On Mon, Nov 1, 2010 at 1:35 PM, Chris <list_s...@mavdns.net> wrote: > I wasn't arguing the case of it not being legitimate code, which of course it > has to be, unless the flash plug-in architecture allows for some way to hook > in extra executable code - as in an on-the-fly decryption routine. Not being > that familiar with the way the plug-in works, I don't know whether such a > thing > is possible or not. ( This takes me back to decoding and reconfiguring the > old > tape based loading routines from games written for many of the home computers > of the 80's! )
That's not possible in Flash out-of-the-box, but you could probably write it yourself by writing ActionScript that decrypts another SWF file which is then executed. Pretty sure you need to create a fully-fledged SWF in memory though, not just some bytecode. AS3 doesn't seem to have any support for plugging in bytecode or custom DOACTION tags. > Which does mean that Amayeta, along with several other programs of a similar > ilk > that purport to encrypt, are, to put it mildly, overzealously described! Well, they mainly aim at protecting you from decompilers, not disassemblers. (With mixed success- state of the art in the AS3 world of obfuscation seems to be to rename functions and class names, and potentially encode string constants) Matthias