--- nfo/perl/scripts/fluscate/doc/fluscate.html 2004/07/23 12:13:14 1.1 +++ nfo/perl/scripts/fluscate/doc/fluscate.html 2004/07/26 16:28:14 1.5 @@ -21,35 +21,57 @@
  • Features
    • -
  • Notes
    • -
  • Todo / Review
    • +
  • Dependencies
  • Usage
    • + +
  • Development
    • + + +
  • Links
    • +
    -

    This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version.

    -

    This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details.

    -

    You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -=cut

    +
    +  This software is Copyright (C) 2004 Andreas Motl
+  Ideas and future AppleScript integration by Holger Marseille.
+  
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License
+  as published by the Free Software Foundation; either version 2
+  of the License, or (at your option) any later version.
+  
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

    back to top

    @@ -57,21 +79,14 @@

    Features

    -

    Requests - - komplexere verschlüsselung als ``-1, -2 ...'' z-b nicht in der numerischen reihenfolge sondern nach - zufallsprinip (-21,-3,-89)? (->random) - - evtl. constants nach abfrage ersetzen ? leider sehr aufwendig, bei vielen constants (->ask) - - rausgeben des arrays mit den ``neuen'' werten um evtl die obfuscation rückgängig zu machen (->undo) - - `` push 0 - ls: - dup - trace - branchIfTrue ls'' - ... after each ``constants'' declaration (->pollute)

    +

    Obfuscation

    +
    +  See ASO Pro: http://www.genable.com/aso/preview.html

    -

    Functions -fluscate handles two different styles of function declarations:

    +

    Functions

    +
    +  fluscate handles two different styles of function declarations:
       1. "Normal" ones
       function mp3Player ('arg1', 'arg2')
    @@ -83,38 +98,121 @@ back to top

    -

    Notes - - no function may be called ``Initialize'', rename it to (e.g.) ``Initialize2'', reassembling will not work otherwise +

    Dependencies

    +
    +  "flasm" is required to disassemble swf files, see http://www.nowrap.de/flasm.html
+  ACKs go to Igor Kogan.
    +

    +back to top +

    +
    +

    Usage

    +

    +

    +

    win32

    +
    +  #> flasm.exe -d puzzle.swf > puzzle.flm
+  #> cat puzzle.flm | perl fluscate.pl > puzzle_fusc.flm
+  #> flasm.exe -a puzzle_fusc.flm
    +

    +

    +

    *nix

    +
    +  #> ./flasm -d puzzle.swf > puzzle.flm
+  #> cat puzzle.flm | ./fluscate.pl > puzzle_fusc.flm
+  #> ./flasm -a puzzle_fusc.flm
    +

    +back to top +

    +
    +

    Development

    +

    +

    +

    Todo

    +
    +  - provide list of flash event handler names to exclude from symbol replacement
    +

    +

    +

    Wishlist

    +
    +  - komplexere verschlüsselung als "-1, -2 ..." z-b nicht in der numerischen reihenfolge sondern nach 
+    zufallsprinip (-21,-3,-89)? (->random)
+  - evtl. constants nach abfrage ersetzen ? leider sehr aufwendig, bei vielen constants (->ask)
+  - rausgeben des arrays mit den "neuen" werten um evtl die obfuscation rückgängig zu machen (->undo)
+  -  "    push 0
+         ls:
+         dup
+         trace
+         branchIfTrue ls" 
+    ... after each "constants" declaration (->pollute)
+  - what about other symbols beside "function"s? (e.g. variables) (->mode)
+  - include list of ->keywords from:
+    http://www.macromedia.com/support/flash/action_scripts/actionscript_dictionary/
+  - replace symbols in multiple files (->multifile)
    +

    +

    +

    Notes

    +
    +  - no function may be called "Initialize", rename it to (e.g.) "Initialize2", reassembling will not work otherwise
     (doesn't matter when obfuscating since function names will be replaced of course)
   - function names seem to be/work case insensitive (shuffle <-> Shuffle)
   - successfully tested with http://download.macromedia.com/pub/flash/showme/win/puzzle.zip
   - make sure -1, -2, -3, .... gets replaced with '-1', '-2', '-3', ...
   - there are multiple caller lines: callFunction, callMethod; do we have to take special care to methods?
-  - ``getMember'' and ``getVariable'' also do function calls!
-  - there are reserved function names which must not be replaced! (-> event handlers, e.g. ``onPress'')
+  - "getMember" and "getVariable" also do function calls!
+  - there are reserved function names which must not be replaced! (-> event handlers, e.g. "onPress")

    back to top

    -

    Todo / Review - - what about other symbols beside ``function''s?

    +

    Links

    -back to top

    -
    -

    Usage

    +

    ActionScript Decompilers / Disassemblers

    +
    +  Flasm:
+    http://www.nowrap.de/flasm.html
+    http://www.opaque.net/~dave/flasm/
+  Flare: http://www.nowrap.de/flare.html
+  Sothink SWF Decompiler: http://www.srctec.com/flashdecompiler/
+  Imperator FLA: http://www.ave-imperator.com/
+  SWF Decompiler: http://www.19.5degs.com/swfdecompiler.php
+  Gordon: http://www.futurecandy.com/

    -

    Usage (win32): - #> flasm.exe -d puzzle.swf > puzzle.flm - #> cat puzzle.flm | perl fluscate.pl > puzzle_fusc.flm - #> flasm.exe -a puzzle_fusc.flm

    +

    ActionScript Editors & Co.

    +
    +  URL Action Editor and Actionscript Viewer:
+    http://www.buraks.com/
+    http://voisen.org/archives/2003/02/uae_303_and_asv_309.php
+  SE|PY ActionScript Editor: http://www.sephiroth.it/python/sepy.php

    -

    Usage (*nix): - #> flasm -d puzzle.swf > puzzle.flm - #> cat puzzle.flm | fluscate.pl > puzzle_fusc.flm - #> flasm -a puzzle_fusc.flm

    +

    Obfuscators

    +
    +  ASO Pro (ActionScript Obfuscator Pro): http://www.genable.com/aso/preview.html
+  SWOB (swf obfuscator): http://home.byu.net/jtb64/Swob.htm
+  OBFU - A Flash Actionscript obfuscator: http://opaque.net/~dave/obfu/
    +

    +

    +

    Misc

    +
    +  ActionScript Protection:
+    http://www.as-protect.com/
+    http://www.quasimondo.com/archives/000377.php
+  Developer's SWF Guardian: http://anyrd.anyorganization.com/
+  Password Busting / SWF Protections: http://www.searchlores.org/cinix_fla.htm
    +

    +

    +

    Off-Topic

    +
    +
+  XPath for Actionscript and other stuff: http://www.xfactorstudio.com/Actionscript/
+  SerializerClass: http://sourceforge.net/projects/serializerclass/
+  AMF::Perl - Flash Remoting in Perl and Python - using Flash Remoting protocol (AMF):
+    http://simonf.com/amfperl/
+  PEAR::SWF - Read and write SWF head tag: http://www.sephiroth.it/test/php/SWF/
+  AMFPHP - Flash Remoting for PHP: http://www.amfphp.org/

    back to top