History

TestingBlitzableiter

To easily test the class library, a front end command line tool is provided.
The command line tool can process single SWF files or entire directory trees for mass testing. It will write the generated output files in a directory specified within the application configuration. The tool can also be used to only uncompress a SWF file, which allows to manually inspect the uncompressed file in a hex editor or other reverse engineering tools.
For refactoring, the command line tool supports the generation of test cases before changes on the code are performed. Generating the test cases instructs the tool to process all SWF files in the test case directory's subdirectory original and write the output to the directory level1. Once the refactoring of the library has been performed, the developer can verify that no change to the logic of the code was inadvertently introduced by running the test cases again, which will write the output files to the subdirectory level2 and compare an SHA1 message digest of both versions.
For testing Blitzableiter on-line, a minimalistic HTTP proxy server is provided. The proxy server cannot be used with Internet Explorer, as it utilizes .NET classes that in turn use Internet Explorer's settings, which would cause the proxy to connect to itself. The HTTP proxy can be configured with different filters:

  • SWFilter will parse and verify the SWF file.
  • SWFilterAVM1Code will additionally to parsing and verification perform AVM1 code modifications on the SWF file.
  • SWFAlwaysBlock will return a configured SWF instead of the one accessed.

The filters should be chained for testing, so that SWFilter processes the file after SWFilterAVM1Code has modified it, to ensure that the resulting output file conforms to the specification.

Testing AVM1 Patches

Often, it is not clear how / why a patch doesn't do what was expected. This is commonly caused by the patch expecting the wrong opperand stack layout in the AVM1. To debug such patches (especially in a browser environment), the easiest way is to redirect the browser to a known (e.g. your own) web site and pass the topmost argument(s) on the stack as strings to the URL you are requesting. This way, you will see in the address bar the stack content of the AVM1.

Example to show the topmost entry:
ActionToString
ActionPush 'String:http://www.recurity-labs.com/avmDebugNotHere?'
ActionAdd2
ActionPush String:_blank
ActionGetURL2 NONE LoadVariables

Also available in: HTML TXT