ParrotNG

ikkisoft/ParrotNG: ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461

ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461

http://www.slideshare.net/ikkisoft/the-old-is-new-again-cve20112461-is-back

ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461. For more details, please refer to the slides of our Troopers 2015 talk.

Features

Written in Java, based on swfdump
One JAR, two flavors: command line utility and Burp Pro Passive Scanner plugin
Detection of SWF files compiled with either a vulnerable Flex SDK version, patched by Adobe’s tool or not affected

How To Use – Command Line

Download the latest ParrotNG from the release page
Simply use the following command:
$ java -jar parrotng_v0.2.jar
The tool accepts a single SWF file or an entire directory.

How To Use – Burp Pro Passive Scanner Plugin

Download the latest ParrotNG from the release page
Load Burp Suite Professional
From the Extender tab in Burp Suite, add parrotng_v0.2.jar as a standard Java-based Burp Extension
Enable Burp Scanner Passive Scanning
Browse your target web application. All SWF files passing through Burp Suite are automatically analyzed