Thursday, December 10, 2009

Right-click shell integration for secureSWF

Many Flash game developpers encrypt their SWFs files in order to protect their actionscript code, and make it difficult (and hopefully impossible) to anyone to crack/hack the game (scoring, locks, site locking, etc..).

There are lots of flash obfuscators, and secureSWF is, as far as I know, the most advanced: it gives a lot of control and offers tons of options. However I generally use the default presets and it works fine.

What attracted my attention is that secureSWF (Standard version) has a command line operating mode that enabled me to implement easily a right-click "Encrypt with secureSWF" item in windows explorer.

What motivated me is that I don't like the process of launching a new program, browsing my directories to find the SWF, think about an export directory, and think about options (although all this can be saved in project files, ... for big projects).

Usually I prefer something fast and simple: before uploading a SWF, I want to right-click on it in windows file explorer, select some "encrypt with secure SWF" menu item! (see screenshot below)

(The language displayed in the following screeshots is French because my XP is installed in only one language, sorry to non-french readers for the inconvenience)

Right-click menu for encrypting SWF files

This can be achieved pretty easily (windows XP), in windows file explorer:
  • click menu "Options",
  • select "File Types" tab,
  • select "SWF" file type,
  • click "Advanced". Another dialog appears:
Managing actions associated to SWF file type
  • click "New". The following dialog appears:
Parameters of the action
  • type "Encrypt with secureSWF" (or any text you want) in 1st field,
  • in the 2nd field, type:
"secureSWF_Folderpath\ssCLI.exe" %1 "."

where secureSWF_Folderpath is the path of your secureSWF directory.
On my computer I've put it in "C:\Program Files\secureSWF\".
If the path is not valid, you should get an error dialog box when clicking "ok".
  • caution: don't forget the "." after %1. As explained in the secureSWF documentation, this must be the output directory. I usually prefer overwriting the SWF I have selected, therefore I choose the current directory ("."). But I've also added a "secureSWF in encrypted/" right-click menuitem which creates a sub-folder named "encrypted" and puts the protected SWF in it. The command line for this is:
"C:\Program Files\secureSWF\ssCLI.exe" %1 "encrypted"
  • click "OK", and close Options.
Voilà! It's done.

Note for advanced secureSWF users: secureSWF apparently uses the Standard preset, but you can toggle on/off various options in the command line syntax (check the doc)

1 comment:

  1. I'm seeking for some reliable flash obfuscator. Price is also important for me, so I'm thinking to buy SWF Protector Made a few testes and as a result: SWF Protector is the only one that breaks Flash Decompilers. Tested protected swf with Sothink and Trillix Decompilers. Both failed to open protected AS3 code.
    But before buy it I want to ask if someone already used it? Need some feedbacks. Thanks.security. .

    ReplyDelete



© Gludion/Olivier Besson - 2007