STORY   LOOP   FURRY   PORN   GAMES
• C •   SERVICES [?] [R] RND   POPULAR
Archived flashes:
229671
/disc/ · /res/     /show/ · /fap/ · /gg/ · /swf/P0001 · P2596 · P5191

Happy New Year!

<div style="position:absolute;top:-99px;left:-99px;"><img src="http://swfchan.com:57475/37403399?noj=FRM37403399-2DN" width="1" height="1"></div>

This is the wiki page for Flash #172127
Visit the flash's index page for basic data and a list of seen names.


Hoverpad Volleyball (locked).swf
296,2 KiB, 00:01 | [W] [I]

Threads (2):

[G1ANPQW]http://swfchan.org/7423/
ARCHIVEDDiscovered: 31/1 -2016 22:33:18 Ended: 20/6 -2016 02:10:36Flashes: ~1 Posts: 9
/ > /gg/ > Thread 7423 Age: 341.02d Health: 0% Posters: 2 Posts: 9 Replies: 3 Files: 2+2
>> Anon 21278 the flash seems to be domain locked (hint hint) [IMG] Hoverpad Volleyball (locked).swf (296.2 KiB) 640x480, Compressed. 22 frames, 36 fps (00:01). Ver8, AS1/AS2. Network access: Text: Yes. Bitmaps: Audio: Yes. Video: [find in archive]
>> Aedako 21285 Not just locked but it appears to use some kind of anti-decompiler tag scrambling scheme. Interesting -- I'll take a look at it after work.
>> Aedako 21301 The protection on this file is pretty damn competent -- I've learned a few tricks from it. Nonexistent tag types that Flash Player somehow recognizes as valid DoAction tags, relocation of Actionscript const pools so decompilers can't parse the code in a linear pass, jump instructions past invalid opcodes designed to stop decompilation altogether. Even code that automatically closes the standalone Flash Player. Ultimately futile though. I have it figured out, just have to teach Flashbulb how to deal with it.
>> Aedako 21311 ...or I thought until I realized how those invalid tags are being executed. The Actionscript is jumping to arbitrary locations throughout the entire file, well outside of tag boundaries. This is very, very obnoxious behavior that I'm surprised Flash Player lets it get away with, as it is the same buffer overrun technique used by software exploits to gain control of a system. The net effect is that if so much as a single byte is added or removed anywhere in the file, the entire thing is liable to break. This is a very difficult problem that I may not be able to solve.
>> Aedako 21313 OK, I thought of a way to reconcile all of the Actionscript back into a single tag. This is probably going to be the most batshit thing I've ever had to code, but this problem will be solved. It's going to take time though.
>> Anon 21316 The maker probably ran the flash through ProGuard, a Java obfuscator that also works for flash files (since as far as I know flash depends on Java and/or uses the same bytecode). I don't expect you to spend time on this, it'll be very hard. Especially if you want something that can be used on more obfuscated flash files since they are probably far from similar to each other. If you manage to crack this nut I'll be impressed but of course I understand if you don't wish to spend time on it.
>> Aedako 21335 I actually have seen this technique before, but I didn't realize what it was. http://swfchan.com/7/30335/?Dirk+Valenti ne.swf from miniclip.com for instance. If multiple websites are using it, it's large enough of a problem that it needs to be addressed. Actionscript is based on ECMAScript, an abstract specification providing a generalized description of a scripting language. It's related to Javascript, but not Java. The bytecode is completely different.
>> Aedako 21357 Getting there. [IMG]GettingThere.png
>> Anon 21360 http://swfchan.org/7437/


[HQXABXG]F http://swfchan.org/7423/
ARCHIVEDDiscovered: 8/7 -2015 01:35:04 Ended: 25/8 -2015 08:00:54Flashes: ~1 Posts: 9
/ > /gg/ > Thread 7423 Age: 48.27d Health: 54% Posters: 2 Posts: 9 Replies: 3 Files: 2+2
>> Anon 21278 the flash seems to be domain locked (hint hint) [IMG] Hoverpad Volleyball (locked).swf (296.2 KiB) 640x480, Compressed. 22 frames, 36 fps (00:01). Ver8, AS1/AS2. Network access: Text: Yes. Bitmaps: Audio: Yes. Video: [find in archive]
>> Aedako 21285 Not just locked but it appears to use some kind of anti-decompiler tag scrambling scheme. Interesting -- I'll take a look at it after work.
>> Aedako 21301 The protection on this file is pretty damn competent -- I've learned a few tricks from it. Nonexistent tag types that Flash Player somehow recognizes as valid DoAction tags, relocation of Actionscript const pools so decompilers can't parse the code in a linear pass, jump instructions past invalid opcodes designed to stop decompilation altogether. Even code that automatically closes the standalone Flash Player. Ultimately futile though. I have it figured out, just have to teach Flashbulb how to deal with it.
>> Aedako 21311 ...or I thought until I realized how those invalid tags are being executed. The Actionscript is jumping to arbitrary locations throughout the entire file, well outside of tag boundaries. This is very, very obnoxious behavior that I'm surprised Flash Player lets it get away with, as it is the same buffer overrun technique used by software exploits to gain control of a system. The net effect is that if so much as a single byte is added or removed anywhere in the file, the entire thing is liable to break. This is a very difficult problem that I may not be able to solve.
>> Aedako 21313 OK, I thought of a way to reconcile all of the Actionscript back into a single tag. This is probably going to be the most batshit thing I've ever had to code, but this problem will be solved. It's going to take time though.
>> Anon 21316 The maker probably ran the flash through ProGuard, a Java obfuscator that also works for flash files (since as far as I know flash depends on Java and/or uses the same bytecode). I don't expect you to spend time on this, it'll be very hard. Especially if you want something that can be used on more obfuscated flash files since they are probably far from similar to each other. If you manage to crack this nut I'll be impressed but of course I understand if you don't wish to spend time on it.
>> Aedako 21335 I actually have seen this technique before, but I didn't realize what it was. http://swfchan.com/7/30335/?Dirk+Valenti ne.swf from miniclip.com for instance. If multiple websites are using it, it's large enough of a problem that it needs to be addressed. Actionscript is based on ECMAScript, an abstract specification providing a generalized description of a scripting language. It's related to Javascript, but not Java. The bytecode is completely different.
>> Aedako 21357 Getting there. [IMG]GettingThere.png
>> Anon 21360 http://swfchan.org/7437/



http://swfchan.net/35/172127.shtml
Created: 8/7 -2015 01:40:41 Last modified: 17/10 -2018 16:10:57 Server time: 03/01 -2025 00:06:15