Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HITCON 2017 Zeroday 發表會

Avatar for Inndy Inndy
August 26, 2017
Technology
0
1.3k

HITCON 2017 Zeroday 發表會

https://zeroday.hitcon.org/vulnerability/ZD-2016-00306

Avatar for Inndy

Inndy

August 26, 2017
Tweet

More Decks by Inndy

See All by Inndy
工程師一定要懂的 Text Encoding
Avatar for Inndy inndy
1
700
資訊安全:麻瓜的黑魔法防禦術
Avatar for Inndy inndy
3
3k
HackmeCTF 平台背後的心酸血淚史
Avatar for Inndy inndy
2
840
COSCUP 2018 Lightning Talk - 審稿好難,所以我們來寫程式吧
Avatar for Inndy inndy
0
460
逆向工程:從入門到放棄
Avatar for Inndy inndy
7
3.6k
No More Crypto Fails
Avatar for Inndy inndy
33
8.1k
你再共用密碼啊
Avatar for Inndy inndy
1
760
CTF From Zero To One
Avatar for Inndy inndy
5
5.1k
逆向工程基礎
Avatar for Inndy inndy
4
1.4k

Other Decks in Technology

See All in Technology
Retrospectiveを振り返ろう
Avatar for なかしょ nakasho
0
130
組織全員で向き合うAI Readyなデータ利活用
Avatar for harry gappy50
4
1.4k
Zero Trust DNS でより安全なインターネット アクセス
Avatar for Murachi Akira murachiakira
0
110
アノテーション作業書作成のGood Practice
Avatar for Cierpa & Company cierpa0905
PRO
0
200
Kubernetes self-healing of your workload
Avatar for Hung-Wei Chiu hwchiu
0
600
AI時代の発信活動 ~技術者として認知してもらうための発信法~ / 20251028 Masaki Okuda
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
120
OTEPsで知るOpenTelemetryの未来 / Observability Conference Tokyo 2025
Avatar for Arthur arthur1
0
310
パフォーマンスチューニングのために普段からできること/Performance Tuning: Daily Practices
Avatar for FUJIWARA Shunichiro fujiwara3
2
140
生成AI時代のPythonセキュリティとガバナンス
Avatar for abenben abenben
0
150
AIを使ってテストを楽にする
Avatar for KNOWLEDGE WORK / 株式会社ナレッジワーク kworkdev
PRO
0
200
プレイドのユニークな技術とインターンのリアル
Avatar for PLAID Tech plaidtech
PRO
1
470
20251024_TROCCO/COMETAアップデート紹介といくつかデモもやります!_#p_UG 東京:データ活用が進む組織の作り方
Avatar for D soysoysoyb
0
120

Featured

See All Featured
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4k
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
Side Projects
Avatar for Sacha Greif sachag
455
43k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1371
200k
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
31
6.2k
Scaling GitHub
Avatar for Zach Holman holman
463
140k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
190
55k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.7k
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
140
7.2k
How Fast Is Fast Enough? [PerfNow 2025]
Avatar for Tammy Everts tammyeverts
2
98
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
65
7.9k
BBQ
Avatar for Matthew Crist matthewcrist
89
9.9k

Transcript

  1. )*5$0/;FSPEBZ 䧮䟝銴⤑㹆涸J1IPOF4&⛓飑暟"QQ䢔呪

  2. )J 䧮僽*OOEZ BLB加啄

  3. ➛㣔䧮銴铞♧⦐ 飑暟"QQ剤㥪㢵䓳럊涸佦✲ @ sཀպ̼ @

  4. ⿡䎃厥♧㣔 䧮罉꠸騈䧮铞 ؇̫٥

  5. 厥飑暟笪畀剤馄⤑㹆ꣳꆀ㉂ㅷ ⿶ⶍ㥪䧮䟝䳖䩛堥 s٥Ī٥A

  6. None

  7. 搭䖕䧮⦛㽠䩧Ꟛ #VSQ4VJUFꟚ㨥溏꣚溏 ง๑•̀@•́ ง

  8. 䧮欽7VFKT㻨✫♧⦐溏匢 ⢵䮋鼇⤑㹆涸㉂ㅷ 齡儘⦬䊨⡲ⶍ㥪㖈欽7VFKT鄄OPEFKT䵆䖤㥪汥蕲 Aİs 

  9. ٧(́◕◞౪◟◕ 

  10. 䱺衽涮植♴鎎㋲涸"1* 须俲剤⸈㺙 ಠ@ಠ

  11. 剤⦐䊨Ⱘ〭⨞KBEY 〳⟃⿾管陼"OESPJE"QQ ҙŐ ұѨѠѽ♧

  12. s̫A _ԍ

  13. s̫A _ԍ

  14. 昸✫䵻⤑㹆涸J1IPOF4& ٧ ԫӟ ظ

  15. 㻨玑䒭䵻飑

  16. 穡卓剤"1*鸠䏞ꣳⵖ 鼩剤♧❉㼭稣眏尝岤䠑ⵌ İ

  17. 穡卓䧮♧⦐鿪尝䵻ⵌ இŐஇ

  18. 㔐곃♧♴ s٥Ī٥A

  19. "&4$#$1,$4 s٥Ī٥A

  20. 1BEEJOH0SBDMF  sİA

  21. 'JYFE,FZ*7  sİA

  22. 䧮ⶍⶍ僽♶僽铞䧮⦛欽 #SVQ4VJUF s٥Ī٥A

  23. 飑暟笪畀䥰鑪剤 44-5-4ゅ s٥Ī٥A

  24.  sİA

  25. 䖕⢵䟝䟝"QQ鿪㻨涸鸏 랃昈✫㥪⫹剤溏ⵌTRMJUF sŐA

  26. @ sཀպ̼ @

  27. 卓搭剤42-*OKFDUJPO @ sཀպ̼ @

  28. ˙08"415PQ.PCJMF3JTLT'JOBM-JTU ˙.8FBL4FSWFS4JEF$POUSPMT ˙.*OTFDVSF%BUB4UPSBHF ˙.*OTVDJFOU5SBOTQPSU-BZFS1SPUFDUJPO ˙.6OJOUFOEFE%BUB-FBLBHF ˙.1PPS"VUIPSJ[BUJPOBOE"VUIFOUJDBUJPO ˙.#SPLFO$SZQUPHSBQIZ ˙.$MJFOU4JEF*OKFDUJPO ˙ 鸏䧮尝剤庠麕

    魨⟨阮㶶贫㶸㖈1SFGFSFODF.BOBHFS酆꬗

  29. 㥶卓䧮僽䟅䠑余乹罏 ̫

  30. 䎙㣔䖕䧮䪾须俲侮椚♧♴ ⚓♳)*5$0/;FSPEBZ

  31. None

  32. ⼿⸔鹎遤醳庠

  33. 恠Ꟁ涸麕玑н sŐA й • 2016/11 送出 • ⽉月底廠商才有回應 • 修到⼀一半請我複測,接著交給其他廠商做檢測

    • 拖了了半年年,2017/05 終於公開了了!⼼心好累

  34. 鸏⚆歲涸怪峯⿶㼱✫♧⦐ sӟA

  35. 昸➊랃剚剤鸏랃㢵怪峯 sŐ

  36. 醳醢顦♳䊨玑䌌 ಠ@ಠ

  37. IUUQTMBVSFOUHJUIVCJPTPJOKFDUJPOT

  38. 䖰㷸绢㻨玑䒭涸儘⦬ 㽠ⴀ✫㉏겗 ⡹涸罉䌌铞♶㹁㽠僽怪峯⢵彂 䠮闒➮雊䧮⦛剤䊨⡲

  39. 䖎㢵剅硃䲿⣘涸眕⢿玑䒭 㽠剤㉏겗 ⡹⿡剅㽷缺1)1涸剅♧㹁䪪涸ⵌ42-*OKFDUJPO

  40. ♧饱㔐㜡怪峯 鍑对剤㉏겗涸➃來肬➮⦛ ؇̫٥