HP has released a fantastic tool titled “SWFScan”. This convenient little application decompiles existing SWF’s either sitting on your hard drive or on the internet and scans them for vulnerabilities like trace() statements still hanging in there or possibly revealing information/stored MD5 hashes.

I highly recommend you download it and give it a try, its’s definitely worth it.

SWFScan can be downloaded here.

Advertisements