1 |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> |
2 |
<html xmlns="http://www.w3.org/1999/xhtml"> |
3 |
<head> |
4 |
<title>fluscate - The Flash Obfuscator</title> |
5 |
<link rel="stylesheet" href="http://netfrag.org/horde/css.php?app=chora" type="text/css" /> |
6 |
<link rev="made" href="mailto:" /> |
7 |
</head> |
8 |
|
9 |
<body> |
10 |
<table border="0" width="100%" cellspacing="0" cellpadding="3"> |
11 |
<tr><td class="block" valign="middle"> |
12 |
<big><strong><span class="block"> fluscate - The Flash Obfuscator</span></strong></big> |
13 |
</td></tr> |
14 |
</table> |
15 |
|
16 |
<p><a name="__index__"></a></p> |
17 |
<!-- INDEX BEGIN --> |
18 |
|
19 |
<ul> |
20 |
|
21 |
<li><a href="#features">Features</a></li> |
22 |
<ul> |
23 |
|
24 |
<li><a href="#obfuscation">Obfuscation</a></li> |
25 |
<li><a href="#functions">Functions</a></li> |
26 |
</ul> |
27 |
|
28 |
<li><a href="#dependencies">Dependencies</a></li> |
29 |
<li><a href="#usage">Usage</a></li> |
30 |
<ul> |
31 |
|
32 |
<li><a href="#win32">win32</a></li> |
33 |
<li><a href="#_nix">*nix</a></li> |
34 |
</ul> |
35 |
|
36 |
<li><a href="#development">Development</a></li> |
37 |
<ul> |
38 |
|
39 |
<li><a href="#todo">Todo</a></li> |
40 |
<li><a href="#wishlist">Wishlist</a></li> |
41 |
<li><a href="#notes">Notes</a></li> |
42 |
</ul> |
43 |
|
44 |
<li><a href="#links">Links</a></li> |
45 |
<ul> |
46 |
|
47 |
<li><a href="#actionscript_decompilers___disassemblers">ActionScript Decompilers / Disassemblers</a></li> |
48 |
<li><a href="#actionscript_editors___co_">ActionScript Editors & Co.</a></li> |
49 |
<li><a href="#obfuscators">Obfuscators</a></li> |
50 |
<li><a href="#misc">Misc</a></li> |
51 |
<li><a href="#offtopic">Off-Topic</a></li> |
52 |
</ul> |
53 |
|
54 |
</ul> |
55 |
<!-- INDEX END --> |
56 |
|
57 |
<hr /> |
58 |
<pre> |
59 |
This software is Copyright (C) 2004 Andreas Motl |
60 |
Ideas and future AppleScript integration by Holger Marseille. |
61 |
|
62 |
This program is free software; you can redistribute it and/or |
63 |
modify it under the terms of the GNU General Public License |
64 |
as published by the Free Software Foundation; either version 2 |
65 |
of the License, or (at your option) any later version. |
66 |
|
67 |
This program is distributed in the hope that it will be useful, |
68 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
69 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
70 |
GNU General Public License for more details. |
71 |
|
72 |
You should have received a copy of the GNU General Public License |
73 |
along with this program; if not, write to the Free Software |
74 |
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.</pre> |
75 |
<p> |
76 |
<a href="#__index__"><small>back to top</small></a> |
77 |
</p> |
78 |
<hr /> |
79 |
<h1><a name="features">Features</a></h1> |
80 |
<p> |
81 |
</p> |
82 |
<h2><a name="obfuscation">Obfuscation</a></h2> |
83 |
<pre> |
84 |
See ASO Pro: <a href="http://www.genable.com/aso/preview.html">http://www.genable.com/aso/preview.html</a></pre> |
85 |
<p> |
86 |
</p> |
87 |
<h2><a name="functions">Functions</a></h2> |
88 |
<pre> |
89 |
fluscate handles two different styles of function declarations:</pre> |
90 |
<pre> |
91 |
1. "Normal" ones |
92 |
function mp3Player ('arg1', 'arg2')</pre> |
93 |
<pre> |
94 |
2. There may be "stacked" function declarations |
95 |
push 'mp3Player' |
96 |
function ()</pre> |
97 |
<p> |
98 |
<a href="#__index__"><small>back to top</small></a> |
99 |
</p> |
100 |
<hr /> |
101 |
<h1><a name="dependencies">Dependencies</a></h1> |
102 |
<pre> |
103 |
"flasm" is required to disassemble swf files, see <a href="http://www.nowrap.de/flasm.html">http://www.nowrap.de/flasm.html</a> |
104 |
ACKs go to Igor Kogan.</pre> |
105 |
<p> |
106 |
<a href="#__index__"><small>back to top</small></a> |
107 |
</p> |
108 |
<hr /> |
109 |
<h1><a name="usage">Usage</a></h1> |
110 |
<p> |
111 |
</p> |
112 |
<h2><a name="win32">win32</a></h2> |
113 |
<pre> |
114 |
#> flasm.exe -d puzzle.swf > puzzle.flm |
115 |
#> cat puzzle.flm | perl fluscate.pl > puzzle_fusc.flm |
116 |
#> flasm.exe -a puzzle_fusc.flm</pre> |
117 |
<p> |
118 |
</p> |
119 |
<h2><a name="_nix">*nix</a></h2> |
120 |
<pre> |
121 |
#> ./flasm -d puzzle.swf > puzzle.flm |
122 |
#> cat puzzle.flm | ./fluscate.pl > puzzle_fusc.flm |
123 |
#> ./flasm -a puzzle_fusc.flm</pre> |
124 |
<p> |
125 |
<a href="#__index__"><small>back to top</small></a> |
126 |
</p> |
127 |
<hr /> |
128 |
<h1><a name="development">Development</a></h1> |
129 |
<p> |
130 |
</p> |
131 |
<h2><a name="todo">Todo</a></h2> |
132 |
<pre> |
133 |
- provide list of flash event handler names to exclude from symbol replacement</pre> |
134 |
<p> |
135 |
</p> |
136 |
<h2><a name="wishlist">Wishlist</a></h2> |
137 |
<pre> |
138 |
- komplexere verschlüsselung als "-1, -2 ..." z-b nicht in der numerischen reihenfolge sondern nach |
139 |
zufallsprinip (-21,-3,-89)? (->random) |
140 |
- evtl. constants nach abfrage ersetzen ? leider sehr aufwendig, bei vielen constants (->ask) |
141 |
- rausgeben des arrays mit den "neuen" werten um evtl die obfuscation rückgängig zu machen (->undo) |
142 |
- " push 0 |
143 |
ls: |
144 |
dup |
145 |
trace |
146 |
branchIfTrue ls" |
147 |
... after each "constants" declaration (->pollute) |
148 |
- what about other symbols beside "function"s? (e.g. variables) (->mode)</pre> |
149 |
<p> |
150 |
</p> |
151 |
<h2><a name="notes">Notes</a></h2> |
152 |
<pre> |
153 |
- no function may be called "Initialize", rename it to (e.g.) "Initialize2", reassembling will not work otherwise |
154 |
(doesn't matter when obfuscating since function names will be replaced of course) |
155 |
- function names seem to be/work case insensitive (shuffle <-> Shuffle) |
156 |
- successfully tested with <a href="http://download.macromedia.com/pub/flash/showme/win/puzzle.zip">http://download.macromedia.com/pub/flash/showme/win/puzzle.zip</a> |
157 |
- make sure -1, -2, -3, .... gets replaced with '-1', '-2', '-3', ... |
158 |
- there are multiple caller lines: callFunction, callMethod; do we have to take special care to methods? |
159 |
- "getMember" and "getVariable" also do function calls! |
160 |
- there are reserved function names which must not be replaced! (-> event handlers, e.g. "onPress")</pre> |
161 |
<p> |
162 |
<a href="#__index__"><small>back to top</small></a> |
163 |
</p> |
164 |
<hr /> |
165 |
<h1><a name="links">Links</a></h1> |
166 |
<p> |
167 |
</p> |
168 |
<h2><a name="actionscript_decompilers___disassemblers">ActionScript Decompilers / Disassemblers</a></h2> |
169 |
<pre> |
170 |
flasm: <a href="http://www.nowrap.de/flasm.html">http://www.nowrap.de/flasm.html</a></pre> |
171 |
<p> |
172 |
</p> |
173 |
<h2><a name="actionscript_editors___co_">ActionScript Editors & Co.</a></h2> |
174 |
<pre> |
175 |
URL Action Editor and Actionscript Viewer: |
176 |
<a href="http://www.buraks.com/">http://www.buraks.com/</a> |
177 |
<a href="http://voisen.org/archives/2003/02/uae_303_and_asv_309.php">http://voisen.org/archives/2003/02/uae_303_and_asv_309.php</a> |
178 |
SE|PY ActionScript Editor: <a href="http://www.sephiroth.it/python/sepy.php">http://www.sephiroth.it/python/sepy.php</a></pre> |
179 |
<p> |
180 |
</p> |
181 |
<h2><a name="obfuscators">Obfuscators</a></h2> |
182 |
<pre> |
183 |
ASO Pro (ActionScript Obfuscator Pro): <a href="http://www.genable.com/aso/preview.html">http://www.genable.com/aso/preview.html</a> |
184 |
SWOB (swf obfuscator): <a href="http://home.byu.net/jtb64/Swob.htm">http://home.byu.net/jtb64/Swob.htm</a> |
185 |
OBFU - A Flash Actionscript obfuscator: <a href="http://opaque.net/~dave/obfu/">http://opaque.net/~dave/obfu/</a></pre> |
186 |
<p> |
187 |
</p> |
188 |
<h2><a name="misc">Misc</a></h2> |
189 |
<pre> |
190 |
ActionScript Protection: |
191 |
<a href="http://www.as-protect.com/">http://www.as-protect.com/</a> |
192 |
<a href="http://www.quasimondo.com/archives/000377.php">http://www.quasimondo.com/archives/000377.php</a> |
193 |
Developer's SWF Guardian: <a href="http://anyrd.anyorganization.com/">http://anyrd.anyorganization.com/</a> |
194 |
Password Busting / SWF Protections: <a href="http://www.searchlores.org/cinix_fla.htm">http://www.searchlores.org/cinix_fla.htm</a></pre> |
195 |
<p> |
196 |
</p> |
197 |
<h2><a name="offtopic">Off-Topic</a></h2> |
198 |
<pre> |
199 |
|
200 |
XPath for Actionscript and other stuff: <a href="http://www.xfactorstudio.com/Actionscript/">http://www.xfactorstudio.com/Actionscript/</a> |
201 |
SerializerClass: <a href="http://sourceforge.net/projects/serializerclass/">http://sourceforge.net/projects/serializerclass/</a> |
202 |
AMF::Perl - Flash Remoting in Perl and Python - using Flash Remoting protocol (AMF): |
203 |
<a href="http://simonf.com/amfperl/">http://simonf.com/amfperl/</a> |
204 |
PEAR::SWF - Read and write SWF head tag: <a href="http://www.sephiroth.it/test/php/SWF/">http://www.sephiroth.it/test/php/SWF/</a> |
205 |
AMFPHP - Flash Remoting for PHP: <a href="http://www.amfphp.org/">http://www.amfphp.org/</a></pre> |
206 |
<p><a href="#__index__"><small>back to top</small></a></p> |
207 |
<table border="0" width="100%" cellspacing="0" cellpadding="3"> |
208 |
<tr><td class="block" valign="middle"> |
209 |
<big><strong><span class="block"> fluscate - The Flash Obfuscator</span></strong></big> |
210 |
</td></tr> |
211 |
</table> |
212 |
|
213 |
</body> |
214 |
|
215 |
</html> |