SWF cracking literacy tutorial-memory Capturing Method cracking SWF shelling

SWF cracking literacy tutorial-memory Capturing Method cracking SWF shelling

5 hours ago

Two SWF shelling experiments have been performed before.

Http://flash.9ria.com/thread-44239-1-1.html

Http://flash.9ria.com/thread-45096-1-1.html,

It was completely cracked by flash023 using the memory capture method. It was not expected that the memory capture tool had been used so widely,

Although sothink is not so popular, I will popularize the use of memory capture tools today.

One is to make two small experiments come to an end, and the other is to wake people who are using shells-the memory grabbing tool has begun to become popular, we hope to encourage experts to develop the anti-memory crawling skills.

First, encryption is only a way to prevent people from seeing the source code, rather than protecting their copyright. if you really want to protect your rights, you should add lisence instead of encryption (of course, in an environment that ignores the rights of the author, this is nothing more than empty talk ).

However, I still think that all code can and should be completely disclosed, because what is really valuable is the principle, service, documentation, and technical support, instead of the pile of code that only machines can understand.

In any case, I hope everyone can be self-respecting. The games of the Olympic Games have lost everyone's face (until recently some people made a big fuss about that thing ).

Secondly, I sincerely thank flash023, askforone and other friends for their enthusiastic replies and help.

Let's get down to the truth, taking my second shelling file cracking as an example:

If you want to directly decompile the source code and use as3 layer-by-layer Shell removal method to crack the shell, I am afraid only the fairy can do it.

However, if you use the correct tool, it's just a few mouse clicks.

Recommended tools:

1. asv2009 (Action Script viewer, based on my experience, is several times better than what sothink does not use.

Thanks to deepin3000 for trial: http://www.deepin3000.com/blog/index.php/archives/306)

2.swf window vampire (not recommended. For more useful tool SWF reader, see the following update)

(Do not be a flashvampire. A flashvampire is basically a waste,

SWF window vampire, which can save all the bytearray in the flash memory in the runtime in the swf format,

I can extract the original SWF from the memory after cracking,

30 days trial download: http://www.swfvampire.com/

Of course, if you have better memory capture capabilities, you are welcome to provide them)

Now, download and install the two tools. Here is the time to show your skills:

Go to the top floor of this topic and download the swfattachment encrypt_test2.swf.

Http://flash.9ria.com/thread-45096-1-1.html,

As the first test item.

Run SWF with Flash Player 10 and the following is displayed (the speed may be a little slow and the process passes through multiple shells in the middle ):

Run the SWF window vampire, click the window list box, select Adobe Flash Player 10, and click suck now. The result is as follows:

Delete the first three main movie, and then open empty SWF movie 7.swf. we found that this is the original SWF in the memory after shelling.

What should I do if a Windows vampire cannot save SWF in the trial version? No way to use ASV to view source code!

Don't worry. Click the Flash Player file-create a player and save it as "original .exe". You will not save it. (thanks for the MBR method )!

However, in this way, the files are saved in the EXE format, but it is completely difficult to find the ASV. If you drag the EXE file into the ASV icon, the ASV will automatically search for the SWF in the EXE file,

Shown as follows:

Open 5th SWF,

Protected code is at a Glance:

Haha!

Happy New Year!

Paste another item and take a look: (thanks to MBR)

New_test.swf (94.71 KB)

Slightly improved shelling

Downloads: 27

Download two silver coins

Update:

A better memory Extraction Tool http://www.swf-reader.com/

(The demo version can save SWF without restrictions and filter and search SWF:

Http://flash.9ria.com/thread-46123-1-1.html)

Simple tutorial (SwF memory capture ):

1. To http://www.swf-reader.com/downloads.php? Cat_id = 2 download the latest demo,

2. decompress the file and double-click to run swfreaderdemo. Jar (for Java support, choose mode normal)

3.run the SWF attachment encrypt_test2.swf with flashplayer.

4. File-> load SWF from memory, processselect flashplayer.exe, find SWFs-> Save SWFs...

In addition, this is said to be able to flash several mainstream encryption tools (SwF encrypt, doswf, secureswf ).

In short, it is difficult to ensure the reliability of any SWF encryption.

In addition, the attachment above is a "Taste-heavy" encrypted SWF (with a three-tier shell, a large number of vests are mixed, and variable names are modified ),

It is not practical. If you are interested, you can download it and use SWF-reader to test it.

It seems that encryption or obfuscation is more reliable. If you have time to summarize the as3 code obfuscation method...

This article from the csdn blog, reproduced please indicate the source: http://blog.csdn.net/txiejun/archive/2010/09/06/5866668.aspx

Address: http://user.qzone.qq.com/928108011/blog/1299318613