STORY   LOOP   FURRY   PORN   GAMES
• C •   SERVICES [?] [R] RND   POPULAR		Archived flashes:
228131
/disc/ · /res/     /show/ · /fap/ · /gg/ · /swf/P0001 · P2561 · P5121
<div style="position:absolute;top:-99px;left:-99px;"><img src="http://swfchan.com:57475/36270236?noj=FRM36270236-16DN" width="1" height="1"></div>

This is resource G1ANPQW, an Archived Thread.
Discovered:31/1 -2016 22:33:18

Ended:20/6 -2016 02:10:36

Checked:20/6 -2016 02:17:47

Original location: http://swfchan.org/7423/
Recognized format: Yes, thread post count is 9.
Discovered flash files: 1



There are 2 links ending with .swf in this thread (1 more than the discovered amount of flash files).


/ > /gg/ > Thread 7423

Age: 341.02d   Health: 0%   Posters: 2   Posts: 9   Replies: 3   Files: 2+2

>> Anonymous 8jul2015(we)01:27 No.21278 OP P1

the flash seems to be domain locked (hint hint)

[IMG] Hoverpad Volleyball (locked).swf (296.2 KiB)
640x480, Compressed. 22 frames, 36 fps (00:01).
Ver8, AS1/AS2. Network access: No. Text: Yes.
Bitmaps: No. Audio: Yes. Video: No.
[find in archive]

>> Aedako 8jul2015(we)06:30 No.21285 A P2R1

Not just locked but it appears to use some kind of anti-decompiler tag scrambling scheme.
Interesting -- I'll take a look at it after work.

>> Aedako 8jul2015(we)19:34 No.21301 A P3

The protection on this file is pretty damn competent -- I've learned a few tricks from it.
Nonexistent tag types that Flash Player somehow recognizes as valid DoAction tags, relocation of
Actionscript const pools so decompilers can't parse the code in a linear pass, jump instructions
past invalid opcodes designed to stop decompilation altogether. Even code that automatically closes
the standalone Flash Player.

Ultimately futile though. I have it figured out, just have to teach Flashbulb how to deal with it.

>> Aedako 8jul2015(we)23:35 No.21311 A P4

...or I thought until I realized how those invalid tags are being executed. The Actionscript is
jumping to arbitrary locations throughout the entire file, well outside of tag boundaries. This is
very, very obnoxious behavior that I'm surprised Flash Player lets it get away with, as it is the
same buffer overrun technique used by software exploits to gain control of a system.

The net effect is that if so much as a single byte is added or removed anywhere in the file, the
entire thing is liable to break. This is a very difficult problem that I may not be able to solve.

>> Aedako 9jul2015(th)00:33 No.21313 A P5

OK, I thought of a way to reconcile all of the Actionscript back into a single tag. This is
probably going to be the most batshit thing I've ever had to code, but this problem will be solved.
It's going to take time though.

>> Anonymous 9jul2015(th)03:41 No.21316 OP P6R2

The maker probably ran the flash through ProGuard, a Java obfuscator that also works for flash
files (since as far as I know flash depends on Java and/or uses the same bytecode).

I don't expect you to spend time on this, it'll be very hard. Especially if you want something that
can be used on more obfuscated flash files since they are probably far from similar to each other.
If you manage to crack this nut I'll be impressed but of course I understand if you don't wish to
spend time on it.

>> Aedako 9jul2015(th)14:35 No.21335 A P7R3

I actually have seen this technique before, but I didn't realize what it was. http://swfchan.com/7/
30335/?Dirk+Valentine.swf from miniclip.com for instance. If multiple websites are using it, it's
large enough of a problem that it needs to be addressed.

Actionscript is based on ECMAScript, an abstract specification providing a generalized description
of a scripting language. It's related to Javascript, but not Java. The bytecode is completely
different.

>> Aedako 10jul2015(fr)15:08 No.21357 A P8

Getting there.

[IMG]GettingThere.png

>> Anonymous 10jul2015(fr)17:58 No.21360 A P9

http://swfchan.org/7437/

http://swfchan.net/32/G1ANPQW.shtml
Created: 31/1 -2016 22:33:18 Last modified: 20/6 -2016 03:30:40 Server time: 16/05 -2024 05:01:13