Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
超絶技巧CSRF / Shibuya.XSS techtalk #7
Search
mala
March 28, 2016
Programming
41
14k
超絶技巧CSRF / Shibuya.XSS techtalk #7
CSRF, HTML Form Protocol Attack, Cross-protocol scripting attackについて
mala
March 28, 2016
Tweet
Share
More Decks by mala
See All by mala
The Evolution of Alert & Notification System / Becks Japan #1
mala
11
8.8k
TBD/Shibuya.XSS techtalk #8
mala
5
2.7k
実例に学ぶXSS脆弱性の発見と修正方法/line_dm 16 20160916 how to find and fix xss
mala
25
9.4k
How to hack metacpan.org
mala
7
1.4k
SECCON2013 slide
mala
14
3k
Other Decks in Programming
See All in Programming
ruby.wasmで多人数リアルタイム通信ゲームを作ろう
lnit
3
500
Azure AI Foundryではじめてのマルチエージェントワークフロー
seosoft
0
190
PipeCDのプラグイン化で目指すところ
warashi
1
290
AIともっと楽するE2Eテスト
myohei
7
2.9k
AI コーディングエージェントの時代へ:JetBrains が描く開発の未来
masaruhr
1
200
PHPで始める振る舞い駆動開発(Behaviour-Driven Development)
ohmori_yusuke
2
410
git worktree × Claude Code × MCP ~生成AI時代の並列開発フロー~
hisuzuya
1
590
TypeScriptでDXを上げろ! Hono編
yusukebe
1
410
AIエージェントはこう育てる - GitHub Copilot Agentとチームの共進化サイクル
koboriakira
0
610
技術同人誌をMCP Serverにしてみた
74th
1
680
Agentic Coding: The Future of Software Development with Agents
mitsuhiko
0
120
The Modern View Layer Rails Deserves: A Vision For 2025 And Beyond @ RailsConf 2025, Philadelphia, PA
marcoroth
2
640
Featured
See All Featured
Art, The Web, and Tiny UX
lynnandtonic
299
21k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
45
7.5k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Building an army of robots
kneath
306
45k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
GraphQLの誤解/rethinking-graphql
sonatard
71
11k
Music & Morning Musume
bryan
46
6.7k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
6
320
The Language of Interfaces
destraynor
158
25k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
2.9k
Done Done
chrislema
184
16k
Transcript
$43' NBMB ઈٕ
ࠓͷςʔϚ w $43'ʹ͍ͭͯ w Έͳ͞Μ͝ଘͰ͢ΑͶ w ͋·Γ͍͜͠ͱ͠·ͤΜ
$43'PS943' w DSPTTTJUFSFRVFTUGPSHFSZ w ΫϩεαΠτͰϦΫΤετΛڧ੍͢Δ߈ܸख๏ w 944ͱฒΜͰྑ͘ݟ͔ͭΔ8FCΞϓϦέʔγϣ ϯͷදతͳ੬ऑੑͷҰͭ
Կ͕ग़དྷΔ͔ʁ w ةݥউखʹॻ͖ࠐΈ ͜Μʹͪ͜Μʹͪ w ةݥߴύεϫʔυΛউखʹมߋ w $43'ͰՄೳͳΞΫγϣϯʹΑ༷ͬͯʑ w
୯ͳΔΠλζϥ͔ΒΞΧϯτͬऔΓ·Ͱ
ະͩʹଟ͋͘Δ w 944ਖ਼͍͠ίʔυΛॻ͍͍ͯΕݩʑى͖ͳ ͍ w $43'ରࡦηΩϡϦςΟͷͨΊͷՃͷࢪࡦ w ϑϨʔϜϫʔΫͳͲͰࣗಈԽ͞Εͯͳ͍ͱ࿙ΕΔ w อޢ͖͔͢Ͳ͏͔ͷஅ͕͍͠
$43'ࣄޙରॲʹͳΓ͕ͪ w ·͋ɺͿͬͪΌ͚ܝࣔ൘ͱ͔ථͱ͔ίϝϯτ ػೳͱ͔ࣄޙରॲͰྑ͍ͱࢥ͍·͢ w ॏཁػೳ͕ಉ͡ײ֮ͰࣄޙରॲͩͱϠόΠʂ w ˠϦεΫͷߴ͍$43'ʹ͍ͭͯհ͠·͢
ΞΧϯτͬऔΓ w ةݥͳ$43'ͷදతͳͷ w ύεϫʔυมߋ͕$43'ͰՄೳ w ϝʔϧΞυϨεมߋ͕$43'ͰՄೳ
࿈ܞΞΧϯτՃ w 0"VUI TUBUFύϥϝʔλͬͯͳ͍ w ෳϓϩόΠμͷJEͰϩάΠϯ͕Մೳ w ׂͱ͋Γ͕ͪ
ωοτϫʔΫػثͷ߈ܸ w +7/ϧʔλʔ$43'ͳͲͰάάοͯΈͯͶ
͍ΖΜͳͷʹ$43'͢Δ w $43'Ͱ+40/9.-ΛૹΔ w GPSNFODUZQFUFYUQMBJOΛ͏ w IUUQJUTFDVSJUZDPODFQUTDPN DTSGPOKTPOSFRVFTUT w IUUQQFOUFTUNPOLFZOFUCMPHDTSGYNM
QPTUSFRVFTU
Ԡ༻ <form method="POST" enctype="text/plain" action="http://127.0.0.1:11211"> <textarea name="val"> set hoge 0
1000000 8 hogehoge </textarea> <input type="submit"> </form>
$43'ͰNFNDBDIFEʹॻ͖ࠐΉ <form method="POST" enctype="text/plain" action="http://127.0.0.1:11211"> <textarea name="val"> set hoge 0
1000000 8 hogehoge </textarea> <input type="submit"> </form>
͑ͬʁ w ͍͖ͳΓIUUQͷนΛӽ͑ͯߦ͖·ͨ͠Ͷ w ରԠ͍ͯ͠ͳ͍ίϚϯυແࢹ͞ΕΔ POST / HTTP/1.1 ERROR w
NFNDBDIFEQSPUPDPMͱͯ͠ղऍՄೳͳ෦ͩ ͚ධՁ͞ΕΔɻ
͍ΖΜͳͷʹ$43'͢Δ w $SPTTQSPUPDPMͳSFRVFTUGPSHFSZ w ରԠ͍ͯ͠ͳ͍ίϚϯυΛదٓແࢹͯ͘͠Εͯί ωΫγϣϯΛஅ͠ͳ͍5$1αʔόʔ w ˢ͜͏͍͏ੑ࣭ͷαʔόʔʹ$43'ͰίϚϯυ ൃߦՄೳ
࣮ݹ͔͘Β͋Δ߈ܸख๏ w )5.-'PSN1SPUPDPM"UUBDL w IUUQTXXXKPDIFOUPQGDPNIGQB w 5IJTDBOCFVTFEUPTFOEDPNNBOETUP TFSWFSTVTJOH"4$**CBTFEQSPUPDPMTMJLF
4.51 //51 101 *."1 *3$ BOEPUIFSTz w )5.-ϑΥʔϜ͔Β4.51ʹίϚϯυૹ৴
ৄ͘͠ ͜ͷຊͷষʹॻ͍ͯ͋Δ
ϒϥβଆͰͷରࡦ w $SPTT1SPUPDPMTDSJQUJOHBUUBDL w IUUQXXXBSDIJWFNP[JMMBPSHQSPKFDUTOFUMJC 1PSU#BOOJOHIUNM w Α͘ΒΕ͍ͯΔαʔϏε͕ϒϩοΫ͞Εͨ w XFMMLOPXOͰͳ͍QPSUೖͬͯͳ͍
w ϙʔτมߋͯ͠ͷӡ༻࠷ۙͷ/P42-αʔόʔͳΜ͔ อޢ͞Ε͍ͯͳ͍
αʔόʔଆͰͷରࡦ w ରԠ͍ͯ͠ͳ͍ίϚϯυ͕ૹΒΕͨΒஅ w )551͕ૹΒΕ͖ͯͨΒஅ͢Δ w ͱ͍͏࣮ͷαʔόʔ͋ΔΒ͍͠
8IBU`TOFX w ͱݱͰঢ়گ͕ҟͳ͍ͬͯΔ w ϒϥβ͔ΒϢʔβʔΞΫγϣϯແ͠ͰͷόΠφ Ϧσʔλૹ৴͕Մೳʹͳ͍ͬͯΔ w ੲϑΝΠϧΞοϓϩʔυϓϥάΠϯܦ༝͠ͳ ͚Εແཧͩͬͨ w
ࠓYISTFOE CMPC ͰՄೳ
ࡉ͔͍ w ϑΝΠϧΞοϓϩʔυ͢Δ$43' w 'MBTIͰېࢭ͞Ε͕ͨ9)3MFWFMͰΉ͠Ζॊೈʹͳ͍ͬͯΔ w 'MBTI͔Β'JMF6QMPBE૬ͷ1045ϦΫΤετ DSPTTEPNBJOYNM͕ඞཁ IUUQXXXBEPCFDPNKQEFWOFU qBTIQMBZFSBSUJDMFTGQMBZFS@TFDVSJUZ@DIBOHFTIUNM
w ϩʔΧϧϑΝΠϧΛউखʹΞοϓϩʔυˠવແཧ w NVMUJQBSUGPSNEBUBΛ$43'ˠՄೳ w $034ͷϓϦϑϥΠτର֎
όΠφϦૹΕΔΑ͏ʹ͢Δ w UFYUQMBJOͩͱόΠφϦૹΕͳ͔ͬͨΓ͢Δ ˞ૹ৴͢ΔจࣈίʔυͷൣғͰ͔͠ૹΕͳ͍ɺؒҧͬͯͨΒڭ͑ͯ w NVMUJQBSUGPSNEBUBͰϑΝΠϧૹΕॊೈʹόΠφ Ϧૹ৴Մೳˠͨͩ͠Ϣʔβʔૢ࡞͕ඞཁͩͬͨ w /&8YISTFOE
CMPC ͰόΠφϦૹΕΔΑ͏ʹɻ w ΤϥʔΛదʹແࢹͯ͘͠ΕΕ όΠφϦϓϩτί ϧͰ$43'ͰΕΔ
ͬͱѱ༻͢Δ w NFNDBDIFEʹόΠφϦσʔλΛॻ͖ࠐΉ w SFNPUFDPEFFYFDVUJPOͷFYQMPJU w ΦϒδΣΫτσγϦΞϥΠβΛ௨ͨ͡ίʔυ࣮ ߦ w EFNP
None
Կ͕ग़དྷΔ͔ w σγϦΞϥΠβΛ௨ͨ͠ҙίʔυ࣮ߦ ˠେͷݴޠͰಉ༷ͷ߈ܸख๏͕͋Δ w NFNDBDIFEͷΞυϨε͕طͩͬͨΒҙͷ ΩʔʹҙͷσʔλΛॻ͖ࠐΜͩΓ w ߈ܸ༻ͷσʔλΛૹΓࠐΊ"QQαʔόʔ্Ͱ ҙίʔυ࣮ߦΛҾ͖ى͜͢͜ͱ͕ग़དྷΔ
ύεϫʔυೝূʹΑΔରࡦ w NFNDBDIFEೝূػߏ͕ແ͍ w *1ΞυϨεΠϯλϑΣʔε੍ݶͰೝূػߏΛඋ ͍͑ͯͳ͍ϛυϧΣΞଟ͍ w ೝূ͔͚͓͚ͯ0, ˠਖ਼ղؒҧ͍
ೝূΛಥഁ͢Δ$43' w 3FEJTͩͱύεϫʔυΛ͔͚ΒΕΔ w 3FEJTͷύεϫʔυೝূ BVUINZTFDSFUQBTTXPSE TFULFZWBMVF w ͜ΜͳͷΛૹΕྑ͍͚ͩͳͷͰಥഁՄೳ
ϛυϧΣΞͷύεϫʔυ w ͔͚͓ͯ͘ʹͨ͜͜͠ͱͳ͍͕ w ෦ͷωοτϫʔΫߏͳͲ͕طʹͳΔέʔε ˠιʔείʔυઃఆใ࿙Ӯ͍ͯ͠Δ͜ͱ ఆ͖͢ w ྫ͑ୀ৬ऀ͕෦ใΛώϯτʹݱ৬ࣾһΛ ᠘ʹ͔͚ͯSFNPUFDPEFFYFDVUJPOՄೳ
$43'ͰಥഁͰ͖Δೝূ w ݁ՌͷಡΈऔΓͷඞཁ͕ͳ͍ೝূํࣜͰ͋Εɺ ύεϫʔυΛૹΓ͚ͭΔ͚ͩͳͷͰಥഁՄೳ w νϟϨϯδϨεϙϯεܗࣜͷೝূͰ͋Εಥഁ Ͱ͖ͳ͍ w $43'ͰϦΫΤετͷ݁Ռ͕ಡΊͳ͍ͷͰ
ϛυϧΣΞͷ$43'ରࡦ w "$-͋Δ͔Β҆શͱࢥͬͯ·ͤΜ͔ʁ w ωοτϫʔΫࣗମΛִ͢Δͷ͕ྑ͍ w ִ͢ΔͷͪΌΜͱִɺιʔείʔυ ύεϫʔυ͕طͳΒ߈ܸͰ͖ΔΑ͏ͳͷ ʮୀ৬ऀ͚όοΫυΞʯ
ࠓޙͷͱରࡦ w ϙʔτ੍ݶʹ͍༷͕ͭͯ໌֬Խ͞ΕΔΑ͏ ʹͳͬͨ w IUUQTGFUDITQFDXIBUXHPSHQPSU CMPDLJOH w ͔͠͠XFMMLOPXOͰͳ͍QPSUҾ͖ଓ͖ DSPTTQSPUPDPMBUUBDL͕ՄೳͰ͠ΐ͏
ࠓޙͷͱରࡦ w ෦ωοτϫʔΫ͚ͷ$43'ରࡦ w $034BOE3'$ IUUQTNJLFXFTUHJUIVCJPDPSTSGD w ϒϥβଆͰͷରࡦೖΔ͔
ྨࣅͷ w $SPTTTJUF TDSJQUJOHSFRVFTUGPSHFSZ w TJUFˠQSPUPDPMTJUFˠBQQ w *1$ͷͨΊͷϩʔΧϧαʔόʔΛ࡞ΔΞϓϦ w
ΧελϜεΩʔϜͷϦΫΤετڧ੍ w ϦΫΤετҰํతʹૹΕΔ૬ޓʹೝূ͢Δϓ ϩτίϧʹͳ͍ͬͯΔ͔֬ೝ͠·͠ΐ͏
·ͱΊ w $43'ΛͳΊ͍͚ͯͳ͍ w ʮউखʹॻ͖ࠐΈʯग़དྷΔ͚͕ͩͩ ॻ͖ࠐΈରʹΑͬͯग़དྷΔ͜ͱ͕෯͍ w DSPTTQSPUPDPMͳ$43' YISTFOE
CMPC ͰόΠφϦૹΕΔ w )5.-Ͱػೳ͕૿͑Δˠ߈ܸํ๏ϦεΫ૿Ճ
ऴΘΓ w "OZRVFTUJPOT