There are also dedicated .swf obfuscating products I suppose.
Tom
On 04/03/15 09:49, Erik de Bruin wrote:
You may want to check out this technique:
http://www.ghostwire.com/blog/archives/as3-hiding-assets-and-code-by-embedding-swf-within-another-swf/
EdB
On Wed, Mar 4, 2015 at 9:17 AM, Deepak MS <[email protected]> wrote:
Hello,
We have developed some apps specifically for iPads and there have been
rigorous testing from security team using some hacking tools. What these
tools do is they display all the code variables and their values from the
ipa file that we provide to them. Due to this, our app db locations(sqlite
files for offline app) and passwords used(to unzip a secured zip file, that
gets downloaded, using ANEZipFile native extension) are clearly exposed. It
literally shows all the coding that has been done (still wondering how can
this be possible from swf and then from ipa).
I'm new to security thingie and have no idea. Can anyone who have worked on
this kindly share best practices?
Some screenshots from the tool which shows the variables and values used in
the app:
http://pbrd.co/1M69vES
http://pbrd.co/1M69MYB
App is built using Flex 4.13FP15AIR15.
Appreciate your help.
