dcsimg
A Flash Developer Resource Site

Page 6 of 9 FirstFirst ... 23456789 LastLast
Results 101 to 120 of 165

Thread: So minijuegos.com stole my half finished flash

  1. #101
    Squizes Bit'ch
    Join Date
    Dec 2003
    Location
    England
    Posts
    70
    thehumanchimp, the 'Loaded' swf was in my cache, using Mozilla 1.6.
    Vex / G4MES.net - "JBJ Sisters: Snow Adventure" - Now available for Nokia Series 40, 60 and MIDP-2 phones.


  2. #102
    Senior Member tonypa's Avatar
    Join Date
    Jul 2001
    Location
    Estonia
    Posts
    8,227
    Opera browser also has "Loaded" swf in the cache.

  3. #103
    Official Shoe Shiner thehumanchimp's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    953
    oh damn thats annoying.

    Can you check to see if you had the "Authentification Failure" .swf in your cache aswell?

    Thanks.

    [EDIT] Just checked it in Firefox and got the same problem, but ive thought of a way to fix it. Fix should be coming soon. [/EDIT]
    Last edited by thehumanchimp; 09-20-2004 at 01:16 PM.
    Message on a gravestone: I finished before you in the human race.

    Using: Flash MX

  4. #104
    Official Shoe Shiner thehumanchimp's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    953
    Right, ok - i think ive sorted that problem. Try it here:

    http://members.lycos.co.uk/humanchimp/cache/test.html

    Rules like before, see if you have the "Loaded" swf in your cache. Hopefully now you won't.
    Message on a gravestone: I finished before you in the human race.

    Using: Flash MX

  5. #105
    Feeling adventurous? T1ger's Avatar
    Join Date
    Mar 2004
    Posts
    850
    Opera: cleared my cache, F5'ed, couldnt get the movie to load no matter how many times i refreshed :?

  6. #106
    Senior Member maksum's Avatar
    Join Date
    Oct 2002
    Location
    Portland, OR
    Posts
    118
    Well, this thread kind of evolved into "how to protect your swf" but I'd like to simply gripe as well. muchosjuegos and minijuegos took mine too! I emailed minijuegos asking them to take it down but got no response. Didn't know about muchosjuegos until I saw this thread.

    What a pain.

    Mike

  7. #107
    Senior Member tonypa's Avatar
    Join Date
    Jul 2001
    Location
    Estonia
    Posts
    8,227
    Originally posted by thehumanchimp
    Right, ok - i think ive sorted that problem. Try it here:

    http://members.lycos.co.uk/humanchimp/cache/test.html

    Rules like before, see if you have the "Loaded" swf in your cache. Hopefully now you won't.
    I still have both "Loaded" swf and "Authentification Failure" swf in the Opera cache.

  8. #108
    Put your add and legal notice before your game. Put legal notice wherever you put your game.

    I was thinking about this method, think it would work at all?:

    1) PHP page with FlashLoader.swf embedded. PHP server generates a unique access code which gets put in this PHP and is passed into FlashLoader.swf(via FlashVars or URL string). Let's say the var name of the unique access code is accessCode

    2) FlashLoader.swf contains:
    loadMovieNum("loadFlash.php?varCode="+accessCode+" ,0,"GET");

    3) PHP page loadFlash.php can then, if a proper GET code is given, return the real SWF file from a secure location. Each access code can only be used once, and can be given a host of other marks that make it impossible to get PHP to generate a code then use it later to rip a file.

    Would the externally loaded SWF get cached?
    >flashl!ght<
    All the normal names were taken.
    Ron Paul was right.

  9. #109
    Official Shoe Shiner thehumanchimp's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    953
    Flashl!ight: thats basically a shotened down version of my ealier MovieLock version. The answer to your question: unfortunately, yes.

    TonyPa: What names were the cached files saved as?

    T1ger: Thats wierd, very wierd indeed. [EDIT] Try now, does it work? [/EDIT]
    Last edited by thehumanchimp; 09-21-2004 at 03:33 PM.
    Message on a gravestone: I finished before you in the human race.

    Using: Flash MX

  10. #110
    Senior Member tonypa's Avatar
    Join Date
    Jul 2001
    Location
    Estonia
    Posts
    8,227
    Originally posted by thehumanchimp
    TonyPa: What names were the cached files saved as?
    Opera renames all the files, so they all have really weird names like opr0KHFj.swf, but finding correct swf is not problem.

  11. #111
    Feeling adventurous? T1ger's Avatar
    Join Date
    Mar 2004
    Posts
    850
    It does work now, but i can get the swf without any problem at all.

  12. #112
    Official Shoe Shiner thehumanchimp's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    953
    T1ger, does "but i can get the swf without any problem at all." mean that it was in your cache, or that you could get hold of it by other means easily?
    Message on a gravestone: I finished before you in the human race.

    Using: Flash MX

  13. #113
    Feeling adventurous? T1ger's Avatar
    Join Date
    Mar 2004
    Posts
    850
    in opera i can check my cache my entering "opera:cache" in the address bar. if i click the url to the swf there, i come right to it.

  14. #114
    Senior Member TeroLebe's Avatar
    Join Date
    Mar 2003
    Location
    Lahti, Finland
    Posts
    302
    I think I realized something very useful last night!


    Real site

    Leeched site

    Test it please, to make my self sure it is safe to use... Of course, once access has been granted, there are still ASV's to decompile these swf-files, but this helps with controlling unwanted leeching!

  15. #115
    Custom User Title Incrue's Avatar
    Join Date
    Feb 2004
    Posts
    974
    Just a idea
    Why dont you put a .txt in your server, and the game.swf must read the value of a variable inside this txt, so if the value is correct he plays the game, otherwise, not.
    So, even if you have this swf in your cache, he will not work cos he cant find the txt...or the txt will end up in the cache too???
    Last edited by Incrue; 10-13-2004 at 05:14 AM.

  16. #116
    Senior Member TeroLebe's Avatar
    Join Date
    Mar 2003
    Location
    Lahti, Finland
    Posts
    302
    Originally posted by Increu
    Just a idea
    Why dont you put a .txt in your server, and the game.swf must read the value of a variable inside this txt, so if the value is correct he plays the game, otherwise, not.
    it doesn't stop leeching, because .swf file would read the variable from your server. The game Would always work whetever it were leeched or not. The game could be played still from unwanted site.

  17. #117
    Custom User Title Incrue's Avatar
    Join Date
    Feb 2004
    Posts
    974
    Originally posted by TeroLebe
    it doesn't stop leeching, because .swf file would read the variable from your server. The game Would always work whetever it were leeched or not. The game could be played still from unwanted site.
    Sorry my bad english, i dont konw what means leeching
    Anyway, it will happen even if i send the swf to look for a exact folder inside my server?
    I mean, FOR EXAMPLE, not ww.myserver.com/secretfolder/secret.txt but just:
    /secretfolder/secret.txt
    so, the swf will look for the secretfolder inside the other site server...i gess...
    Last edited by Incrue; 10-13-2004 at 05:23 AM.

  18. #118
    Senior Member
    Join Date
    Mar 2004
    Posts
    137
    increu :
    leeching is like this,
    <iframe src="http://www.otherdomain.com/file.htm">

    the leeched swf will play correctly because it's played on your server! even if your swf's trying to get resource from url add like this "../../security.swf"

    I'm not a web guru nor a hacker (altough I enjoyed the rush of opening ppl's file.. with all due respect of course ), the problem with flash is :
    1. You put your flash inside web directory to be displayed using http protocol, meanings that people can always get your file no matter what (duh.. that's the idea of http!).
    I'm not sure about disabling your swf to be stored in chace directory of the user, does it really work ?

    2. Action script is intepreted not compiled to machine code nor byte code, so no matter what, any determined hacker with little knowledge can always look inside your code. Of course there's obfuscator but obfuscator won't change the string data so for ex.

    "getURL("../security.php");"

    will probably changed into

    "11_("../security.php");"

    And there's nothing you can do to stop people from seeing your string.
    Motorama, riding can be tough in deed !
    www.motoramagame.com
    Fun web games for all !!!
    www.iplayallday.com

  19. #119
    Custom User Title Incrue's Avatar
    Join Date
    Feb 2004
    Posts
    974
    And if they cant know the name of the swf?
    I mean, you tell php to dinamically generate the swf name, but when they go look the source they cant see the name...

  20. #120
    Senior Member TeroLebe's Avatar
    Join Date
    Mar 2003
    Location
    Lahti, Finland
    Posts
    302
    Originally posted by Increu
    And if they cant know the name of the swf?
    I mean, you tell php to dinamically generate the swf name, but when they go look the source they cant see the name...
    well, i just did that in my post, also it will change the swf file, if the "access key" is invalid.

    I just want people to test if my way is secuer enough to stop leeching. My swf-file is only allowed to play in my site.
    The thing I did is nothing to do with swf's, it can be used in images, and other file types.


    edit:
    here's the links once again

    Real site

    Leeched site

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center