Search the Community
Showing results for tags 'flash'.
Hi all, I used my localhost after a long time. The embedded flash movie tries to load data from the server via a file called testfest.php when the browser blocks a pop which has this message. pop up blocked on the page : http://localohost/myproject/undefinedtestfest.php Does this indicate something malicious? Should I unblock the pop-up and see what happens or maybe that would be unsafe? If this is suspicious then what should i be checking for ? Thanks all !
Hi all, I have a linux VM on my Windows computer and I use that for testing. I also have a xampp installed on my Windows machine and that is the default local host for the windows machine. So is it possible for me to make the VM act as a localhost for the windows machine as well? If so, how? I hope that my question is clear. I need to do this since I it's difficult to debug my flash files as the rest of the project is on the VM. I don't want to take move all the stuff back into the windows machine just to test the flash files there. Thanks all !
Hi all, I would like to clarify 2 aspects of flash security and confirm if they can be intermixed to make an attack. SO the aspects areis :- 1. The flash application on the original domian is embedded by a hacker/cracker in another page served from another (hacker) domain. 2. The flash is decompiled and served from the hacker domain. The one that actually worries me and i would like to ask about is the intermixing of the two. Let's assume that the flash application (swf file) has been downloaded and de-compiled by a hacker and he removes whatever little protection there is in there to check if the swf is running in it's original domain . Now he can upload that into another domain (hacker domain) and serve it from there. The question is a) What about the data that the movie requires to be run. This data is placed on the original server. Can hacker domain somehow get the data from original server in real time and server it to users from hacker domain to whomsoever? if so how and how difficult it would be. b) if the original server uses secured sessions and user verification (via a login panel of-course) before serving the files , would the above (a) still be possible if at all ? c) What if the hacker is also a legitimate user and is able to log in into the original server as a user? Or is that not a big deal ? if the data can be hijacked and used in real time by the hacker domain, what measures can effective block it and prevent it? Thanks all !