Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Regular Coder
    Join Date
    Jan 2007
    Posts
    217
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Hacking Flash Games

    Hey guys,

    I have a flash game that sends post variables to a PHP page. I have encrypted the flash game using SWF encrypt 5.0 (cost me $150), but still, users are finding out how to grab the variables from the game and edit them and then send to to the php page.

    Anyone know how i can stop this/prevent it?

  • #2
    New Coder
    Join Date
    Jul 2008
    Location
    Newcastle, UK
    Posts
    92
    Thanks
    3
    Thanked 7 Times in 5 Posts
    The answer is... you probably can't. I'm afraid it's the same situation as protecting your source code in HTML...
    Beyond Moodle

  • #3
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    I'm guessing the variables are actually in the html but you didn't notice. What you could do is send a secret string from flash to php along with the other variables. In your php file check to see if this string was sent. If it was process like normal, if not do nothing.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #4
    Regular Coder
    Join Date
    Jan 2007
    Posts
    217
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Apparently they are using FF Tamper Data which displays all POST data being sent from the flash game. :X I'm confused as what to do now

  • #5
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    So you are saying they are going to the url like this? http://somesite.com/yourphpfile.php?...ro&score=10000

    ?

    If thats the case you need to prevent direct access to the file or if they try to access it directly redirect them or put something in that kills the file.

    I use something like this in my include files
    PHP Code:
    <?php
    if(eregi(basename(__FILE__),$_SERVER['REQUEST_URI']))
    // do something here
    ?>
    ||||If you are getting paid to do a job, don't ask for help on it!||||


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •