SWF hacking

2 Apr 2012

I'm working on SWF hacking in order to build a seamless licensing for a SWF (Flash) application.

Here is what I have found so far:

  1. Always reading in bytes. If the specification said that it uses only 5 bit, you will need to pad the other 3 bits before moving on.

  2. Unsigned and signed integer is in a weird form. For example, when we read `0xCA13(16 bit) for an integer, it actually means ``0x13CA`. Or when we read0xCA13AF69`` (32 bit) for an integer, it actually means `0x69AF13CA`.

  3. ZLIB can be decompressed by `java.util.zipusing ``InflaterInputStream```.

I can parse an SWF application into meaningful blocks.

There are two things left:

  1. How to lock an SWF file with a single machine? Can we get a machine's id?
  2. How to inject my byte-code into an SWF file.

Give it a kudos