Re: pen testing flash games.

Dear,

The swf decompile'ng could be done with Sothink SWF Decompiler.  Quite 
handy program.

regards
Jerome Athias wrote:
> Hi,
>
> you can easily download the binaries (.swf) and decompile them (.fla)
> it would give a nice overview of our they work ;-)
>
> if you sniff HTTP traffic you should be also easily able to see what 
> data they exchange with the server and then for example be able to use a 
> fuzzer to send malformed, overly long requests
>
> Good luck
> /JA
> https://www.securinfos.info
>
> zimblyzuper@gmail.com a écrit :
> > Dear all
> >
> > I am doing a pentest on a gaming website which has mostly online flash 
> > games. There are known vulnerabilities in flash but i dont know how to 
> > execute them. In the website, there are also some downloadable games 
> > which have to be purchased after downloading. Theese games also send 
> > info such as high scores to the server. Can somebody tell me how to 
> > exploit the vulnerabilities of flash? and is there any intercepting 
> > proxy which can trap requests and responses of applications such as 
> > games, media players, gtalk etc.
> >
> >
> > Please advice.

--
Nathan Bijnens | Zaakvoerder | nbijnens@servs.eu | +32 486 15 88 29
Servs BVBA | http://servs.eu | BTW BE 0888 048 856 | 001-5180517-17

nbijnens.vcf
Description: Vcard

smime.p7s
Description: S/MIME Cryptographic Signature