Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ブラウザのUIのバグを探す / Secusoba PopUnder
Search
Masato Kinugawa
November 26, 2017
Technology
2
2.2k
ブラウザのUIのバグを探す / Secusoba PopUnder
第40回セキュそば勉強会(
http://secusoba.info/?%E7%AC%AC40%E5%9B%9E%2811%E6%9C%8825%E6%97%A5%29
) で発表した資料です。
Masato Kinugawa
November 26, 2017
Tweet
Share
More Decks by Masato Kinugawa
See All by Masato Kinugawa
Shadow DOMとセキュリティ - 光と影の境界を探る / Shibuya.XSS techtalk #13
masatokinugawa
0
630
Shadow DOM & Security - Exploring the boundary between light and shadow
masatokinugawa
1
1.8k
ブラウザのレガシー・独自機能を愛でる-Firefoxの脆弱性4選- / Browser Crash Club #1
masatokinugawa
1
980
注目したいクライアントサイドの脆弱性2選/ Security.Tokyo #3
masatokinugawa
8
4.1k
バグハンティングのすゝめ / P3NFEST
masatokinugawa
5
2.6k
Pwn2OwnでMicrosoft Teamsをハッキングして2000万円を獲得した方法/ Shibuya.XSS techtalk #12
masatokinugawa
13
20k
How I Hacked Microsoft Teams and got $150,000 in Pwn2Own
masatokinugawa
1
23k
JSでDoSる/ Shibuya.XSS techtalk #11
masatokinugawa
20
7.1k
Electron: Abusing the lack of context isolation - CureCon(en)
masatokinugawa
5
100k
Other Decks in Technology
See All in Technology
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
16k
Oracle Technology Night #95 GoldenGate 26ai の実装に迫る1
oracle4engineer
PRO
0
100
AIにおける自由の追求
shujisado
3
480
事業部のプロジェクト進行と開発チームの改善の “時間軸" のすり合わせ
konifar
9
3.2k
21st ACRi Webinar - Univ of Tokyo Presentation Slide (Shinya Takamaeda)
nao_sumikawa
0
110
著者と読み解くAIエージェント現場導入の勘所 Lancers TechBook#2
smiyawaki0820
11
5.1k
翻訳・対話・越境で強いチームワークを作ろう! / Building Strong Teamwork through Interpretation, Dialogue, and Border-Crossing
ar_tama
4
1.7k
Symfony AI in Action
el_stoffel
2
380
Uncertainty in the LLM era - Science, more than scale
gaelvaroquaux
0
670
あなたの知らないDateのひみつ / The Secret of "Date" You Haven't known #tqrk16
expajp
0
120
Ryzen NPUにおけるAI Engineプログラミング
anjn
0
240
Karate+Database RiderによるAPI自動テスト導入工数をCline+GitLab MCPを使って2割削減を目指す! / 20251206 Kazuki Takahashi
shift_evolve
PRO
1
210
Featured
See All Featured
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
10
700
GitHub's CSS Performance
jonrohan
1032
470k
Done Done
chrislema
186
16k
Being A Developer After 40
akosma
91
590k
[SF Ruby Conf 2025] Rails X
palkan
0
460
Building an army of robots
kneath
306
46k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
359
30k
Docker and Python
trallard
46
3.7k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
The Power of CSS Pseudo Elements
geoffreycrofte
80
6.1k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
Mobile First: as difficult as doing things right
swwweet
225
10k
Transcript
None
None
None
• • •
•
• •
None
• • newWin = window.open('//example.com/','w','a'); newWin.blur();//新しいウインドウのフォーカスを離す window.focus();//親にフォーカスを移す
• •
• https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
None
None
None
None
None
confirm(1);
prompt(1);
print();
//Basic認証
//外部アプリを開くプロトコルへナビゲーション location = "mms:";
onbeforeunload=function(e){return 1;} //どこかへ移動しようとするとダイアログ出現
new PresentationRequest("").start();
new PaymentRequest([{ supportedMethods: ['basic-card'] }], { total: { label: 1,
amount: { currency: 'USD', value: 0 } } }).show();
navigator.usb.requestDevice({filters:[]});
<form> <input type="email" value="a"> <button id="button"> </form> <script> button.click(); </script>
• • • • • •
<script> function popUnder() { new PresentationRequest("").start(); window.open("https://example.com/", "_blank","a"); setTimeout(function(){ location.reload();//リロードでダイアログを消す
},1000); } </script> <button onclick="popUnder()">Create PopUnder</button>
None
• • • • • • •
• • • • •
• •
• • •
None
masatokinugawa
sansan33
oracle4engineer
shujisado
konifar
nao_sumikawa
smiyawaki0820
ar_tama
el_stoffel
gaelvaroquaux
expajp
anjn
shift_evolve
tammyeverts
jonrohan
chrislema
akosma
palkan
kneath
bermonpainter
trallard
sstephenson
geoffreycrofte
sugarenia
swwweet
![new PaymentRequest([{ supportedMethods: ['basic-card'] }], { total: { label: 1,](https://files.speakerdeck.com/presentations/0f400b94ba0b4ab39f5e8702330e687f/slide_22.jpg){kind=link}
![navigator.usb.requestDevice({filters:[]});](https://files.speakerdeck.com/presentations/0f400b94ba0b4ab39f5e8702330e687f/slide_23.jpg){kind=link}
