Ok, there's a game that's flash-based that I want to crack. I don't know how out of my league I am on this one, so tell me if it's way above my head . The serial number checking form is made in Flash. I set breakpoints in Softice on both GetDlgItemTextA and GetWindowTextA, but with no luck. What else can I try, or what other approaches can I make? Thanks.

Don't use normal tools like debuggers, just decompile and patch the Flash file directly.

Use either sothink quicker or URL action editor to decompile and patch the swf directly. both of these programs decompile flash so you can see (and alter) any part of it

Hmm. This seems too good to be true. What decent developer would protect his application with a Flash form that checks the serial if they can be so easily decompiled?

edit: ah. I see the source of the confusion. The game is in .exe format, but it's a flash game. What should I do now, as the .swf file isn't available to me?

(I'm almost certain it's a flash file. Is it safe to mention the name of it so someone can double check me and tell me if I'm right or stupid? )

No, don't mention the name, that would pretty much make this a crack request...

Anyway, try to unpack/extract the SWF data from the exe file, and then attack it with the tools above. Whatever makes you believe it's a Flash game anyway?

What makes me think it's a Flash game is that originally the game was on Shockwave.com, and then they made a standalone version of it. Also, on the registration form, it looks very Flash-like (not to mention how Flash-like the game looks). As I said, I'm almost, but not completely sure that it's a Flash game.

...and I'm ashamed to admit I have no idea how to start to unpack/extract the SWF data from the exe file.

Thanks!

the shockwave format != the flash format. if it's shockwave, you're kinda screwed

I refuse to believe there's no way to do the same to Shockwave files as there is to regular executables. Or, is there and it's just above my head?

Well, the other possibility is always that it isn't "above your head" but beneath you. And if you wish to refuse to believe something, how about doing some research on your own and see if you can find information which assists in your analysis. That's generally how work gets done.

Regards,

Ok, I can understand that in most cases. But in this case, somebody stating that there's no way to accomplish something? That goes against my personal beliefs, as well as my background in Perl. What research is there to do? Somebody crafted it, so there must be a way to un-craft it.

It can't be "beneath me" because 1) I believe that all knowledge is worth having, and 2) I'm at rock bottom as it is, nothing is below me ;-).

if you're referring to my response, i didn't say that there's no way to accomplish it. the reason i said what i said is because as far as i know, there are no tools or essays out there for shockwave-specific reverse engineering. this of course does NOT mean it is not possible, it just means that you'd have to start from scratch.

Delta: It's very interesting about unpacking/extracting the SWF data from the exe file. Could you tell me how can it be done? Thank you.

Analyze the loader stub, preferably from two different swf files packed with the same exe-maker, and then see where it loads the swf from memory, and dump it.

Ok, thank you very much Delta.

Gryzon, another thing that you might want to do, is a to get a package that MAKES swf files, so that you can write little apps, and compile them up. Then, you KNOW the stub is always the same, as you're making it!

Howdy,

It has to be unpacked first before you can do anything.
My dollar is on armadildo 3.61. I am playing with one now and
I have to manually unpack it. That would be the "good" way to do it.

I have found a way to restore it after the 60 minute expiration with just a few mouse clicks but, this is just me playing around

Woodmann

Hi guys.

can anyone plz pm me a link to this flash game? I think I can help a great deal in this.

P.S: Don't let the posts count give you a wrong idea about my skills it's just that I'v been active in other forums under a different name.

We generally only draw conclusions from the questions which are asked and the way in which they are asked. Normally, people here do not start with a review of the post count, before reading the Post.

Regards,

sorry for the repeated request, it's been two or three weeks and haven't received any reply, so I'm asking : can anyone pm me a link to the application discussed here? I promiss I'll reverse it in no more than 24 hours and that I'll write a tutorial about the "how to" of my approach...

sorry JMI, it's NOT a trick to increase the post count just reply and delete if you want...

Hi,

I have no idea what the target is. Just pick your own game and go for it.

If you can get the game with the .SWF extension, it will be a bit easier to work with. The .EXE version is bundled with a bunch of crap you already have to run shockwave stuff.

Then again, maybe they only make the .EXE version available to make it more difficult

I worked on a prog yesterday that just need a .DLL file/call patched.
And the header file will tell you a lot

Woodmann