nytrio.blogg.se - Sothink swf decompiler decrypt swf file

SOTHINK SWF DECOMPILER DECRYPT SWF FILE CODE
SOTHINK SWF DECOMPILER DECRYPT SWF FILE TRIAL
SOTHINK SWF DECOMPILER DECRYPT SWF FILE DOWNLOAD

It reads the uncompressed header (the first 8 bytes) without the signature and remembers it.

Header.writeBytes(data, 3, 5) //read the uncompressed header, excluding the signatureĬompressed.writeBytes(data, 8) //read the rest, compressedĭecompressed.writeMultiByte("FWS", "us-ascii") //mark as uncompressedĭecompressed.writeBytes(header) //write the header backĭecompressed.writeBytes(compressed) //write the now uncompressed content Var decompressed:ByteArray = new ByteArray() Var compressed:ByteArray = new ByteArray() Private function decompress(data:ByteArray):ByteArray Let's write a simple function to decompress a SWF: The remaining is compressed if the signature is CWS or uncompressed if the signature is FWS. What is written there is that the first 3 bytes are a signature (CWS or FWS), the next byte is the Flash version, the next 4 bytes are the size of the SWF. There is a description of the header and how the SWF is compressed, so we can uncompress it easily.

SOTHINK SWF DECOMPILER DECRYPT SWF FILE DOWNLOAD

Download it from and scroll down to page 25 in the document. The SWF format is an open format and there is a document that describes it. You have to enable compression to follow along).Īt first it might sound difficult but it's not. We need to decompress it! (If your SWF begins with "FWS" and you see meaningful strings in the SWF it's likely that it didn't get compressed. It should look like random binary data because it's compressed and it should begin with ASCII "CWS". From now on I will call the embedded SWF the "protected SWF", and the SWF we just compiled the "loading SWF". the dimensions should be same as the loaded swf'sĬompile and see if it works (it should). Loader.loadBytes(new content(), new LoaderContext(false, new ApplicationDomain())) Now the SWF is embedded as a ByteArray into the loader SWF and it can be loaded through Loader.loadBytes(). source = path to the swf you want to protect Choose a SWF you want to protect and embed it as binary data using the Embed tag: Open a new ActionScript 3.0 project, and set it to compile with Flex SDK (I use FlashDevelop to write code).

SOTHINK SWF DECOMPILER DECRYPT SWF FILE TRIAL

You can grab a trial of Sothink SWF Decompiler from Whilst not necessary, it would be nice to check if our protection actually works. You can download it from or you can use an editor of your choice.

I'll be using a free editor called Hex-Ed. We will be using it to embed content using the Embed tag. Feel free to download the SWF I'll be working on. This tutorial is also about low level programming that involves bytes, ByteArrays and manipulating SWF files with a hex editor. Try to decompile it yourself.īefore we get going, I want to point out that this tutorial is not suitable for beginners and you should have solid knowledge of AS3 if you want to follow along. Additionally, the names are illegal so it won't compile back.

SOTHINK SWF DECOMPILER DECRYPT SWF FILE CODE

The code that is decompiled is actually the code for decrypting the content and has nothing to do with your main code.