$30 off During Our Annual Pro Sale. View Details »

5文字で書くJavaScript/ Shibuya.XSS techtalk #10

Masato Kinugawa
December 13, 2017
Technology
35
19k

5文字で書くJavaScript/ Shibuya.XSS techtalk #10

Shibuya.XSS techtalk #10 の発表資料です。

Masato Kinugawa

December 13, 2017
Tweet

More Decks by Masato Kinugawa

See All by Masato Kinugawa
Pwn2OwnでMicrosoft Teamsをハッキングして2000万円を獲得した方法/ Shibuya.XSS techtalk #12
masatokinugawa
13
14k
How I Hacked Microsoft Teams and got $150,000 in Pwn2Own
masatokinugawa
0
10k
JSでDoSる/ Shibuya.XSS techtalk #11
masatokinugawa
21
6.2k
Electron: Abusing the lack of context isolation - CureCon(en)
masatokinugawa
5
87k
Electron: Context Isolationの欠如を利用した任意コード実行 / Electron: Abusing the lack of context isolation - CureCon(ja)
masatokinugawa
9
21k
バグハンターが見てきたBug Bountyの7年 / LINE Developer Meetup #34 Security Bug Bounty
masatokinugawa
18
11k
ブラウザのUIのバグを探す / Secusoba PopUnder
masatokinugawa
2
1.8k
攻撃者視点で見る Service Worker / PWA Study SW
masatokinugawa
20
25k
USAGE OF XSS FILTER
masatokinugawa
4
2.6k

Other Decks in Technology

See All in Technology
re:Invent2023で登場した運用開発用の可視化ツールたちを実際に見てみよう
yoshimi0227
0
400
How to use GPT with your Symfony application [EN]
el_stoffel
2
440
合宿はいいぞ / Training camp is so good.
okamototakuyasr2
0
130
エンジニアのマネジメントキャリアにおける技術広報 / Technical Public Relations in Developers' Management Careers
pauli
0
280
AWS App Runner を使う時に押さえておきたい勘所 〜 Web アプリをコンテナに最適化する 〜
track3jyo
PRO
1
150
大規模Webアプリケーションプラットフォームを開発して軌道に乗るまでにやったこと / How to Put Platforms on Track
hhiroshell
0
1.5k
GPTsによるアシスタント業務の改善
neonankiti
3
410
ミチビク株式会社エンジニアカンパニーデック
knsg16
0
2.3k
Kubernetesで構築する大規模時系列データのスケーラブルな分散処理
lycorptech_jp
PRO
0
270
Micro Frontends for Java Microservices - SF JUG 2023
mraible
PRO
1
240
KarateによるBDDベースのAPIテスト / BDD based API-Testing with Karate
takanorig
1
210
Kamuee: A Pure-Software-Approach Router
nttcom
0
160

Featured

See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
26
5.7k
GitHub's CSS Performance
jonrohan
1021
440k
The Cost Of JavaScript in 2023
addyosmani
10
3.1k
Building an army of robots
kneath
299
41k
Six Lessons from altMBA
skipperchong
18
2.7k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
239
1.2M
What's in a price? How to price your products and services
michaelherold
236
10k
Build your cross-platform service in a week with App Engine
jlugia
223
17k
Bash Introduction
62gerente
602
210k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
14k
Build The Right Thing And Hit Your Dates
maggiecrowley
23
1.7k
Being A Developer After 40
akosma
52
580k

Transcript

  1. |>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>
    >|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>
    |>|>|>|>|>|>|>|>|>|>|>
    |>|>|>|>|>|>|>|>|>|>|>

    View Slide




  2. View Slide

  3. View Slide

  4. View Slide



  5. http://utf-8.jp/public/jjencode.html

    View Slide



  6. View Slide



  7. 0 1 2 3 4 5 6 7 8 9
    a b c d e f g h i j k l m n o p q r s t u v w x y z
    A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

    View Slide

  8. View Slide

  9. View Slide

  10. BANG!

    View Slide

  11. |>

    View Slide

  12. https://github.com/tc39/proposal-pipeline-operator
    The pipeline operator is essentially a useful syntactic
    sugar on a function call with a single argument.
    |>

    View Slide

  13. alert(1)

    View Slide

  14. 1 |> alert

    View Slide


  15. []()!+|>
    8-2=6

    View Slide


  16. [] !+|>
    6-1=5

    View Slide


  17. []+|>
    5

    View Slide




  18. View Slide

  19. View Slide



  20. View Slide

  21. > Function("alert(1)")
    < ƒ anonymous() {alert(1)}

    View Slide

  22. > Function("alert(1)")()
    OK

    View Slide

  23. > [].constructor

    View Slide

  24. > []["constructor"]

    View Slide

  25. > []["constructor"] === Array
    < true
    > []["constructor"]["constructor"] === Function
    < true

    View Slide

  26. > []["constructor"]["constructor"]("alert(1)")()
    OK

    View Slide

  27. > []["constructor"]["constructor"]("CODE")()

    View Slide

  28. > []["constructor"]["constructor"]("CODE")()

    View Slide

  29. > "CODE"|>[]["constructor"]["constructor"]
    > []["constructor"]["constructor"]("CODE")

    View Slide

  30. > []|>"CODE"|>[]["constructor"]["constructor"]
    > []["constructor"]["constructor"]("CODE")()

    View Slide

  31. exclaim(capitalize(doubleSay("hello")));
    "hello"
    |> doubleSay
    |> capitalize
    |> exclaim;

    View Slide

  32. > ("CODE"|>[]["constructor"]["constructor"])()

    View Slide

  33. > ["CODE"|>[]["constructor"]["constructor"]][0]()
    ( Expression ) [ Expression ][0]

    View Slide

  34. > []|>["CODE"|>[]["constructor"]["constructor"]][0]

    View Slide

  35. > []|>["CODE"|>[]["constructor"]["constructor"]][0]

    View Slide

  36. //JSFuckの基本型
    []["constructor"]["constructor"]("CODE")()
    //5文字JSの基本型
    []|>["CODE"|>[]["constructor"]["constructor"]][0]

    View Slide

  37. View Slide

  38. > +[]
    < 0

    View Slide

  39. > []>[]
    < false
    > [0]>[]
    < true

    View Slide

  40. > [][[]]
    < undefined

    View Slide

  41. > +[true][0]
    < 1
    > +[true][0]+[true][0]
    < 2
    > +[true][0]+[true][0]+[true][0]
    < 3
    > ...

    View Slide

  42. > [true][0]+[]
    < "true"
    > [false][0]+[]
    < "false"
    > [undefined][0]+[]
    < "undefined"

    View Slide

  43. > ["true"][0][0]
    < "t"
    > ["true"][0][1]
    < "r"
    > ["true"][0][2]
    < "u"

    View Slide

  44. > []|>["CODE"|>[]["constructor"]["constructor"]][0]

    View Slide

  45. > []["fill"]+[]
    < "function fill() { [native code] }"

    View Slide

  46. View Slide

  47. [[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[
    [+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]
    >[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+
    [[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>
    []][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+
    [[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]
    +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[
    [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[
    ]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]]
    [+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]
    ]>[]]+[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+
    [[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]
    ]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[
    ]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]

    View Slide

  48. > []|>["alert(1)"|>[]["constructor"]["constructor"]][0]

    View Slide

  49. []|>[[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]
    ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[+[]]>[]]
    +[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+
    []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[
    [+[]]>[]][+[]]+[+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[+[[+[]]>[]][+[]]][+[]]+[[][[[[]>[]]+[]]
    [+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]
    ]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[+[[+[]]>[]][+[]
    ]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]|>[][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]
    ]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[
    ]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+
    []][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>
    []][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[
    +[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+
    []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+
    [[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]
    ]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]
    ]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[
    [+[]]>[]]+[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+
    [[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]
    ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[
    [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]
    ][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]
    >[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]
    +[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]
    +[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[
    ]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[
    ]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[
    [[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]]
    [+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]
    >[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]]
    [+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][
    +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]]
    [+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]]
    [+[[+[]]>[]][+[]]]]][+[]]

    View Slide

  50. []|>[[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]
    ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[+[]]>[]]
    +[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+
    []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[
    [+[]]>[]][+[]]+[+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[+[[+[]]>[]][+[]]][+[]]+[[][[[[]>[]]+[]]
    [+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]
    ]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[+[[+[]]>[]][+[]
    ]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]|>[][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]
    ]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[
    ]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+
    []][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>
    []][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[
    +[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+
    []][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+
    [[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]
    ]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]
    ]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[
    [+[]]>[]]+[]][+[]][+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+
    [[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]
    ][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[
    [+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]][[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]
    ][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]
    >[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]
    +[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]
    +[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[
    ]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[]]+[]][+[]][+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[
    ]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]][+[]]+[[[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]]+[
    [[+[]]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]]
    [+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]
    >[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]]
    [+[]]+[[][[[[]>[]]+[]][+[]][+[]]+[[[[]>[]]+[]][+[]]+[][[]]][+[]][+[[+[]]>[]][+[]]+[+[]]]+[[[]>[]]+[]][+[]][
    +[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[]>[]]+[]][+[]][+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]]+[]][+[]][+[[+[]]>[]]
    [+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]+[[+[]]>[]][+[]]]+[[[+[]]>[]]+[]][+[]]
    [+[[+[]]>[]][+[]]]]][+[]]
    OK

    View Slide

  51. unescape("%u0051")

    View Slide

  52. https://syllab.fr/projets/experiments/xcharsjs/5chars.pipeline.
    html
    https://babeljs.io/repl/build/5099/#?babili=false&browsers=&
    build=&builtIns=false&code_lz=IwHwfAhgNgpgTgFyA&debug=f
    alse&circleciRepo=&evaluate=true&lineWrap=false&presets=st
    age-0&prettier=false&targets=&version=7.0.0-
    beta.2%2Bpr.6335

    View Slide



  53. View Slide

  54. |>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>
    >|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>|>

    View Slide