FLARE – Flash Decompiler to Extract ActionScript

Keep on Guard!


Flare processes an SWF and extracts all scripts from it. The output is written to a single text file. Only ActionScript is extracted, no text or images. Flare is freeware. Windows, Mac OS X and Linux versions are available.

The main purpose of decompiler is to help you recover your own lost source code. However, there are other uses, like finding out how a component works, or trying to understand poorly documented interface. Depending on where you live, some of them may be forbidden by law. It’s your responsibility to make sure you don’t break the law using Flare.

If you develop Flash applications for living, you probably know that your code is not secure in SWF. It’s not the existence of decompiler that makes your code insecure though, it’s design of SWF format. Although no ActionScipt is stored there, most of it can be recovered from bytecodes.

Most recent Flare version is 0.6.

Windows Explorer Shell Extension

Download flare06setup.exe. After installation right-click on any SWF file in Windows Explorer and choose Decompile from context menu. Flare will decompile somename.swf and store decomiled code in somename.flr in the same folder. somename.flr is a simple text file, you can open it with your favorite text editor. If Flare encounters problems during decompilation, it will display some warnings. If everything goes well, it will quit silently. That’s all, Flare has no other GUI. To unistall, execute Start>Programs>Flare>Uninstall.

Mac OS X Droplet


Get flare06.dmg. After mounting the disc image drop an SWF file onto the Flare icon in Finder. The decompiled ActionScript will be stored in SWF’s folder with FLR extension. Open it with your text editor. You can decompile multiple SWF files at once. The droplet is compiled on OS X 10.3. It should work on 10.2 and 10.4. There is no Flare for OS 9.

Command Line Versions

DOS/Windows binary: flare06doswin.zip
Mac OS X binary: flare06mac.tgz
Linux x86 binary: flare06linux.tgz
Linux x86 64-bit binary: flare06linux64.tgz
Solaris x86 binary: flare06solaris.tgz

There is no installation procedure for command line versions. Just create a folder named flare somewhere and unpack the archive there. To uninstall, delete the folder and you’re done.

Or read more here.

Posted in: Hacking Tools, Secure Coding, Web Hacking

, ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


6 Responses to FLARE – Flash Decompiler to Extract ActionScript

  1. Jose Luis May 5, 2008 at 4:54 pm #

    I love flare, tried and really good tool to learn.

    Thanks

  2. foo May 8, 2008 at 7:12 am #

    Great, the more decompilers there are the more we have to encrypt our code to save our sourcecodes from being stolen. You suck man.

  3. bar May 17, 2008 at 9:30 pm #

    Write better code and it wont be a problem foo

  4. Tiago Albineli Motta June 4, 2008 at 1:50 pm #

    It doesn’t work for AS3

  5. john June 26, 2008 at 6:36 am #

    @Foo

    Stop whining, noone wants your shit code anyways.
    Build your apps better, don’t blame others for your shit.

  6. thejart August 7, 2008 at 2:07 pm #

    dammit, i need solaris sparc. it works great on my linux box, tho! any chance you’ll release the source code? or have you and i’m just missing it?