HomeHome
Flash tutorialsFlash tutorials
Flash articlesFlash articles
Flashvalley ForumFlashvalley Forum
Flash componentsFlash components
TemplatesFlash templates
Video loopsFlash sound loops
Video loopsFlash video loops
Flash booksFlash books
Flash gamesFlash games
Flash assistanceFlash Assistance
ServicesFlashvalley Services
SupportSupport
ContactContact

HOME > Flash Articles > Amayeta SWF Encrypt 4 Review
AddThis Social Bookmark Button
Amayeta SWF Encrypt 4.0 review

Protect your Actionscript code

SWF is an open format and therefore there is a whole lot of documentation precisely describing the structure of the file on the internet (see the excellent Alexis SWF Reference). This is a good thing but it has a downside; if you are developing Flash related products and applications for a living you don't really want people to be able to decompile and see your code.

There are a couple of applications on the market that will decompile your SWF and even recreate the FLA file for you and, don't get me wrong, this has been a life saver in many circumstances and from that point of view these applications are a blessing. These applications will happily decompile any SWF and give you access to the actionscript and all the assets embedded in the SWF, isn't it neat ? Well not always.

If you have been struggling for a month or two to develop a component or a Flash application that will bring a smile to the face of many users it is legitimate that you would want to make a couple of dollars out of it. But now what can you do against the army of decompilers drooling at the brand new SWF demo that you dropped on your website? Well there are some solutions: You can try to develop a server side script that will generate an SWF dynamically (not really the fastest solution), you can make a video that will describe your product (not very interactive) or you can have a look at something which is a lot quicker, the encryption solution.

SWF encryption and obfuscation

First let's have a look at the definitions of encryption and obfuscation

Obfuscation is a technique used to complicate code. Obfuscation makes code harder to understand when it is de-compiled, but it typically has no affect on the functionality of the code.

Encryption refers to a technique of scrambling data, using special software, so that only a party with the ability to unscramble the message has access to it.

In the past many applications pretending to protect the actionscript code from decompilers have been defeated and no Flash developer wants to invest in a product that might be defeated in a month or two.

Today we are going to put to the test a little program developed by Amayeta called SWF Encrypt (version 4). SWF encrypt seems to be the first product on the market that hasn't been defeated yet. Nothing is eternal so let's not rejoice too fast but up to now SWF encrypt seems to give a hard time to most of the current popular decompilers on the market.

SWF Encrypt 4.0

Requirements

Pentium 2 350 or Better
64mb RAM or Better
25mb Free HD Space
Windows 98SE, ME, 2K, XP

The interface

The interface is very simple; you have the file browser on the left hand side that will let you point to the directory where the swf sits that needs to be encrypted.

On the top right all the SWF that are in the selected directory are shown, along with their sizes and if they have been protected or not.

Click on the image below to launch an interactive tab navigation.

The middle panel has 4 tabs: The first tab lets you preview your movie. The second tab lets you set the encryption level and the elements that need to be encrypted (default settings are recommended). The third tab lets you define the byte size to be encrypted. Basically the higher you set it the lower the final size of the SWF will be but also the lower the level of encryption. The last tab lets you define the output type which can also be an exe.
The test

In order to see if we can sleep peacefully after encrypting our precious SWFs I am going to add a bit of code to a new Flash file that I will then encrypt with SWF Encrypt 4.0. I will then try to decompile that file with the latest popular decompilers on the market and we will analyze the results.

First let's write a bit of code on the first frame on the main timeline:
var myLoadVars:LoadVars = new LoadVars();
myLoadVars.onLoad = function(success) {
if (success) {
if(myLoadVars.secretWord == "mySecret") {
loadMovie("http://www.myDomainName/myHiddenFlashFiles/myHiddenSWF.swf", "loader");
}
}
};
myLoadVars.load("http://www.myDomainName/myHiddenDirectory/myHiddenPage.php");
This code contains some sensitive data that we might want to keep away from sneaky investigators who would try to reveal it using a decompiler. Therefore I am going to encrypt it using the default settings of SWF Encrypt 4.0 and then try to decompile it using the following products:

- Sothink SWF decompiler v3.0 from Sothink
- Flash decompiler from Eltima
- ASV version 5 from the Manitu Group
AddThis Social Bookmark Button
If you think this page is providing useful information, don't hesitate to leave a comment.
HOME > Flash Articles > Amayeta SWF Encrypt 4 Review
flashvalley
  
Copyright ©2006-2008 flashvalley.com - All rights reserved