WebApp Sec mailing list archives
Re: Flash Obfuscation
From: Brad Causey <bradcausey () owasp org>
Date: Fri, 30 Apr 2010 06:58:27 -0500
What's your goal? Maybe thatll help us help you. On 4/30/10, Paul Melson <pmelson () gmail com> wrote:
On Thu, Apr 29, 2010 at 2:05 AM, 0x4150 <0x4150 () gmail com> wrote:Has anyone done obfuscation of a flash application? If so, what tool(s) would you recommend?I wouldn't recommend any of them as a way to actually secure anything as the end result must still be a SWF file that Flash Player can parse correctly, and therefore they can be decompiled or debugged in order to reverse the code. The only example of obfuscated ActionScript that I've seen to date has been a malware dropper. In that case it was about 20 minutes by hand to reverse. About 1 minute for Wepawet to do the same. PaulM This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
-- Sent from my mobile device -Brad Causey CISSP, MCSE, C|EH, CIFI, CGSP http://www.owasp.org -- "Si vis pacem, para bellum" -- This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Flash Obfuscation 0x4150 (Apr 29)
- Re: Flash Obfuscation Paul Melson (Apr 30)
- Re: Flash Obfuscation Brad Causey (May 01)
- Re: Flash Obfuscation 0x4150 (May 01)
- Re: Flash Obfuscation Brad Causey (May 01)
- Re: Flash Obfuscation Paul Melson (Apr 30)