Monday, August 23, 2010

Free SWF Decompilers!

Note: Since SWF file is an open specification format, the word "editor" or "viewer" here is more suitable (literally legitimate) than the word "decompiler".

ActionScript Decompiler

UPDATE 2014_3_04
JPEXS Free Flash Decompiler (FFDec) is 2.0.0! 
(The great, open source, not just an alternative to, but even more powerful than, most commercial decompilers.)


Key Features:
SWF to FLA conversion
Direct editing ActionScript source (AS1/2) and editing via assembler source (AS1/2 and AS3) (This is the unique feature that most GUI flash decompilers don't have)
Replacing images, editing texts and fonts
Automatic deobfuscation
Multiple platforms support: Windows, Linux, Mac OS
...
Full features list: http://www.free-decompiler.com/flash/features.html

UPDATE 2011_8_16
ActionScript Extractor
http://sites.google.com/site/as3extractor/home
A free actionscript3 decompiler.

================================================

UPDATE 2011_6_19

http://www.swfwire.com/(Highly Recommended!)
https://github.com/magicalhobo/SWFWire

SWFWire Decompiler
An open source library written in ActionScript 3 for reading and writing swfs.


SWFWire Inspector
"Easily view the contents of SWF files with this open source AIR app. You can view images, shapes, and even syntax-highlighted ActionScript 3.
See what parts of your code are taking up the most space. Make sure sensitive data isn't being exposed. Gain a deeper understanding of the file format. You might even be impressed at how efficient Flash is."

================================================

UPDATE 2013_2_19
ASDEC is now JPEXS Free Flash Decompiler!
http://www.free-decompiler.com/flash(Highly Recommended!)

UPDATE 2010_2_09
asdec: Open Source ActionScript decompiler written in Java.
http://code.google.com/p/asdec/(Highly Recommended!)
"JP ActionScript decompiler (ASDec) is program for decompiling ActionScript parts from flash SWF files. Program has also basic ability to edit (assemble) ActionScript."


Features: See the update.

Opening SWF files version 10 or older
Showing source code of ActionScript1/2 and ActionScript3. (See source limitations)
Exporting sources to file (at the moment only AS3)
Editing source code via modifying assembler source (See editing limitations)
Saving modified actionscript back to the file
Built-in proxy server for editing SWF files which come through it
================================================

http://www.showmycode.com/
"Decompile flash ActionScript from the swf flash file. Use this online flash swf decompiler to get the source code of the swf file."



HP SWFScan
www.hp.com/go/swfscan
http://h30499.www3.hp.com/t5/Following-the-White-Rabbit-A/SWFScan-FREE-Flash-decompiler/ba-p/5440167
"Decompiles applications built on the Adobe Flash platform to extract the ActionScript code and statically analyzes it to identify security issues such as information disclosure."


Resource Extractor/Modifier

http://www.decompileflash.com/
(http://www.swfdecompiler.net)
"Decompile Flash Free Version is an outstanding SWF decompiling tool which allows you to convert flash between SWF and FLA format. Decompile Flash offers the powerful function of editing dynamic texts of flash movie and replacing images as your own easily and watch the edited result immediately. The easy-to-use interface helps you catch on to the system quickly."



http://www.swfdecompiler.net/free_swf_decompiler/index.html
"SWF Decompiler Premium Free Version is a 100% freeware. It allows you to convert between swf and exe format, besides, the powerful function supports edit the dynamic texts and replace images. The player window is innovatively separated from the main panel, which enables users to drag and drop the window wherever they want it to be."


http://www.swftools.org/
SWFDump "Prints out various informations about SWFs, like contained images/fonts/sounds, disassembly of contained code as well as cross-reference and bounding box data."

SWFExtract "Allows to extract Movieclips, Sounds, Images etc. from SWF files."

swfdump
The official tool by Adobe, included in the Flex SDK, to disassemble a SWF.
http://blogs.adobe.com/gosmith/2008/02/disassembling_a_swf_with_swfdu_1.html

http://www.swfmodify.com/
"swfModify software is useful tool for edit , rebuild flash file, and it's free. It’s different from other edit tools. You need no experience of flash design, all you should do is click mouse button. You can replace virtual item in .swf file, and save as another flash file. In the future, we hope every user can upload your flash resources for the others."


http://www.flashprobe.com/
"Flash Probe is a free online tool that can parse flash files and display text and images found within. The tool will create HTML versions of your flash websites. Some use it to see what part of their flash website will get indexed by search engines."


http://www.swixkit.com/
"Easy to use XML-based editor for SWF debugging and updating; Decompiling of SWF into SWiX-format XML; Reassembly of SWiX-format XML into an SWF."


SWF To Image GUI
http://bytescout.com/products/developer/swftoimagesdk/swftoimagegui.html
"SWF To Image GUI is a freeware utility to convert flash movies (SWF) into JPEG, GIF, PNG, BMP images"


Bytecode Disassembler

UPDATE 2012_3_06
Adobe SWF Investigator
The official AIR based, open source, SWF analyzer/disassembler/editor by Adobe Labs.
http://labs.adobe.com/technologies/swfinvestigator/

================================================

As3Eval
http://eval.hurlant.com/
"As3Eval is a library that packages the Tamarin ESC compiler to work within a run-of-the-mill flash player. You can also paste the output of hexdump -C on a swf to disassemble it within the UI."


Nemo 440
www.docsultant.com/nemo440/
Advanced ActionScript 3/ABC2/Flex 2/Flex 3/Flex 4/AIR disassembler.


http://segfaultlabs.com/swfutils
http://segfaultlabs.com/swf/abcflex/index.html


Apparat

http://code.google.com/p/apparat/
A framework to optmize ABC, SWC and SWF files.

Yogda
http://www.yogda.com/
http://yogda.2ka.org

AVM2 Bytecode Assembler, Disassembler, also has the functions of editing(adding/removing) swf tags.


Unprotectors

UPDATE 2012_7_20
SWF iD
"freeware tool that every flash reverser (especially beginner one) should have"

http://swfid.je1.ru/
http://blog.codestage.ru/2013/07/06/swf-id/


SWF Decrypt
http://www.swfdecrypt.com/

"SWF Decrypt will reverse and remove the few junk code these types of software add to your SWF file and charge you money for. The purpose of this software is to help you assess the protection solution that you have chosen. I hope it will also encourage the authors of SWF Encrypt and SWF Protector to either implement actual code obfuscation methods or discontinue their products and stop charging for junk."

SWF Reader
http://www.swf-reader.com

"SWF Reader Professional is first program to unprotect encrypted swf files.

Main features:
Remove/add tags.
Manipulate doABC structure (AS3).
Full unprotect AS2 files which are encrypted by SWF Encrypt 5 (http://www.amayeta.com/).
Unprotect AS3 files which are encrypted by SWF Encrypt 5 (http://www.amayeta.com/). There is not possible to recover names (class, vars, functions) because encrypter remove original names irretrievably."

This one also has a nice memory dump tool/SWF vampire(File->;Load from memory) for unpacking.

SWF-Reader Open Source Lib:
http://sourceforge.net/p/swf-reader/

Manatee SWF Decrypter V3  
http://bmanatee.blogspot.com/2013/04/manatee-swf-decrypter-v3.html

Sitelocked SWF Loader
http://bmanatee.blogspot.com/2012/05/sitelocked-swf-loader.html

UPDATE: 2012_8_18
SWF Vampire
(Tools that can scan the RAM and extract (packed) SWF files from system's running processes.)

Flash Dump: Open source tool in Python.
http://sa3.org/file/python/swfdump.py
http://sa3.org/program/flash-dump/


SWF Thief: Open source tool in C#.
http://code.google.com/p/swf-thief/


Miscellaneous Links:

Packed SWF. How to unpack?
http://blog.codestage.ru/2012/03/07/packed/
How to decrypting the doswf encryption:
http://blog.codestage.ru/2013/05/06/decrypting-doswf/

Способы ?защиты? flash-приложений
(Ways to ?protect? flash-applications, in Russian.
Try Google Translate!)
http://habrahabr.ru/blogs/Flash_Platform/110686/

Basic SWF Bytecode modification (AVM2/AS3) tutorial:
http://bmanatee.blogspot.com/2013/08/basic-swf-bytecode-modification-avm2as3.html

http://www.nowrap.de/flasm.html
http://www.nowrap.de/flare.html

Dump Flash Decompiler
http://www.dcomsoft.com/download/dfdinstall.exe

Swf Picture Extractor
http://www.dcomsoft.com/download/swf_picture_extractor.exe

http://code.google.com/p/flash-decompiler/

http://www.deitte.com/archives/2008/03/randomcompiler.htm

http://blogs.adobe.com/gosmith/2008/02/disassembling_a_swf_with_swfdu_1.html

http://dougmccune.com/flex/FOTB_Decompiling_Doug_McCune.pdf

http://dougmccune.com/blog/2008/09/21/i-just-decompiled-a-decompiler-so-i-could-use-it-to-decompile-itself/

http://shigeru-nakagaki.com/index.cfm/2008/3/18/20080318-LibraryManager-Beta-is-released

http://flashpanoramas.com/blog/2007/07/02/swf-parser-air-application/

http://www.5etdemi.com/blog/archives/2007/01/as3-decompiler/

https://www.flashsec.org/wiki/Simple_AS3_Decompiler_Using_Tamarin

http://blog.reversing.com.ar/2010/02/debugging-actionscript-jited-code/

SWF Encrypt (Flash 'obfuscator') hacking
http://www.woodmann.com/forum/showthread.php?10300-SWF-Encrypt-%28Flash-obfuscator-%29-hacking

Extract SWF files from Flash Executables(EXE):
http://www.northcode.com/blog.php/2007/08/02/Extract-SWF-files-from-Flash-Executables

Libraries for reading/writing SWF and modifying ActionScript Bytecode:
http://www.flagstonesoftware.com/transform/ (Java)
https://github.com/CyberShadow/RABCDAsm (D)
http://www.libspark.org/wiki/yossy/swfassist (AS3)
http://segfaultlabs.com/swfdb (AS3)
https://github.com/magicalhobo/SWFWire (AS3)
https://github.com/laomoi/swfdiy (AS3)
http://sourceforge.net/projects/swfdotnet/ (C# .Net or VB.Net)
http://www.codeproject.com/KB/graphics/swfdotnet-decompiler.aspx
https://github.com/RintarouTW/SWFVisualizer(AS3)
https://github.com/RintarouTW/swfparser(C++)
https://github.com/junfenggeng/libswf/(C)

UPDATE 2012_9_09 SWFRETools(SWF reverse engineering tools collection):
http://www.the-interweb.com/serendipity/
https://github.com/sporst/SWFREtools(JAVA)

Pixel Bender .pbj files Decompiler:
http://www.kaourantin.net/2008/09/pixel-bender-pbj-files.html

AGAL ByteCode Decompiler:
DEMO: http://boycy.webs.com/Disassembler.swf
Source Code: http://boycy.webs.com/Disassembler.rar

Tuesday, August 3, 2010

SWF Cry v0.02 released, protect your swf for free!

Update: August, 8, 2011
A minor version(v0.02fixed) maintenance update for SWF-Cry released!
Fixed several bugs.
Warning: this version maybe more buggy than the previous version(v0.02).
For backup purpose, you can find all old releases here:
https://flaswf.googlecode.com/svn/trunk/Swfcry/builds
A major version(v0.03) update, which has fewer bugs, more functions and better UI, will be available in the future.
==========



TUTORIAL - How to use it:

First of all, click to expand the "Advanced Configuration" window .

1. Choose your main swf to be encrypted

Press “Browse _SWF button to upload your swf.

2. Choose your water mark swf

Press “Browse _WaterMark button to upload your water mark.

If you don't need a water mark, uncheck “Use _WaterMark.

You can set the water mark swf's x, y, scaleX, scaleY and alpha properties.

Change the “LinkTo url to your sites and the final output swf will have a water mark navigates to your sites when you click it.

3. Obfuscate

Edit the names list there; add names that you wish to be changed to random strings.

Use comma (",") to separate names.

If you don't want to obfuscate, uncheck "Obfuscate".

4. Pack

Edit the name (default uploadedswfname_CryOut.swf) after “OutPut_SWF_Name. That's the encrypted swfs name. You can also change it after the encrypted swf is created.

If you don't want to pack your swf, uncheck “Pack.

Notes: if you uncheck “Pack” and “Obfuscate both, SWF Cry will do nothing. Make sure at least one is checked.

5. Save the encrypted swf

Press “Cry_and_Save button to begin the encryption process, please wait a while till it's done and then you can save the encrypted swf.

6. Save your config

Press “Save_Config button to save your current config, you can load your config by “Load_Config. The saved config is an xml file, you can edit it manually.

7. Test your output swf, if you only see a blank swf, try unchecking Pack.
If the player throw errors such as “can't find definition... check the obfuscate names list, make sure no as3 key words there!

KOWN ISSUES:

1. Only as3, AVM1 swfs (as2,as1) are not supported currently and won't be supported in the future.
2. Sometimes swfs access net files won't run on a local computer after Pack.
3. If your swf accesses stage, add code below in your main class's constructor function:

if(stage==null)
{this.addEventListener(Event.ADDED_TO_STAGE,onAdded);}
else {init();}
function onAdded(event:Event){init();}
function init(){}

Otherwise, the packed swf will throw errors. Go here (http://www.flashandmath.com/intermediate/swfload/docclass.html) for details.
4. Many other bugs...

Bugs, ideas, requirements, just drop a comment!

Links:

Sponsors