When Flash Attacks...
Adobe doesn't have a great reputation in the security community, given the long string of exploits and 0-days that have come out over the past few years. Most of the research that I've seen, however, has been attacking the Flash player directly, rather than using it to attack web applications. This is akin to looking for buffer overflows in a Javascript parser, but completely disregarding cross-site scripting as an attack strategy.
The attackers, on the other hand, aren't so picky. From the LiveJournal worm that came out a few weeks ago, as well as some other things-I-can't-talk-about, it's clear that they are beginning to play with the interaction of Flash and web applications.
So, I've been researching this stuff as well. I've found a lot of interesting things, all of which will get released eventually. The first piece, on how to abuse a quirk in Flash's origin policy (complete with a ridiculous multistage Gmail exploit), just went live on Foreground Security's website.
Eventually, there will be a whitepaper, a talk, and some tools released. Stay tuned.
The attackers, on the other hand, aren't so picky. From the LiveJournal worm that came out a few weeks ago, as well as some other things-I-can't-talk-about, it's clear that they are beginning to play with the interaction of Flash and web applications.
So, I've been researching this stuff as well. I've found a lot of interesting things, all of which will get released eventually. The first piece, on how to abuse a quirk in Flash's origin policy (complete with a ridiculous multistage Gmail exploit), just went live on Foreground Security's website.
Eventually, there will be a whitepaper, a talk, and some tools released. Stay tuned.
posted by mckt at
10:13 AM
4 Comments:
yea would be great to hear more about this... :-)
By
Anonymous, At
November 30, 2009 2:06 PM
if i understand correct, you can execute js in embed flash and place an xss atack? to steal cookie or smth...
By
Vapirov, At
November 30, 2009 2:06 PM
Post a Comment
<< Home