inurl:clientaccesspolicy filetype:xml intext:allow-from

  • 日期:2014-03-27
  • 类别:
  • 作者:anonymous
  • 语法:inurl:clientaccesspolicy filetype:xml intext:allow-from
  • Locates clientaccesspolicy.xml files used by silverlight to determine

    the cross domain policy of that site's silverlight apps. An open

    setting of will allow a weaponized silverlight

    application hosted on an attacker's site to read information from the

    target site while running in a victim's browser.

    --

    Google+ http://google.com/+EricGragsone

    Red Team http://www.crimsonagents.com/

    Blue Team http://www.erisresearch.org/

    Coding http://maetrics.github.io