Flash Protection/Hacking

Okay, so some flash videos/games/even banner ads in some paranoid cases have a type of protection on them that stops them from running unless they are on the server of the owners site, and i recently got bored and tried decompiling some basic flash games, changing values and making up random functions to make the games a little more enjoyable for me… so i want to try make a new game more enjoyable for me and i've decompiled it and taken a look through but not found anything that i can specifically relate to stopping the movie or trying to protect the game, but the game does not run when downloaded….

i was basically wondering that when looking for protection schemes in flash what would i be looking for? this could also help me as i have dabbled in flash alot before and i'd also like a way to protect my games/movies/etcetc…

cheers for any help, Jamey

EDIT: i havent been here in a while and didnt realise there was a flash exploiting piece! wow, i love that, i should give that a go first really

cheers

Check if the file imports other files on the server. Perhaps the easiest way to do this would be to sniff your traffic (wireshark) while visiting the legitimate flash file. I don't know how it would make sure it's on the right domain, but it could be something as simple as checking document.domain. Perhaps you can get around this simply by editing your HOSTS file to point the domain it's meant to be running on to 127.0.0.1 and accessing your SWF from there.

If you then need it to access the real files on it's real domain then you could perform an anti-DNS pinning attack on yourself so the flash file suddenly can make calls to the real domain. Perhaps I'm jumping the gun with this suggestion though.

haha cheers, i'll take a look through again and note down any external influences when loading etc and i guess if i slowly debug it (i have it in flash form) then i'll find it, if that doesnt work then i'll find another way, thanks for the help,

Jamey

p.s. i hope its not just e thinking the flash challenges were super easy, it would be interesting to see a challenge where you have to overcome the swf trying to check for the right domain etc…

hey again, okay, after debugging i got an error saying redir.swf was not found, so i go to the site, and downlaod redir.swf from the same place and it turns out that thats a side effect of the protection e.g. if the protection says somethings wrong stop the movie and run redir.swf, but i cant find a reference to redir.swf in the source? i tryed a streight up search through everything and couldnt find it, do you know of a way that the game itself can hide a reference to an external movie?

cheers much

Besides obfuscating the file name, nothing I can think of.

Hmm, I think you could probably make a flash obfuscator using widely available disassemblers & reassemblers, so while keeping functionality you could possibly stop it from being recompiled due to screwed up variable names (e.g. the VM accepts them, but the compiler wont).

hmm yeah well decompiled all the variable names etc are changed into the sothink's defaults, so its hard to work around, its a really complicated protection scheme, i still havent worked it out, i've done everything other than debugging then stepping through each line of code(but i cant do that because either my computer is too slow or the code is doing something funny there. (it gives a "a script is taking up to much memory do you want to abort" error and i tryed making it stick it out but flash stalls and crashes) is there a way to protect against debuggers? i could look for that, e.g. a flash alternative to isDebuggerPresent, in assembly… because if tahts whats going on then i could fix it then debug the game?

haha this sounds so intense for just one game but its the knowledge for the future etc that will really help me

cheers for any more help you can give and all the help given so far,

Jamey