Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
5文字で書くJavaScript/ Shibuya.XSS techtalk #10
Search
Masato Kinugawa
December 13, 2017
Technology
35
21k
5文字で書くJavaScript/ Shibuya.XSS techtalk #10
Shibuya.XSS techtalk #10 の発表資料です。
Masato Kinugawa
December 13, 2017
Tweet
Share
More Decks by Masato Kinugawa
See All by Masato Kinugawa
Shadow DOMとセキュリティ - 光と影の境界を探る / Shibuya.XSS techtalk #13
masatokinugawa
0
650
Shadow DOM & Security - Exploring the boundary between light and shadow
masatokinugawa
1
1.9k
ブラウザのレガシー・独自機能を愛でる-Firefoxの脆弱性4選- / Browser Crash Club #1
masatokinugawa
1
1k
注目したいクライアントサイドの脆弱性2選/ Security.Tokyo #3
masatokinugawa
8
4.1k
バグハンティングのすゝめ / P3NFEST
masatokinugawa
5
2.6k
Pwn2OwnでMicrosoft Teamsをハッキングして2000万円を獲得した方法/ Shibuya.XSS techtalk #12
masatokinugawa
13
21k
How I Hacked Microsoft Teams and got $150,000 in Pwn2Own
masatokinugawa
1
23k
JSでDoSる/ Shibuya.XSS techtalk #11
masatokinugawa
20
7.1k
Electron: Abusing the lack of context isolation - CureCon(en)
masatokinugawa
5
100k
Other Decks in Technology
See All in Technology
Identity Management for Agentic AI 解説
fujie
0
530
AIエージェントを5分で一気におさらい! AIエージェント「構築」元年に備えよう
yakumo
1
120
コールドスタンバイ構成でCDは可能か
hiramax
0
120
AI時代のワークフロー設計〜Durable Functions / Step Functions / Strands Agents を添えて〜
yakumo
4
2.4k
まだ間に合う! Agentic AI on AWSの現在地をやさしく一挙おさらい
minorun365
19
3.1k
戰略轉變:從建構 AI 代理人到發展可擴展的技能生態系統
appleboy
0
140
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9.9k
「もしもデータ基盤開発で『強くてニューゲーム』ができたなら今の僕はどんなデータ基盤を作っただろう」
aeonpeople
0
260
[Neurogica] 採用ポジション/ Recruitment Position
neurogica
1
140
ペアーズにおけるAIエージェント 基盤とText to SQLツールの紹介
hisamouna
2
1.9k
Knowledge Work の AI Backend
kworkdev
PRO
0
310
NIKKEI Tech Talk #41: セキュア・バイ・デザインからクラウド管理を考える
sekido
PRO
0
240
Featured
See All Featured
Speed Design
sergeychernyshev
33
1.4k
The #1 spot is gone: here's how to win anyway
tamaranovitovic
1
880
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
53
48k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
120
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
130
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
0
260
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.4k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
990
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
37
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
300
Into the Great Unknown - MozCon
thekraken
40
2.2k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
Transcript
|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|> >|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|> |>|>|>|>|>|>|>|>|>|>|> |>|>|>|>|>|>|>|>|>|>|>
• • •
None
None
• • http://utf-8.jp/public/jjencode.html
• •
• • 0 1 2 3 4 5 6 7
8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
None
None
BANG!
|>
https://github.com/tc39/proposal-pipeline-operator The pipeline operator is essentially a useful syntactic sugar
on a function call with a single argument. |>
alert(1)
1 |> alert
• []()!+|> 8-2=6
• [] !+|> 6-1=5
• []+|> 5
• • •
None
• •
> Function("alert(1)") < ƒ anonymous() {alert(1)}
> Function("alert(1)")() OK
> [].constructor
> []["constructor"]
> []["constructor"] === Array < true > []["constructor"]["constructor"] === Function
< true
> []["constructor"]["constructor"]("alert(1)")() OK
> []["constructor"]["constructor"]("CODE")()
> []["constructor"]["constructor"]("CODE")()
> "CODE"|>[]["constructor"]["constructor"] > []["constructor"]["constructor"]("CODE")
> []|>"CODE"|>[]["constructor"]["constructor"] > []["constructor"]["constructor"]("CODE")()
exclaim(capitalize(doubleSay("hello"))); "hello" |> doubleSay |> capitalize |> exclaim;
> ("CODE"|>[]["constructor"]["constructor"])()
> ["CODE"|>[]["constructor"]["constructor"]][0]() ( Expression ) [ Expression ][0]
> []|>["CODE"|>[]["constructor"]["constructor"]][0]
> []|>["CODE"|>[]["constructor"]["constructor"]][0]
//JSFuckの基本型 []["constructor"]["constructor"]("CODE")() //5文字JSの基本型 []|>["CODE"|>[]["constructor"]["constructor"]][0]
None
> +[] < 0
> []>[] < false > [0]>[] < true
> [][[]] < undefined
> +[true][0] < 1 > +[true][0]+[true][0] < 2 > +[true][0]+[true][0]+[true][0]
< 3 > ...
> [true][0]+[] < "true" > [false][0]+[] < "false" > [undefined][0]+[]
< "undefined"
> ["true"][0][0] < "t" > ["true"][0][1] < "r" > ["true"][0][2]
< "u"
> []|>["CODE"|>[]["constructor"]["constructor"]][0]
> []["fill"]+[] < "function fill() { [native code] }"
None
[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[ [+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]] >[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+ [[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]> []][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+ [[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]] +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[ [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[ ]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]] [+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]
]>[]]+[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+ [[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]] ]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[ ]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]
> []|>["alert(1)"|>[]["constructor"]["constructor"]][0]
[]|>[[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[] ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[+[]]>[]] +[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+ []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[ [+[]]>[]][+[]]+[+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[+[[+[]]>[]][+[]]][+[]]+[[][[[[]>[]]+[]] [+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[] ]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[+[[+[]]>[]][+[] ]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]|>[][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[] ]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[ ]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+
[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]> []][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[ +[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+ []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+ [[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[] ]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[] ]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[ [+[]]>[]]+[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+ [[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[] ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[ [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[] ][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]] >[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]] +[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]] +[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[ ]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[ ]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[ [[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]] [+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]] >[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]] [+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][ +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]] [+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]] [+[[+[]]>[]][+[]]]]][+[]]
[]|>[[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[] ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[+[]]>[]] +[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+ []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[ [+[]]>[]][+[]]+[+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[+[[+[]]>[]][+[]]][+[]]+[[][[[[]>[]]+[]] [+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[] ]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[+[[+[]]>[]][+[] ]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]|>[][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[] ]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[ ]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+
[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]> []][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[ +[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+ []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+ [[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[] ]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[] ]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[ [+[]]>[]]+[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+ [[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[] ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[ [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[] ][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]] >[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]] +[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]] +[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[ ]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[ ]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[ [[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]] [+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]] >[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]] [+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][ +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]] [+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]] [+[[+[]]>[]][+[]]]]][+[]] OK
unescape("%u0051")
https://syllab.fr/projets/experiments/xcharsjs/5chars.pipeline. html https://babeljs.io/repl/build/5099/#?babili=false&browsers=& build=&builtIns=false&code_lz=IwHwfAhgNgpgTgFyA&debug=f alse&circleciRepo=&evaluate=true&lineWrap=false&presets=st age-0&prettier=false&targets=&version=7.0.0- beta.2%2Bpr.6335
• •
|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|> >|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>
masatokinugawa
fujie
yakumo
hiramax
minorun365
appleboy
fullkaiten
aeonpeople
neurogica
hisamouna
kworkdev
sekido
sergeychernyshev
tamaranovitovic
madoxten
nikkihalliwell
frankvandijk
katarinadahlin
tammyeverts
stuffmc
reverentgeek
thekraken
sstephenson
![• []()!+|> 8-2=6](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_14.jpg){kind=link}
![• [] !+|> 6-1=5](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_15.jpg){kind=link}
![• []+|> 5](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_16.jpg){kind=link}
![> [].constructor](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_22.jpg){kind=link}
![> []["constructor"]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_23.jpg){kind=link}
![> []["constructor"] === Array < true > []["constructor"]["constructor"] === Function](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_24.jpg){kind=link}
![> []["constructor"]["constructor"]("alert(1)")() OK](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_25.jpg){kind=link}
![> []["constructor"]["constructor"]("CODE")()](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_26.jpg){kind=link}
![> []["constructor"]["constructor"]("CODE")()](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_27.jpg){kind=link}
![> "CODE"|>[]["constructor"]["constructor"] > []["constructor"]["constructor"]("CODE")](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_28.jpg){kind=link}
![> []|>"CODE"|>[]["constructor"]["constructor"] > []["constructor"]["constructor"]("CODE")()](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_29.jpg){kind=link}
![> ("CODE"|>[]["constructor"]["constructor"])()](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_31.jpg){kind=link}
![> ["CODE"|>[]["constructor"]["constructor"]][0]() ( Expression ) [ Expression ][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_32.jpg){kind=link}
![> []|>["CODE"|>[]["constructor"]["constructor"]][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_33.jpg){kind=link}
![> []|>["CODE"|>[]["constructor"]["constructor"]][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_34.jpg){kind=link}
![//JSFuckの基本型 []["constructor"]["constructor"]("CODE")() //5文字JSの基本型 []|>["CODE"|>[]["constructor"]["constructor"]][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_35.jpg){kind=link}
![> +[] < 0](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_37.jpg){kind=link}
![> []>[] < false > [0]>[] < true](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_38.jpg){kind=link}
![> [][[]] < undefined](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_39.jpg){kind=link}
![> +[true][0] < 1 > +[true][0]+[true][0] < 2 > +[true][0]+[true][0]+[true][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_40.jpg){kind=link}
![> [true][0]+[] < "true" > [false][0]+[] < "false" > [undefined][0]+[]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_41.jpg){kind=link}
![> ["true"][0][0] < "t" > ["true"][0][1] < "r" > ["true"][0][2]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_42.jpg){kind=link}
![> []|>["CODE"|>[]["constructor"]["constructor"]][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_43.jpg){kind=link}
![> []["fill"]+[] < "function fill() { [native code] }"](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_44.jpg){kind=link}
![[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[ [+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]] >[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+ [[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]> []][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+ [[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]] +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[ [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[ ]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]] [+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_46.jpg){kind=link}
![> []|>["alert(1)"|>[]["constructor"]["constructor"]][0]](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_47.jpg){kind=link}
![[]|>[[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[] ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[+[]]>[]] +[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+ []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[ [+[]]>[]][+[]]+[+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[+[[+[]]>[]][+[]]][+[]]+[[][[[[]>[]]+[]] [+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[] ]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[+[[+[]]>[]][+[] ]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]|>[][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[] ]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[ ]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_48.jpg){kind=link}
![[]|>[[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[] ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[+[]]>[]] +[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+ []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[ [+[]]>[]][+[]]+[+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[+[[+[]]>[]][+[]]][+[]]+[[][[[[]>[]]+[]] [+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[] ]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[+[[+[]]>[]][+[] ]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]|>[][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[] ]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[ ]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+](https://files.speakerdeck.com/presentations/5ba5f6fb0cf1401594a2f3cd1c24668a/slide_49.jpg){kind=link}
