The source code isn't that badly commented so it will give you some basics about the file structure. If you are working with SWFs embedded in documents I'd recommend xxxswf.py for extracting them. Almost all the tools listed in this thread are already installed in it. I personally would recommend REMnux by Lenny Zeltser. This can be helpful because a quick google of CVE-number + "analysis" will allow you to do the at home follow along version. Typically the sample have the proper CVE number. Contagiodump is a good place to grab samples. IF you are sick of reading I'd recommend downloading some samples. A quick google search for filetype:PDF + "Haifei Li" will bring up a lot of great resources. There a number of researchers I would recommend google stalking their work. Searching the RE Reddit is also another good resource for SWF/Flash analysis.įor better or for worse a lot of great work has been done by the exploit community for reverse engineering SWF/ActionScript/Flash/etc. Here is a list of posts in no particular order or value 1, 2, 3, 4, 5, 6, 7. Once you have a basis of knowledge check out some posts on Flash Exploits. SWF File Format PDF, ActionScript Virtual Machine 2 (AVM2) Overview PDF This will help with having a foundation of knowledge for the structure and keywords. I wouldn't recommend reading it all (it does get boring). First I would recommend reading through the specifications of the SWF file format and ActionScript.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |