/ParrotNG

ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461

Primary LanguageJavaGNU General Public License v3.0GPL-3.0

ParrotNG ParrotNG Logo

ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461. For more details, please refer to the slides of our Troopers 2015 talk.

Download the latest release from HERE.

##Features

  • Written in Java, based on swfdump
  • One JAR, two flavors: command line utility and Burp Pro Passive Scanner plugin
  • Detection of SWF files compiled with either a vulnerable Flex SDK version, patched by Adobe's tool or not affected

##How To Use - Command Line

  1. Download the latest ParrotNG from the release page
  2. Simply use the following command:
$ java -jar parrotng_v0.2.jar <SWF File | Directory>

The tool accepts a single SWF file or an entire directory.

ParrotNG CmdLine

##How To Use - Burp Pro Passive Scanner Plugin

  1. Download the latest ParrotNG from the release page
  2. Load Burp Suite Professional
  3. From the Extender tab in Burp Suite, add parrotng_v0.2.jar as a standard Java-based Burp Extension
  4. Enable Burp Scanner Passive Scanning
  5. Browse your target web application. All SWF files passing through Burp Suite are automatically analyzed

ParrotNG Burp