inurl:crossdomain filetype:xml intext:allow-access-from

• SHDB
• 1541 阅读

• 日期：2014-03-27
• 类别：
  • Files Containing Juicy Info
• 作者：anonymous
• 语法：inurl:crossdomain filetype:xml intext:allow-access-from

• Locates crossdomain.xml files used by flash/flex/silverlight to

  determine the cross domain policy of that site's

  flash/flex/silverlight apps. An open setting of will allow a weaponized flash application hosted on an

  attacker's site to read information from the target site while running

  in a victim's browser.

  --

  Google+ http://google.com/+EricGragsone

  Red Team http://www.crimsonagents.com/

  Blue Team http://www.erisresearch.org/

  Coding http://maetrics.github.io