I\'m trying to protect my as3 .swf flash file code from decompilation. I cannot spend $$$ on commercial compilers though. How can i encrypt my swf for free?
Though this is an old Topic.. I Thought id throw this in here.. Its not really considered 'Encryption' But it helps with a bit of protection , First you would need to Decompress your flash file.. You can do so with certain tools .. I Am trying to make a flash Decompressor / Compressor in java but.. Im sort of a noob to java but i've gotten quite good at AS3.. heres the simple solution...
First things first.. Rename all your classes to something that isnt common in AS3 .. dont name it like Class or Main change them all to like SillySilly1,SillySilly2 ... etc.. After your do that go to the next step
Get a Decompressor... to Decompress the file from CWS to FWS Using a Decompressor is pretty easy well mine is just drag the file in and choose a name you want to save a decompressed copy as..
Grab a Hex Editor.. So this is the part that is gonna help protect your file open your favorite hex editor mines HxD.. Go ahead and drag your decompressed file into the hex editor its first three bytes should be FWS if its CWS its still compressed..
Next step is to use the search function and search for all your class names individually.. After you find them start replacing them with names such as '@%F$@!fd#!' Just a bunch of random characters.. The reason i said go back and change them in your project higher in the post is so you can find them easier in the hex editor.. But yea after you replace all class names you find it will replace how it looks in a decompile and when they look at the code the class names are changed in there as well so it would be like
private var Hello:$@#!!$
Pretty nice thing to learn to do .. Hope this helps anyone who reads this in the future..
As others in this thread have said, I honestly wouldn't waste your time; even if you were to shell out for SecureSWF; you can only really achieve obfuscation rather than full encryption as the bytecode has to be loaded into memory in order to execute in the flash player (and can therefore be dumped out).
If you want to read more about the subject (and indeed, learn more about how to get around common SWF encryption techniques) then I'd suggest spending some time on Jean-Philippe Auclair's blog, especially the articles in the security category.
Unfortunately it's fairly easy to decompile a swf with widely available free tools, so you should architect your code on the assumption that anyone can read it. Just like in JavaScript, never put sensitive information in the swf, and any particularly valuable algorithms that you want to protect from prying eyes need to run on your server, as a server-side script that you can call and get a response from.
My brutally honest answer: don't even try. If someone has skill to make use of assets or code from your application, then they're going to have the basic knowledge needed to decompile your SWF and get what they need.
If you even want to try, then this is all I can suggest: http://www.kindisoft.com/
Hope this helps.. Or at least explains why you shouldn't spend time trying.