If you are looking for the decompiler itself, visit https://github.com/jindrapetrik/jpexs-decompiler
NEW : We have got a new blog where we post some interesting SWF internals info.
List of issues#2090 Add support for automatic MochiCrypt decryption
Author: 
Aaron1011
Aaron1011Date created:
Type: feature
Visibility: Everybody
Assigned to:
Labels: Packers
State: closed 
Many SWFs are 'encrypted' with MochiCrypt - this hides the actual SWF in a
DefineBinaryData tag named `mochicrypt.Payload`, and 'decrypts' and loads it from the
outer SWF. It would be very helpful if JPEXS could automatically run the 'decryption' code
described below for `mochicrypt.Payload` tags, and display the result as an embedded SWF.
The actual 'decryption' code is very simple:
```
data = ByteArray(new payloadClass());
if(data.length > 0)
{
S = new ByteArray();
n = uint(data.length - 32);
i = 0;
while(i < 256)
{
S.writeByte(i);
i++;
}
j = 0;
i = 0;
while(i < 256)
{
j = uint(j + S[i] + data[n + (i & 31)] & 255);
u = uint(S[i]);
S[i] = S[j];
S[j] = u;
i++;
}
if(n > 131072)
{
n = 131072;
}
i = j = 0;
k = 0;
while(k < n)
{
i = uint(i + 1 & 255);
u = uint(S[i]);
j = uint(j + u & 255);
v = uint(S[j]);
S[i] = v;
S[j] = u;
data[k] ^= S[u + v & 255];
k++;
}
data.uncompress();
```
There's also a standalone tool that implements the same logic:
https://github.com/RuneZhevitz/unmochify
Here's an example SWF: https://infinity.unstable.life/Flashpoint/Legacy/htdocs/chat.kongregate.com/gamez/0007/185
2/live/cuber_v100.swf
Added this in nightly 2618.
The reason why we usually do not implement this kind of packers is because there is
usually not an easy way to detect the real packer used and also some packers have
different encryption parameters for each SWF they encrypt.
In this particular case - the mochicrypt, it seems that the encryption parameters are
always the same and the used packer can be detected by class name in binarydata tag.
So I added it.
State: new→upgraded
State: upgraded→closed