Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Are you content with our current attacks on Con...

Avatar for GMO Flatt Security GMO Flatt Security
August 05, 2024
2
430

Are you content with our current attacks on Content-Type?

A presentation for BSides Las Vegas 2024.

Avatar for GMO Flatt Security

GMO Flatt Security

August 05, 2024
Tweet

More Decks by GMO Flatt Security

See All by GMO Flatt Security
GMO Flatt Security 会社紹介資料
Avatar for GMO Flatt Security flatt_security
0
26k
Connection-based OAuthから学ぶOAuth for AI Agents
Avatar for GMO Flatt Security flatt_security
0
760
OSSをつくる人・つかう人と伴走するセキュリティ診断AIエージェント - その開発の歩み
Avatar for GMO Flatt Security flatt_security
2
95
セキュリティAIエージェントの現在と未来 / PSS #2 Takumi Session
Avatar for GMO Flatt Security flatt_security
3
1.8k
ブラウザ拡張のセキュリティの話 / Browser Extension Security
Avatar for GMO Flatt Security flatt_security
0
340
AIエージェントSaaSを安全に提供する技術 / Architecture Conference 2025
Avatar for GMO Flatt Security flatt_security
3
7.9k
How We Built a Secure Sandbox Platform for AI Agents
Avatar for GMO Flatt Security flatt_security
2
460
Goに育てられ開発者向けセキュリティ事業を立ち上げた僕が今向き合う、AI × セキュリティの最前線 / Go Conference 2025
Avatar for GMO Flatt Security flatt_security
0
760
LLMアプリケーション開発におけるセキュリティリスクと対策 / LLM Application Security
Avatar for GMO Flatt Security flatt_security
8
3.2k

Featured

See All Featured
We Analyzed 250 Million AI Search Results: Here's What I Found
Avatar for Josh Blyskal joshbly
1
730
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.6k
sira's awesome portfolio website redesign presentation
Avatar for ElsiraPls elsirapls
0
150
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
287
14k
Collaborative Software Design: How to facilitate domain modelling decisions
Avatar for Kenny Baas-Schwegler baasie
0
140
Crafting Experiences
Avatar for Bethany Jepchumba bethany
1
49
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
74
5k
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
150
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
196
71k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
Avatar for Beat Signer signer
PRO
0
3.2k

Transcript

  1. "SFZPVDPOUFOUXJUIPVSDVSSFOU BUUBDLTPO$POUFOU5ZQF  B[BSB !B@[BSB@O FJ !FJ  'MBUU4FDVSJUZJOD

  2. 6OFYQFDUFEQBUIGSPN)551SFTQPOTF  VOFYQFDUFEBUUBDLQBUI

  3. 4FMGJOUSPEVDUJPOFJ  &JKJ.PSJFJ 9!FJ  'MBUU4FDVSJUZJOD .VTDMF#SBJO

  4. /PSJIJEF4BJUPB[BSB 9!B@[BSB@O  'MBUU4FDVSJUZJOD 4FMGJOUSPEVDUJPOB[BSB  IUUQTNJTDB[BSBKQ3&"%.&

  5. 5PQJDT 

  6. 8IBUJT$POUFOU5ZQF  0MEBUUBDLQBUIJO)551SFTQPOTF /FXBUUBDLQBUIJO)551SFTQPOTF #VH#PVOUZQSPHSBNSFTFBSDI 044SFTFBSDI .JUJHBUJPOT 5PQJDT 

  7.  8IBUJT$POUFOU5ZQF 

  8. 8IBUJT$POUFOU5ZQF  

  9. 8IBUJT$POUFOU5ZQF  

  10. 8IBUJT$POUFOU5ZQF  

  11. 8IBUJT$POUFOU5ZQF  

  12. 8IBUJT$POUFOU5ZQF  

  13. 8IBUJT$POUFOU5ZQF  

  14.  0MEBUUBDLQBUIJO)551SFTQPOTF 

  15. 0MEBUUBDLQBUIJO)551SFTQPOTF  

  16. 0MEBUUBDLQBUIJO)551SFTQPOTF  

  17. 0MEBUUBDLQBUIJO)551SFTQPOTF  

  18. 0MEBUUBDLQBUIJO)551SFTQPOTF  

  19. 0MEBUUBDLQBUIJO)551SFTQPOTF   &YUFOTJPO QOHKQH  $POUFOU5ZQF JNBHFQOHJNBHFKQH  .BHJDCZUF

  20. 0MEBUUBDLQBUIJO)551SFTQPOTF   &YUFOTJPO QOHKQH  $POUFOU5ZQF JNBHFQOHJNBHFKQH  .BHJDCZUF

  21. 0MEBUUBDLQBUIJO)551SFTQPOTF  

  22.   /FXBUUBDLQBUIJO)551SFTQPOTF

  23. 8IBUJT0CKFDU4UPSBHF   %BUB .FUBEBUB

  24. 8IBUJT0CKFDU4UPSBHF   %BUB .FUBEBUB $POUFOU5ZQF

  25. /FXBUUBDLQBUIJO)551SFTQPOTF  

  26. /FXBUUBDLQBUIJO)551SFTQPOTF  

  27. /FXBUUBDLQBUIJO)551SFTQPOTF  

  28. /FXBUUBDLQBUIJO)551SFTQPOTF  

  29. /FXBUUBDLQBUIJO)551SFTQPOTF   'PSHPUWBMJEBUJPO

  30. /FXBUUBDLQBUIJO)551SFTQPOTF  

  31. /FXBUUBDLQBUIJO)551SFTQPOTF  

  32.  #VH#PVOUZQSPHSBNSFTFBSDI 

  33. %JTDPWFSZJO#VH#PVOUZQSPHSBN   /PWBMJEBUJPO

  34. %JTDPWFSZJO#VH#PVOUZQSPHSBN   /PUVTJOH4

  35. %JTDPWFSZJO#VH#PVOUZQSPHSBN   "DDVSBUFWBMJEBUJPO

  36.  044SFTFBSDI 

  37.  $PEFTFBSDI 

  38. $PEFTFBSDI  

  39. $PEFTFBSDI  

  40. $PEFTFBSDI   /PWBMJEBUJPOPSMBYWBMJEBUJPO

  41. $PEFTFBSDI   /PWBMJEBUJPOPSMBYWBMJEBUJPO 😨

  42.   /PWBMJEBUJPO

  43.  /PWBMJEBUJPOJO)551SFRVFTU 

  44. /PWBMJEBUJPO   /PWBMJEBUJPO

  45. /PWBMJEBUJPO&YBNQMF  

  46. /PWBMJEBUJPO&YBNQMF   6TFEJSFDUWBMVFT

  47. /PWBMJEBUJPO&YBNQMF  

  48. /PWBMJEBUJPO&YBNQMF   7BMJEBUJPO GSPOUFOEPOMZ

  49. /PWBMJEBUJPO&YBNQMF   6QMPBE UFYUIUNM

  50.  /PWBMJEBUJPOJO)551SFTQPOTF 

  51. /PWBMJEBUJPO   /PWBMJEBUJPO

  52. /PWBMJEBUJPO74$PEF&YUFOTJPO  

  53. /PWBMJEBUJPO74$PEF&YUFOTJPO   (FU UFYUIUNM

  54.   7BMJEBUJPOCZQBTT

  55.  7BMJEBUJPOCZQBTTJO)551SFRVFTU 

  56. 7BMJEBUJPOCZQBTT   -BYWBMJEBUJPO

  57. 7BMJEBUJPOCZQBTT   -BYWBMJEBUJPO

  58. #ZQBTTQBUUFSOT  Code Implementations Bypass Examples startsWith(“image/png”) image/png, text/html endsWith(“image/png”)

    text/html; image/png /^image\/png/ image/png, text/html includes(“image/png”) text/html; image/png

  59. 7BMJEBUJPOCZQBTT$7&  

  60. 7BMJEBUJPOCZQBTT$7&  

  61. 7BMJEBUJPOCZQBTT$7&  

  62. 7BMJEBUJPOCZQBTT$7&  

  63. 7BMJEBUJPOCZQBTT$7&  

  64. 7BMJEBUJPOCZQBTT$7&  

  65. 7BMJEBUJPOCZQBTT$7&  

  66. 7BMJEBUJPOCZQBTT$7&   #ZQBTT JNBHFQOH UFYUIUNM

  67.   7BMJEBUJPOCZQBTTJO)551SFTQPOTF

  68. 7BMJEBUJPOCZQBTT   -BYWBMJEBUJPO

  69. 7BMJEBUJPOCZQBTT   -BYWBMJEBUJPO

  70. 7BMJEBUJPOCZQBTT&MFDUSPO  

  71. 7BMJEBUJPOCZQBTT&MFDUSPO   #ZQBTT JNBHFQOH UFYUIUNM

  72. 7BMJEBUJPOCZQBTT$ISPNF&YUFOTJPO  

  73. 7BMJEBUJPOCZQBTT$ISPNF&YUFOTJPO   #ZQBTT UFYUIUNMQEG

  74.  .JUJHBUJPOT 

  75. 4FDVSJUZNFBTVSFTJOJNQMFNFOUBUJPO   z

  76. 4FDVSJUZNFBTVSFTJOJNQMFNFOUBUJPO   z

  77.  5IBOLZPVWFSZNVDIGPSMJTUFOJOH

  78. 3FGFSFODFT 

  79. ◦ "NB[PO4 ◦ IUUQTBXTBNB[PODPNKQT ◦ #MBDL'BODPOUFOUUZQFSFTFBSDI ◦ IUUQTHJUIVCDPN#MBDL'BODPOUFOUUZQFSFTFBSDICMPC NBTUFS944NE ◦

    $BSSJFSXBWF ◦ IUUQTHJUIVCDPNDBSSJFSXBWFVQMPBEFSDBSSJFSXBWF ◦ $7& ◦ IUUQTHJUIVCDPNDBSSJFSXBWFVQMPBEFSDBSSJFSXBWF TFDVSJUZBEWJTPSJFT()4"HYIYHGRIK 3FGFSFODF 

  80. 23DPEF  IUUQTTQFBLFSEFDLDPNGMBUU@TFDVSJUZBSFZPVDPOUFOUXJUIPVSDVSSFOUBUUBDLTPODPOUFOUUZQF

  81. #ZQBTTUFDIOJRVF   IUUQTCTJEFTUPLZPFOYTTVTJOHEJSUZDPOUFOUUZQFJODMPVEFSB

  82. '"2 

  83. 9445ISFBUT  4UPSFE944

  84. &TTFOUJBM5IJOHT   /PWBMJEBUJPO