fluscate/doc/fluscate.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>fluscate - The Flash Obfuscator</title>
<link rel="stylesheet" href="http://netfrag.org/horde/css.php?app=chora" type="text/css" />
<link rev="made" href="mailto:" />
</head>

<body>
<table border="0" width="100%" cellspacing="0" cellpadding="3">
<tr><td class="block" valign="middle">
<big><strong><span class="block">&nbsp;fluscate - The Flash Obfuscator</span></strong></big>
</td></tr>
</table>

<p><a name="__index__"></a></p>
<!-- INDEX BEGIN -->

<ul>

        <li><a href="#features">Features</a></li>
        <ul>

                <li><a href="#obfuscation">Obfuscation</a></li>
                <li><a href="#functions">Functions</a></li>
        </ul>

        <li><a href="#dependencies">Dependencies</a></li>
        <li><a href="#usage">Usage</a></li>
        <ul>

                <li><a href="#win32">win32</a></li>
                <li><a href="#_nix">*nix</a></li>
        </ul>

        <li><a href="#development">Development</a></li>
        <ul>

                <li><a href="#todo">Todo</a></li>
                <li><a href="#wishlist">Wishlist</a></li>
                <li><a href="#notes">Notes</a></li>
        </ul>

        <li><a href="#links">Links</a></li>
        <ul>

                <li><a href="#actionscript_decompilers___disassemblers">ActionScript Decompilers / Disassemblers</a></li>
                <li><a href="#actionscript_editors___co_">ActionScript Editors &amp; Co.</a></li>
                <li><a href="#obfuscators">Obfuscators</a></li>
                <li><a href="#misc">Misc</a></li>
                <li><a href="#offtopic">Off-Topic</a></li>
        </ul>

</ul>
<!-- INDEX END -->

<hr />
<pre>
  This software is Copyright (C) 2004 Andreas Motl
  Ideas and future AppleScript integration by Holger Marseille.
  
  This program is free software; you can redistribute it and/or
  modify it under the terms of the GNU General Public License
  as published by the Free Software Foundation; either version 2
  of the License, or (at your option) any later version.
  
  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.
  
  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.</pre>
<p>
<a href="#__index__"><small>back to top</small></a>
</p>
<hr />
<h1><a name="features">Features</a></h1>
<p>
</p>
<h2><a name="obfuscation">Obfuscation</a></h2>
<pre>
  See ASO Pro: <a href="http://www.genable.com/aso/preview.html">http://www.genable.com/aso/preview.html</a></pre>
<p>
</p>
<h2><a name="functions">Functions</a></h2>
<pre>
  fluscate handles two different styles of function declarations:</pre>
<pre>
  1. &quot;Normal&quot; ones
      function mp3Player ('arg1', 'arg2')</pre>
<pre>
  2. There may be &quot;stacked&quot; function declarations
      push 'mp3Player'
      function  ()</pre>
<p>
<a href="#__index__"><small>back to top</small></a>
</p>
<hr />
<h1><a name="dependencies">Dependencies</a></h1>
<pre>
  &quot;flasm&quot; is required to disassemble swf files, see <a href="http://www.nowrap.de/flasm.html">http://www.nowrap.de/flasm.html</a>
  ACKs go to Igor Kogan.</pre>
<p>
<a href="#__index__"><small>back to top</small></a>
</p>
<hr />
<h1><a name="usage">Usage</a></h1>
<p>
</p>
<h2><a name="win32">win32</a></h2>
<pre>
  #&gt; flasm.exe -d puzzle.swf &gt; puzzle.flm
  #&gt; cat puzzle.flm | perl fluscate.pl &gt; puzzle_fusc.flm
  #&gt; flasm.exe -a puzzle_fusc.flm</pre>
<p>
</p>
<h2><a name="_nix">*nix</a></h2>
<pre>
  #&gt; ./flasm -d puzzle.swf &gt; puzzle.flm
  #&gt; cat puzzle.flm | ./fluscate.pl &gt; puzzle_fusc.flm
  #&gt; ./flasm -a puzzle_fusc.flm</pre>
<p>
<a href="#__index__"><small>back to top</small></a>
</p>
<hr />
<h1><a name="development">Development</a></h1>
<p>
</p>
<h2><a name="todo">Todo</a></h2>
<pre>
  - provide list of flash event handler names to exclude from symbol replacement</pre>
<p>
</p>
<h2><a name="wishlist">Wishlist</a></h2>
<pre>
  - komplexere verschlüsselung als &quot;-1, -2 ...&quot; z-b nicht in der numerischen reihenfolge sondern nach 
    zufallsprinip (-21,-3,-89)? (-&gt;random)
  - evtl. constants nach abfrage ersetzen ? leider sehr aufwendig, bei vielen constants (-&gt;ask)
  - rausgeben des arrays mit den &quot;neuen&quot; werten um evtl die obfuscation rückgängig zu machen (-&gt;undo)
  -  &quot;    push 0
         ls:
         dup
         trace
         branchIfTrue ls&quot; 
    ... after each &quot;constants&quot; declaration (-&gt;pollute)
  - what about other symbols beside &quot;function&quot;s? (e.g. variables) (-&gt;mode)</pre>
<p>
</p>
<h2><a name="notes">Notes</a></h2>
<pre>
  - no function may be called &quot;Initialize&quot;, rename it to (e.g.) &quot;Initialize2&quot;, reassembling will not work otherwise
    (doesn't matter when obfuscating since function names will be replaced of course)
  - function names seem to be/work case insensitive (shuffle &lt;-&gt; Shuffle)
  - successfully tested with <a href="http://download.macromedia.com/pub/flash/showme/win/puzzle.zip">http://download.macromedia.com/pub/flash/showme/win/puzzle.zip</a>
  - make sure -1, -2, -3, .... gets replaced with '-1', '-2', '-3', ...
  - there are multiple caller lines: callFunction, callMethod; do we have to take special care to methods?
  - &quot;getMember&quot; and &quot;getVariable&quot; also do function calls!
  - there are reserved function names which must not be replaced! (-&gt; event handlers, e.g. &quot;onPress&quot;)</pre>
<p>
<a href="#__index__"><small>back to top</small></a>
</p>
<hr />
<h1><a name="links">Links</a></h1>
<p>
</p>
<h2><a name="actionscript_decompilers___disassemblers">ActionScript Decompilers / Disassemblers</a></h2>
<pre>
  flasm: <a href="http://www.nowrap.de/flasm.html">http://www.nowrap.de/flasm.html</a></pre>
<p>
</p>
<h2><a name="actionscript_editors___co_">ActionScript Editors &amp; Co.</a></h2>
<pre>
  URL Action Editor and Actionscript Viewer:
    <a href="http://www.buraks.com/">http://www.buraks.com/</a>
    <a href="http://voisen.org/archives/2003/02/uae_303_and_asv_309.php">http://voisen.org/archives/2003/02/uae_303_and_asv_309.php</a>
  SE|PY ActionScript Editor: <a href="http://www.sephiroth.it/python/sepy.php">http://www.sephiroth.it/python/sepy.php</a></pre>
<p>
</p>
<h2><a name="obfuscators">Obfuscators</a></h2>
<pre>
  ASO Pro (ActionScript Obfuscator Pro): <a href="http://www.genable.com/aso/preview.html">http://www.genable.com/aso/preview.html</a>
  SWOB (swf obfuscator): <a href="http://home.byu.net/jtb64/Swob.htm">http://home.byu.net/jtb64/Swob.htm</a>
  OBFU - A Flash Actionscript obfuscator: <a href="http://opaque.net/~dave/obfu/">http://opaque.net/~dave/obfu/</a></pre>
<p>
</p>
<h2><a name="misc">Misc</a></h2>
<pre>
  ActionScript Protection:
    <a href="http://www.as-protect.com/">http://www.as-protect.com/</a>
    <a href="http://www.quasimondo.com/archives/000377.php">http://www.quasimondo.com/archives/000377.php</a>
  Developer's SWF Guardian: <a href="http://anyrd.anyorganization.com/">http://anyrd.anyorganization.com/</a>
  Password Busting / SWF Protections: <a href="http://www.searchlores.org/cinix_fla.htm">http://www.searchlores.org/cinix_fla.htm</a></pre>
<p>
</p>
<h2><a name="offtopic">Off-Topic</a></h2>
<pre>

  XPath for Actionscript and other stuff: <a href="http://www.xfactorstudio.com/Actionscript/">http://www.xfactorstudio.com/Actionscript/</a>
  SerializerClass: <a href="http://sourceforge.net/projects/serializerclass/">http://sourceforge.net/projects/serializerclass/</a>
  AMF::Perl - Flash Remoting in Perl and Python - using Flash Remoting protocol (AMF):
    <a href="http://simonf.com/amfperl/">http://simonf.com/amfperl/</a>
  PEAR::SWF - Read and write SWF head tag: <a href="http://www.sephiroth.it/test/php/SWF/">http://www.sephiroth.it/test/php/SWF/</a>
  AMFPHP - Flash Remoting for PHP: <a href="http://www.amfphp.org/">http://www.amfphp.org/</a></pre>
<p><a href="#__index__"><small>back to top</small></a></p>
<table border="0" width="100%" cellspacing="0" cellpadding="3">
<tr><td class="block" valign="middle">
<big><strong><span class="block">&nbsp;fluscate - The Flash Obfuscator</span></strong></big>
</td></tr>
</table>

</body>

</html>
1	joko	1.1	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2			<html xmlns="http://www.w3.org/1999/xhtml">
3			<head>
4			<title>fluscate - The Flash Obfuscator</title>
5			<link rel="stylesheet" href="http://netfrag.org/horde/css.php?app=chora" type="text/css" />
6			<link rev="made" href="mailto:" />
7			</head>
8
9			<body>
10			<table border="0" width="100%" cellspacing="0" cellpadding="3">
11			<tr><td class="block" valign="middle">
12			<big><strong><span class="block"> fluscate - The Flash Obfuscator</span></strong></big>
13			</td></tr>
14			</table>
15
16			<p><a name="__index__"></a></p>
17			<!-- INDEX BEGIN -->
18
19			<ul>
20
21			<li><a href="#features">Features</a></li>
22			<ul>
23
24	joko	1.4	<li><a href="#obfuscation">Obfuscation</a></li>
25	joko	1.1	<li><a href="#functions">Functions</a></li>
26			</ul>
27
28	joko	1.3	<li><a href="#dependencies">Dependencies</a></li>
29	joko	1.1	<li><a href="#usage">Usage</a></li>
30			<ul>
31
32	joko	1.2	<li><a href="#win32">win32</a></li>
33			<li><a href="#_nix">*nix</a></li>
34			</ul>
35
36			<li><a href="#development">Development</a></li>
37			<ul>
38
39			<li><a href="#todo">Todo</a></li>
40			<li><a href="#wishlist">Wishlist</a></li>
41			<li><a href="#notes">Notes</a></li>
42	joko	1.1	</ul>
43
44	joko	1.4	<li><a href="#links">Links</a></li>
45			<ul>
46
47			<li><a href="#actionscript_decompilers___disassemblers">ActionScript Decompilers / Disassemblers</a></li>
48			<li><a href="#actionscript_editors___co_">ActionScript Editors & Co.</a></li>
49			<li><a href="#obfuscators">Obfuscators</a></li>
50			<li><a href="#misc">Misc</a></li>
51			<li><a href="#offtopic">Off-Topic</a></li>
52			</ul>
53
54	joko	1.1	</ul>
55			<!-- INDEX END -->
56
57			<hr />
58	joko	1.2	<pre>
59			This software is Copyright (C) 2004 Andreas Motl
60			Ideas and future AppleScript integration by Holger Marseille.
61
62			This program is free software; you can redistribute it and/or
63			modify it under the terms of the GNU General Public License
64			as published by the Free Software Foundation; either version 2
65			of the License, or (at your option) any later version.
66
67			This program is distributed in the hope that it will be useful,
68			but WITHOUT ANY WARRANTY; without even the implied warranty of
69			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
70			GNU General Public License for more details.
71
72			You should have received a copy of the GNU General Public License
73			along with this program; if not, write to the Free Software
74			Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.</pre>
75	joko	1.1	<p>
76			<a href="#__index__"><small>back to top</small></a>
77			</p>
78			<hr />
79			<h1><a name="features">Features</a></h1>
80			<p>
81			</p>
82	joko	1.4	<h2><a name="obfuscation">Obfuscation</a></h2>
83			<pre>
84			See ASO Pro: <a href="http://www.genable.com/aso/preview.html">http://www.genable.com/aso/preview.html</a></pre>
85			<p>
86			</p>
87	joko	1.2	<h2><a name="functions">Functions</a></h2>
88			<pre>
89			fluscate handles two different styles of function declarations:</pre>
90	joko	1.1	<pre>
91			1. "Normal" ones
92			function mp3Player ('arg1', 'arg2')</pre>
93			<pre>
94			2. There may be "stacked" function declarations
95			push 'mp3Player'
96			function ()</pre>
97			<p>
98			<a href="#__index__"><small>back to top</small></a>
99			</p>
100			<hr />
101	joko	1.3	<h1><a name="dependencies">Dependencies</a></h1>
102			<pre>
103			"flasm" is required to disassemble swf files, see <a href="http://www.nowrap.de/flasm.html">http://www.nowrap.de/flasm.html</a>
104			ACKs go to Igor Kogan.</pre>
105			<p>
106			<a href="#__index__"><small>back to top</small></a>
107			</p>
108			<hr />
109	joko	1.2	<h1><a name="usage">Usage</a></h1>
110			<p>
111			</p>
112			<h2><a name="win32">win32</a></h2>
113			<pre>
114			#> flasm.exe -d puzzle.swf > puzzle.flm
115			#> cat puzzle.flm \| perl fluscate.pl > puzzle_fusc.flm
116			#> flasm.exe -a puzzle_fusc.flm</pre>
117			<p>
118			</p>
119			<h2><a name="_nix">*nix</a></h2>
120			<pre>
121	joko	1.3	#> ./flasm -d puzzle.swf > puzzle.flm
122			#> cat puzzle.flm \| ./fluscate.pl > puzzle_fusc.flm
123			#> ./flasm -a puzzle_fusc.flm</pre>
124	joko	1.1	<p>
125			<a href="#__index__"><small>back to top</small></a>
126			</p>
127			<hr />
128	joko	1.2	<h1><a name="development">Development</a></h1>
129	joko	1.1	<p>
130			</p>
131	joko	1.2	<h2><a name="todo">Todo</a></h2>
132			<pre>
133			- provide list of flash event handler names to exclude from symbol replacement</pre>
134	joko	1.1	<p>
135			</p>
136	joko	1.2	<h2><a name="wishlist">Wishlist</a></h2>
137			<pre>
138			- komplexere verschlüsselung als "-1, -2 ..." z-b nicht in der numerischen reihenfolge sondern nach
139			zufallsprinip (-21,-3,-89)? (->random)
140			- evtl. constants nach abfrage ersetzen ? leider sehr aufwendig, bei vielen constants (->ask)
141			- rausgeben des arrays mit den "neuen" werten um evtl die obfuscation rückgängig zu machen (->undo)
142			- " push 0
143			ls:
144			dup
145			trace
146			branchIfTrue ls"
147			... after each "constants" declaration (->pollute)
148			- what about other symbols beside "function"s? (e.g. variables) (->mode)</pre>
149	joko	1.1	<p>
150			</p>
151	joko	1.2	<h2><a name="notes">Notes</a></h2>
152			<pre>
153			- no function may be called "Initialize", rename it to (e.g.) "Initialize2", reassembling will not work otherwise
154			(doesn't matter when obfuscating since function names will be replaced of course)
155			- function names seem to be/work case insensitive (shuffle <-> Shuffle)
156			- successfully tested with <a href="http://download.macromedia.com/pub/flash/showme/win/puzzle.zip">http://download.macromedia.com/pub/flash/showme/win/puzzle.zip</a>
157			- make sure -1, -2, -3, .... gets replaced with '-1', '-2', '-3', ...
158			- there are multiple caller lines: callFunction, callMethod; do we have to take special care to methods?
159			- "getMember" and "getVariable" also do function calls!
160			- there are reserved function names which must not be replaced! (-> event handlers, e.g. "onPress")</pre>
161	joko	1.4	<p>
162			<a href="#__index__"><small>back to top</small></a>
163			</p>
164			<hr />
165			<h1><a name="links">Links</a></h1>
166			<p>
167			</p>
168			<h2><a name="actionscript_decompilers___disassemblers">ActionScript Decompilers / Disassemblers</a></h2>
169			<pre>
170			flasm: <a href="http://www.nowrap.de/flasm.html">http://www.nowrap.de/flasm.html</a></pre>
171			<p>
172			</p>
173			<h2><a name="actionscript_editors___co_">ActionScript Editors & Co.</a></h2>
174			<pre>
175			URL Action Editor and Actionscript Viewer:
176			<a href="http://www.buraks.com/">http://www.buraks.com/</a>
177			<a href="http://voisen.org/archives/2003/02/uae_303_and_asv_309.php">http://voisen.org/archives/2003/02/uae_303_and_asv_309.php</a>
178			SE\|PY ActionScript Editor: <a href="http://www.sephiroth.it/python/sepy.php">http://www.sephiroth.it/python/sepy.php</a></pre>
179			<p>
180			</p>
181			<h2><a name="obfuscators">Obfuscators</a></h2>
182			<pre>
183			ASO Pro (ActionScript Obfuscator Pro): <a href="http://www.genable.com/aso/preview.html">http://www.genable.com/aso/preview.html</a>
184			SWOB (swf obfuscator): <a href="http://home.byu.net/jtb64/Swob.htm">http://home.byu.net/jtb64/Swob.htm</a>
185			OBFU - A Flash Actionscript obfuscator: <a href="http://opaque.net/~dave/obfu/">http://opaque.net/~dave/obfu/</a></pre>
186			<p>
187			</p>
188			<h2><a name="misc">Misc</a></h2>
189			<pre>
190			ActionScript Protection:
191			<a href="http://www.as-protect.com/">http://www.as-protect.com/</a>
192			<a href="http://www.quasimondo.com/archives/000377.php">http://www.quasimondo.com/archives/000377.php</a>
193			Developer's SWF Guardian: <a href="http://anyrd.anyorganization.com/">http://anyrd.anyorganization.com/</a>
194			Password Busting / SWF Protections: <a href="http://www.searchlores.org/cinix_fla.htm">http://www.searchlores.org/cinix_fla.htm</a></pre>
195			<p>
196			</p>
197			<h2><a name="offtopic">Off-Topic</a></h2>
198			<pre>
199
200			XPath for Actionscript and other stuff: <a href="http://www.xfactorstudio.com/Actionscript/">http://www.xfactorstudio.com/Actionscript/</a>
201			SerializerClass: <a href="http://sourceforge.net/projects/serializerclass/">http://sourceforge.net/projects/serializerclass/</a>
202			AMF::Perl - Flash Remoting in Perl and Python - using Flash Remoting protocol (AMF):
203			<a href="http://simonf.com/amfperl/">http://simonf.com/amfperl/</a>
204			PEAR::SWF - Read and write SWF head tag: <a href="http://www.sephiroth.it/test/php/SWF/">http://www.sephiroth.it/test/php/SWF/</a>
205			AMFPHP - Flash Remoting for PHP: <a href="http://www.amfphp.org/">http://www.amfphp.org/</a></pre>
206	joko	1.1	<p><a href="#__index__"><small>back to top</small></a></p>
207			<table border="0" width="100%" cellspacing="0" cellpadding="3">
208			<tr><td class="block" valign="middle">
209			<big><strong><span class="block"> fluscate - The Flash Obfuscator</span></strong></big>
210			</td></tr>
211			</table>
212
213			</body>
214
215			</html>
MailToCvsAdmin">MailToCvsAdmin	ViewVC Help
Powered by ViewVC 1.1.26