Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SSRFとmetadata

Avatar for Yuya Asato Yuya Asato
January 19, 2019
Research
0
220

 SSRFとmetadata

2018/01/19に行われたJAWS-UG沖縄の登壇資料です。
https://jaws-ug-okinawa.doorkeeper.jp/events/85333
Avatar for Yuya Asato

Yuya Asato

January 19, 2019
Tweet

More Decks by Yuya Asato

See All by Yuya Asato
フルクラウド環境下でのペネトレーションテスト
Avatar for Yuya Asato 328
3
1.4k
JAWS DAYS 2018 LT
Avatar for Yuya Asato 328
0
44

Other Decks in Research

See All in Research
プロシェアリング白書2025_PROSHARING_REPORT_2025
Avatar for CIRCULATION ,INC circulation
1
760
クラウドのテレメトリーシステム研究動向2025年
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
3
950
最適決定木を用いた処方的価格最適化
Avatar for MIKIO KUBO mickey_kubo
4
1.6k
在庫管理のための機械学習と最適化の融合
Avatar for MIKIO KUBO mickey_kubo
3
1k
Fairer and More Scalable Reader-Writer Locks by Optimizing Queue Management
Avatar for Takashi HOSHINO starpos
0
110
Agentic AIとMCPを利用したサービス作成入門
Avatar for MIKIO KUBO mickey_kubo
0
200
チャッドローン:LLMによる画像認識を用いた自律型ドローンシステムの開発と実験 / ec75-morisaki
Avatar for yumulab yumulab
1
390
生成的推薦の人気バイアスの分析:暗記の観点から / JSAI2025
Avatar for Shotaro Ishihara upura
0
150
20250605_新交通システム推進議連_熊本都市圏「車1割削減、渋滞半減、公共交通2倍」から考える地方都市交通政策
Avatar for Traffic Brain trafficbrain
0
240
SkySense : A Multi-Modal Remote Sensing Foundation Model Towards Universal Interpretation for Earth Observation Imagery
Avatar for SatAI.challenge satai
3
220
NLP2025SharedTask翻訳部門
Avatar for MORIOKA Taku moriokataku
0
290
数理最適化と機械学習の融合
Avatar for MIKIO KUBO mickey_kubo
15
8.7k

Featured

See All Featured
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
693
190k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.1k
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
94
14k
Keith and Marios Guide to Fast Websites
Avatar for Keith Pitt keithpitt
411
22k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
29
2.6k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
245
12k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.7k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
273
40k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
524
40k
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
276
23k
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
56
9.4k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
271
27k

Transcript

  1. SSRFͱmetadata JAWS-UGԭೄ
 2018.01.19
 Core Member YUYA ASATO 
 @328__

  2. ࣗݾ঺հ • Name : ҆ཬ ༔໼
 Twitter : @328__
 JAWS-UGԭೄ

    ίΞϝϯόʔ • ීஈ͸ηΩϡϦςΟͳ
 ͓࢓ࣄΛͯ͠·͢

  3. AWSͷ੹೚ڞ༗Ϟσϧ https://aws.amazon.com/jp/compliance/shared-responsibility-model/

  4. IAM ϩʔϧ࢖ͬͯ·͔͢ʁ

  5. IAM
 (Identity and Access Management) AWSαʔϏεͷૢ࡞ΛΑΓηΩϡΞʹߦ͏ͨΊͷ
 ೝূɾೝՄͷ࢓૊Έ *".Ϣʔβ *".ϩʔϧ -

    ϚωδϝϯτίϯιʔϧͷϩάΠϯ - ར༻ऀ(User)୯ҐͰ࡞੒ - αʔϏε୯ҐͰAWSૢ࡞ݖݶΛ෇༩

  6. IAMϩʔϧΛ࢖͏ϝϦοτ • IAMϢʔβΑΓ΋ೝূ৘ใͷ؅ཧָ͕ • ೝূ৘ใͷࣗಈߋ৽͕Մೳ • ΞϓϦέʔγϣϯ΁ͷϋʔυίʔσΟϯά๷ࢭ

  7. IAMϩʔϧͱmetadata • ԼهͷURLʹcredentials͕ଘࡏ
 http://169.254.169.254/latest/meta-data/iam/security- credentials/ • ͜͜ʹcredentials͕ೖ͍ͬͯΔͷͰAWS CLI ΍AWS SDK͕ར༻Ͱ͖Δ

    metadataΛಡΈࠐΉ͜ͱͰ
 AWSϦιʔε΁ͷΞΫηε͕Մೳ https://docs.aws.amazon.com/ja_jp/AWSEC2/latest/UserGuide/ec2-instance-metadata.html

  8. IAM Roleͷར༻ = ҆શʁ • ೝূ৘ใΛਓ͕ؒ؅ཧ͠ͳ͍෼ʹ͸҆શ • ֎෦͔ΒmetadataʹΞΫηεͰ͖ͯ͠·͑͹ ೝূ৘ใΛ઄औ͢Δ͜ͱ͸Մೳ

  9. SSRF
 (Server Side Request Forgery) • ߈ܸऀ͔Β௚઀౸ୡͰ͖ͳ͍αʔόʹ
 ର͢Δ߈ܸख๏

  10. SSRFΛར༻ͨ͠ೝূ৘ใͷऔಘ demo

  11. ରࡦ • Ͱ͖Δ͜ͱͳΒϢʔβ͔ΒURL,ύεͷೖྗΛड͚෇͚ͳ͍ • ڐՄ͞ΕͨURLͷҰཡදʢϗϫΠτϦετʣΛ࡞੒ͯ͠Ξ ΫηεͰ͖ΔൣғΛݶఆ͢Δ • Ϩεϙϯεͷݕূͱ͔΋΍ͬͨ΄͏͕͍͍ʁ • IAMϩʔϧʹ෇༩͢ΔݖݶΛ࠷খԽ


    AdministratorAccessͱ͔౉ͪ͠Όμϝ…

  12. ରࡦͷ೉͠͞ • αʔϏεͰAWSSDK࢖ͬͯͨΓ͢Δͱ
 firewalldͰϒϩοΫͰ͖ͳ͍ • ೖྗ஋ΛϑΟϧλ͢Δͷ΋ͳ͔ͳ͔೉͍͠
 8ਐ਺, 16ਐ਺ͷࠞࡏදه΋Ͱ͖Δ
 http://0xA9FEA9FE
 http://0xA9.0xFE.0xA9.0xFE


    http://0251.0376.0251.0376
 http://0xA9.0376.0251.0xFE

  13. ࡶײ • WebΞϓϦέʔγϣϯʹ੬ऑੑ͕͋Ε͹
 AWSͷೝূ৘ใΛ֎෦͔ΒऔಘͰ͖Δ • ೖྗ஋ͷݕূͬͯ೉͍͠….