[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Swftools-common] Amayeta Swf Encrypt 6.0, cant dump data!
|
From: |
Chris |
|
Subject: |
Re: [Swftools-common] Amayeta Swf Encrypt 6.0, cant dump data! |
|
Date: |
Mon, 1 Nov 2010 21:35:27 +0100 |
On Mon, 1 Nov 2010 10:11:06 -0700
Matthias Kramm <address@hidden> wrote:
> On Mon, Nov 1, 2010 at 3:38 AM, Chris <address@hidden> wrote:
> > On Sun, 31 Oct 2010 19:19:51 -0700
> > Matthias Kramm <address@hidden> wrote:
>
> >> I'd actually be interested on how this happened...
> >
> > ..do you mean as in what the obfuscation code actually did to the swf?
>
> Obfuscation only changes a bytecode program from one legitimate form
> to another, also legitimate, albeit less readable, form.
I wasn't arguing the case of it not being legitimate code, which of course it
has to be, unless the flash plug-in architecture allows for some way to hook
in extra executable code - as in an on-the-fly decryption routine. Not being
that familiar with the way the plug-in works, I don't know whether such a thing
is possible or not. ( This takes me back to decoding and reconfiguring the old
tape based loading routines from games written for many of the home computers
of the 80's! )
> As the code in question is still valid, swfdump should be able to disassemble
> it, not segfault.
Which does mean that Amayeta, along with several other programs of a similar ilk
that purport to encrypt, are, to put it mildly, overzealously described!
> Besides, segfaults are always bad, as they are potential security holes.
Indeed. I shall have to test the latest git version and see what happens!
The original question still hangs though. Is it possible to hook into the Flash
player plug-in?
Chris