Quote:
Originally Posted by chitawar
plugin-container.DMP
FlashPlayerPlugin_11_6_602_171.DMP
With what program I can open it?
|
I already told you: Any HexEditor is fine. I use
HxD - Hexeditor.
Quote:
Originally Posted by chitawar
I've tried with a edithex but I get a lot of numbers and can not find the option to put normal.
|
Really? You gotta be kidding me. There is no such thing to "put it normal". Get familiar with how to use a HexEditor and what it does if you are so interested in obtaining this token.
Quote:
Originally Posted by chitawar
Show me a program that I can serve.
|
Doubtful that there is a one-click noob friendly proggie for that.
Anyway, if you want to give it another shot:
There are two instances of FlashPlayerPlugin_*.exe running.
Usually the process that occupies more memory contains the secureToken.
Quote:
Originally Posted by chitawar
Flasm've tried but not working.
|
I have tried both ways for this particular SWF player. And both ways are working exactly like I explained.
Quote:
Originally Posted by chitawar
I can not open the program,
|
Which program? The
.dmp or the decompressed
.swf is just binary data.
Quote:
Originally Posted by chitawar
I guess it's because I have windows 7.
|
I'm also running Windows 7 and it is working fine for me.
For all who are interested in going a step further:
If you only want to dump one process, you can disable Flash player protected mode
by appending the line "ProtectedMode=0" to mms.cfg which is located:
Code:
Windows 32bit: C:\windows\system32\macromed\flash
Windows 64bit: C:\windows\syswow64\macromed\flash
It is explained in:
Code:
http://forums.adobe.com/thread/1018071
If you are now playing a flash stream, you only have the process
plugin-container.exe to watch out for.
Use this at your own risk and revert it once you are done.