Slide 1
Slide 1 text
ࣗ࡞όΠφϦΤσΟλΛ
༻͍ͨόΠφϦղੳ
ˏtkmru ͚ͨ·Δ
2016-03-04 Fri Security Camp Forum
Slide 2
Slide 2 text
୭ʁ
• ໊લ: ͚ͨ·Δ (@tkmru)
• ॴଐ: େֶ ใཧֶ෦
• CTFνʔϜ: TomoriNao
Slide 3
Slide 3 text
༑རಸॹ(SECCON 2015 Intercollege)
Slide 4
Slide 4 text
No content
Slide 5
Slide 5 text
ຊ༑རಸॹͰͳ͘
ʮࣗ࡞όΠφϦΤσΟλΛ
༻͍ͨόΠφϦղੳʯ
Slide 6
Slide 6 text
όΠφϦΤσΟλͱ
• ͲΜͳϑΝΠϧͰ16ਐͰදࣔ͢Δ
• ͍͋͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ
Slide 7
Slide 7 text
BZ
http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html
Slide 8
Slide 8 text
Stirling
http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png
Slide 9
Slide 9 text
grep
• όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏
• ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ
• Ή͔͍ͣ͠
Slide 10
Slide 10 text
ʮҰൠతʹgrepόΠφϦΤ
σΟλʹࡌ͞Ε͍ͯΔϏοτϚο
ϓϏϡʔΛۦ͠ɺ ͑ΒΕͨ
؟ྗɺݚ͗·͞Εͨੜͷצ
ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ
࿅ͷ߹͍ʹΑͬͯେ͖͘ݸਓ
͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ
https://gist.github.com/yoggy/4116843
Slide 11
Slide 11 text
ϓϩʹ͔͠Ͱ͖ͳ͍
Slide 12
Slide 12 text
طଘͷόΠφϦΤσΟλͷෆຬ
• mac͚ʹσϑΝΫτελϯμʔυͱ͍͑
Δͷ͕ͳ͍
• ϓϩͰͳ͍ਓ͕grep͢Δͱݟམͱ͕͠ൃ
ੜ͢Δ
→ ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠
͘ΕΔόΠφϦΤσΟλ͕΄͍͠
Slide 13
Slide 13 text
ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ
Slide 14
Slide 14 text
biwx(ͼ͎ͬ͘͢)
Slide 15
Slide 15 text
ࡐྉ
• Python
• wxPython - C++ͷGUIϥΠϒϥϦ
ʮwxWidgetsʯͷϥούʔ
binary editor + wxPython = biwx
Slide 16
Slide 16 text
ಛ
• ΫϩεϓϥοτϑΥʔϜ
• Φʔϓϯιʔε
• ϑΝΠϧͷγάωΠνϟΛ৭͚
• ৄࡉใΛදࣔ(γάωΠνϟͷॴɺPDFͷύʔε)
• ࣗಈղੳػೳ
Slide 17
Slide 17 text
ࣗಈղੳػೳ
• Έࠐ·ΕͨϑΝΠϧͷΓग़͠
• όΠφϦͷ୯७ͳΓग़͠
• PDFͷࣗಈύʔε
Slide 18
Slide 18 text
σϞ1
SECCON CTF 2015
Steganography 1
MrFusion.gpjb
Slide 19
Slide 19 text
MrFusion.gpjb
• Α͔͘Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ
• ͳ͔ʹෳͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ
• औΓग़ͯ͠ॱ൪ʹಡΊ͕͔͑Δ
Slide 20
Slide 20 text
flag
SECCON{OCT 21 2015 0728}
Slide 21
Slide 21 text
σϞ2
malicious PDFͷղੳ
Slide 22
Slide 22 text
malicious PDFͷղੳ
• PDFʹJavaScriptίʔυΛຒΊࠐΊΔ
• Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ
ʹͳ͍ͬͯΕ࣮ߦ͞ΕΔ
Slide 23
Slide 23 text
ࠓޙͷల
• ࣗಈղੳػೳͷ֦ॆ
• γΣϧίʔυͷղੳ
• ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ
Slide 24
Slide 24 text
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠