This blog post introduces the encryption method as the most basic encryption method for hiding keys. Of course, such an encryption method can also be cracked at present, but it is only intended to prevent the gentleman from being a villain, the ultimate encryption method is obfuscation. (If adobe does not support the disclosure of swf files, the encryption of swf is futile in most cases, share an idea. If you are a swf encryption expert and are looking forward to communicating with you,
Key hiding
The standard file header is the simplest and most commonly used method. Write meaningless data to the file header of the swf binary file, which can cause the cracking software to fail to parse the swf normally.
Write meaningless data to the start position of ByteArray of core.swf,
The principle is that the first few digits of the Swf file indicate the version information of the swf, parse the parameter data required by the swf, and change it to meaningless data, the Decompilation program will naturally fail to be parsed. Of course, if you do this, flashplayercan also launch core.swf at runtime,
Encryption and decryption must be a good friend at the same time. In this case, we will restore the broken file header after core.swfthen, And you will load the encrypted swf as a normal loader.swf, and restore the loaded swf file header. The following code
Secret. Then we continue to use the decompilation software for decompilation,
References (From unknown places)
SWF File Header
All SWF files start with the following header:
SWF File Header
| Field |
Type * |
Description |
| Signature ID |
UI8 |
Character:
"F" indicates not compressed
"C" indicates compressed (version 6 or later) |
| Signature ID |
UI8 |
This ID is usually "W" |
| Signature ID |
UI8 |
This ID is usually "S" |
| Version |
UI8 |
Number of versions of a single-byte file (for example, 0x06 indicates version 6) |
| File Length |
UI32 |
Length of the entire file in bytes |
| Frame Size |
RECT |
Unit frame size |
| Frame Rate |
UI16 |
The number of frames per second. The 16 digits are represented in the format of 8.8. |
| Frames |
UI16 |
Total number of frames of a video |
| * This type is defined in the basic data type section. |
The file header starts with a three-byte identifier, Which is 0x46, 0x57, 0x53 ("FWS ") or 0x43, 0x57, 0x53 ("CWS. The "FWS" identifier indicates that the file is an uncompressed SWF file, and the "CWS" identifier indicates that the first eight bytes of the file are later than the file length field) all data is compressed in the standard ZLIB mode.
The above method can only prevent outsiders who do not know swf,
For example, the number 7 in red box is included in loader.swf. Now, the idea is clear. We need to make sure that we can hide the numbers of well-defined characters to make sure that the cracked party has no permission to restore the core.swf file header. Because the swf file format is public and confidential, any encryption algorithm implemented with AS is a rogue (useless). Can we use other methods to hide the number 7. The answer is yes:
There are two methods
1. alchemy
Alchemy can compile C/C ++ code as AS3 bytecode (running on AVM2) and run on Flash or Flex platforms, adobe also promotes Alchemy to improve performance for computing-intensive tasks (but slower than native C/C ++ ),
After the introduction, I can see that adobe calls the gods from alchemy to their gods. In fact, it seems to be really good ^_^. However, what we need today is not the efficiency of alchemy's elegant execution of C/C ++ code, but the temporary use of alchemy (I can only say that it is temporary, the ghost knows if asv will be able to restore alchemy to C in the future.) The feature cannot be decompiled. It's a bit difficult. I think adobe's initial intention of alchemy is definitely not to allow developers to encrypt their own swf. But who asked adobe to publish the swf format? (here, everything may be a double-edged sword, cracking allows the development of labor results to be instantly copied, and indirectly or partially results in flash blossom everywhere. It is easy to copy the work. In tianchao shanzhai, It is king. personal opinions are for reference only, do not tangle with the reason why flash is really hot ),
For example, for a HelloWorld sample program of alchemy, you can return the number 7 that we used for decryption in C (alnnicimy), or you may feel uneasy about using numbers. You can use a formula to calculate a number and return it. Alchemy's performance can be easily achieved by complex operations.
As shown in. I only wrote a helloworld program. Alchemy compiled hundreds of AS classes for me (only a part). Can you find out which file the restoration algorithm is in. I cannot find it,
What you need to do during restoration is. Put the SWC compiled by alchemyinto the project library, execute the code below, and use the number to welcome the file header of core.swf.
Ii. Pixel Bender
Pixel Bender is a programming language developed by Adobe. You can use this language to create custom filters, Effects, and mixed modes for Flash, AE (After Effects), and Photoshop.
Pixel Bender is independent of hardware and can efficiently run on a variety of GPU and CPU architectures. Pixel Bender developers create filters by writing Pixel Bender code. For more information, click du Niang.
Same as alchemy. The original intention of Adone's Pixel Bender is certainly not to allow developers to encrypt their own programs. But there is no way. It's forced by adobe,
In pixelbender's return value, you can return the number 7 we need to restore core.swf.
The decryption process with pixelBneder may be a bit complicated. You cannot directly call the method and return the value. You need to listen for rendering successful events.
Fucknum(it refers to the number used to restore the core.swf file header.
========================================================
Okay. Back to the beginning, the encryption methods described above can be cracked at present, which only increases the difficulty of point cracking. The ultimate solution of encryption is obfuscation. Here is just a Summary of the swf encryption method and a way of thinking. If you are a swf encryption expert, we are looking forward to communicating with you.
