[Help] Need a new SWF Decrypt Tool
Need a new SWF Decrypt Tool Posted on: 03/21/2015 1:16pm
Quote Post

I use this thing called "UnSWFEncryptUNP.exe" but it's rather old and doesn't always work. Does anyone know a good, simple-as-hell replacer for that tool? Hell, maybe you can make one?




Hating the Soviet Union since 1924.
RE: Need a new SWF Decrypt Tool Posted on: 03/21/2015 4:11pm
Quote Post
The Laziest Man on KongHack
Stalin15 Posted on: 03/21/2015 9:16am

I use this thing called "UnSWFEncryptUNP.exe" but it's rather old and doesn't always work. Does anyone know a good, simple-as-hell replacer for that tool? Hell, maybe you can make one?



good? yes. simple? no way in hell.

can i make one? HAHAHAHAHAHAhahahahahaaaa.... right.

http://bmanatee.blogspot.com/ check the downloads.




RE: Need a new SWF Decrypt Tool Posted on: 03/29/2015 10:28pm
Quote Post

Man, I tried downloading it but I didn't understand worth shit. This stuff is controlled by Numpads, okay...It needs Flash Player Debugger, how can I know I got it installed right?




Hating the Soviet Union since 1924.
RE: Need a new SWF Decrypt Tool Posted on: 03/30/2015 4:55pm
Quote Post

If i understand it correctly that decrypter does only work with loader type encryptions like Mochi. It basically is like a swfdumper not really decrypting anything. If the bytecode was changed and dead code added it will still be there.

UnSWFEncryptUNP.exe is for AS2 anyways if i am correct so newer games won't work with it. Do you really need a decrypter for AS2?




khwar.com
RE: Need a new SWF Decrypt Tool Posted on: 03/30/2015 5:09pm
Quote Post
The Laziest Man on KongHack
ZuckeR Posted on: 03/30/2015 12:55pm

AS2



AVM1*

as2 is the same as as3 except one or two opcodes they removed/changed

also stalin, i told you it wasnt simple =P




RE: Need a new SWF Decrypt Tool Posted on: 03/30/2015 5:53pm
Quote Post
thenewcomer Posted on: 03/30/2015 1:09pm

AVM1*

as2 is the same as as3 except one or two opcodes they removed/changed


Your point here is what? AS1/2 runs in AVM1 and AS3 runs in AVM2. Games made in AS2 have a different structure than AS3 not just the bytecode but the structure of the file in whole. The AVM just interprets what it gets as input and that will be a AS2 or AS3 file. What i meant was simply that an AS2 game can and will be obfuscated with different techniques.

Oh and AS2 has 94 opcodes and AS3 has 158 so yeah quite a bit changed.




khwar.com
RE: Need a new SWF Decrypt Tool Posted on: 04/01/2015 10:38pm
Quote Post

I only have problems about removing encryptions from one game, Thing-Thing Arena 1.




Hating the Soviet Union since 1924.
RE: Need a new SWF Decrypt Tool Posted on: 04/02/2015 2:39pm
Quote Post

Have you tried JPEXS ffdec? It seems to be able to deobfuscate the file when you turn it on (v 4.1.1). You can find it under Settings > Automatic Deobfuscation.

https://www.free-decompiler.com/flash/




khwar.com
RE: Need a new SWF Decrypt Tool Posted on: 04/02/2015 6:27pm
Quote Post
The Laziest Man on KongHack
ZuckeR Posted on: 03/30/2015 1:53pm
thenewcomer Posted on: 03/30/2015 1:09pm

AVM1*

as2 is the same as as3 except one or two opcodes they removed/changed


Your point here is what? AS1/2 runs in AVM1 and AS3 runs in AVM2. Games made in AS2 have a different structure than AS3 not just the bytecode but the structure of the file in whole. The AVM just interprets what it gets as input and that will be a AS2 or AS3 file. What i meant was simply that an AS2 game can and will be obfuscated with different techniques.

Oh and AS2 has 94 opcodes and AS3 has 158 so yeah quite a bit changed.



my point here is that saying actionscript 1 2 or 3 means close to nothing since what we mainly deal with is the AVM.

also many of the 158 opcodes are deprecated from as2 and/or not in use. they just added/renamed more commands and left the old ones in there for compatibility. like i said, the basic difference between them is a few opcodes are different. the mainly used opcodes that we see of both are the exact same thing, so they get labeled under AVM2 because it makes sense to group them together




RE: Need a new SWF Decrypt Tool Posted on: 04/02/2015 10:32pm
Quote Post
thenewcomer Posted on: 04/02/2015 2:27pm

my point here is that saying actionscript 1 2 or 3 means close to nothing since what we mainly deal with is the AVM.

I just don't follow your argumentation here. When i say AS1/2 i mean the old bytecodes which runs in the AVM1. AVM2 only runs AS3 and not AS1/2 those are two different AVMs. For me AS1/2 = AVM1 and AS3 = AVM2 which makes sense since those languages are compiled into opcodes for the corresponding AVM. Decompiling them will yield the original language.

And when i hack a game i mainly deal with opcodes for the AVM and not the AVM itself. For a better understanding decompilers present you the language it came from.
 

thenewcomer Posted on: 04/02/2015 2:27pm

also many of the 158 opcodes are deprecated from as2 and/or not in use. they just added/renamed more commands and left the old ones in there for compatibility. like i said, the basic difference between them is a few opcodes are different. the mainly used opcodes that we see of both are the exact same thing, so they get labeled under AVM2 because it makes sense to group them together

It is not just grouping but also new stuff like type coercing/converting and some other opcodes for class related stuff. All in all they are quite different and no there is no compability as the AVM2 can't even run AS1/2 opcodes. Could you tell me which opcodes are deprecated as i could not find any info on that.

Some obfuscation techniques like the one used on Thing Thing Arena make use of flaws in the AVM or swf file format specification. TTA is obfuscated by "Amayeta SWF encrypt" by changing record types and creating new ones with junk code. But it seems like ffdec can handle those pretty well...

Well, whatever happy hacking :D




khwar.com