Hi! Since quite a while the security community is keeping an eye on Flash. In the moment one major concern is the use of SWF for malware ads. There's also the problem that SWF9 Flash files are not easy to decompile and analyze and SWF8 and lower are a pain in the ass if it's encrypted.
BeF has released erlswf, a Erlang-based SWF decompiler and analyzer under GPLv3. The code can be found at Google Code http://code.google.com/p/erlswf/ Further infos can be found in BeFs blog: http://pentaphase.de/index.php?/plugin/tag/SWF Take care, fukami -- FlashSec - Flash Security Project https://www.flashsec.org/ _______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
