Nmap 127.0.0.1: Flash style

By Frank on Aug 13, 2007 · Leave a Comment

A design flaw found in ActionScript (Flash) has been allowed the scanning hosts via trial and error. Whenever a port is queried by Flash that isn’t open, it responds with a “SecurityErrotEvent” instantly. But, when a port is open, it doesn’t get that response for an extended period of time, while it waits for a reply to

“policy-file-request”. PoC can be viewed at the below address. Now the question is: What ELSE can you do with this information once you have this ability. I’ll leave that up to the color of your hat.

scan.flashsec.org/

Frank's the editor in chief of tech.nocr.at. He can be found surfing the internet and playing with gadgets. Follow him on twitter @franklinhares

Filed under Hacking And Security · Tagged with ac, design, ds, ea, error, flash, images, open, os, pen, rc, rip, security, time, tor

Follow Us
Friends
Recent Comments
World's Loudest Alarm Clock
Most Read Posts
Facebook
Tag Cloud
ac apple car cat computer control drive ds ea game Gaming hack hacking ical id images iphone ir led light loa Mac make mod nes os pc pen phone power rc ring rod tech.nocr.at time tor ui usb video wind Gadgets (252)
Gaming (163)
Hacking And Security (310)
Mac (162)
Tech News (202)
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.

tech.nocr.at

Nmap 127.0.0.1: Flash style

Follow Us

Friends

Recent Comments

World's Loudest Alarm Clock

Most Read Posts

Facebook

Tag Cloud

Links

Categories

Contact Us