Hi guys, Do you have any pointers to flash decompiling? I'm not trying to do anything fancy just extract URLs for crawling purposes. Cheers, Tasos L.

HP's free SWF Scan does a great job of decompiling Flash and analyzes SWF's for potential issues and information leakage. There's also the open source Flare program, which will give you back all of the embedded ActionScript. On Jul 9, 2011, at 9:56 AM, Tasos Laskos <tasos.laskos@gmail.com> wrote: > Hi guys, > > Do you have any pointers to flash decompiling? > I'm not trying to do anything fancy just extract URLs for crawling purposes. > > Cheers, > Tasos L. > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

maybe this can help you http://www.adobe.com/content/dam/Adobe/en/devnet/swf/pdf/swf_file_format_spec_v10.pdf Marc Al 09/07/2011 12:36, En/na Tasos Laskos ha escrit: > Hi guys, > > Do you have any pointers to flash decompiling? > I'm not trying to do anything fancy just extract URLs for crawling > purposes. > > Cheers, > Tasos L. > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > >

Use flare decompiler or for testing of some common issues you can use SWFIntruder Regards, Juan C Calderon -----Original Message----- From: websecurity-bounces@lists.webappsec.org [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of Tasos Laskos Sent: Saturday, July 09, 2011 5:36 AM To: websecurity@webappsec.org Subject: [WEB SECURITY] Extracting paths from Flash Hi guys, Do you have any pointers to flash decompiling? I'm not trying to do anything fancy just extract URLs for crawling purposes. Cheers, Tasos L. _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity@lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec. org

Thanks for the suggestion but I was hoping for a spec or an article discussing how to do it rather than a tool. I guess I'll have to read away at flare's source code to get the information I want unless someone else has a better idea. Cheers, Tasos L. On 07/10/2011 08:32 PM, Calderon, Juan Carlos (GE, Corporate, consultant) wrote: > Use flare decompiler or for testing of some common issues you can use > SWFIntruder > > Regards, > Juan C Calderon > > -----Original Message----- > From: websecurity-bounces@lists.webappsec.org > [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of Tasos > Laskos > Sent: Saturday, July 09, 2011 5:36 AM > To: websecurity@webappsec.org > Subject: [WEB SECURITY] Extracting paths from Flash > > Hi guys, > > Do you have any pointers to flash decompiling? > I'm not trying to do anything fancy just extract URLs for crawling > purposes. > > Cheers, > Tasos L. > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec. > org >

Flare is a flas decompiler extracts the code from the flash, so you can just analize it the way you want Regards, Juan C Calderon -----Original Message----- From: Tasos Laskos [mailto:tasos.laskos@gmail.com] Sent: Sunday, July 10, 2011 12:55 PM To: Calderon, Juan Carlos (GE, Corporate, consultant) Cc: websecurity@webappsec.org Subject: Re: [WEB SECURITY] Extracting paths from Flash Thanks for the suggestion but I was hoping for a spec or an article discussing how to do it rather than a tool. I guess I'll have to read away at flare's source code to get the information I want unless someone else has a better idea. Cheers, Tasos L. On 07/10/2011 08:32 PM, Calderon, Juan Carlos (GE, Corporate, consultant) wrote: > Use flare decompiler or for testing of some common issues you can use > SWFIntruder > > Regards, > Juan C Calderon > > -----Original Message----- > From: websecurity-bounces@lists.webappsec.org > [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of Tasos > Laskos > Sent: Saturday, July 09, 2011 5:36 AM > To: websecurity@webappsec.org > Subject: [WEB SECURITY] Extracting paths from Flash > > Hi guys, > > Do you have any pointers to flash decompiling? > I'm not trying to do anything fancy just extract URLs for crawling > purposes. > > Cheers, > Tasos L. > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec. > org >

The reason I was asking is because I want to enable my crawler to extract paths from SWF files and calling 3rd party binaries is not an option. So any existing tool is only useful as a reference implementation although I'd rather read an article than go through thousands of LOCs to find the information I want. - Tasos On 07/10/2011 09:04 PM, Calderon, Juan Carlos (GE, Corporate, consultant) wrote: > Flare is a flas decompiler extracts the code from the flash, so you can > just analize it the way you want > > Regards, > Juan C Calderon > > -----Original Message----- > From: Tasos Laskos [mailto:tasos.laskos@gmail.com] > Sent: Sunday, July 10, 2011 12:55 PM > To: Calderon, Juan Carlos (GE, Corporate, consultant) > Cc: websecurity@webappsec.org > Subject: Re: [WEB SECURITY] Extracting paths from Flash > > Thanks for the suggestion but I was hoping for a spec or an article > discussing how to do it rather than a tool. > I guess I'll have to read away at flare's source code to get the > information I want unless someone else has a better idea. > > Cheers, > Tasos L. > > On 07/10/2011 08:32 PM, Calderon, Juan Carlos (GE, Corporate, > consultant) wrote: >> Use flare decompiler or for testing of some common issues you can use >> SWFIntruder >> >> Regards, >> Juan C Calderon >> >> -----Original Message----- >> From: websecurity-bounces@lists.webappsec.org >> [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of Tasos >> Laskos >> Sent: Saturday, July 09, 2011 5:36 AM >> To: websecurity@webappsec.org >> Subject: [WEB SECURITY] Extracting paths from Flash >> >> Hi guys, >> >> Do you have any pointers to flash decompiling? >> I'm not trying to do anything fancy just extract URLs for crawling >> purposes. >> >> Cheers, >> Tasos L. >> >> _______________________________________________ >> The Web Security Mailing List >> >> WebSecurity RSS Feed >> http://www.webappsec.org/rss/websecurity.rss >> >> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA >> >> WASC on Twitter >> http://twitter.com/wascupdates >> >> websecurity@lists.webappsec.org >> > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec. >> org >> > >