views:

514

answers:

2

Is it possible to change the value of a variable in a compiled SWF (using as3) via a servlet (say on a per session basis) before return the modified SWF back to the client. I notice there are a few command line utils as Open Source, but these seem to focus on AS2. Is this possible with AS3 code? What libs are available do this from java ? (ie. basically editing the resultant pcode in the unbundled SWF and then repackaging it).

Ideally would like to embed in the main swf a per session token (without using flash vars) that can then be used to authenticate the request. The goal is to use this say as one more step in XSS support (when combined with the cross domain permission files). Flash vars is still in the DOM, but this would allow only the loader to know the value of the key (very hard for java script) and we can lock down flash pretty well not to expose the value to any loaded swfs, and cross domain files can limit any reading of xml files back on the originating server only by the original swf (only one from that domain).

A: 

You could use the Flex SDK to compile a swf from source at the time of the request. I'd suggest a very small swf that then perhaps loads other more complicated swfs.

Marc Hughes
thought of that , but a) flex compiler isn't the fastest b) its a lot of work to automate. Reading the swf and changing the var aka FLASM would be nice and easy - we also don't have to bother about source code on the prod servers and shipping code.
nso1
+1  A: 

Part of the trouble is that a compiled SWF is compressed with a zlib stream internally, so it's non-trivial to modify the binary without recompiling from the command-line SDK.

It's not hard to set up and automate the Flex SDK with the command line tools (either mxmlc or Ant -- we use both in our projects), but if you're really insistent that you'd like to modify the binaries without recompiling, then you may find this blog post helpful. It includes a utility to decompress the internal stream into its raw data, and recompress with a different compression algorithm. In the middle of that script (while the data is decompressed), you could search through the binary for the value that you're looking for (either through a known offset found by experimentation, or from a public member label), change the data, recompress the stream, and voila -- you have a custom .swf. If you change the value in an embedded asset (such as a text XML file), you may have an easier time locating the data to change in the binary.

swf_recompress.zip

HanClinto