Skip to main content

Plarium part two. Working with swf

Flash is old but still usable. 

Flash is very old  but still  usable. Few year ago I was sure that this product be killed by WebGL or other modern technology. Now Flash is alive and  very popular for some application.  Flash  contains not only sprites and images ,  actionscript code is also included in swf file. By running  this code flsdh has ability to  work with  user control and send command via network. 

Start JPEXS Free Decompiler  and open previous downloaded swf file. Navigate to script section:
  Unfortunately my Imac has problem with text searhing(searching is stopped with 'out of memory' error). In this case I'm looking  for potential file using personal meaning. File which has "sign-code" reference is placed at next path: scripts-> model-> logic->server->commands->JsonCallCmd
Function name is call() and contain  another one fuction generateRequestSignature(data,paramTextForSignatureCalculation) where  data are data which are send to server and paramTextForSignatureCalculation is sum of wellknown string started from "The Matrix" , method, userid , and usersocailauthkey.  Last three strings are also added to HTTP Header. 
you can verify this investigation by python interpretator: 
python
Python 2.7.10 (default, Oct 13 2015, 09:42:49) 
[GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.72)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import hashlib
>>> matrix_string = "The Matrix has you..."
>>> http_data= """{"s":{"s":true,"o":1,"l":true,"f":true,"c":"en-US","p":0,"m":true,"z":0.6361773255813953,"g":false,"a":true},"u":1492615673749,"r":77,"o":{"i":44,"b":null},"y":[518],"sm":[],"km":9,"g":21193,"t":1492615694942,"q":[64,1,44,55,56,57,58,59,60,61,62,63]}"""
>>> http_command="CloseQuest"
>>> authkey='secretkey'
>>> userid='itsasecret'
>>> print hashlib.md5((matrix_string+http_data+http_command+userid+authkey).encode('ascii')).hexdigest()
8917c927db57bf6d7dbcb7a72b25151d
If you have received the same value as in http header then you have done your job well.
Labels:

Comments

Post a Comment

Popular posts from this blog

Small script for one of the plarium game

few notes about google games. Goggle informed that access to the all games be closed after June, 30. I played "Pirates: Tides of fortune" and decided to limit my game time using small script. Detail is below. Some history First internet games were updated network games only. 15 years ago internet connection requires a lot of money and nobody had a problem with lagging of the other players. Usually games uses personal communication protocol. Warbirds, Aces High and Eve online use this way. Next part use a browser and trivial HTTP protocol. One of the popular game in this area is travian . Travian player uses browser and every browser (PC, cell phone, tablet) can be used for playing. Of course, popularity of the game is related to graphics. Trivial HTTP does not have good power in this and other technology is used for this side. One of them is Flash . Unfortunately flash requires a lot of CPU : "Pirates" was near to froze at my old celeron with
15 comments
Read more

Mac, emacs and new python3.10

Mac, emacs and new python3.10   I've deceided to upgrade my python to the new Python 3.10 and upgrade my IDE based on Emacs too.  Upgrading python to version 3.10  A installing python 3.10  is really simple task using a homebrew:  MacBook-Pro-Hohlov:call-me skhohlov$ brew search python ==> Formulae app-engine-python gst-python python-launcher python-tk@3.9 python@3.8 pythran boost-python ipython python-markdown python-yq python@3.9 ✔ jython boost-python3 micropython python-tabulate python@3.10 reorder-python-imports cython bpython ptpython python-tk@3.10 python@3.7 wxpython ==> Casks awips-python awips-python
Post a Comment
Read more
  debian,  amavis,  virus inside archive   One my client asked informed me, that amavis skips some files types. mail server configuration is really simple: Postfix as SMTP server and  amavis working as context filter. Also amavis runs spamassasin and clamd antivirus. Amavis gets files from attachment and unpack it. lha file is not detected. short investigation First I deceided to run amavis  in debug mode and verify how virus passed postix+amavis.  root@newserver:/var/lib/amavis# /etc/init.d/amavis stop [ ok ] Stopping amavis (via systemctl): amavis.service. root@newserver:/var/lib/amavis# /etc/init.d/amavis debug Trying to run amavisd-new in debug mode. Debug mode inform about loaded plugins: ' Nov 13 22:07:23.335 newserver. /usr/sbin/amavisd-new[40334]: Found decoder for .cpio at /bin/pax Nov 13 22:07:23.336 newserver. /usr/sbin/amavisd-new[40334]: Found decoder for .tar at /bin/pax Nov 13 22:07:23.336 newserver. /usr/sbin/amavisd-new[40334]
Post a Comment
Read more