Hacking in Flash games with scores

Forum|Forum|13 years ago
May 8, 2012
1 reply
2181 views

Hello

Can some one suggest a proper solution to prevent hack attempts in Flash games where scores are submitted to a PHP layer.

thanks
MRS

This topic has been closed for replies.

B

birnerseff

Inspiring

Hi,

a long time ago (using as1/2 rather than as3) I came up with this solution:

the game contains a "mild" hard-coded encryption layer (i.e. rather than adding parts of a key variable to something,

and using another part of a key var as a shift count, the code contains add 0x53 or shift by 3)

This encryption function is added to a raw movie on the server, and matched to a php session var

Rationale to do that: I found that there were many more experts on using a decompiler, than on following web data

(there was no Charles readily available at that time, either). Surely finding that the reverse-engineered game could

not even talk to the server should be discouraging

S

shenimeledathAuthor

Participant

Check out this video... I checked several games online and around 50-60% of them can be hacked. can we discuss this further and work out a set of best practices for those who still plan to develop Flash web apps

http://www.youtube.com/watch?v=8onHuDzaSbg

To start with some steps I learned:

1. Obfuscate as3 code to make code unreadable after decompile
2. Encrypt swf to prevent decompile

3. Encrypt all communications between flash movie and server-side scripts

thanks
MRS

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded