Skip to main content

Plarium part two. Working with swf

Flash is old but still usable. 

Flash is very old  but still  usable. Few year ago I was sure that this product be killed by WebGL or other modern technology. Now Flash is alive and  very popular for some application.  Flash  contains not only sprites and images ,  actionscript code is also included in swf file. By running  this code flsdh has ability to  work with  user control and send command via network. 

Start JPEXS Free Decompiler  and open previous downloaded swf file. Navigate to script section:
  Unfortunately my Imac has problem with text searhing(searching is stopped with 'out of memory' error). In this case I'm looking  for potential file using personal meaning. File which has "sign-code" reference is placed at next path: scripts-> model-> logic->server->commands->JsonCallCmd
Function name is call() and contain  another one fuction generateRequestSignature(data,paramTextForSignatureCalculation) where  data are data which are send to server and paramTextForSignatureCalculation is sum of wellknown string started from "The Matrix" , method, userid , and usersocailauthkey.  Last three strings are also added to HTTP Header. 
you can verify this investigation by python interpretator:
python
Python 2.7.10 (default, Oct 13 2015, 09:42:49) 
[GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.72)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import hashlib
>>> matrix_string = "The Matrix has you..."
>>> http_data= """{"s":{"s":true,"o":1,"l":true,"f":true,"c":"en-US","p":0,"m":true,"z":0.6361773255813953,"g":false,"a":true},"u":1492615673749,"r":77,"o":{"i":44,"b":null},"y":[518],"sm":[],"km":9,"g":21193,"t":1492615694942,"q":[64,1,44,55,56,57,58,59,60,61,62,63]}"""
>>> http_command="CloseQuest"
>>> authkey='secretkey'
>>> userid='itsasecret'
>>> print hashlib.md5((matrix_string+http_data+http_command+userid+authkey).encode('ascii')).hexdigest()
8917c927db57bf6d7dbcb7a72b25151d
If you have received the same value as in http header then you have done your job well.

Comments

Popular posts from this blog

Upgrade postgres 9.4 to 9.6 at Debian linux

I'm using virtual server based on Debian Linux for some my free projects.  One of them is based on Postgres with PostGIS extension.   This windy rainy day is a good time for executing some upgrade. Also I would like to add partman extension for partituoning.
Checking new version. Update package list :
aptitude update Get: 1 http://ftp.debian.org/debian jessie-updates InRelease [145 kB] Get: 2 http://security.debian.org stretch/updates InRelease [62.9 kB] Get: 3 http://security.debian.org jessie/updates InRelease [63.1 kB]
 Check for new version:


dpkg-query -l postgresql* Desired=Unknown/Install/Remove/Purge/Hold| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)||/ Name Version Ar…

Small script for one of the plarium game

few notes about google games.
Goggle informed that access to the all games be closed after June, 30. I played "Pirates: Tides of fortune" and decided to limit my game time using small script. Detail is below.
Some history
First internet games were updated network games only. 15 years ago internet connection requires a lot of money and nobody had a problem with lagging of the other players. Usually games uses personal communication protocol. Warbirds, Aces High and Eve online use this way.
Next part use a browser and trivial HTTP protocol. One of the popular game in this area is travian . Travian player uses browser and every browser (PC, cell phone, tablet) can be used for playing. Of course, popularity of the game is related to graphics. Trivial HTTP does not have good power in this and other technology is used for this side. One of them is Flash . Unfortunately flash requires a lot of CPU : "Pirates" was near to froze at my old celeron with 512M…

Small python script for monitoring MySQL performance

I have few services which use MySQL as database server. I would like to have information about load in PNG  image  or  in Cacti app.
MySQL   has  performance information at 'SHOW STATUS' command.

Values  which  are monitored : 
 threads_running, threads_connected, thread_cached, slow_queries
 Of course,  it is really easy to add more variables.

Connection to MySQL is accomplished by MySQLdb  module. Typical example of usage is below :
import MySQLdb mydb = MySQLdb.connect(host = 'hostname', user = 'username', password = 'secret', database = 'mysatabase' ) mycursor = mydb.cursor() mycursor.execute('SQL command') sqlresult = cur.fetchall()
Storing data in rrd file is aviable via rrdtools package. This one is present in debian and Centos OS. example of creating file is below: import rrdtool rrdtool.create("myfile.rrd" , "DS:value1:datatype:hea…