WebApp Sec mailing list archives
Re: Flash Obfuscation
From: Paul Melson <pmelson () gmail com>
Date: Fri, 30 Apr 2010 06:59:43 -0400
On Thu, Apr 29, 2010 at 2:05 AM, 0x4150 <0x4150 () gmail com> wrote:
Has anyone done obfuscation of a flash application? If so, what tool(s) would you recommend?
I wouldn't recommend any of them as a way to actually secure anything as the end result must still be a SWF file that Flash Player can parse correctly, and therefore they can be decompiled or debugged in order to reverse the code. The only example of obfuscated ActionScript that I've seen to date has been a malware dropper. In that case it was about 20 minutes by hand to reverse. About 1 minute for Wepawet to do the same. PaulM This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Flash Obfuscation 0x4150 (Apr 29)
- Re: Flash Obfuscation Paul Melson (Apr 30)
- Re: Flash Obfuscation Brad Causey (May 01)
- Re: Flash Obfuscation 0x4150 (May 01)
- Re: Flash Obfuscation Brad Causey (May 01)
- Re: Flash Obfuscation Paul Melson (Apr 30)