Monokai

I couldn’t find a decent free obfuscator to use on macOSX, so I made my own. The obfuscator is written in JAVA (so it’s platform independent), and it uses Flasm at its core.

The concept of obfuscation

Obfuscation is a process of altering code so that it no longer resembles the original state, but still works in the same way nonetheless. In this case, obfuscation means altering variable names in the source code of your Flash project, so that they no longer resemble their old names. This makes it harder for people to read your source code, in case of reverse-engineering.

Installation of the programs

• Download Flasm and place the program somewhere convenient.
• Download obfuscate.zip

(Please note that I didn’t test this program thoroughly. I only know it worked for my projects disassembled using Flasm 1.61.)

Basic syntax of the program:

Below you’ll find the output of the program when you start it without parameters, i.e. java -jar obfuscate.jar

	
Actionscript Obfuscator v0.5 beta - Copyright (C) 2006 Wimer Hazenberg - www.monokai.nl
Takes a Flasm file and obfuscates all variables in it, except for those specified in "actionscript.txt" (and optionally, the exclusion file).

syntax to list the variables:
obfuscate -listvars input.flm - lists all variables in file
obfuscate -listsortedvars input.flm - lists all variables in file alphabetically

syntax to obfuscate:
obfuscate -type [wordlist.txt] input.flm output.flm [exclusion.txt] [-savemapping mapping.txt]

-type can be on of the following, replacing variable names with:
    -binary       : increasing binary values
    -decimal      : increasing decimal values
    -randomwords  : randomly created words
    -wordlist file: random words selected from a file

Example: obfuscate -wordlist words.txt original.flm obfuscated.flm excluded.txt -savemapping mapping.txt

There are four ways to scramble your variables:

• binary – replaces all variables with increasing binary numbers, i.e. “m0″, “m10″, “m10″.
• decimal – replaces all variables with increasing decimal numbers, i.e. “m0″, “m1″, “m2″.
• randomwords – replaces all variables with randomly created words, i.e. “varul”, “tipea”, “pratsbo”.
• wordlist – replaces all variables with random words selected out of a file. To use this option, you must specify a file containing (a lot of) words. I found some nice word-lists over here: ftp://ftp.ox.ac.uk/pub/wordlists/.

Typical workflow

Because the JAVA obfuscator relies on files created by Flasm, you’ll first have to disassemble your .SWF file to a .FLM file. You’d then use this .FLM file to feed into the obfuscator to produce the new obfuscated .FLM file. After obfuscation is completed, you’ll have to assemble the new .FLM file again to a .SWF file. This could also be done using FLASM. See below for a typical workflow:

	
flasm -d original.swf > original.flm
java -jar obfuscate.jar -wordlist words.txt original.flm obfuscated.flm excluded.txt
flasm -a obfuscated.flm
	

The obfuscator isn’t a very smart program. It greedily replaces all variables it finds along the way. To let the obfuscator behave a bit less radically, it uses a list of reserved Actionscript words contained in actionscript.txt. Additionally, you could specify more variable names which will be excluded from obfuscation in a customized extra file. For example, it’s maybe a good idea to list the variables contained in the .FLM file first. You could then gradually remove variable names from your exclusion file, testing if your .SWF file still works. To list the variables:

	
flasm -d original.swf > original.flm
java -jar obfuscate.jar -listsortedvars original.flm > excluded.txt
	

To obfuscate using the newly created excluded.txt:

	
java -jar obfuscate.jar -randomwords original.flm obfuscated.flm excluded.txt
flasm -a obfuscated.flm
	

Repeat this process, modifying excluded.txt at each step.

Mapping

If you’d have to know what your original variable names were obfuscated into, you could save the mapping into a file. See below to create a file containing a mapping of all the original variables into the new ones:

	
java -jar obfuscate.jar -binary original.flm obfuscated.flm -savemapping mapping.txt
	

So what exactly will your new code look like? You could check this with Flare, a free Actionscript decompiler. To use it, simply type:

	
flare obfuscated.swf
	

This will result in a file obfuscated.flr being created with all the actionscript in it.

This entry was posted on Wednesday, August 2nd, 2006 at 23:51 and is filed under Flash developing. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.