Friday, August 21, 2009

Flash Security with SWFScan: "Application was malformed: Malformed SWF Header" Error

I played around with a free tool SWFScan from HP to scan and detect security probelms flash objects from web applications

At first run against a website with a flash introducction, SWFScan prompted me with the error "The Flash Application was malformed: Malformed SWF Header."

I suspected something wrong with my SWFScan configuration and not with the website for I know there's really nothing wrong with my flash website.

After investigatiion, found these out about the said error:
1. SWFScan doesn't work with proxy servers with authentication (there's no configuraton where you enter the username and password)
2. You may not pe entering the exact URL of the SWF file of the website
2. the data may really be malformed
3. you have no internet access ;P

I recommend this tool for webmasters with flash objects to improve security.

No comments:

Post a Comment