Hey, dear friends!
I’m very glad to share with you one nice freeware tool every flash reverser (especially beginner one) should have in his toolbox: SWF iD!
It was recently released to the public by Lizard. The purpose of this tool – to allow reverser make fast first glimpse at the target swf file, study its protection (if present), compression, AS version, tags, etc.
Here is how it looks like:
You could find it very similar to the famous PE files analyzer PEiD
More screenshots: http://swfid.net/screenshots.php
Please, note the Process Scan button – it allows you to search for SWF files right in the processes memory and dump them to disk, very handy addition. This is a search example in Flash Player process, running SWF packed with SecureSWF:
Processes IDs will be added to the processes names in the future versions
You can see here unpacked swf found and detected as Secure SWF 4.0 protected. Process Scan can ignore standard built-in Flash Player SWF files (Filtration FP Noise checkbox) and can skip fake SWF signatures as well (fakes detection sensitivity will be configurable in future versions).
SWF iD supports plug-ins and ships with few default: http://swfid.net/plugins.php
Keep in mind tool is still in early development stage so you’ll meet some bugs for sure, feel free to report them here: swf-id{at}ya.ru.
If you have any suggestions, ideas or anything else to say, just post all this here in comments, or send directly to author using email I mentioned before!
SWF iD homepage: http://swfid.net/.
Found a typo? Please, highlight it and press Shift + Enter or click here to inform me!