ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461
Java
Latest commit 6833c57 Mar 19, 2015 @ikkisoft committed with Luca Carettoni Minor edit
Permalink
Failed to load latest commit information.
documents
src
.gitignore
LICENSE
README.md

README.md

ParrotNG ParrotNG Logo

ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461. For more details, please refer to the slides of our Troopers 2015 talk.

Download the latest release from HERE.

Features

  • Written in Java, based on swfdump
  • One JAR, two flavors: command line utility and Burp Pro Passive Scanner plugin
  • Detection of SWF files compiled with either a vulnerable Flex SDK version, patched by Adobe's tool or not affected

How To Use - Command Line

  1. Download the latest ParrotNG from the release page
  2. Simply use the following command:
$ java -jar parrotng_v0.2.jar <SWF File | Directory>

The tool accepts a single SWF file or an entire directory.

ParrotNG CmdLine

How To Use - Burp Pro Passive Scanner Plugin

  1. Download the latest ParrotNG from the release page
  2. Load Burp Suite Professional
  3. From the Extender tab in Burp Suite, add parrotng_v0.2.jar as a standard Java-based Burp Extension
  4. Enable Burp Scanner Passive Scanning
  5. Browse your target web application. All SWF files passing through Burp Suite are automatically analyzed

ParrotNG Burp