漏洞 一:
Parameters.getInstance().data = loaderInfo.parameters;
public function get onPlayStart():String{
return (_data["onPlayStart"]);
}
ExternalInterface.call(Parameters.getInstance().onPlayStart, _arg1);
ExternalInterface.call(Parameters.getInstance().onPlayStop);
ExternalInterface.call(Parameters.getInstance().onFileLoadedError);
漏洞二:
function reload(u, show_loading) {
if (show_loading == undefined) {
show_loading = true;
}
if (show_loading) {
_root.loading = new Loading("Loading data...");
}
var _local2 = "";
if (_root.data != undefined) {
_local2 = _root.data;
}
if (u != undefined) {
if (u.length > 0) {
_local2 = u;
}
}
_root.lv = undefined;
_root.lv = new LoadVars();
_root.lv.onLoad = LoadVarsOnLoad;
_root.lv.make_chart = make_chart;
_root.lv.make_pie = make_pie;
_root.lv.load(_local2);
}
漏洞三:
var csPreloader;
loader.loadClip(csPreloader, preloader_mc.target);
漏洞四:
this.loadXML(file);
function init(file, ploader, bookmark, contentpath)
container.init(csConfigFile, preloader_mc, csFilesetBookmark, contentpath);
var csConfigFile;
漏洞五:
getURL(_loc2, this.playList.currentClip().getLinkWindow());
var _loc2 = this.playList.currentClip().getLinkURL();
_loc1.getLinkURL = function ()
{
return (this.linkUrl);
}; www.2cto.com
var _loc1 = (_global.org.flowplayer.playlist.Clip = function (name, baseUrl, fileName, start, end, protected, enableControl, linkUrl, linkWindow, type, allowResize, overlayFileName, overlayId, live, showOnLoadBegin, maxPlayCount, info, thumbnailUrl, suggestedClipsInfoUrl, id, keywords)
{
this.linkUrl = linkUrl;
}
漏洞六:
this.textField. html Text = ['
', content, '
'].join('');
_global.sIFR = function (textField, content)
{ ……
this.write(content);
……
}
sIFR.instance = new sIFR(_loc3.txtF, _loc4);
_loc4 = sIFR.VERSION_WARNING.split("%s").join(_root.version);
漏洞七:
this._setVar("_onClick", [_root.onclick, pConfig.onclick], "String");
getURL(this._onClick, this._onClickTarget);
顺手写了个简单的检测已知漏洞的flash xss检测脚本:
查看更多关于若干flash xss漏洞分析 - 网站安全 - 自学php的详细内容...