spoofedpacket

I noticed an interesting little tidbit over on TaoSecurity. It’s a proof of concept for a Flash-based port scanner that takes advantage of some seemingly braindead programming decisions on the part of Adobe.

Flash 9 has a socket event/exception that immediately thrown when trying to connect to a closed TCP port. For an open TCP port, flash writes some data to the socket that will never illicit a response. This behavior can be used to infer which ports are open and closed on a given host.

Given the massive popularity of flash video and such, it would be quite trivial to trick people into opening one of these things.

This entry was posted on Thursday, August 16th, 2007 at 9:43 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.