inurl:clientaccesspolicy filetype:xml intext:allow-from
Locates clientaccesspolicy.xml files used by silverlight to determine
the cross domain policy of that site's silverlight apps. An open
setting of will allow a weaponized silverlight
application hosted on an attacker's site to read information from the
target site while running in a victim's browser.
Red Team http://www.crimsonagents.com/
Blue Team http://www.erisresearch.org/