« Using google to find software vulnerabilities | Main | RSS and Atom Security risks whitepaper is out! »

Forging HTTP request headers with Flash

Amit Klein has written another fine paper involving using Flash to send http requests.

"Flash player is a very popular browser add-on from Adobe (actually, Flash was invented by Macromedia, which was acquired by Adobe). This write-up covers mostly Flash 7 and Flash 8, together covering more than 94% of the Internet-enabled desktops (according to NPD Online Survey conducted April 2006, quoted in Adobe's website [1], [2]). Flash movies are delivered as SWF (ShockWave File) files. Adobe developed a rich Javascript-like language called ActionScript to provide scripting capabilities to Flash. One of the interesting features of ActionScript is its ability to send HTTP requests to 3rd party sites through the browser which invoked it. This is where Flash becomes interesting security-wise. With Flash it is possible to shape an outgoing request to a 3rd party site in ways not available from within "standard" Javascript. Specifically of interest is Flash's ability to send arbitrary HTTP request headers with outgoing HTTP requests."

Article Link: Forging HTTP request headers with Flash

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!