Monday, November 16, 2009

Decompiling Flash Files with SWFScan

Inspired by Rafal Los' talk at AppSec DC I started taking a look at SWFScan.

SWFScan download

SWFScan FAQ

A good description here so I don't have to plagiarize

Did a quick search for login.swf and found one (actually lots). Let's fire up SWFScan and see what we can see.


Open it and decompile the .swf. We see a hardcoded password.


Just to be sure that it actually does any checking


Ok its working. They're not letting just anyone in there!


Because the code just jams the username and password box together we can just throw the whole thing in the username block or mix it up however you want.


weeeeeeeeeeeeee!



Just to make sure it wasnt beginner's luck...


Happy decompiling...

Additional Info can be found on the pdc #172 show notes:
http://pauldotcom.com/wiki/index.php/Episode172

Link to Blackhat talk
http://www.blackhat.com/presentations/bh-dc-09/Jagdale/BlackHat-DC-09-Jagdale-Blinded-by-Flash.pdf

No comments: