc.
SWF is an open standard where the code is converted to assembler-like, which then decompilers successfully decompile back to fla.
Thanks to Uznick 's, I found the program Amayeta SWF Encrypt, which the code converts to the form:
')
var \ x01 = 707;
if (eval ("\ x01") == 732)
{
}
else
{
while (\ x01 = eval ("\ x01") - 86, if (eval ("\ x01")! = 732) goto 12, \ x01 = eval ("\ x01") + 87, // Jump to 429496724, // Jump to 87, eval ("\ x01") == 621)
{
\ x01 = eval ("\ x01") + 44;
if (false)
{
continue;
} // end if
\ x01 = eval ("\ x01") - 260;
} // end while
if (eval ("\ x01") == 376)
{
etc.
That is, apparently, by replacing functions with their opcodes, obfuscation and shuffling the code. For which office many thanks. Downloaded on the site. The serial is in eMule.
Then I sketched a code that checks from where the swf file is running and blocks the wrong domains.
var allowDomains = new Array ("averin.ru", "rpod.ru"); // list of what you can. Notice how the domains are written.
var passTest = false; // store test results here
for (eachDomain in allowDomains) // bust domains
{
hostdomain1 = "http: //" + allowDomains [eachDomain] + "/";
hostdomain2 = " www ." + allowDomains [eachDomain] + "/";
if (_root._url.substr (0, hostdomain1.length) == hostdomain1
|| _root._url.substr (0, hostdomain2.length) == hostdomain2) passTest = true;
}
if (passTest == false)
{
getURL (" averin.ru ", "_ self"); // if the test is not ale - send
_root.gotoAndStop (1); // here you can conjure, it may not help, depending on what is written in the actions of frame 1
}
Plus, if you have any links are transferred to the swf, you also need to check for their correctness. So how can you not steal and just make the player play the wrong files :)
Pictures, drawing and the like are unfortunately not coded: (So far, I hope.
There is an option for their protection to load them from the outside after verification.
Source: https://habr.com/ru/post/2634/
All Articles