Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HITCON 2017 Zeroday 發表會
Search
Inndy
August 26, 2017
Technology
1.4k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
HITCON 2017 Zeroday 發表會
https://zeroday.hitcon.org/vulnerability/ZD-2016-00306
Inndy
August 26, 2017
More Decks by Inndy
See All by Inndy
工程師一定要懂的 Text Encoding
inndy
1
780
資訊安全:麻瓜的黑魔法防禦術
inndy
3
3.1k
HackmeCTF 平台背後的心酸血淚史
inndy
2
880
COSCUP 2018 Lightning Talk - 審稿好難,所以我們來寫程式吧
inndy
0
500
逆向工程:從入門到放棄
inndy
7
3.6k
No More Crypto Fails
inndy
34
8.3k
你再共用密碼啊
inndy
1
800
CTF From Zero To One
inndy
5
5.3k
逆向工程基礎
inndy
4
1.5k
Other Decks in Technology
See All in Technology
知らん間に、回ってる
ming_ayami
0
340
Compose 新機能総まとめ / What's New in Jetpack Compose
yanzm
0
150
初めてのDatabricks勉強会
taka_aki
2
250
スタートアップにおけるアジャイルの実践について #shibuyagile
murabayashi
3
2.1k
Agentic AI 時代のテスト手法: Kiro とはじめるプロパティベーステスト (AWS Summit Japan 2026 | DEV212)
ymhiroki
0
220
AIに「使われる」時代のSaaS戦略 〜既存WebAPIのMCPサーバー化における開発ノウハウ〜
ekispert_api
0
300
地域 SRE コミュニティ最前線 / SRE NEXT 2026 Discussion Night Track C
muziyoshiz
0
160
Keeping applications secure by evolving OAuth 2.0 and OpenID Connect
ahus1
PRO
1
150
ゼロをイチにする仕事が終わったあと
smasato
0
310
認証認可だけじゃない! ID管理の構成要素と ライフサイクルを意識しよう
ritou
1
530
End-to-Endで考える信頼性 —LINEアプリにおけるクライアント開発×SRE連携の実践
maruloop
4
3.3k
Control Planeで育てるBtoB SaaSの認証基盤 - SRE NEXT 2026
pokohide
1
1.8k
Featured
See All Featured
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.7k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.2k
Building a Scalable Design System with Sketch
lauravandoore
463
34k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
Building Applications with DynamoDB
mza
96
7.1k
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2.4k
Abbi's Birthday
coloredviolet
3
8.5k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
360
30k
The browser strikes back
jonoalderson
0
1.4k
The AI Search Optimization Roadmap by Aleyda Solis
aleyda
1
6k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
220
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
230
23k
Transcript
)*5$0/;FSPEBZ 䧮䟝銴⤑㹆涸J1IPOF4&⛓飑暟"QQ䢔呪
)J 䧮僽*OOEZ BLB加啄
➛㣔䧮銴铞♧⦐ 飑暟"QQ剤㥪㢵䓳럊涸佦✲ @ sཀպ̼ @
䎃厥♧㣔 䧮罉꠸騈䧮铞 ؇̫٥
厥飑暟笪畀剤馄⤑㹆ꣳꆀ㉂ㅷ ⿶ⶍ㥪䧮䟝䳖䩛堥 s٥Ī٥A
None
搭䖕䧮⦛㽠䩧 #VSQ4VJUF㨥溏溏 ง๑•̀@•́ ง
䧮欽7VFKT㻨✫♧⦐溏匢 ⢵䮋鼇⤑㹆涸㉂ㅷ 齡儘⦬䊨⡲ⶍ㥪㖈欽7VFKT鄄OPEFKT䵆䖤㥪汥蕲 Aİs
٧(́◕◞౪◟◕
䱺衽涮植♴鎎㋲涸"1* 须俲剤⸈㺙 ಠ@ಠ
剤⦐䊨Ⱘ〭⨞KBEY 〳⟃管陼"OESPJE"QQ ҙŐ ұѨѠѽ♧
s̫A _ԍ
s̫A _ԍ
昸✫䵻⤑㹆涸J1IPOF4& ٧ ԫӟ ظ
㻨玑䒭䵻飑
穡卓剤"1*鸠䏞ꣳⵖ 鼩剤♧❉㼭稣眏尝岤䠑ⵌ İ
穡卓䧮♧⦐鿪尝䵻ⵌ இŐஇ
㔐곃♧♴ s٥Ī٥A
"&4$#$1,$4 s٥Ī٥A
1BEEJOH0SBDMF sİA
'JYFE,FZ*7 sİA
䧮ⶍⶍ僽♶僽铞䧮⦛欽 #SVQ4VJUF s٥Ī٥A
飑暟笪畀䥰鑪剤 44-5-4ゅ s٥Ī٥A
sİA
䖕⢵䟝䟝"QQ鿪㻨涸鸏 랃昈✫㥪⫹剤溏ⵌTRMJUF sŐA
@ sཀպ̼ @
卓搭剤42-*OKFDUJPO @ sཀպ̼ @
˙08"415PQ.PCJMF3JTLT'JOBM-JTU ˙.8FBL4FSWFS4JEF$POUSPMT ˙.*OTFDVSF%BUB4UPSBHF ˙.*OTVDJFOU5SBOTQPSU-BZFS1SPUFDUJPO ˙.6OJOUFOEFE%BUB-FBLBHF ˙.1PPS"VUIPSJ[BUJPOBOE"VUIFOUJDBUJPO ˙.#SPLFO$SZQUPHSBQIZ ˙.$MJFOU4JEF*OKFDUJPO ˙ 鸏䧮尝剤庠麕
魨⟨阮㶶贫㶸㖈1SFGFSFODF.BOBHFS酆
㥶卓䧮僽䟅䠑余乹罏 ̫
䎙㣔䖕䧮䪾须俲侮椚♧♴ ⚓♳)*5$0/;FSPEBZ
None
⼿⸔鹎遤醳庠
恠Ꟁ涸麕玑н sŐA й • 2016/11 送出 • ⽉月底廠商才有回應 • 修到⼀一半請我複測,接著交給其他廠商做檢測
• 拖了了半年年,2017/05 終於公開了了!⼼心好累
鸏⚆歲涸怪峯⿶㼱✫♧⦐ sӟA
昸➊랃剚剤鸏랃㢵怪峯 sŐ
醳醢顦♳䊨玑䌌 ಠ@ಠ
IUUQTMBVSFOUHJUIVCJPTPJOKFDUJPOT
䖰㷸绢㻨玑䒭涸儘⦬ 㽠ⴀ✫㉏겗 ⡹涸罉䌌铞♶㹁㽠僽怪峯⢵彂 䠮闒➮雊䧮⦛剤䊨⡲
䖎㢵剅硃䲿⣘涸眕⢿玑䒭 㽠剤㉏겗 ⡹剅㽷缺1)1涸剅♧㹁䪪涸ⵌ42-*OKFDUJPO
♧饱㔐㜡怪峯 鍑对剤㉏겗涸➃來肬➮⦛ ؇̫٥