inurl:crossdomain filetype:xml intext:allow-access-from

  • 日期:2014-03-27
  • 类别:
  • 作者:anonymous
  • 语法:inurl:crossdomain filetype:xml intext:allow-access-from
  • Locates crossdomain.xml files used by flash/flex/silverlight to

    determine the cross domain policy of that site's

    flash/flex/silverlight apps. An open setting of will allow a weaponized flash application hosted on an

    attacker's site to read information from the target site while running

    in a victim's browser.



    Red Team

    Blue Team