Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ブラウザのUIのバグを探す / Secusoba PopUnder
Search
Masato Kinugawa
November 26, 2017
Technology
2
2.1k
ブラウザのUIのバグを探す / Secusoba PopUnder
第40回セキュそば勉強会(
http://secusoba.info/?%E7%AC%AC40%E5%9B%9E%2811%E6%9C%8825%E6%97%A5%29
) で発表した資料です。
Masato Kinugawa
November 26, 2017
Tweet
Share
More Decks by Masato Kinugawa
See All by Masato Kinugawa
Shadow DOMとセキュリティ - 光と影の境界を探る / Shibuya.XSS techtalk #13
masatokinugawa
0
270
Shadow DOM & Security - Exploring the boundary between light and shadow
masatokinugawa
0
660
ブラウザのレガシー・独自機能を愛でる-Firefoxの脆弱性4選- / Browser Crash Club #1
masatokinugawa
1
760
注目したいクライアントサイドの脆弱性2選/ Security.Tokyo #3
masatokinugawa
8
3.8k
バグハンティングのすゝめ / P3NFEST
masatokinugawa
5
2.4k
Pwn2OwnでMicrosoft Teamsをハッキングして2000万円を獲得した方法/ Shibuya.XSS techtalk #12
masatokinugawa
13
20k
How I Hacked Microsoft Teams and got $150,000 in Pwn2Own
masatokinugawa
1
22k
JSでDoSる/ Shibuya.XSS techtalk #11
masatokinugawa
20
7k
Electron: Abusing the lack of context isolation - CureCon(en)
masatokinugawa
5
100k
Other Decks in Technology
See All in Technology
データ駆動経営の道しるべ:プロダクト開発指標の戦略的活用法
ham0215
2
230
DatabricksのOLTPデータベース『Lakebase』に詳しくなろう!
inoutk
0
110
QuickBooks®️ Customer®️ USA Contact Numbers: Complete 2025 Support Guide
qbsupportinfo
0
110
ゼロから始めるSREの事業貢献 - 生成AI時代のSRE成長戦略と実践 / Starting SRE from Day One
shinyorke
PRO
0
230
エンジニアリングマネージャー“お悩み相談”パネルセッション
ar_tama
1
660
P2P通信の標準化 WebRTCを知ろう
faithandbrave
6
2.3k
組織内、組織間の資産保護に必要なアイデンティティ基盤と関連技術の最新動向
fujie
0
510
The Madness of Multiple Gemini CLIs Developing Simultaneously with Jujutsu
gunta
1
2.5k
Talk to Someone At Delta Airlines™️ USA Contact Numbers
travelcarecenter
0
170
claude codeでPrompt Engineering
iori0311
0
440
AIコードアシスタントとiOS開発
jollyjoester
1
230
MCPに潜むセキュリティリスクを考えてみる
milix_m
1
730
Featured
See All Featured
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.6k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
A designer walks into a library…
pauljervisheath
207
24k
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
VelocityConf: Rendering Performance Case Studies
addyosmani
332
24k
For a Future-Friendly Web
brad_frost
179
9.8k
How GitHub (no longer) Works
holman
314
140k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
50
5.5k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Transcript
None
None
None
• • •
•
• •
None
• • newWin = window.open('//example.com/','w','a'); newWin.blur();//新しいウインドウのフォーカスを離す window.focus();//親にフォーカスを移す
• •
• https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
None
None
None
None
None
confirm(1);
prompt(1);
print();
//Basic認証
//外部アプリを開くプロトコルへナビゲーション location = "mms:";
onbeforeunload=function(e){return 1;} //どこかへ移動しようとするとダイアログ出現
new PresentationRequest("").start();
new PaymentRequest([{ supportedMethods: ['basic-card'] }], { total: { label: 1,
amount: { currency: 'USD', value: 0 } } }).show();
navigator.usb.requestDevice({filters:[]});
<form> <input type="email" value="a"> <button id="button"> </form> <script> button.click(); </script>
• • • • • •
<script> function popUnder() { new PresentationRequest("").start(); window.open("https://example.com/", "_blank","a"); setTimeout(function(){ location.reload();//リロードでダイアログを消す
},1000); } </script> <button onclick="popUnder()">Create PopUnder</button>
None
• • • • • • •
• • • • •
• •
• • •
None