Non-display characters and obfuscors
In addition to hindering the techniques of the anti-compiler, we can also make the anti-compilation result is not readily read. You can browse the website about the obfuscator.
Basically, it is renamed the names of variables and functions.
Function -3 (-4) {trace (-4);
Function -1 (0, -2) {
IF (0 <-2) {- 3 (1);
}
Very sure is that the theft cannot be just copy, and the paste can use these code. The compiler does not allow you to make such names for a function.
The limitation of the obfuscator is that the name of the change function may bring trouble to the following script code.
Function myfun () {trace ("myfun");}
a = "my";
B = "fun";
THIS [A B] ();
Another technology is that the name of the function is not displayed. For example, use Chinese characters as a function name, the anti-compiler may not display it well. Then we will see:
Function? () {?,?) {?.? = ?;}
The ASV 4 uses Unicode encoding display that cannot be displayed, so the result is easy to read, but it has only increased slight difficulty.
Self-protection
If you find a good way to protect your SWF, don't share this method with others, you don't want to disclose it on the Internet. Of course, it cannot be 100% anti-anti-rebound, at least for me. However, not all people have the format of SWF. Many, theft is only used to refine SWF only by means of software. So if your purpose is to steal your SWF as few stealing, then protect your (protect SWF) secret method.
Just remind you here, your SWF is unprotected. For those who are familiar with the SWF format, all things are unless. If your goal is just to protect "some functions", it should be safe. They may not steal your function, they will write their own functions.
General protection measures
We put a online game on the website. Unfortunately, many visitors just visited our site only once, and then use the downloaded version to get offline. Sometimes, we even discovered that our game appeared on other sites.
In order to avoid this, the following is the protection measures that can be taken:
1. Explore the field
Write script check _url, if _url is "http://www.mydomain.net/game.swf" to play movies, otherwise do not play or exit. When you are playing offline, _url should be like "file: // c | somesub / game.swf"; but it is in other Domain, _URL is like "http://www.nethers.net/game.swf" . Therefore, this technology can be appropriately coupled with some protection. Of course, it is useless for negative anti-compiler. Those scripts can be deleted or modified by Flasm. Although the SWF that is cracked in other publications may not be seen, the SWF that can be played offline can also occur.
2. Service port verification
Write scripts and load passwords from the server when starting the game. If the password is empty, stop the game or exit the game. This is easy to be crackled with malicious users, they only want to edit the SWF file, delete those scripts. Which scripts can't be deleted? When the game is started, the map data loaded from the server is a game must be made, so the user's poor user cannot delete these scripts. In order to make a game, it must provide these map data. Of course, it can select the map data from the data in the temporary folder, provide to swf, to activate the game.
3. Place SWF or variables in the server
This is the second technology extension, extension, which has been widely used. At first game (SWF) file is just a loader, another SWF file will be loaded when you click the play (or start) button. When the map file is required, the map data is loaded from the server. When the loading data is hindered, the hindered SWF file will be loaded from the service segment. The data on the new layer is also passed from the server.
From here. We can see a principle: the best way to prevent anti-compilation is "not".
If some stupid thieves download only download the game.swf file, he can't play this game. He needs to pick all SWF files and variables in the cache. Open all SWF files, edit the names of these variables, so that it is consistent with the names of the variables in the cache.
If our map is randomly generated by CGI, the thief may only have a map, he does not randomly generate the power of the map. If it is a maze game, it is charged, he can only play a maze, he does not "dynamically produce maze" function. If the adverse user playing this game will encounter a new hindrance because there is no new hindered SWF file in his cache, so you will not be able to play.
Therefore, many algorithms and functions are placed on the server, and that SWF file is only an interface. This is a perfect protection measures, but the defect is this CGI that turns a game to game work, not Flash. We are discussing the protection of SWF, this solution is not appropriate, because the SWF file is not protected himself.
(Finish)
Limited level, please criticize the correct.
E-mail: xmanceo@yahoo.com.cn
related articles:
How to prevent SWF files from being refined? (One)
