Thursday, June 2, 2016

Decompile a Adobe Flash SWF File

If you were analyzing a malicious Adobe Flash SWF file, such as the ones mentioned in Brad's Malware Traffic Analysis blog about the Angler Exploit kit, you might be wondering what's actually a good way to analysis that SWF since it's already compiled and unreadable. Well, remember first if you have a PCAP with a SWF file in it, per a previous blog, you need to Export HTTP Object. Now that you have the SWF file it's actually quite easy to decompile and get some Adobe ActionScript code to review. You could use any free online decompiler like to upload the SWF file and it'll spit out immediately for you some ActionScript.

More about neonprimetime

Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. php injection ali.txt walk-thru

Top Github Contributions
  1. Qualys Scantronitor 2.0

Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment