Upgrade to Pro — share decks privately, control downloads, hide ads and more …

次世代プラットフォームのセキュリティモデル考察

MUNEAKI NISHIMURA
August 12, 2016
Technology
6
4.9k

 次世代プラットフォームのセキュリティモデル考察

セキュリティ・キャンプ全国大会2016の講義資料です。
講義の前編は、はせがわようすけさんの資料をご覧ください。
http://www.slideshare.net/hasegawayosuke/ss-64924759

MUNEAKI NISHIMURA

August 12, 2016
Tweet

More Decks by MUNEAKI NISHIMURA

See All by MUNEAKI NISHIMURA
Brave Browserの脆弱性を見つけた話(iOS編)
nishimunea
3
2k
ブラウザの脆弱性とそのインパクト
nishimunea
26
9.5k
脆弱性発見者が注目する近年のWeb技術
nishimunea
29
13k
脆弱性発見者の目から見た、脆弱性対応の最前線
nishimunea
15
2.6k
Slack Team for Security Testers and Bug Hunters
nishimunea
1
720
Finding Vulnerabilities in Firefox for iOS
nishimunea
3
8.1k
SWIFT Code for Mozilla Bank
nishimunea
1
850

Other Decks in Technology

See All in Technology
GraphQL 成熟度モデルの紹介と、プロダクトに当てはめた事例 / GraphQL maturity model
mh4gf
7
1.3k
Tableau事例紹介 / Tableau Case Study of Eureka
kazuya_araki_tokyo
1
180
Google Cloud の AI を支える裏側のインフラを垣間見る!
maroon1st
0
340
私が trocco を推す理由
__allllllllez__
1
200
EMとして2023年度に頑張ったこと / What we did well in FY2023 as a EM
pauli
1
160
最近たまに見かけるTiDBってなんだ? - Findy
pingcap0315
2
760
web-application-security
matsuihidetoshi
0
140
複雑な構成要素を持つUIとの向き合い方 〜新・支出グラフでの実例〜 / B43 TECH TALK
nakamuuu
0
140
Reducing Cross-Zone Egress at Spotify with Custom gRPC Load Balancing Recap
koh_naga
0
190
DevOpsメトリクスとアウトカムの接続にトライ!開発プロセスを通して計測できるメトリクスの活用方法
ham0215
2
230
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
190
KubeConにproposalを送りたい人へのアドバイス
sat
PRO
3
230

Featured

See All Featured
KATA
mclloyd
15
12k
Reflections from 52 weeks, 52 projects
jeffersonlam
345
19k
For a Future-Friendly Web
brad_frost
172
9k
Making the Leap to Tech Lead
cromwellryan
124
8.5k
Large-scale JavaScript Application Architecture
addyosmani
504
110k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
7
990
Mobile First: as difficult as doing things right
swwweet
216
8.6k
Building Your Own Lightsaber
phodgson
99
5.7k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
19
1.7k
Build your cross-platform service in a week with App Engine
jlugia
225
17k
WebSockets: Embracing the real-time Web
robhawkes
59
7k
A designer walks into a library…
pauljervisheath
200
23k

Transcript

  1. ࣍ੈ୅ϓϥοτϑΥʔϜͷηΩϡϦςΟϞσϧߟ࡯ʢޙฤʣ גࣜձࣾϦΫϧʔτςΫϊϩδʔζ αΠόʔηΩϡϦςΟΤϯδχΞϦϯά෦ ੢ଜ फߊ

  2. ੢ଜ फߊʢʹ͠ΉͶ͋ʣ גࣜձࣾϦΫϧʔτςΫϊϩδʔζ αΠόʔηΩϡϦςΟΤϯδχΞϦϯά෦ ࠃ಺ܞଳి࿩ϝʔΧʔͰͷίϯαϧςΟϯάͳͲΛ ܦͯɺ೥݄ΑΓݱ৬ɻϦΫϧʔτͷ*%؅ཧج ൫ͷηΩϡϦςΟอक΍ϦΫϧʔτάϧʔϓશମͷ ੬ऑੑमਖ਼ࢧԉʹܞΘΔɻझຯ͸ϒϥ΢βͷ੬ऑੑ ୳͠ɻஶॻʹϒϥ΢βϋοΫʢ؂༁ʣɻߨԋྺʹ 8PP:VO

    8IJUF)BU'FTU  ɺ $0%& #-6& ɺ "750,:0 ͳͲ

  3. લ൒ͷߨٛ͸ɺ͸͕ͤΘΑ͏͚͢͞ΜͷࢿྉΛࢀর http://www.slideshare.net/hasegawayosuke/ss-64924759

  4. 8FCͱ/BUJWFΞϓϦΛͭͳ͙ٕज़

  5. ϞόΠϧ8FC /BUJWFΞϓϦ ˓ )5.-Ͱϫϯιʔε։ൃ ☓ 04͝ͱʹҟͳΔϓϩάϥϜݴޠͰ։ൃ ˓ 63-Λ։͚ͩ͘Ͱ࣮ߦ ☓ ࣮ߦʹ͸Πϯετʔϧ͕ඞཁ

    ☓ ར༻Ͱ͖Δ୺຤ͷػೳʹ੍ݶ ྫʣ௨࿩ ϑΝΠϧૢ࡞ͳͲېࢭ ˓ ༷ʑͳ୺຤ͷػೳΛ࢖͑Δ ྫʣ֤छηϯαʔ /'$ͳͲར༻Մೳ ☓ ར༻Ͱ͖Δ௨৴ϓϩτίϧʹ੍ݶ ྫʣ)551 8FC35$ͳͲʹݶఆ ˓ ೚ҙͷ௨৴ϓϩτίϧΛ࣮૷Մೳ ྫʣ44) *."1ͳͲجຊతʹࣗ༝ ϞόΠϧ8FC PS/BUJWFΞϓϦ

  6. ϞόΠϧ8FC /BUJWFΞϓϦ ˓ )5.-Ͱϫϯιʔε։ൃ ☓ 04͝ͱʹҟͳΔϓϩάϥϜݴޠͰ։ൃ ˓ 63-Λ։͚ͩ͘Ͱ࣮ߦ ☓ ࣮ߦʹ͸Πϯετʔϧ͕ඞཁ

    ☓ ར༻Ͱ͖Δ୺຤ͷػೳʹ੍ݶ ྫʣ௨࿩ ϑΝΠϧૢ࡞ͳͲېࢭ ˓ ༷ʑͳ୺຤ͷػೳΛ࢖͑Δ ྫʣ֤छηϯαʔ /'$ͳͲར༻Մೳ ☓ ར༻Ͱ͖Δ௨৴ϓϩτίϧʹ੍ݶ ྫʣ)551 8FC35$ͳͲʹݶఆ ˓ ೚ҙͷ௨৴ϓϩτίϧΛ࣮૷Մೳ ྫʣ44) *."1ͳͲجຊతʹࣗ༝ ϞόΠϧ8FC PS/BUJWFΞϓϦ /BUJWFΞϓϦ͸Ϛϧν1'ల։ͱ ϢʔβʔϦʔνʹ՝୊ ϞόΠϧ8FC͸ػೳෆ଍͕՝୊

  7. 8FCͷػೳෆ଍Λิ͏ٕज़ • +BWB4DSJQU +4 ͱ/BUJWFͷϓϩάϥϜΛ૬ޓʹͭͳ͙࢓૊Έͷొ৔ • 8FCʹ଍Γͳ͍ػೳ͸/BUJWFݴޠͰ࣮૷ͯ͠+4͔Βݺͼग़͢ J04ΞϓϦ 8,8FC7JFX /BUJWFͷؔ਺Λݺͼग़͢

    ࣮ߦ݁ՌΛ+4ʹ௨஌͢Δ

  8. +4à /BUJWF BEE+BWBTDSJQU*OUFSGBDF "OESPJE 8,4DSJQU.FTTBHF)BOEMFS J04 QSPNQU "OESPJE J04 /BUJWFà

    +4 FWBMVBUF+BWB4DSJQU "OESPJE J04 8,6TFS4DSJQU J04 +4ͱ/BUJWFΛͭͳ͙ํ๏ʢҰྫʣ

  9. BEE+BWBTDSJQU*OUFSGBDF "OESPJE webview.addJavascriptInterface(new MyClass(), "myclass"); +BWB • .Z$MBTTΠϯελϯεΛNZDMBTTͱ͍͏໊લͰ+4͔Βૢ࡞Ͱ͖ΔΑ͏ઃఆ myclass.func("Hello from

    JS"); +4 • NZDMBTTΦϒδΣΫτΛհͯ͠+BWBͷ.Z$MBTTΠϯελϯεΛૢ࡞

  10. 8,4DSJQU.FTTBHF)BOEMFS J04 • NZ)BOEMFSͱ͍͏໊લͰ+4͔ΒϝοηʔδΛड͚ΒΕΔΑ͏ઃఆ controller.addScriptMessageHandler(self, name: "myHandler") 4XJGU func userContentController(userContentController:WKUserContentController,

    didReceiveScriptMessage message: WKScriptMessage) { // ToDo } 4XJGU • +4͔ΒͷϝοηʔδΛड৴͢ΔͨΊͷϋϯυϥؔ਺Λఆٛ webkit.messageHandlers.myHandler.postMessage("Hello from JS "); +4 • +4͔Β4XJGU΁ϝοηʔδΛૹ৴

  11. webview.setWebChromeClient(new WebChromeClient() { public boolean onJsPrompt(WebView view, String url, String

    message, String defaultValue, final JsPromptResult result) { // To Do }}); QSPNQU "OESPJE • +4ͷQSPNQUؔ਺ݺͼग़͠ΛϑοΫ͢ΔͨΊͷϋϯυϥΛఆٛ +BWB var result = prompt("Hello from JS"); +4 • +4ͰQSPNQUؔ਺Λݺͼग़͢ͱ্هͷPO+T1SPNQU͕࣮ߦ͞ΕΔ

  12. func webView(webView: WKWebView, runJavaScriptTextInputPanelWithPrompt prompt: String, defaultText: String?, initiatedByFrame frame:

    WKFrameInfo, completionHandler: (String?) -> Void) { // ToDo } QSPNQU J04 • +4ͷQSPNQUؔ਺ݺͼग़͠ΛϑοΫ͢ΔͨΊͷEFMFHBUFΛఆٛ 4XJGU var result = prompt("Hello from JS"); +4 • +4ͰQSPNQUؔ਺Λݺͼग़͢ͱ্هͷEFMFHBUF͕࣮ߦ͞ΕΔ

  13. FWBMVBUF+BWB4DSJQU "OESPJE J04 • จࣈྻΛ8FC7JFXʹ஫ೖ͠ɺ+4ͱ࣮ͯ͠ߦ String source = "alert('Hello from

    Java')"; webview.evaluateJavascript(source, null); +BWB let source = "alert('Hello from Swift')" webview.evaluateJavaScript(source, completionHandler: nil) 4XJGU

  14. 8,6TFS4DSJQU J04 • ͋Β͔͡Ίొ࿥͓͍ͯͨ͠+4Λ8FCϖʔδͷભҠຖʹࣗಈ࣮ߦ let source = "alert('Hello from Swift')”

    let script = WKUserScript(source: source, injectionTime: .AtDocumentEnd, forMainFrameOnly: true) webview.configuration.userContentController.addUserScript(script) 4XJGU

  15. ϒϥ΢βΞϓϦʹ͓͚Δ׆༻ࣄྫʢϖʔδ಺ݕࡧʣ /BUJWF͔Β+4Λ஫ೖͯ͠ จࣈΛϋΠϥΠτදࣔ https://github.com/mozilla/firefox-ios/blob/v4.x/Client/Frontend/Browser/FindInPageHelper.swift#L26

  16. ϒϥ΢βΞϓϦʹ͓͚Δ׆༻ࣄྫʢ1BTTXPSE.BOBHFSʣ https://github.com/mozilla/firefox-ios/blob/v4.x/Client/Frontend/Browser/LoginsHelper.swift#L222 +4Λ஫ೖͯ͠GPSNʹ ύεϫʔυΛࣗಈೖྗ

  17. 8FCͱ/BUJWFΞϓϦͷͭͳ͗ͷ෦෼ʹજΉ੬ऑੑ

  18. ૝૾ͯ͠ΈΑ͏ • 1BTTXPSE.BOBHFS͕΋͠ޡͬͯҟͳΔαΠτʹύεϫʔυΛೖྗͨ͠Βʁ • ͜ͷΑ͏ͳޡΓ͸Ͳ͏ͯ͠ى͖ΔΜͩΖ͏ʁ ޡͬͯύεϫʔυΛࣗಈೖྗ

  19. 8FCͱ/BUJWFͷͭͳ͗Ͱੜ͡Δͭͷ੬ऑੑ 0SJHJO 7BMJEBUJPO&SSPS /BUJWFͷػೳΛݺͼग़ͨ͠8FCαΠτͷΦϦδϯͷݕূෆඋɻ ຊདྷڐՄ͠ͳ͍8FCαΠτʹ/BUJWFͷػೳΛѱ༻͞ΕΔڪΕ 'SBNF$POGVTJPO JGSBNF಺ͷϖʔδ͔Βͷཁٻͱ਌XJOEPX͔Βͷཁٻͷࠞಉɻ 0SJHJO7BMJEBUJPO&SSPSͱಉ༷ͷඃ֐͕ੜ͡ΔڪΕ +BWB4DSJQU *OKFDUJPO

    ୈࡾऀ͔Β౉͞ΕͨจࣈྻΛ+4ͱͯ͠8FC7JFXʹ஫ೖɻ ѱҙͷ͋Δ+4Λ࣮ߦͤ͞ΒΕΔڪΕ ˞8FCαΠτ͕$41Ͱอޢ͞Ε͍ͯͯ΋+4͕࣮ߦ͞ΕΔ ˞

  20. ԋश໰୊

  21. ߈ܸର৅ͷΞϓϦʮ4FDVSF#PPLNBSLʯ • ར༻ऀͷϒοΫϚʔΫΛ҆શʹ؅ཧ͢ΔΞϓϦ • "OESPJEҎ্ͱJ04Ҏ্ʹରԠ • ར༻ऀͷϩάΠϯ৘ใ͸1BTTXPSE.BOBHFS͕ ҆શʹࣗಈೖྗ

  22. ᠘αΠτΛߏங͠ɺύεϫʔυΛ౪Έग़͢ • 4FDVSF#PPLNBSLͷίʔυΛಡΜͰ1BTTXPSE.BOBHFSͷ੬ऑੑΛݟ͚ͭΔ IUUQTHJUIVCDPNOJTIJNVOFBTFDVSJUZDBNQ • ᠘αΠτ͔Β੬ऑੑΛ߈ܸɻޡͬͯࣗಈೖྗ͞ΕͨύεϫʔυΛ౪Έग़͢ ᠘αΠτΛϒοΫϚʔΫ ੬ऑੑΛ߈ܸͯ͠ ύεϫʔυΛऔಘ ͜ΕΛ౪Έग़͢

  23. ໰୊ͷώϯτ 2VFTUJPO 0SJHJO7BMJEBUJPO&SSPSͷ੬ऑੑ͕͋Δͧɻ 1BTTXPSE.BOBHFS͕8FC7JFXʹຒΊࠐΉ+4ͷίʔυʹண໨ͯ͠ΈΑ͏ 2VFTUJPO  0SJHJO7BMJEBUJPO&SSPSͷ੬ऑੑ͕͋Δͧɻ 1BTTXPSE.BOBHFS͕+4ͷίʔυΛຒΊࠐΉ৚݅ʹண໨ͯ͠ΈΑ͏ 2VFTUJPO 0SJHJO7BMJEBUJPO&SSPSͷ੬ऑੑ͕͋Δͧɻ

    1BTTXPSE.BOBHFS͕ͲͷΑ͏ʹݺͼग़͞ΕΔ͔ௐ΂ͯΈΑ͏ 2VFTUJPO +BWB4DSJQU*OKFDUJPOͷ੬ऑੑ͕͋Δͧɻ 1BTTXPSE.BOBHFS͕ຒΊࠐΉ+4ͷίʔυʹண໨ͯ͠ΈΑ͏ 2VFTUJPO 'SBNF$POGVTJPOͷ੬ऑੑ͕͋Δͧɻ 1BTTXPSE.BOBHFS͕+4ͷίʔυΛຒΊࠐΉ৚݅ʹண໨ͯ͠ΈΑ͏ɻ J04൛͸3BDF $POEJUJPOΛ࢖ͬͯղ͘ํ๏΋͋Δͧ

  24. ͜ͷΑ͏ͳ੬ऑੑΛ๷͙ʹ͸

  25. 0SJHJO7BMJEBUJPO&SSPS • Α͋͘Δ࣮૷ޡΓ • 63-ʹʮTFDVSJUZDBNQPSHʯͱ͍͏จࣈྻؚ͕·ΕΔ͜ͱΛݕূ - IUUQFWJMFYBNQMFDPNTFDVSJUZDBNQPSH ͳͲͰᷖճ͞ΕΔ • 63-͕ʮIUUQTFDVSJUZDBNQPSHʯͱ͍͏จࣈྻͰ։࢝͢Δ͜ͱΛݕূ

    - IUUQTFDVSJUZDBNQPSHFWJMFYBNQMFDPN ͳͲͰᷖճ͞ΕΔ • 04ͷ"1*Ͱ63-Λ֤ύʔτʹ෼ղ͠ɺ֤ʑΛ׬શҰகͰൺֱ https://www.ietf.org/rfc/rfc3986.txt IUUQTBENJO!FYBNQMFDPN PWFSUIFSF OBNFGFSSFUOPTF TDIFNF VTFSJOGP IPTU QPSU QBUI RVFSZ GSBHNFOU

  26. 'SBNF$POGVTJPO • 8FC7JFXΦϒδΣΫτͷ63-Ͱ͸ͳ͘ɺϦΫΤετݩͷ63-Λݕূ • ΢Οϯυ΢ʢXJOEPXUPQʣͰ͸ͳ͘ϦΫΤετݩͷϑϨʔϜΛݕূ • ࣮૷ʹ͸ϦΫΤετݩͷ63-ΛݕূՄೳͳ"1*Λ࢖͏ඞཁ͕͋Δ +4à /BUJWF BEE+BWBTDSJQU*OUFSGBDF

    • ϦΫΤετݩͷ63-औಘෆՄ 8,4DSJQU.FTTBHF)BOEMFS • VTFS$POUFOU$POUSPMMFSͷҾ਺NFTTBHFͷ GSBNF*OGPTFDVSJUZ0SJHJOΛݕূʢJ04Ҏ߱ʣ QSPNQU • PO+T1SPNQUͷҾ਺VSMΛݕূʢ"OESPJEʣ • SVO+BWB4DSJQU5FYU*OQVU1BOFM8JUI1SPNQUͷ Ҿ਺GSBNFTFDVSJUZ0SJHJOΛݕূʢJ04Ҏ߱ʣ

  27. +BWB4DSJQU*OKFDUJPO • ྫ͑͹ɺFWBMVBUF+BWB4DSJQUΛආ͚Δ • จࣈྻ࿈݁Ͱ+4Λಈతੜ੒͢ΔՕॴ͸ͦ΋ͦ΋ޡΓΛ࡞ΓࠐΈ΍͍͢ • QSPNQUͷΑ͏ʹ+4ͱ/BUJWFؒͰσʔλΛ௚઀౉ͤΔํ๏ͷ࢖༻Λݕ౼͢Δ • Ͳ͏ͯ͠΋+4Λੜ੒͢ΔͳΒɺจࣈྻͷΤεέʔϓॲཧͰؤுΔ •

    +4ʹৄ͍͠ਓʹͪΌΜͱϨϏϡʔͯ͠΋Β͓͏ • WBS OBNF͜͜ Λಈతੜ੒͢ΔࡍʹΤεέʔϓ͕ඞཁͱͳΔจࣈ͸ʁ 6 " -' 6 $ 6 % $3 6  -4 6   6  14

  28. ·ͱΊ

  29. ·ͱΊ • 8FCͱ/BUJWFΛͭͳ͙ඞཁੑ͸͖ͬͱࠓޙ΋͋Δ • ͭͳ͗ํΛޡΔͱѱ͍αΠτʹ/BUJWFͷػೳΛѱ༻͞ΕΔ • ѱ༻͞Εͳ͍Α͏ʹ࣮૷͢Δͷ͸ΞϓϦ։ൃऀͷ੹຿ • ࣮૷ͷ࢓ํ͸04΍ϑϨʔϜϫʔΫͷఏڙ͢Δ࢓૊ΈʹΑͬͯҟͳΔ

  30. ͓ΘΓ