{"id":13744942,"url":"https://github.com/OpenSecurityResearch/flash-xdomain-xploit","last_synced_at":"2025-05-09T04:32:48.324Z","repository":{"id":10261857,"uuid":"12372535","full_name":"OpenSecurityResearch/flash-xdomain-xploit","owner":"OpenSecurityResearch","description":"ActionScript Proof of Concept to perform cross-domain reads","archived":false,"fork":false,"pushed_at":"2013-08-26T06:39:22.000Z","size":38,"stargazers_count":16,"open_issues_count":0,"forks_count":14,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-08-04T05:05:25.544Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"ActionScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenSecurityResearch.png","metadata":{"files":{"readme":"README.txt","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-08-26T06:21:14.000Z","updated_at":"2024-01-14T11:54:58.000Z","dependencies_parsed_at":"2022-09-01T12:12:30.769Z","dependency_job_id":null,"html_url":"https://github.com/OpenSecurityResearch/flash-xdomain-xploit","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenSecurityResearch%2Fflash-xdomain-xploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenSecurityResearch%2Fflash-xdomain-xploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenSecurityResearch%2Fflash-xdomain-xploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenSecurityResearch%2Fflash-xdomain-xploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenSecurityResearch","download_url":"https://codeload.github.com/OpenSecurityResearch/flash-xdomain-xploit/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224819696,"owners_count":17375311,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T05:01:18.930Z","updated_at":"2024-11-15T17:30:48.294Z","avatar_url":"https://github.com/OpenSecurityResearch.png","language":"ActionScript","funding_links":[],"categories":["Unsorted"],"sub_categories":["Other API"],"readme":"Author: Gursev Singh Kalra (gursev.kalra@foundstone.com)\n\nBypassing Same Origin Policy with Flash and Insecure crossdomain.xml\n\nCompiling and deploying the Proof of Concept ActionScript code\n1. Download and install Apache Flex SDK. It comes with an ActionScript compiler.\n2. Copy the ActionScript code to your local directory and name it XDomainXploit.as.\n3. Change the values of readFrom and sendTo parameters to appropriate values as per your needs.\n4. Compile the code with the mxmlc compiler to a Flash file by running the following command. The mxmlc compiler is shipped with Apache Flex.\n\tmxmlc XDomainXploit.as\n5. Deploy the generated Swf and the provided HTML(xdm.html) files to enjoy the Flash goodness.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOpenSecurityResearch%2Fflash-xdomain-xploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FOpenSecurityResearch%2Fflash-xdomain-xploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOpenSecurityResearch%2Fflash-xdomain-xploit/lists"}