Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to hack metacpan.org
Search
mala
September 04, 2014
Programming
7
1.2k
How to hack metacpan.org
YAPC::Asia 2014 Reject con LT
2014-09-03
mala
September 04, 2014
Tweet
Share
More Decks by mala
See All by mala
The Evolution of Alert & Notification System / Becks Japan #1
mala
11
8.4k
TBD/Shibuya.XSS techtalk #8
mala
5
2.4k
実例に学ぶXSS脆弱性の発見と修正方法/line_dm 16 20160916 how to find and fix xss
mala
25
9k
超絶技巧CSRF / Shibuya.XSS techtalk #7
mala
40
14k
SECCON2013 slide
mala
14
2.8k
Other Decks in Programming
See All in Programming
R言語の環境構築と基礎 Tokyo.R 112
bob3bob3
0
270
Git Lint
bkuhlmann
4
750
PHPの次期バージョンはこの時期どうなっているのか - Internalsの開発体制について - PHPカンファレンス小田原
youkidearitai
PRO
1
190
Anthropic Cookbook のおすすめレシピ
schroneko
7
990
1BRC--Nerd Sniping the Java Community
gunnarmorling
0
340
Tailwind CSSを本気でカスタマイズする方法
fsubal
14
5.3k
PHP8.3の機能を振り返る / Review of PHP 8.3 features
seike460
PRO
1
110
MicrosoftのPlatform Engineeringガイドを読んで実際になにかやってみた
ymd65536
1
340
Kotlin Multiplatform at Stable and Beyond (Android Makers 2024)
zsmb
0
290
TCAとKMPを用いた新規動画配信アプリ 「ABEMA Live」の設計
tomu28
1
110
Netty Chicago Java User Group 2024-04-17
sullis
0
180
Fast JSX: Don't clone props object #28768
yossydev
1
130
Featured
See All Featured
Practical Orchestrator
shlominoach
182
9.7k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
The Illustrated Children's Guide to Kubernetes
chrisshort
31
46k
BBQ
matthewcrist
80
8.8k
Fireside Chat
paigeccino
21
2.6k
How GitHub Uses GitHub to Build GitHub
holman
468
290k
Adopting Sorbet at Scale
ufuk
68
8.6k
Principles of Awesome APIs and How to Build Them.
keavy
121
16k
Embracing the Ebb and Flow
colly
80
4.1k
Designing with Data
zakiwarfel
96
4.8k
The Invisible Customer
myddelton
114
12k
[RailsConf 2023] Rails as a piece of cake
palkan
23
4k
Transcript
)PXUPIBDL NFUBDQBOPSH NBMB
:"1$ߦͬͯͳ͍
͖ΐ͏ͷςʔϚ w )PXUPIBDLNFUBDQBOPSH ! w ѱ͍ҙຯͰ
NFUBDQBOPSHͰͷ SFNPUFDPEFFYFDVUJPO w िؒ΄ͲલʹใࠂpYFE w 1MBDL.JEEMFXBSF4FTTJPO$PPLJF w NFUBDQBOPSH͔ͬͯΒৄࡉॻ͜͏ͱࢥͬͨΒ NJZBHBXB͞Μ͕ͰϦϦʔεͨ͠ͷͰ NFUBDQBOPSHθϩσΠެ։ঢ়ଶͩͬͨ
͝ଘͰ͔͢ʁ 4UPSBCMFͰ ҙίʔυ࣮ߦ
ΦϒδΣΫτσγϦΞϥΠβ Λ௨ͨ͡ίʔυ࣮ߦ w ෳͷݴޠͰಉ༷ͷ͕ใࠂ͞Ε͍ͯΔ w ҙͷΫϥεͷΦϒδΣΫτΛ෮ݩͰ͖Δͷ w 3VCZ :".- .BSTIBM
w 1FSM 4UPSBCMF :".- 9.-
$PPLJFܦ༝Ͱͷ 4UPSBCMFΦϒδΣΫτ w σγϦΞϥΠζͷλΠϛϯάͰίʔυ࣮ߦग़དྷΔ w $PPLJFʹ4UPSBCMFͰσʔλอଘ͢Δηογϣϯ Ϛωʔδϟ͕͋Δ w )."$ॺ໊ʹΑΔվ᜵ࢭ͕ͳ͍PS伴͕ऑ͍ PS伴͕࿙ΕΔέʔεͰDPPLJF͕վ᜵Ͱ͖Δ
w ࡉͨ͠$PPLJFΛͬͨҙίʔυ࣮ߦग़དྷΔ
͍͔ͭ͘ใࠂ͞Ε͍ͯΔ w SFQPSUFECZNBMB ͍͖͞Μ w )5514FTTJPO "NPO w 1MBDL.JEEMFXBSF4FTTJPO$PPLJF
w w 4UPSBCMFUIBXDBMMFEPODPPLJFEBUBJONVMUJQMF $1"/NPEVMFT w IUUQTFDMJTUTPSHPTTTFDR
Өڹൣғ w ΦϒδΣΫτ͕෮ݩ͞ΕΔͱ͍͏͜ͱ w ԿΒ͔ͷॳظԽॲཧ͕࣮ߦ͞ΕͨΓ w ഁغ͞ΕΔλΠϛϯάͰσετϥΫλ͕࣮ߦ͞ΕͨΓ w ܕมͷλΠϛϯάͰԿ͔͕͓͖ͨΓ ʢίʔυຒΊࠐΊΔςϯϓϨʔτΤϯδϯͱ͔ʣ
w ͦͷଞΖΖͷ༧ظ͠ͳ͍
ΦϒδΣΫτσγϦΞϥΠβ ةݥ w ϓϨʔϯͳϋογϡΑΓ༧ظ͠ͳ͍͜ͱ͕ى ͖Δ w CMFTTFEIBTIඞཁͳ͚Ε 4UPSBCMFΛΘͳ͍΄͏͕͍͍
+40/ʹ͢Ε҆શʁ w ͓͓ΉͶͦ͏ w σγϦΞϥΠζͷΈͰى͖ͳ͍ w +40/ 42-JOKFDUJPO w จࣈྻ͕དྷΔͱࢥͬͯΔՕॴʹϋογϡྻ
͕ೖΔ͜ͱͰ༧ظ͠ͳ͍ಈ࡞͕ى͜ΔՄೳੑ
4UPSBCMFͷಛච͖͢ w ҙͷϞδϡʔϧͷϩʔυ͕Մೳ w PWFSMPBE͕ΘΕ͍ͯΔΦϒδΣΫτΛGSFF[F͢Δͱɺ PWFSMPBEϑϥά͖Ͱอଘ͞ΕΔ w PWFSMPBEϑϥά͕͍͍ͯΔ4UPSBCMFEPDVNFOUΛ ϩʔυ͢ΔࡍʹɺಁաతʹϞδϡʔϧΛϩʔυ͢Δ w
ຊདྷͳΒPWFSMPBE͕ΘΕ͍ͯͳ͍ϞδϡʔϧͰɺ͜ ͷϑϥάΛઃఆ͢Δ͜ͱͰɺҙͷϞδϡʔϧΛϩʔυ Մೳ
͜ΕطͷͰ͋Δ w NBTUFSJOHQFSMPSHUIFTUPSBCMF TFDVSJUZQSPCMFN w ۙʹͳͬͯEPDVNFOUʹॻ͔Εͨ w IUUQQFSMHJUQFSMPSHQFSMHJUDPNNJU GBDCCECGFEEB DFF
σετϥΫλ࣮ߦ 㲈ҙίʔυ࣮ߦ w σετϥΫλ࣮ߦͰग़དྷΔ͜ͱ͕ݶΒΕΔ w యܕతͳͷҰ࣌ϑΝΠϧআ ˠҙϑΝΠϧআ w ͤΊͯϑΝΠϧॻ͖ࠐΈ͕ग़དྷΕɾɾɾ w
ѱ༻Ͱ͖ͦ͏ͳ$1"/ϞδϡʔϧΛ୳͢
ݬͷҙίʔυ࣮ߦՄೳϞδϡʔϧΛ୳ͯ͠ w σετϥΫλͰίʔυ࣮ߦͰ͖ͦ͏ͳͷΛ୳ ͢ w FWBMTFMG\DPEF^ w PQFO ') TFMG\pMFOBNF^
w TZTUFN FYFD EP HMPC FUD w ͦ͏ͦ͏ͳ͍Α
ϑΝΠϧͷॻ͖ࠐΈ w ϑΝΠϧͷॻ͖ࠐΈ͕ग़དྷΕɺQNϑΝΠϧ Λੜͯ͠ϩʔυͯ͠Εҙίʔυ࣮ߦग़ དྷΔͷͰͳ͍͔ʁ w ࣮ࡍͷΞϓϦέʔγϣϯVTFMJCͯ͠Δ͜ͱ͕ ଟ͍ MJCMPDBM
w ΧϨϯτσΟϨΫτϦҎԼͷϑΝΠϧʹ͋Δఔ ࣗ༝ͳϑΥʔϚοτͰॻ͖ࠐΈ͕ग़དྷΕɻɻ
σετϥΫλͰϑΝΠϧʹॻ͖ࠐΉ $1"/Ϟδϡʔϧ w ࣮ࡏͨ͠ w HSFQ͠·ͬͯ͘ൃݟ w ࣗಈηʔϒϩάϑΝΠϧͷqVTIܥͷػೳ w QNϑΝΠϧΛੜͯ͠ϩʔυ·ͰՄೳ
w ςϯϓϨʔτվ᜵͔Βҙίʔυ࣮ߦ͕Մೳ
4UPSBCMFͰͷίʔυ࣮ߦ w ਂࠁ্͕͕ͬͨͱߟ͑ͯྑ͍ જࡏతҙίʔυ࣮ߦˠ࣮֬ͳҙίʔυ࣮ߦ w ਖ਼֬ʹʮΠϯετʔϧ͞Ε͍ͯΔϞδϡʔϧ࣍ୈͰ ҙίʔυ࣮ߦ͕Մೳʯ w ͔ͳΓଟ͘ͷڥͰΠϯετʔϧ͞Ε͍ͯΔϞδϡʔϧ
ͰՄೳͩͬͨ w QFSMTFDVSJUZʹใࠂ FYQMPJUެ։͕ద͔Ͳ͏͔૬ஊ த
·ͱΊ w 4UPSBCMF ͱ͍͏͔CMFTTFEIBTIΛ෮ݩͰ͖Δ γϦΞϥΠβҙίʔυ࣮ߦʹܨ͕Δةݥ͕ ͋Δ w "NPOͱ1MBDL.JEEMFXBSF4FTTJPOΛ֘͢ Δ͍ํͯ͠ΔਓΞφϯεಡΜͰରԠͯ͠Ͷɻ w
)BQQZ)BDLJOH