Upgrade to Pro — share decks privately, control downloads, hide ads and more …

地雷探しに脆弱性を使うのは間違っているだろうか Hack a Minesweeper

Avatar for Mr.Rabbit Mr.Rabbit
December 07, 2017
0
200

地雷探しに脆弱性を使うのは間違っているだろうか Hack a Minesweeper

2017年6月3日(土) AKIBASECで発表さてもらったLT資料です。

Avatar for Mr.Rabbit

Mr.Rabbit

December 07, 2017
Tweet

More Decks by Mr.Rabbit

See All by Mr.Rabbit
BOCCHI
Avatar for Mr.Rabbit 01rabbit
0
17
KaliPAKU
Avatar for Mr.Rabbit 01rabbit
0
17
Babbly
Avatar for Mr.Rabbit 01rabbit
0
61
P.A.K.U.R.I SECCON2019 Akihabara YOROZU
Avatar for Mr.Rabbit 01rabbit
1
110
P.A.K.U.R.I AVTOKYO HIVE
Avatar for Mr.Rabbit 01rabbit
0
74
The Empire Strikes Back ~MR.RABBIT 帝国の逆襲~
Avatar for Mr.Rabbit 01rabbit
0
230
あの日学んだ攻撃の方法を僕達はまだ知らない。
Avatar for Mr.Rabbit 01rabbit
0
190
MR.RABBIT 聞いた事はあるけど、実際には見た事がないハッキングガジェット
Avatar for Mr.Rabbit 01rabbit
2
7.3k

Featured

See All Featured
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.2k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
10
660
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
Avatar for Aki / @LoveIdahoBurger aki_iinuma
127
54k
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
72
12k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.7k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
Avatar for Eileen M. Uchitelle eileencodes
140
34k
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
31
2.7k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.3k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
It's Worth the Effort
Avatar for 3n 3n
187
28k
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.5k

Transcript

  1.  BLJCBTFD ͏͗͞ !SBJU

  2. ࣗݾ঺հ ͏͗͞ w झຯͰϖωτϨʔγϣϯςετΛͯ͠Δ w झຯͰ߈ܸݕূΛ͍ͯ͠Δ w ݱࡏɺઈࢍෆ຾঱ൃ঱தX ͏͞ϒϩ ɹIUUQSBJUCMPHIBUFCMPKQ

    5XJUUFS ɹ!SBJU

  3. –ͱ͋Δຐज़ͷېॻ໨࿥ lຐज़ͱ͸ɺ࠽ೳͷແ͍ਓ͕ؒͦΕͰ΋࠽ೳ͋Δ ਓؒͱର౳ʹͳΔҝͷٕज़z

  4. ಥવͰ͕࣭͢໰Ͱ͢ʂ ϚΠϯεΠʔύͬͯ஌ͬͯ·͔͢ʁ ɹϚΠϯεΠʔύʢ.JOFTXFFQFSʣ͸೥୅ ʹൃ໌͞ΕͨɺҰਓ༻ͷίϯϐϡʔλήʔϜͰ͋ ΔɻήʔϜͷ໨త͸஍ཕݪ͔Β஍ཕΛऔΓআ͘͜ ͱͰ͋Δɻ 8JLJQFEJBΑΓ

  5. ;ͱࢥͬͨɾɾɾ

  6. ্ڃΛΫϦΞ͍ͨ͠ʂ ˞্ڃͷੈքه࿥͸ඵɹ8JLJQFEJBΑΓ

  7. ͨͱ͑ ͲΜͳखஈΛ࢖ͬͯͰ΋ʂʂ

  8. ໨ඪͱ͢Δ͜ͱ w ϚΠϯεΠʔύ͕ಈ͍͍ͯΔ8JOEPXTͷ੬ऑੑΛ ಥ͍ͯϋοΫ͢Δ w 8JOEPXTΛϋοΫͨ͠ޙɺϚΠϯεΠʔύΛϋο Ϋͯ͠Έͯཪٕ͕ແ͍͔୳ͯ͠ݟΔ

  9. ؀ڥ 8JOEPXT91  ,BMJ-JOVY 

  10. खॱ  /NBQΛ࢖ͬͯ8JOEPXT91Λௐࠪ͢Δ  .FUBTQMPJUΛ࢖༻ͯ͠৵ೖ͢Δ  ৵ೖͨ͠Β.FUFSQSFUFSΛۦ࢖ͯ͠.JOFTXFFQFS ΛϋοΫ͢ΔXɹʢ࣮ԋʣ

  11. ϙʔτεΩϟϯͯ͠Έͨ ͕ɺ։͍͍ͯΔͱ͍͏͜ͱ͸ɾɾɾ /4"ͷΞϨ͕ɾɾɾ

  12. &UFSOBM#MVF .4 ͷ֬ೝ %PVCMF1VMTBSΛ࢓ࠐΊΔʂʂ ੬ऑੑൃݟʂʂ

  13. &YQMPJU͢Δ ৵ೖ׬ྃʂ

  14. .FUFSQSFUFS͔Β .JNJLBU[ΛಡΈࠐΉ ಡΈࠐΉ͜ͱͰʮNJNJLBU[@DPNNBOEʯ͕࢖͑ ΔΑ͏ʹͳΔ ˞NJNJLBU[ͱ͸ 8JOEPXTͷύεϫʔυΛΫϥοΫ͢Δπʔϧ

  15. NJNJLBU[@DPNNBOEͷ࣮ߦ ͜͜ͰʮNJNJLBU[@DPNNBOEGXJONJOFJOGPTʯ ͱೖྗ͢Δͱɾɾɾ

  16. ͋Εʁ౴͑ݟ͑ͯΔX ,BMJ-JOVY 8JOEPXT91

  17. ͋Εʁ౴͑ݟ͑ͯΔX ,BMJ-JOVY 8JOEPXT91

  18. ͜ΕͰ্ڃΫϦΞͰ͖Δ ??

  20. NJNJLBU[@DPNNBOEʹ͸ ΋ͬͱੌ͍෺͕͋Δ ͜͜ͰʮNJNJLBU[@DPNNBOEGXJONJOFDIFBUʯ ͱೖྗ͢Δͱɾɾɾ

  21. ͑ʂʁ DIFBUίϚϯυΛૹͬͨޙʹɺ൫໘ͷۭ͖εϖʔεΛΫϦοΫ ͢ΔͱΫϦΞʂʂॴཁ࣌ؒ ̍ඵʂʂ

  22. ࣮ԋ

  23. ·ͱΊ w ੬ऑੑͷ࢒Δ8JOEPXT্ͷϚΠϯεΠʔύ͸ɺҶ ͮΔࣜʹήʔϜΛ߈ུ͞Εͯ͠·͏ w ཁ͢Δʹେਓؾͳ͍ϋοΧʔ͕ɺϜΩʹͳΔͱϚΠ ϯεΠʔύΛ̍ඵͰΫϦΞ͢Δ w ෺ࣄΛଟ֯తʹݟΔͱ໘ന͍ൃݟ΋͋Δ

  24. ऴΘΓ