I've created a password variable w/input text on the first frame of a swf to enable private viewing of a swf; so if you dont know the password you cant procedd to frame 2, to see the whole thing.
Is this effective?
i'm not sure what decompiling is exactly though i have an idea it's like breaching copyright, though i mayb wrong, so i have downloaded some decompiler software off of cnet, 'Sothink SWF Decompiler',
but am afraid to install it
because fearful it'll mess with my system. Is that a legitimate concern, do you htink?
And, I noticed another piece of software mentioned on cnet, SWF Decompiler Magic, from http://www.flashdecompiler.us/
which isnt free, which may be useful to fix my own swfs and look at how those of others are built.
Do you think that's ok to do? I mean, is it a standard optimization/debugging technique - to use decompilers?
And, considering that one of my issues with my own swfs is that they are processor intensive due to the use of lots of FLVPlayback, timers that regenerated objects, and plenty much goings on, do you think that a decompiler tool can help me optimize these issues when i upload my work to my website?
yes, it's ok to use decompilers (especially on your own swfs). sothink is the best of them and is not free. (but a trial may be free.)
a decompiler lets you see the code (and everything else) used to make the swf. sothink's can often re-create the fla from the swf.
kglad h i.
Having installed SOthink SWF Decompiler, it does not appear that it is possible to get hold of a swf that's online, on my own website for example, and download it to my computer in order to decompile it.
So, while there may be benefits to decompiling, unless your website is hacked and the hacker manages to download your swf, the decompiler is useless in terms of breaching password protection built into the swf.
if your swf can be played in a user's web browser, the user already "has" your swf on their harddrive. they just need to find it.
what's your url? i'm pretty sure i can get your swf and password (if it's in the swf) in less than 5 minutes.
write yourself a little html page with a link
(you can use "view source" on the site to find the swf name), view that html from your hard disk and then right-click the link.to download the swf - that definitely is not hacking ... just using the elements of a website other than the author intended
Kglad, i havent put that swf up on my website, am sure it's easy for u to get it despite the password.
i'm keen to know how u can do that using Sothink, perhaps u could briefly jot down the steps.
birnerseff, not sure what to make of your remark,thanks anyway:)
open your swf with sothink and navigate to the part of your swf that you want to keep private (without using your password).
and swfencrypt is notorious for breaking your swf so be careful with it. you'll need to have users with different flash player versions/browsers try your swf to see if it's broken for them.
also it's not 100% effective. it makes cracking more difficult so most people, that's good enough. but nothing like financial info should be protected with it.
hi Quigley and kglad.
just downloaded Amayeta swfEncrypt6.0 Trial and will try it on a swf. Do you know if it can be used on ActionScript files such as DocumentClass.as?
And, do you know what happens with flv in a swf, flv that's NOT embedded in the swf but rather plays via an FLVPlayback component on the stage of the swf and has a source that's in a separate folder on your website, is that also as vulnerable/decompilable?
Using Firefox i was unable to access the flv on my own website, as opposed to the swf. But once it's playing in an HTML is it recoverable, if i lose it for example?
some ineresting stuff to read: http://jpauclair.net/2009/12/11/flash-player-security-advanced-walkthr ough/
downloading: I am pretty sure I can download flv from your site once I know its path ... and in order to find path, I probably just need to use firefox dev tools while viewing the swf
if u'd like to explain exactly how to save an flv to my hard disk off someone else's website, using Firefox or any other browswer, do feel free to do so. i myself, dont know how that's done.
Otherwise, i shall leave this question open to see if other's have insight on this subject, and to give me some time to test Swf Encrypt 6 and see what that does.
pretty simple: create a html file on your computer that only says something like
<a href="http://somesite.com/media/movie.flv">movie to get</a>
View that html file in the browser and right-click the link. You should be able to save the file
Hi. Yes. Thank you birnerseff. I managed using Dw. The point of seeing how easy it is to save a swf to disk, was - to consider whether or not to encrypt swfs or copyright them w/open source license.
Going with encryption can break the code while Creative Commons licenses protect your copyrights but also enables those folks who want to go to all that trouble of saving and decompiling your swfs, to really appreciate your work, assuming they can open it in Flash to see AND understand how it is built/setup.
So thanks birnerseff for explaining 'how to', and kglad for telling reminding me about decompilers.
Hi bisguard, I wanted to try your tool, but no luck... So may I ask you
a) cross-platform: is Air required to play to protected file, or just to add the protection?
I am asking this, because Adobe has cancelled Air for Linux some time ago, and the latest version available is 2.6 (and even that does not install - the installer leaves the "helpful" message that it could not find the runtime it was supposed to install)
b) while I believe that your tool can prevent people trying to "understand" code or utilize embedded media, would it also help against people trying to sniff and forge data on the internet connection?
Adobe AIR just to add protection. Protected swf need only Flash player or player plugin.
Flash Antidecompiler was thoroughly tested on Linux Suse, RedHad, Oracle and some
others both for 64 and 32 bit and for Adobe AIR 1.5 and 2.6. I think you have problem
with installation. There are useful links:
What Linux distro do you use?
1. Flash Antidecompiler is a cross-platform. This means that swf protected on Mac can be
used on any Linux or Windows and vice versa.
2. Answer on your b) is, generally saying, yes, but clarify please what do you mean by
"to sniff and forge data on the internet connection"?
I will try on windows, one day or the other. I had a look at the linux documents ... and first thing I noticed that on one distro it said superuser, but not on the other.
In any case I tried following the procedure, and got a readable message about something expected but not present on my system
do you encounter with any problems when dealing with swf files on mac?swf editor for mac is a tool that can edit swf files directly. http://www.swfdecompilerformac.com/swf-editor-for-mac.html