I was in the middle of watching Netflix when I got an error message:
Download Silverlight to your Mac and install Silverlight by following the installation process. Then click on Safari in the top left menu and select Preferences from the menu. Open the Websites tab and in Plug-ins activate Silverlight for the desired web page. Silverlight for Safari 12 (Mac Mojave 10.14). Silverlight offers a flexible programming model that supports AJAX, VB, C#, Python, and Ruby, and integrates with existing Web applications. It supports fast, cost-effective delivery of high-quality video to all major browsers running on the Mac OS or Windows. Drag Silverlight.plugin to your trash. Once you have emptied your trash, Microsoft Silverlight uninstallation will be complete. After completing the above steps, attempting to Watch Instantly on www.netflix.com will prompt you to reinstall Microsoft Silverlight.' I spent the next hour uninstalling and reinstalling Silverlight to no avail.
Re-install Silverlight (see 'Install Silverlight in Mac' above). Then; t ry to log into CTI Navigator Web again. If Safari on your computer still will not support the Silverlight plug-in, download and install a current version of Mozilla Firefox. Silverlight Not Working On My Mac I am able to download Silverlight onto my Mac, but I cannot get it to work. It says it downloads successfully, but when I got to watch say Netflix or use it for one of my online lectures it says that I haven't downloaded it.
'Silverlight Installation ProblemError Code: 2103
You have encountered an issue specific to Microsoft Silverlight, the software used to watch movies on the Netflix website. This issue is often resolved by uninstalling and then reinstalling Microsoft Silverlight on your computer.
To uninstall Microsoft Silverlight on your Macintosh computer, please follow these steps:
After completing the above steps, attempting to Watch Instantly on www.netflix.com will prompt you to reinstall Microsoft Silverlight.'
I spent the next hour uninstalling and reinstalling Silverlight to no avail. I finally gave up and watched it on Safari. But I prefer to use Firefox.
I followed every tutorial I could find. It's activated under Add Ons. I have no idea why it wont work.
Silverlight is a proprietary application framework created by Microsoft in 2007. Its purpose is similar to Flash by Adobe and enables the creation of Rich Internet Applications. Silverlight is available as Plug-In for different browsers (Chrome, Firefox and Internet Explorer) on the Windows and Mac OS platform [1].
In security assessments you might get in touch with an application that is completely implemented in Silverlight. This post shows you some basic tests that can be executed and some tools you can use during an assessment.
Burp Plugins
There are two Plugins available for Burp. In 2011 GDSSecurity published a plugin in Java that is able to encode and decode WCF Binary SOAP data („Content-Type: application/soap+msbin1”) [2]. This plugin is still working in Burp 1.6.03 but the setup does need two instances of Burp connected in series if you want to edit request or response data. This is due to the fact that the plugin can only be used for encoding or decoding in one Burp instance. Therefore one Burp needs to decode the request, then you can edit the request, sent it to the next Burp that will encode the request again as WCF Binary SOAP data. The plugin can be used if you execute the following command within the directory of the plugin to start Burp:
java -Xmx512m -classpath BurpExtender.jar;.<path to burp>burpsuite_pro_v1.6.03.jar burp.StartBurp
In 2013 Nick Coblentz released a Python plugin for Burp that extended the work done by GDSSecurity so that only one instance of Burp is needed to edit the response and request of Silverlight requests [3]. Before loading the plugin, the location of the Python environment for Java (Jython) needs to be set within in Burp, therefore you need to navigate to „Extender/Options/Pyhton Environment“. You should download Jython 2.7beta in this case as Jython 2.5 is missing a module that the plugin is using [4]. As next step you can easily load the Pyhton script in Burp via „Extender/Burp Extensions/Add“ and after the plugin has loaded the request and response with „Content-Type: application/soap+msbin1“ will be decoded.
Fiddler
If you are using Fiddler, there is also a third-party extension that can be used to read and modify WCF binary messages that are used by Silverlight. You can download either the extension for Fiddler 2 or Fiddler 4 or modify the source and compile it yourself, as the whole source code is also available [5].
Silverlight Spy / XAML Spy
Besides attacking the communication by using an interception proxy like Burp or Fiddler, there is a tool dedicated for testing Silverlight applications called XAML Spy [6], the successor of Silverlight Spy [7]. In conjunction with .NET Reflector or other third-party decompiler tools it is possible to decompile Silverlight applications, like an application running in the browser or an offline application that is stored on client-side.
Silverlight Spy can be downloaded as a free version [10]. XAML Spy is only available as 21-day test version for evaluation. For productive testing you have to buy a license.
Test cases
When you test a Silverlight application you should have a look at the clientaccesspolicy.xml. There is also some documentation available from Microsoft about „HTTP Communication and Security with Silverlight“ that describes some basic hardening settings [8].
During decompiling a Silverlight application you should also investigate the Isolated Storage, if there is any sensitive information stored.