|
WebApp Sec
mailing list archives
RE: Crawl And interpret Flash files
From: "arian.evans" <arian.evans () anachronic com>
Date: Wed, 15 Feb 2006 08:25:56 -0600
-----Original Message-----
From: Rogan Dawes [mailto:discard () dawes za net]
Sent: Wednesday, February 15, 2006 6:21 AM
tester () mytrashmail com wrote:
Hi,
I'm looking for a way to auto Crawl And interpret Flash
files i'm writing a crawler that should support this
AFAIK, Metis has/had a flash parser in its spider library.
Rogan
Thanks, I was curious how this was done.
fwiw// I've been testing all the commercial scanners again
and since most of them list "flash" as a bullet point, I made
a couple of SWF files to represent varying complexity of
vector-based navigation (from completely flat w/links to
several layers of rendering).
I can't find a single webappsec tool that automatically
extracts the links and navigates SWFs properly, if at all.
This could *entirely* be the result of my having improperly
designed SWFs, since I won't claim to know what I am doing
with the format.
I will be releasing everything to the public for scrutiny,
-ae
-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
