Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ブラウザのUIのバグを探す / Secusoba PopUnder
Search
Masato Kinugawa
November 26, 2017
Technology
2
2.2k
ブラウザのUIのバグを探す / Secusoba PopUnder
第40回セキュそば勉強会(
http://secusoba.info/?%E7%AC%AC40%E5%9B%9E%2811%E6%9C%8825%E6%97%A5%29
) で発表した資料です。
Masato Kinugawa
November 26, 2017
Tweet
Share
More Decks by Masato Kinugawa
See All by Masato Kinugawa
Shadow DOMとセキュリティ - 光と影の境界を探る / Shibuya.XSS techtalk #13
masatokinugawa
0
690
Shadow DOM & Security - Exploring the boundary between light and shadow
masatokinugawa
1
1.9k
ブラウザのレガシー・独自機能を愛でる-Firefoxの脆弱性4選- / Browser Crash Club #1
masatokinugawa
1
1k
注目したいクライアントサイドの脆弱性2選/ Security.Tokyo #3
masatokinugawa
8
4.2k
バグハンティングのすゝめ / P3NFEST
masatokinugawa
5
2.6k
Pwn2OwnでMicrosoft Teamsをハッキングして2000万円を獲得した方法/ Shibuya.XSS techtalk #12
masatokinugawa
13
21k
How I Hacked Microsoft Teams and got $150,000 in Pwn2Own
masatokinugawa
1
23k
JSでDoSる/ Shibuya.XSS techtalk #11
masatokinugawa
20
7.1k
Electron: Abusing the lack of context isolation - CureCon(en)
masatokinugawa
5
100k
Other Decks in Technology
See All in Technology
生成AIを活用した音声文字起こしシステムの2つの構築パターンについて
miu_crescent
PRO
3
210
[CV勉強会@関東 World Model 読み会] Orbis: Overcoming Challenges of Long-Horizon Prediction in Driving World Models (Mousakhan+, NeurIPS 2025)
abemii
0
140
20260208_第66回 コンピュータビジョン勉強会
keiichiito1978
0
180
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
260
Webhook best practices for rock solid and resilient deployments
glaforge
2
300
Cosmos World Foundation Model Platform for Physical AI
takmin
0
940
22nd ACRi Webinar - NTT Kawahara-san's slide
nao_sumikawa
0
100
【Oracle Cloud ウェビナー】[Oracle AI Database + AWS] Oracle Database@AWSで広がるクラウドの新たな選択肢とAI時代のデータ戦略
oracle4engineer
PRO
2
170
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
ブロックテーマ、WordPress でウェブサイトをつくるということ / 2026.02.07 Gifu WordPress Meetup
torounit
0
190
AzureでのIaC - Bicep? Terraform? それ早く言ってよ会議
torumakabe
1
580
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.5k
Featured
See All Featured
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
110
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
We Have a Design System, Now What?
morganepeng
54
8k
The Cost Of JavaScript in 2023
addyosmani
55
9.5k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.8k
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
1.9k
Prompt Engineering for Job Search
mfonobong
0
160
Large-scale JavaScript Application Architecture
addyosmani
515
110k
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
51
Code Reviewing Like a Champion
maltzj
527
40k
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
320
A designer walks into a library…
pauljervisheath
210
24k
Transcript
None
None
None
• • •
•
• •
None
• • newWin = window.open('//example.com/','w','a'); newWin.blur();//新しいウインドウのフォーカスを離す window.focus();//親にフォーカスを移す
• •
• https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
None
None
None
None
None
confirm(1);
prompt(1);
print();
//Basic認証
//外部アプリを開くプロトコルへナビゲーション location = "mms:";
onbeforeunload=function(e){return 1;} //どこかへ移動しようとするとダイアログ出現
new PresentationRequest("").start();
new PaymentRequest([{ supportedMethods: ['basic-card'] }], { total: { label: 1,
amount: { currency: 'USD', value: 0 } } }).show();
navigator.usb.requestDevice({filters:[]});
<form> <input type="email" value="a"> <button id="button"> </form> <script> button.click(); </script>
• • • • • •
<script> function popUnder() { new PresentationRequest("").start(); window.open("https://example.com/", "_blank","a"); setTimeout(function(){ location.reload();//リロードでダイアログを消す
},1000); } </script> <button onclick="popUnder()">Create PopUnder</button>
None
• • • • • • •
• • • • •
• •
• • •
None
masatokinugawa
miu_crescent
abemii
keiichiito1978
slsops
glaforge
takmin
nao_sumikawa
oracle4engineer
sansan33
torounit
torumakabe
sansantech
techseoconnect
addyosmani
morganepeng
reverentgeek
aleyda
mfonobong
akademiya2063
maltzj
marktimemedia
pauljervisheath
![new PaymentRequest([{ supportedMethods: ['basic-card'] }], { total: { label: 1,](https://files.speakerdeck.com/presentations/0f400b94ba0b4ab39f5e8702330e687f/slide_22.jpg){kind=link}
![navigator.usb.requestDevice({filters:[]});](https://files.speakerdeck.com/presentations/0f400b94ba0b4ab39f5e8702330e687f/slide_23.jpg){kind=link}
