ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461. For more details, please refer to the slides of our Troopers 2015 talk.
Download the latest release from HERE.
##Features
- Written in Java, based on swfdump
- One JAR, two flavors: command line utility and Burp Pro Passive Scanner plugin
- Detection of SWF files compiled with either a vulnerable Flex SDK version, patched by Adobe's tool or not affected
##How To Use - Command Line
- Download the latest ParrotNG from the release page
- Simply use the following command:
$ java -jar parrotng_v0.2.jar <SWF File | Directory>
The tool accepts a single SWF file or an entire directory.
##How To Use - Burp Pro Passive Scanner Plugin
- Download the latest ParrotNG from the release page
- Load Burp Suite Professional
- From the Extender tab in Burp Suite, add parrotng_v0.2.jar as a standard Java-based Burp Extension
- Enable Burp Scanner Passive Scanning
- Browse your target web application. All SWF files passing through Burp Suite are automatically analyzed
