Building An Rdio Flash Cross-domain Exploit with FlashHTTPRequest (crossdomain.xml Security)
Adobe Flash is no stranger to security issues, but this post isn’t about stack overflows, bypassing ASLR, or sandbox escaping – it’s about building practical exploits against poor use of crossdomain.xml. For those unfamiliar with cross-domain policies in Flash, check out my previous post here. I’ve also built a nice tool for testing cross-domain requests in… Read More Continue reading Building An Rdio Flash Cross-domain Exploit with FlashHTTPRequest (crossdomain.xml Security)