Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ブラウザのUIのバグを探す / Secusoba PopUnder

1a5bce24526a7d6f1ab89678df2d673c?s=47 Masato Kinugawa
November 26, 2017
Technology
2
1.4k

ブラウザのUIのバグを探す / Secusoba PopUnder

第40回セキュそば勉強会(http://secusoba.info/?%E7%AC%AC40%E5%9B%9E%2811%E6%9C%8825%E6%97%A5%29) で発表した資料です。

1a5bce24526a7d6f1ab89678df2d673c?s=128

Masato Kinugawa

November 26, 2017
Tweet

More Decks by Masato Kinugawa

See All by Masato Kinugawa
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
21
5.1k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
5
73k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
9
13k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
18
10k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
35
18k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
20
22k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
4
2.2k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
7
2.3k
1a5bce24526a7d6f1ab89678df2d673c?s=48 masatokinugawa
8
15k

Other Decks in Technology

See All in Technology
140494d272a4d89883a94fdfdb29dea2?s=48 oracle4engineer
PRO
0
9.4k
E0db06b2e246ef948efc84bfc3909117?s=48 stkzk3110
0
450
0ed10d1154c696886ca483fe827cb299?s=48 thatjeffsmith
0
140
Cd931bc05e7cee46b9a950a63e47ba4c?s=48 you
0
210
Cfe33d3ab95f1c4902ee70b54af9e2a5?s=48 tokyoyoshida
0
210
A64ac825509279a770c13c6fc517f11a?s=48 kawaguti
PRO
1
150
1ec68e792f99c958b8ffbd0aadaa182a?s=48 ikkou
1
120
842515eaf8fbb2dfcc75197e7797dc15?s=48 sat
0
180
405fe9ab689473f267e2cfbd95f78c75?s=48 kyonmm
1
180
98234c645fe8c935edc0fec0186d28b8?s=48 garethr
1
110
E123f0d70182268563d4e63e23d8c55c?s=48 drumath2237
0
160
B1bddcb899ec3060fe9913f3cb70dbb6?s=48 lmt_swallow
5
1.3k

Featured

See All Featured
F57e2136eb9895eb95ff5dc8a1c02677?s=48 zakiwarfel
91
3.6k
027d1ebf66cc039a0bd3b55eeadbe75d?s=48 sachag
448
36k
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
98
15k
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
224
15k
7c8469ee8c9e594c65c59b919626c08d?s=48 scottboms
253
11k
Fe6b81005d1553accd6b2a28f6a2bef1?s=48 phodgson
92
4.1k
7fa6101cd43067653cf4ac6c7ca54305?s=48 akmur
255
20k
5f2da528927a2ec9ba4fec2069cbc958?s=48 kneath
297
39k
5f50f94346fbcb23706f0707169317a4?s=48 aarron
261
36k
Fde6c3a50ca518a909ef35c22c0ee0e4?s=48 destraynor
225
48k
E76911cbe088e5b850d966de3fc7435b?s=48 robhawkes
55
3k
Aff5641764408271f7bc398f2097edd0?s=48 denniskardys
222
120k

Transcript

  1. None
  2. None
  3. None

  4. • • •

  6. • •

  7. None

  8. • • newWin = window.open('//example.com/','w','a'); newWin.blur();//新しいウインドウのフォーカスを離す window.focus();//親にフォーカスを移す

  9. • •

  10. • https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

  11. None
  12. None
  13. None
  14. None
  15. None

  16. confirm(1);

  17. prompt(1);

  18. print();

  19. //Basic認証

  20. //外部アプリを開くプロトコルへナビゲーション location = "mms:";

  21. onbeforeunload=function(e){return 1;} //どこかへ移動しようとするとダイアログ出現

  22. new PresentationRequest("").start();

  23. new PaymentRequest([{ supportedMethods: ['basic-card'] }], { total: { label: 1,

    amount: { currency: 'USD', value: 0 } } }).show();

  24. navigator.usb.requestDevice({filters:[]});

  25. <form> <input type="email" value="a"> <button id="button"> </form> <script> button.click(); </script>

  26. • • • • • •

  27. <script> function popUnder() { new PresentationRequest("").start(); window.open("https://example.com/", "_blank","a"); setTimeout(function(){ location.reload();//リロードでダイアログを消す

    },1000); } </script> <button onclick="popUnder()">Create PopUnder</button>
  28. None

  29. • • • • • • •

  30. • • • • •

  31. • •

  32. • • •

  33. None