Closed veso266 closed 3 years ago
@veso266 , this is not encrypted, it's obfuscated.
There is no way to "deobfuscate" but some tools can help you analyzing/debugging the code a bit more easily.
Where did you get this piece of code?
I got it here: http://downloads.dxing.si/speedtest/speedtest-white.swf (realy old version of SpeedTest) I used ffdec to open it (and for some reason its deobfuscation tools didn't work this time)
and after further analysis I found out that infact it is obfuscated with Amayeta SWF Encrypt (if you go to ActionScript Obfuscation: Encrypted Vs Non-Encrypted example you can see it produces same results as they advertise)
So now the question is how can I analyze and reverse this so I at least get partialy readable code because I think that
§\x01§ = 1360 + 658;
for instance probably have some meaning
there are also §§push(67305985); and §§pop() which I saw on other flash files as well (they probably mean something)
BTW: is
var _loc2_ = com["meychi"]["ascrypt"]["MD5"].calculate("something")
same as
var _loc2_ = com.meychi.ascrypt.MD5.calculate("something")
Hi this is not specific to Forge of Empires but I realy don't know where to ask anymore so I have a AS3 class: https://pastebin.com/a3hBERhZ which is encrypted somehow and I don't know what tool could create such a mess and of course how could I decrypt it
I think that this could be encrypted with this: http://www.amayeta.com/software/swfencrypt/#00 but I am not realy sure about that
Thanks for Anwsering and Best Regards