Latest YouTube Video

Monday, January 11, 2016

[FD] Exploiting XXE vulnerabilities in AMF libraries

Hello, AMF (aka "Action Message Format") is a binary format used by Flash applications communicating with server-side components. A few data types supported by AMF deal with XML content (for example the "XML Document" type in AMF0). In 2015, several AMF libraries (including BlazeDS and PyAMF) were identified as vulnerable to XXE (aka "XML External Entity") and SSRF (aka "Server Side Forgery") attacks. I wrote a blog-post detailing: - server-side exploitation of the PyAMF vulnerability - server-side exploitation of the BlazeDS vulnerability - client-side exploitation of the BlazeDS vulnerability The article also includes a basic AMF client (in Python) used to exploit these vulnerabilities (or interact with AMF gateways at large). Link: http://ift.tt/1JirUeY Cheers, Nicolas Grégoire

Source: Gmail -> IFTTT-> Blogger

No comments: