An Obfuscator is a tool which allows you to save your bytecode from the decompiling gang.
After obfuscating a precompiled file under normal circumstances it is not possible to decompile.Why?
Not all Obfuscator tools works similiar or produce exactly the same output, but the concept is nearly the same. One idea is to rename variable names to constructs like this; “ooooooooooooooooooox”, no one will be able to read source code like this. But a good decompiler maybe could reproduce the code. So what can a good obfuscator do?. A solution is to rename source via a mathematical formular and a key-string.
The developers of the Motion-Twin Action Script Compiler have a page on their website where they serve a tool for irreversible obfuscating. The only possibility is maybe a brute-force attack, but only for short variables.
The tool is called OBFU (for OBFUscator).
Obfuscation process is irreversible. Every identifier string found in the SWF is hached with a irreversible proven mathematical function. For short variable names however, brute force is still a possible attack. In order to prevent this Obfu accepts an obfuscation key as parameter (using the -key parameter). Two SWF will be obfuscated in the same way if and only if they have the same obfuscation key. In order to ensure maximum security, one should use -rndkey to generate a random key everytime an obfuscation is done. If however several SWF needs to communicate between each other, there is several possibilities :
* use the same keys (with -key) for the two SWF. This way they will be obfuscated the same way and thus a function f declared in the first SWF and called in the second will be correctly executed.
* protect the variables that need to be shared so they donĀ“t get obfuscated (see below).
Sounds good, but there is only one problem, professional licence costs are about 1500 $.
Maybe only for agencys, but if you have seen the results in the sample swf, it is maybe rentable.