Monday, May 2, 2011

Mochicrypt Secret Sauce Revisit

I was reviewing this blog the other day when I discover that the most popular post of all time is the article on Mochicrypt. I find this quite surprising. First of all, most Mochicrypt-protected games are available for free, so are people really so annoyed by the ads that they must find a way to decrypt the games? Second, the Mochicrypt encryption mechanism is really rather simple, it's a puzzle why the internet isn't already flooded with Mochicrypt decryption tools.

In any case, I have decided to release a simple script to help with the process. Simply compile the following script as an Adobe AIR project and you got yourself a Mochicrypt decryption tool. Now head on to mochimedia.com, download your favorite game, and extract the main SWF file from the zip package. Run the decryption tool and you are done!



[Updates] I have received several comments and countless emails asking for a compiled version of the decryption tool. I would like to point out that I have taken the idea into careful consideration, but have ultimately decided against it for two reasons. First, the Freedom of Speech protects my rights to discuss encryption and security issues on this blog, but it does not apply to compiled binaries. Second, the script only allows you to bypass the encryption algorithm implemented by Mochicrypt, individual game developers may have employed other obfuscation techniques to protect their games. If you are not fluent in Actionscript, then having the decryption tool will not do you any good.

package {
 import flash.display.Loader;
 import flash.display.LoaderInfo;
 import flash.display.Sprite;
 import flash.events.Event;
 import flash.filesystem.File;
 import flash.filesystem.FileMode;
 import flash.filesystem.FileStream;
 import flash.system.LoaderContext;
 import flash.utils.ByteArray;

 public class MochiDecrypt extends Sprite {

  public function MochiDecrypt() {
   var file:File = File.desktopDirectory.resolvePath("game.swf");
   file.browseForOpen("Open Mochicrypt Protected File");
   file.addEventListener(Event.SELECT, fileOpened, false, 0, true);
  }

  private function fileOpened(e:Event):void {
   var stream:FileStream = new FileStream();
   stream.open(e.currentTarget as File, FileMode.READ);
   var bytes:ByteArray = new ByteArray();
   stream.readBytes(bytes);
   var loader:Loader = new Loader();
   var loaderContext:LoaderContext = new LoaderContext(false, null, null);
   loaderContext.allowCodeImport = true;
   loaderContext.allowLoadBytesCodeExecution = true;
   loader.contentLoaderInfo.addEventListener(Event.COMPLETE, loaderCompleted, false, 0, true);
   loader.loadBytes(bytes, loaderContext);
   this.addChild(loader);
  }

  private function loaderCompleted(e:Event):void {
   var payloadClass:Class = (e.currentTarget as LoaderInfo).applicationDomain.getDefinition("mochicrypt.Payload") as Class;
   var data:ByteArray = ByteArray(new payloadClass());
   var S:ByteArray;
   var i:uint;
   var j:uint;
   var k:uint;
   var n:uint;
   var u:uint;
   var v:uint;
   if (data.length > 0) {
    S = new ByteArray();
    n = data.length - 32;
    i = 0;
    while (i < 256) {
     S.writeByte(i);
     i = (i + 1);
    }
    j = 0;
    i = 0;
    while (i < 256) {
     j = j + S[i] + data[n + (i & 31)] & 255;
     u = S[i];
     S[i] = S[j];
     S[j] = u;
     i = (i + 1);
    }
    if (n > 131072) {
     n = 131072;
    }
    j = 0;
    i = 0;
    k = 0;
    while (k < n) {
     i = (i + 1) & 255;
     u = S[i];
     j = j + u & 255;
     v = S[j];
     S[i] = v;
     S[j] = u;
     data[k] = data[k] ^ S[u + v & 255];
     k = (k + 1);
    }
    try {
     data.uncompress();
    } catch (e:Error) {

    }
   }
   var file:File = File.desktopDirectory.resolvePath("payload.swf");
   var stream:FileStream = new FileStream();
   stream.open(file, FileMode.UPDATE);
   stream.writeBytes(data);
   stream.close();
  }
 }
}
Labels:

9 comments:

  1. UnknownMay 17, 2011 at 3:33 AM

    This is exactly what I'm looking for! But for us who are total noobs on Flash, how do you create an Adobe Air Project? I would be very grateful if you could tell me! :)

    ReplyDelete
  2. supermegalomenMay 25, 2011 at 5:45 AM

    can compile the app and make a download link?

    ReplyDelete
  3. b4 d4July 18, 2011 at 7:44 AM

    I am getting error #1065 due to this:

    getDefinition("mochicrypt.Payload")

    I don't understand why, because the class is public, here is the definition:

    public class Payload extends ByteArray

    If I replace "mochicrypt.Payload" with for example "mochicrypt.Preloader" this statement doesn't fail.

    ReplyDelete
  4. Edgar thomas590May 29, 2018 at 4:16 AM

    Thank you for the article
    Do you want to play games with me?
    endless truck game
    Street Pursuit

    ReplyDelete
  5. Edgar thomas590May 29, 2018 at 4:25 AM

    Thank you for the article
    Do you want to play games with me?
    parking games online
    Street Pursuit

    ReplyDelete
  6. alicethomasJune 18, 2018 at 3:04 AM

    Thanks a lot for sharing and I have some special things for you. If you are in free time, frizzle fraz 6 ; candy games free will be a perfect choice we recommend to you. With nice graphic style, high-quality interface and smooth animation, this game don’t let you be disappointed for sure.
    Beside, you can try cool math games online, it is an addictive game which receives much love from players over the world. Now, you can completely play this addicting fun game on your mobile. Have fun!!!!

    ReplyDelete
  7. Anh Nông DânSeptember 30, 2019 at 10:56 AM

    Thank you for the article
    GamesBX

    ReplyDelete
  8. XiaonaiOctober 30, 2019 at 6:19 AM

    Thanks for alll

    Defly 2020

    ReplyDelete
  9. Anh Nông DânDecember 2, 2019 at 11:26 AM

    Thanks
    GamesBX100
    GamesBX99
    GamesBX3

    ReplyDelete

Subscribe to: Post Comments (Atom)