Flashbulb (swf mod tool)

[Mundane Girl]

(This post may contain references to oneself in the third-person. The reason for this is that certain parties mentioned in this post may not want their name to show up on this website when googled, and by doing this a certain degree of plausible deniability is maintained. Hopefully you can understand why.)

Hi all. I followed Linemarvel way back on Newgrounds and have been lurking this website for years. For reasons that remain a mystery to even myself, I've been interested in the Flash format for over a decade. In recent years I've taken an interest in Flash modding, and have been following (*cough*) the development of a modding tool called Flashbulb.

I thought it might be of interest to those of you who, like myself, click the games with [Flash] in the title because you like your pr0nz without the risk of malware. Commercial Flash games often have their main file wrapped up in a .exe file, which sucks because that executable can have malware or DRM, restricts the platforms the game will run on, and makes it so you can't host the game on a website. Flashbulb fixes this as of the most recent version. With minimal effort you can extract the main .swf file from the .exe.

1. Run Flashbulb
2. Click Tools > Extract from exe
3. Locate and select the game executable.
4. Close Flashbulb. The extracted swf will be located in the same directory as the executable.
5. FAP!

You do have to trust the author of Flashbulb not to install malware, but at least you're taking the risk with a single program instead of many foreign porn programs. It comes up completely clean on VirusTotal and Jotti.org. It doesn't require installation and doesn't touch the registry. It's free too. The author accepts $5 Paypal donations but doesn't expect anyone to actually donate. He adds your name to the program if you do.

It does other neat stuff too. You can extract images and music, exchange sprites between files, apply artistic filters, and for the hell of it, corrupt swfs to do amusing things. You can read ActionScript source code (good for learning passwords) and will eventually be able to modify scripts. DRM and censorship can be removed.

It can be downloaded here: xeloh.com/view?p=Releases

 

[AltairPL]

Re: Flashbulb (swf mod tool)

That .exe used for flashes is just .swf file with added standard Flash player dedicated to Windows users, so they won't have to look for Flash player on their own. There was nice saying some time ago: "Linux users can handle themselves and Mac users are used to being ignored", though recently more and more flash games are shipped with means to play flash game on Mac (usually with normal .swf file in one of the Mac folders).

Judging by your description alone, if flash .exe contains malware or DRM it will most likely cause Flashbulb to fail (and any other Flash decrypter) as it will have unexpected file structure. Also, Flash itself is not invulnerable, so .swf files can also contain malware.

From my point of view, Flashbulb is just another swf decompiler - didn't try it, but I doubt it can do more than any other swf decompiler out there (even freeware ones).

 

[Mundane Girl]

Re: Flashbulb (swf mod tool)

That .exe used for flashes is just .swf file with added standard Flash player dedicated to Windows users, so they won't have to look for Flash player on their own. There was nice saying some time ago: "Linux users can handle themselves and Mac users are used to being ignored"

Yeah. The point here is to extract the swf so you can do things with it, like upload it to websites that accept swfs but not exes, or feed it to a decompiler.

Judging by your description alone, if flash .exe contains malware or DRM it will most likely cause Flashbulb to fail (and any other Flash decrypter) as it will have unexpected file structure.

Incorrect. If the file contains an unencrypted swf file anywhere in it, Flashbulb will find it. It doesn't expect any structure, it scans the file byte-for-byte for the Flash header and does some extra stuff to confirm it's a legit swf. So if the exe is a trojan tacked on to an actual Flash game, a swf file will be extracted. If it's a completely bogus malware program with no swf, then yeah, no swf will be found. If that happened you'd have a strong indication that the game isn't legit. Not all DRM will be defeated (like encryption), but stuff that checks the registry or uses the network will be bypassed.

Also, Flash itself is not invulnerable, so .swf files can also contain malware.

Flash vulnerabilities differ a great deal from executable malware. They generally don't give arbitrary access to your filesystem, and Adobe patches them regularly. I've been on 4chan's /f/ for years and the worse I've seen is one that sends CP to your printer, or another that opens infinite browser tabs to a website. They don't steal your banking information.

From my point of view, Flashbulb is just another swf decompiler - didn't try it, but I doubt it can do more than any other swf decompiler out there (even freeware ones).

Flashbulb is not a decompiler. It doesn't actually decompile the files -- it works with them in their native state. They don't have to be recompiled, and so they don't end up with random errors like ones sent through decompilers. It's in active development, and the author listens to feedback from the Flash community. He's working on turning it into an authoring environment like the official Flash suite, where you work with files via a GUI timeline, not a giant source code blob or via awkward command-line switches.

Anyway I just wanted to point it out. Up to you whether to care or not.

 

[AltairPL]

Re: Flashbulb (swf mod tool)

Just to clear things out, which I should have done in my previous post - I'm not not Flash specialist, I just did some Flash "modding" (uncensor, translation, etc.), so my assumptions are based on observations only rather than pure facts.

Yeah. The point here is to extract the swf so you can do things with it, like upload it to websites that accept swfs but not exes, or feed it to a decompiler.

I agree with multi-platform and website uses. Flash "decompilers" are able to read swf's from exe files without problems and additional software (at least the ones I've seen or used).

Incorrect. If the file contains an unencrypted swf file anywhere in it, Flashbulb will find it. It doesn't expect any structure, it scans the file byte-for-byte for the Flash header and does some extra stuff to confirm it's a legit swf. So if the exe is a trojan tacked on to an actual Flash game, a swf file will be extracted. If it's a completely bogus malware program with no swf, then yeah, no swf will be found.

That's basically what I meant by file structure (damn my inability to build clearer sentences ). Don't really know how other flash "decompilers" treat exe files and how those files are built, so I won't argue whether or not Flashbulb is better in that department.

Not all DRM will be defeated (like encryption), but stuff that checks the registry or uses the network will be bypassed.

IMHO, DRM which doesn't encrypt, obfuscate, or otherwise hide swf file and leaves it in plain sight is not DRM at all - registry/network can be a good addition, but not a base of DRM.

Flash vulnerabilities differ a great deal from executable malware. They generally don't give arbitrary access to your filesystem, and Adobe patches them regularly. I've been on 4chan's /f/ for years and the worse I've seen is one that sends CP to your printer, or another that opens infinite browser tabs to a website. They don't steal your banking information.

I disagree:

You must be registered to see the links

,

You must be registered to see the links

. Yes, Adobe patches holes regularly, but so are developers of other software which is open for similar attacks (including Windows and other operating systems).

Flashbulb is not a decompiler. It doesn't actually decompile the files -- it works with them in their native state. They don't have to be recompiled, and so they don't end up with random errors like ones sent through decompilers.

Decompiler is not the best name, but it is used for majority if not all of software used to view/edit flash assets - they should be called decompressor or something similar, but it's probably not very good marketing name . That's why I called it just another decompiler - I'm sorry if it caused confusion. I believe Adobe made flash standard publicly available some time ago (don't remember know, but I think it was somehow limited, though), and every flash "decompiler" uses that standard, so even if Flashbulb just extracts compressed swf from exe it should be same as saved in any flash "decompiler" (with accordance to the standard) - otherwise almost every file saved with "decompiler" would not work as intended. Just to be an asshole, I'm pretty sure that showing AS code in human readable form is decompilation . I do agree, however, that recompiling AS can cause serious errors or other unwanted behavior.

It's in active development, and the author listens to feedback from the Flash community. He's working on turning it into an authoring environment like the official Flash suite, where you work with files via a GUI timeline, not a giant source code blob.

I believe this is the most important information about Flashbulb and should be in your first post. Graphical timeline would be a first (at least for me) and would simplify a lot of things.

Anyway I just wanted to point it out. Up to you whether to care or not.

Don't get me wrong, my previous post wasn't meant to dis you, Flashbulb or its author, but your post read like advertisement making people believe it's the only software which can extract swf file from exe and whatnot, and I thought it required some clarification - if you were offended by it, I apologize. It's good to have another swf viewer/editor at our disposal and I'll probably give it a try when I have more time - I even have few candidates on which I can try it out .

 

[Mundane Girl]

Re: Flashbulb (swf mod tool)

IMHO, DRM which doesn't encrypt, obfuscate, or otherwise hide swf file and leaves it in plain sight is not DRM at all

The fun thing about DRM is that it's rarely done well. One author I've come across offers porn swfs for free and charges money for access to the content in the games, unlocked through passwords. The passwords are in plaintext, and the author realized this, so he split the strings up into a dozen variables defined in different places, with a few red herrings thrown in.

The only problem is that he verified the password like this: "if(password==gr+dl+rt+lk+ee)unlock_content();". So to get the password all you have to do is locate and combine those variables.

Wasn't even worth the effort though. The paid content was completely shit-tier.

Yes, Adobe patches holes regularly, but so are developers of other software which is open for similar attacks (including Windows and other operating systems).

The fundamental difference here is that an executable is always, by nature, going to have access to your filesystem, the ability to run external software and create background processes, and otherwise be able to modify your base operating environment. The Flash VM, when functioning correctly, should not be able to.

A condom can break, but it's still safer than going bareback with that prostitute.

Adobe made flash standard publicly available some time ago (don't remember know, but I think it was somehow limited, though)

Nod, the spec is public and Flashbulb owes its existence to it. Not really limited, just badly written -- it has a bunch of links to dead websites and sometimes the descriptions, like how Flash handles color fills, leave a lot to be desired.

so even if Flashbulb just extracts compressed swf from exe it should be same as saved in any flash "decompiler"

Not precisely. The specific operation of extracting swfs from exes probably is the same as decompilers (though I'm not aware of any specific examples that do this). Modding swfs is definitely different though. JPEXS for instance converts swfs to xml or fla format and lacks the ability to directly work with the swf format. This conversion process is known to drop art assets and cause other corruption when recompiling to swf. Sothink works the same way and wants to charge $80 for it. They have a free version, but it slaps a flashing watermark on the end product (which Flashbulb can automatically remove). Flashtools seems to work directly with the swf format, but it's a set of command-line programs that require a long list of switches to do the simplest task, with limited functionality.

your post read like advertisement making people believe it's the only software which can extract swf file from exe and whatnot

Granted, I am advertising it. Not to sell it or anything (it's free) -- just to get the word out that it exists. It's not by any means the only swf mod program, and you're right that a lot of its functionality is duplicated by other programs. It does do some unique things though, and over time may offer easier, more powerful modding capabilities than any other program.

In its current state, I'd have to agree that it may not be the best at doing some of the things it does. It's kinda ugly, is missing key features and has a few major bugs. No offense taken.

 

[AltairPL]

Re: Flashbulb (swf mod tool)

The fun thing about DRM is that it's rarely done well. One author I've come across offers porn swfs for free and charges money for access to the content in the games, unlocked through passwords. The passwords are in plaintext, and the author realized this, so he split the strings up into a dozen variables defined in different places, with a few red herrings thrown in.

The only problem is that he verified the password like this: "if(password==gr+dl+rt+lk+ee)unlock_content();". So to get the password all you have to do is locate and combine those variables.

Wasn't even worth the effort though. The paid content was completely shit-tier.

I was thinking more in line of DRM used by some/all flash games sold at DLSite or built using Zinc (I don't really know if it provides some kind of swf obfuscation - intentional or not) or something similar. In both cases my main drive is simple curiosity and sometimes need for personal use modding (uncensor, translation, cheating, etc.) and not the will to crack and repost games somewhere else.

The fundamental difference here is that an executable is always, by nature, going to have access to your filesystem, the ability to run external software and create background processes, and otherwise be able to modify your base operating environment. The Flash VM, when functioning correctly, should not be able to.

A condom can break, but it's still safer than going bareback with that prostitute.

Agree, just wanted to point out that flash can also be used for bad things.

Nod, the spec is public and Flashbulb owes its existence to it. Not really limited, just badly written -- it has a bunch of links to dead websites and sometimes the descriptions, like how Flash handles color fills, leave a lot to be desired.

I'll try to remember that, though I don't know what use it will have .

Not precisely. The specific operation of extracting swfs from exes probably is the same as decompilers (though I'm not aware of any specific examples that do this). Modding swfs is definitely different though. JPEXS for instance converts swfs to xml or fla format and lacks the ability to directly work with the swf format. This conversion process is known to drop art assets and cause other corruption when recompiling to swf. Sothink works the same way and wants to charge $80 for it. They have a free version, but it slaps a flashing watermark on the end product (which Flashbulb can automatically remove). Flashtools seems to work directly with the swf format, but it's a set of command-line programs that require a long list of switches to do the simplest task, with limited functionality.

I really wasn't aware of this... maybe because I had absolutely no such problems with Sothink (long time ago) and JPEXS (up till now) - well, there was one complaint that uncensored file acted weird, but nor I nor anyone else could replicate the problem, so I'm not sure this was the cause. I had problems with JPEXS' AS editing feature, but it's marked as experimental, so I don't really blame it.

Granted, I am advertising it. Not to sell it or anything (it's free) -- just to get the word out that it exists. It's not by any means the only swf mod program, and you're right that a lot of its functionality is duplicated by other programs. It does do some unique things though, and over time may offer easier, more powerful modding capabilities than any other program.

In its current state, I'd have to agree that it may not be the best at doing some of the things it does. It's kinda ugly, is missing key features and has a few major bugs. No offense taken.

Thanks for letting us know... well... at least me

Don't want to drag this dialog for too long, so I'll send you a PM in a while with a small follow-up. But for now in this thread: over and out

 

[Mundane Girl]

Re: Flashbulb (swf mod tool)

Just a heads-up, 0.48 is out. It adds a gallery mode, where you can see all of the bitmaps, shapes and sounds in a file at once. It should make uncensoring easier -- just locate the unwanted black bar or blur and delete.