On Mon, Nov 1, 2010 at 1:35 PM, Chris <list_s...@mavdns.net> wrote:
> I wasn't arguing the case of it not being legitimate code, which of course it
> has to be, unless the flash plug-in architecture allows for some way to hook
> in extra executable code - as in an on-the-fly decryption routine. Not being
> that familiar with the way the plug-in works, I don't know whether such a 
> thing
> is possible or not.  ( This takes me back to decoding and reconfiguring the 
> old
> tape based loading routines from games written for many of the home computers
> of the 80's! )

That's not possible in Flash out-of-the-box, but you could probably
write it yourself
by writing ActionScript that decrypts another SWF file which is then executed.
Pretty sure you need to create a fully-fledged SWF in memory though, not just
some bytecode. AS3 doesn't seem to have any support for plugging in bytecode
or custom DOACTION tags.

> Which does mean that Amayeta, along with several other programs of a similar 
> ilk
> that purport to encrypt, are, to put it mildly, overzealously described!

Well, they mainly aim at protecting you from decompilers, not disassemblers.
(With mixed success- state of the art in the AS3 world of obfuscation
seems to be
 to rename functions and class names, and potentially encode string constants)

Matthias

Reply via email to