Basic SWF modification tutorial
An Introduction to SWF Obfuscation
Server-sided values
Flash AS3 Class injection via loader
Flash AS3 Class overriding template and tutorial
BPE Plugin Writing Tutorial #1 (Writing your first plugin)
Tutorial on using SADPlugin
More coming soon!
20 comments:
Nice here is a game in facebook which has the preloader.swf
http://www.facebook.com/royalstory
hope u can try if it works with ur software I am trying it too :)
The new version of my universal decrypter (which I will probably post some time either this month, or early next month) should work on it.
bmanatee
Thanks goodness I've found your blog. I hope you could help me though since I've subscribed to your website and maybe I could bring in some more traffic with my friends if you will be able to help me.
Do you have any tools to hack the game called "The L@st $tand DZ"?
@jazy
I don't have enough free time right now to help a huge amount, but I can give you some information on some useful tools.
The Firefox extension "Tamper Data" is very useful for finding files games load.
My universal decryptor V3 should be able to decrypt/dump any encrypted SWF you might find.
If you're ok with working with AVM2 bytecode, Yogda is an AVM2 bytecode editor which is incredibly useful for doing advanced editing of SWFs.
SWFWire Inspector is a very good AVM2 tag disassembler/inspector and also has some AS decompilation abilities.
You can try playing around with a simple packet editor such as "WPE Pro", but packet editing and reverse engineering takes some practice to get good at.
If you're a genius you could even use my packet editor, but it is quite advanced and requires good AS3 and packet editing skills to use effectively.
If you want to get really advanced, nothing beats an AVM2 disassembler and a hex editor.
Bmanatee, bro I don't have any experience on editing packet data but I will try to play with every software that have you mentioned. Was it really possible to packet edit the server side things?
Bmanatee, if you could make me a private tutorial on how to hack this game then maybe I could purchase it and donate some extra cash for your website. I am really desperate bro.
I did a post on server sided values just now. It might give you some more information on them.
I appreciate the offer, but I really don't have a great amount of time right now, and last time I checked out Last Stand DZ the developers where in the process of beefing up the security.
The game is advanced enough to mean I would have to put quite a lot of time and effort in to hack it.
I might be able to give you some tips and a little help over MSN or AIM if you want to send me yours, though.
Okay Bro, Here is my email addresses:
ytgen1@gmail.com
techseeder@yahoo.com
Feel free to contact me in any of this email addresses. D:
Hi dude,
Can you make something new for BBH. A hack? Is is possible to remove someones verified email and exchange it with your own? If you have a wallet is it possible to increase the percent that flows in ( from 10% to maybe 40%)? Is it possible to find someones password? Is it possible to remove a account which is perma banned? Is it possible to tell if someone is online (so you wont duplicate them if you share accounts)
I know that those are a lot of questions! But it would be greatly appreciated if you could answer them. Any other hacks that are possible please tell me. BBH is kind of getting boring and I am awaiting something new like a hack. Please reply as soon as possible and tell me if any other thing is possible that no one has yet. Maybe change your name? Change the colour of text you talk it?
Anywaya you know what I mean.
Thanks,
BBHWANTED
Hello bmanatee,
Hope you're doing good,
I've a question about a game called "vega conflict". i'd like to know if it is really server sided or not, as the security seems to be very high.
Thank you for your time
Unfortunately, I don't have the time to go through people's requests.
You can find my post on server-sided values here if you haven't read it already:
http://bmanatee.blogspot.co.nz/2013/06/server-sided-values.html
Some things will be server-sided, some won't be. Figuring out what is and isn't server-sided requires a lot of time, effort and reverse engineering, so I can't really give you any game-specific information without investing time I don't have. sorry.
I know Kixeye has some decent security nowadays, though.
I'm sure you get this from the general vibe of my server-sided values post, but when someone claims something is server-sided, it's good to take it with a grain of salt.
Hi Bmanatee ! I found your blog and really wanted to experiment on this flash game, for the hell of it. So after downloading ffdec and flash cs6, I went through all the tutorials successfully.. but I can't seem to override any method of my game.
I know you don't have much time for personal requests but I'm pretty sure you could crack this problem in a blink, so let me describe it in a few words..
Here's the catch : there are 2 swf files, a small loader and the actual game. the loader passes local time as argument to the main swf.
So after decompiling the loader, the tricky line will be :
var _loc1_:Date = new Date();
xxxx.load(new URLRequest("http://xxxx.swf?n=" + _loc1_.getTime()));
So you can run the loader as a swf (or fla) on your computer, keep the web url for the main swf, and the game will work. But you can't run the main swf alone on your computer, you will get disconnected from server.
I tried overriding the methods of the main swf in the modified loader, by replacing the previous line with :
xxxx.load(new URLRequest("xxxx.swf?n=" + _loc1_.getTime()), new LoaderContext(false,ApplicationDomain.currentDomain));
But it just doesn't work. When I look at the process with ffdec, there are 2 different movies running. The first one has the loader file and all my modified methods. But the second one (actual game) always keeps its original methods. I just can't get it to accept my overriden ones !!
It's very frustrating because I know my methods work (and I spent a lot of time editing them as shown in your tutorial), they just won't get accepted.
I also tried to change the url and load the main swf on my computer, but I don't know how to pass the right parameter to it.
Do you have tips on how to make the 2nd swf accept my overridden methods ? Or how the server would most likely use the time parameter and how to bypass it .. ?
I could mail or aim you the sources so that you don't have to look for it..
Also I could help you with testing your new tools. I'd like to try everything on this game !
Thanks a lot and please let me contact you on G+ if you're willing to crack this :)
PS : I'm not willing to actually cheat all around in this game, because I'm a regular player and don't want to get banned. I just want to be able to do it, as a programmer. So I'm pretty serious about getting through with it and maybe test some new tools / methods.. bye bye
PPS : sorry for the long post, I thought the best way to have you interested was to expose the problem.. hope it worked !
@Mens
I'm happy to give you some help, I sent you a message on G+
hey bmanatee,
I'm back after a few years now and ive seen plenty of changes to the game called "The Last Stand Dead Zone" now is there a possiblity to have a private hack tool for this game?
Can any one find the code of 8 ball pool
http://www.miniclip.com/games/8-ball-pool-multiplayer/en/
How can u edit in constants.xml
if you are able to "hack" the packets of data, then is it possible to hack Vega Conflict using your techniques, because I have been playing for about a week now and the people around me are just bullies and I would like to deal out some of their own medicine
Post a Comment