Flash UPnP Attack FAQ

There are loads of misconceptions and confusion regarding the Flash UPnP Attack that was discussed over here. Therefore, it is probably a good idea to shed some light on the matter, since I don’t want to leave people with the wrong impression. If the majority of people still don’t get it after this post, then that will mean that we have failed and we shouldn’t have published the research.

What does the Flash UPnP hack consist of? [...]

more | comments | comments rss | posted by

Hacking The Interwebs

With great power comes great responsibility, but those with great power usually aren’t that responsible. Nevertheless, we try to be responsible as much as we can. In the following post, ap and I are going to expose some secrets, which may make you question our values at first, will definitely make you feel worried about Why is all this possible?, and may even make you hate us in your guts for what we have done. [...]

more | comments | comments rss | posted by

BID 24856 – Flash Player SWF Vulnerability

Stefano DiPaola, Elia Florio and Giorgio Fedon has discovered quite serious vulnerability in Adobe’s Flash player. If you haven’t heard about it, let me tell you something: It is big. Read more about the vulnerability from here and here.

The video above was assembled by the Symantec guys. It shows working examples for Firefox on Windows, Safari on MacOS and Opera on Wii. Demonstration exploit code is available from SecurityFocus. [...]

more | comments | comments rss | posted by