Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
About the actionscript audit
Posted by: ted
Date: May 06, 2009 04:40AM

We got a flash game project from a third-party company, and we had the source code of the actionscript3.0. Once we compile it and make it work, our users would play the game in their browser.

I am afraid that the flash will send our users' information to their third-party server in the mean while it contract with our server. Maybe it would send the user's information via TCP/UDP, so Firebug can't help me in this case...

I was planing to search the source code in order to find some 'evil' code, but I am no t familiar with actionscript. Anyone could give me some advice?

Thanks in advance.

_______________________________________________________________
Nature is wonderful!
One million years ago, she didn't know our going to need glasses.
But look where she put our ears!

Options: ReplyQuote
Re: About the actionscript audit
Posted by: Reiners
Date: May 06, 2009 04:48AM

I'm not familiar with actionscript either but I would use a packet sniffer like wireshark.



Edited 3 time(s). Last edit at 05/06/2009 04:49AM by Reiners.

Options: ReplyQuote
Re: About the actionscript audit
Posted by: Gareth Heyes
Date: May 06, 2009 05:32AM

Use HP's swf tool to decompile the code and I think it references external urls but if you scan through the code it should become obvious if it connects to external sites if you know actionscript or not.

http://tinyurl.com/dx7k5p

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote


Sorry, only registered users may post in this forum.