Follow us
Description: In this talk titled "FLEX, AMF 3 and BlazeDS: An Assessment", given at Blackhat USA 2008, Jacob Karlson and Kevin Stadmeyer give us a detailed view of Adobe Flex, AMF3 and BlazeDS technologies. They take us through the basics of these technologies and discuss the various security mechanisms used in them such as crossdomain.xml, Flash player sandbox, Local Shared Objects, Actionscript cookies etc. Though the talk does not demonstrate any new security vulnerabilities, it does outline the common mistakes flex programmers could make which might open up potential security holes. This also serves as a primer for various security assessment tools for flash applications such as Flash decompilers, debuggers, sniffers and proxies.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
Login to post a comment
-
Defeating Getimagesize() Checks In File Uploads
-
Challenge 6: Digest Authentication Reloaded
-
Challenge 5: Digest Authentication Attack
-
Basic Authentication And Form Bruteforcing
-
Http Basic Authentication Attack (Easy)
-
Challenge 2: Http Form Attacks Reloaded
-
Http Verb Tampering Demo
-
Web Application Pentesting Course Introduction
-
Introducing Pentester Academy
-
Hack Of The Day 13: Remote Shellcode Launcher: Testing Shellcode Over A Network
-
Hack Of The Day 12: Pivots And Port Forwards In Scenario Based Pentesting
-
Hack Of The Day: Customizing Shellcode For Fun And Profit
-
Hack Of The Day: How Do I Run Untrusted Shellcode?
-
Securitytube Linux Assembly Expert Exam Format
-
[Slae] Writing An Custom Insertion Encoder
-
[Slae] Execve Shellcode Stack Method
-
[Slae] Shellcoding Basics
-
[Slae] Using Libc And Nasm
-
[Slae] Hello World In Assembly Language
-
[Slae] What Is Assembly Language?
