inurl:crossdomain filetype:xml intext:allow-access-from

  • 日期:2014-03-27
  • 类别:
  • 作者:anonymous
  • 语法:inurl:crossdomain filetype:xml intext:allow-access-from
  • Locates crossdomain.xml files used by flash/flex/silverlight to

    determine the cross domain policy of that site's

    flash/flex/silverlight apps. An open setting of will allow a weaponized flash application hosted on an

    attacker's site to read information from the target site while running

    in a victim's browser.

    --

    Google+ http://google.com/+EricGragsone

    Red Team http://www.crimsonagents.com/

    Blue Team http://www.erisresearch.org/

    Coding http://maetrics.github.io