Penetration Testing mailing list archives
Authenticity test using Flash
From: "doron klotz" <kahloots () ananzi co za>
Date: Wed, 11 Jul 2001 11:44:10 +0200
Does anybody have any knowledge regarding authentication using flash plugins ?
Some background:
The file { checkauthenticity.swf } can be run from
anywhere (even from the internet). However, it requires the tailor
made {authenticity.swf } file to be located in your root directory of
C: before it will work for you.
The file authenticity.swf can easily be made for
anyone - simply rename them (in C:) to use them. The pin number
on all of the authenticity.swf files is 1156 (although one can actually
make it anything).
My question :
is it possible to trick the checkauthenticity.swf file into authenticating you without the correct reciprocal {
authenticity.swf }.
Also I would like to know if one can tamper/hack with the details or the pin number found inside the {authenticity.swf
} file and still get it to work.
I have attached the files mentioned above
Much Thanks
Kahloots
-----------------------------------------------------------
Brought to you by Ananzi Mail
http://mail.ananzi.co.za
Attachment:
checkauthenticity.swf
Description:
Attachment:
authenticity.swf
Description:
Current thread:
- Authenticity test using Flash doron klotz (Jul 11)