Flash_xss mining tips

Malicious swf can obtain cookies in the swf domain under iframe. The more users, the more dangerous the website is, because the attacks are hidden in China, especially QQ and BAIDU, in foreign countries, gg, fb, etc ----------------------------------------------Using tx as an Example1. Upload a swf file to the qq domain. it is difficult, but now act3.qq.com has completely paused FLASH upload 2. Looking for the existing swf xss vulnerability, the difficulty is much lower than above, but one by one go swf for analysis, what we can't do is to quickly analyze the possible xss location and ask gainover for A. Search for site: qq.com filetype: swf. Of course, you can also enable swf to capture and access qq's website B, go down to C, and use the shuosi flashing genie to open the selected swf material one by one --- action. Open any action and search for navigateToURL ExternalInterface on it. call, text (note that there are spaces after the comma) Search for all AS files and analyze them again. Can we control the variables? An actual example:JWPlayer Xss 0day [Flash programming security issues]