Tim85
asked on
How to analyze a Flash Remoting session
Perhaps I am asking the impossible, but I'd like to know if there is any way to "reverse engineer" a Flash Remoting session in order to be able to access the same server methods using a new client.
I am developing a desktop client for a rather clunky social networking website (without the consent or cooperation of the site owner) and I have hit the obstacle that user alerts are displayed using a Flash component that maintaines its own binary session with the server. Although I am able to extract the binary data passed between the client and the server (using Fiddler) I am not able to determine which methods are being called or the results that are being returned.
I have read that the AMF protocol is loosely based on SOAP, so I assume that it should be possible to build a new client that emulates the behavior of the original (using one of the various third-party AMF libraries that exist), but I am not sure how to progress. Any suggestions would be greatly appreciated.
Many thanks,
Tim
I am developing a desktop client for a rather clunky social networking website (without the consent or cooperation of the site owner) and I have hit the obstacle that user alerts are displayed using a Flash component that maintaines its own binary session with the server. Although I am able to extract the binary data passed between the client and the server (using Fiddler) I am not able to determine which methods are being called or the results that are being returned.
I have read that the AMF protocol is loosely based on SOAP, so I assume that it should be possible to build a new client that emulates the behavior of the original (using one of the various third-party AMF libraries that exist), but I am not sure how to progress. Any suggestions would be greatly appreciated.
Many thanks,
Tim
ASKER
Thanks scooby - that's exactly the kind of idea I am looking for. I don't think there will be any problems with copyright infringement, as I don't intend using any part of the original client application (just calling the server in the same manner).
Unfortunately I am a .Net developer, and I don't have the first idea how to decompile the SWF. Could you give me a clue? Thanks.
Unfortunately I am a .Net developer, and I don't have the first idea how to decompile the SWF. Could you give me a clue? Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks again scooby. You answered my question more completely than I imagined was possible.
Be careful that you dont infringe copywrites etc etc...