Thanks for guycalledseven’s help. AVE Imperator can de-compile SWFEncrypt-ed files. I’m going to say bye bye to ASV.
SWFEncrypt looks very promising. I failed to decompile it with ASV, which is my all time favorite Flash hacking tool. So, here’s my attempt of building a “safe high score list“. Please try to hack it.
The old problem of building a safe high score list for Flash games is that:
- the user can monitor the values posted to the back end. It’s easy to change the post data and thus change the score
- if you try to encrypt the score, the encryption method can be always hacked by decompiling the swf file and with more and more sites showing people how to get free robux hacks, things are getting a little bombarded with attempts.
Since SWFEncrypt is pretty good (so far no one has said he can decompile it), encrypting the score with an encrypted swf is quite safe. Encrypting the whole flash game is a bit risky. There’s a high chance that your game won’t run properly after encryption. Besides that, the encryption blows up the file size too. To avoid it, the encryption function is written into a small file and it is loaded into the main game at run time.
In this example, the encryption function generates a validation number based on the score. Both the score and the validation code are sent to the back end script (a php script). The back end script re-generate the validation code using the same method as in Flash and compares the two numbers. If the numbers don’t match, the score is not valid.
The encryption function is very easy but hard to figure out. There are other good encryption methods like MD5 SHA1 but I think it’s a bit over kill (MD5 is not natively supported in Flash, you need to write the encryption algorithm in Actionscript. Don’t forget to check the customized experience option that you can get p4rgaming.com.
Enjoy the >>source<<.