Slide 1

Slide 1 text

εϚʔτϑΥϯͷηΩϡϦςΟʹ͍ͭͯ ma.la

Slide 2

Slide 2 text

ࣗݾ঺հ ࣗݾ঺հ http://ma.la https://twitter.com/bulkneets

Slide 3

Slide 3 text

LINEגࣜձࣾ livedoorํ໘ͷਓͰ͢

Slide 4

Slide 4 text

࢓ࣄ ࢓ࣄ JavaScript, Perl ݩʑͷઐ໳ྖҬ͸UI, ϑϩϯτΤϯυ WebΞϓϦશൠ ೝূೝՄपΓ

Slide 5

Slide 5 text

ηΩϡϦςΟʹؔ͢Δۀ຿ ηΩϡϦςΟʹؔ͢Δۀ຿ ࣗࣾαʔϏεͷϦϦʔεલʹνΣοΫͨ͠Γͱ͔ Կ͔৽͍͠߈ܸख๏ݟ͔ͭͬͨΒௐࠪ ଞࣾαʔϏεͷ໰୊ݟ͚ͭͯใࠂͨ͠Γ ΦʔϓϯιʔεϓϩμΫτͷόάใࠂͨ͠Γ

Slide 6

Slide 6 text

ͦ΋ͦ΋ԿͰJavaScriptΛॻ͍ͯͨਓ͕ؒ ηΩϡϦςΟʹؔ͢Δ͜ͱΛ΍͍ͬͯΔͷ͔

Slide 7

Slide 7 text

͋ΒΏΔσόΠεͰHTML + JavaScript͕࢖ΘΕ͍ͯΔ Ͳ͜·Ͱѱ༻Ͱ͖Δͷ͔ɺͲ͏΍ͬͯमਖ਼͢΂͖ͳͷ͔ ࣾ಺Ͱ΋ͬͱ΋ৄ͍͠

Slide 8

Slide 8 text

جຊతʹ͸Webͷਓ iOS / Android ΞϓϦ։ൃ͋·Γৄ͘͠ͳ͍ ηΩϡϦςΟνΣοΫ΍Δؔ܎Ͱ͍֮͑ͯΔ

Slide 9

Slide 9 text

ࣗࣾαʔϏε ࣗࣾαʔϏε livedoor, NAVERͷWebαʔϏε ࠷ۙ͸LINEʹؔ͢Δ͋Ε͜Ε΋

Slide 10

Slide 10 text

αʔϏεϦϦʔεલʹ΍Δ͜ͱ QA / ηΩϡϦςΟQA ࣾ಺ϕʔλϦϦʔε

Slide 11

Slide 11 text

ϦϦʔεલͷϨϏϡʔ ػցతͳݕࠪͰݟ͔ͭΒͳ͍Α͏ͳ໰୊Λݟ͚ͭΔ ϙϦγʔ੍ఆ΍ࣄނ͕ى͖ͨ࣌ͷ૬ஊʹ৐ͬͨΓ

Slide 12

Slide 12 text

੬ऑੑใࠂͷϋϯυϦϯά ੬ऑੑใࠂͷϋϯυϦϯά ݸਓతʹใࠂΛड͚ͨ΋ͷͷௐ੔ ୲౰ऀʹ఻͑Δ or ࣗ෼Ͱ௚͢ livedoorͷ΋ͷ͸େମ௚ͤΔ मਖ਼ํ๏ͷࢦ͔ࣔΒमਖ਼׬ྃͷ֬ೝ·Ͱɻ

Slide 13

Slide 13 text

Ұݸݟ͚ͭͨΒෳ਺͋Δ Ұͭͷ੬ऑੑʹ͍ͭͯશαʔϏε໢ཏతʹௐࠪ

Slide 14

Slide 14 text

ଞࣾαʔϏεͷࣄྫ ଞࣾαʔϏεͷࣄྫ Google, Facebook, Twitter, Yahoo, Amazon, Evernote, etc hatena, mixi, Doorkeeper, ೚ఱಊ, etc දཱͬͯॻ͍ͨΓ͢Δͷ͸XSS͕ଟ͍ ݸਓͷ׆ಈͰ͢ɻ ͨ·ͨ·ۀ຿࣌ؒதʹݟ͚ͭΔ͜ͱ΋͋Γ·͕͢ݸਓͷ׆ ಈͰ͢

Slide 15

Slide 15 text

ͳͥଞࣾαʔϏεͷόάใ ͳͥଞࣾαʔϏεͷόάใ ࠂΛ͢Δ͔ ࠂΛ͢Δ͔ ୯ʹࣗ෼ͷ࢖ͬͯΔαʔϏε͕҆શ͔ؾʹͳΔ

Slide 16

Slide 16 text

ࣗࣾͰݟ͚ͭͨ໰୊͸ଞࣾʹ΋͋Δ ଞࣾͰݟ͚ͭͨ໰୊͕ࣗࣾʹ΋͋Δ ࣋ͪͭ࣋ͨΕͭ

Slide 17

Slide 17 text

ͳΜ͔XSS͹͔ͬΓ୳ͯ͠ΔΈ͍ͨʹࢥΘΕͨΓ͢Δ͜ͱ͕ ͋ΔͷͰ͕͢ ΋ͬͱΫϦςΟΧϧͳόάͱ͔৭ʑใࠂͯͨ͠Γ͠·͢

Slide 18

Slide 18 text

ެ։͍ͯ͠Δͷ͸ެ։ͯ͠΋ྑͦ͞͏ͳ΋ͷ ެ։͍ͯ͠Δ΋ͷΑΓང͔ʹଟ͘ใࠂ͍ͯ͠Δ ΞϓϦͷ੬ऑੑ → όʔδϣϯΞοϓ͕ਁಁ͢Δ·Ͱ࿩͠ ʹ͍͘͜ͱ͕͋Δ

Slide 19

Slide 19 text

ࠓ೔࿩͢͜ͱ ࠓ೔࿩͢͜ͱ εϚϗΞϓϦɺϞόΠϧΞϓϦέʔγϣϯʹ͓͚ΔηΩϡ ϦςΟ

Slide 20

Slide 20 text

LINEͷ࿩͡Όͳ͍Ͱ͢Αʂ Ұൠ࿦Ͱ͢

Slide 21

Slide 21 text

εϚϗΞϓϦ εϚϗΞϓϦ Webϕʔεͷٕज़͕ଟ͘࢖ΘΕ͍ͯΔ ࠓ·Ͱϒϥ΢β্Ͱى͖͍ͯͨΑ͏ͳ͜ͱ͕εϚϗΞϓϦ ಺Ͱى͖͍ͯΔ

Slide 22

Slide 22 text

εϚϗΞϓϦʹ͓͚ΔηΩϡϦςΟ εϚϗΞϓϦʹ͓͚ΔηΩϡϦςΟ ݸਓతʹ৭ʑͱൃݟ͖ͯͨ͠ܦݧ͔Β ൃݟख๏΍मਖ਼ํ๏ʹ͍ͭͯ ҆શͳΞϓϦΛ࡞ΔͨΊʹ͸Ͳ͏͢Ε͹͍͍ͷ͔ʁ

Slide 23

Slide 23 text

εϚϗͷ࿩ͷલʹ εϚϗͷ࿩ͷલʹ ௨ৗͷWebΞϓϦέʔγϣϯͰͷࣄྫΛͬ͘͟Γͱ

Slide 24

Slide 24 text

Web WebΞϓϦʹ͓͚ΔηΩϡ ΞϓϦʹ͓͚ΔηΩϡ ϦςΟಈ޲ ϦςΟಈ޲

Slide 25

Slide 25 text

XSS XSS ΫϩεαΠτεΫϦϓςΟϯά આ໌ඞཁʁ

Slide 26

Slide 26 text

ࣗಈΤεέʔϓͯ͠Ε͹େମେৎ෉Ͱ͢ ςϯϓϨʔτΤϯδϯଆͰ҆શଆͷϙϦγʔ ͦΕͰΧόʔग़དྷ͍ͯͳ͍ࣄྫʹؾΛ࢖͑͹ྑ͍

Slide 27

Slide 27 text

JavaScript JavaScriptͷಈతੜ੒ ͷಈతੜ੒ scriptλά಺΍onclickଐੑ಺ʹςϯϓϨʔτม਺ΛຒΊ͜ ΜͰ͍Δέʔε ҆શʹ͢Δͷ͕ඇৗʹ೉͍͠ͷͰ΍Βͳ͍Ͱ!

Slide 28

Slide 28 text

javascript: javascript: ΁ͷϦϯΫ ΁ͷϦϯΫ a href΁ͷࢦఆ → ΫϦοΫ࣌ʹscript࣮ߦ iframe src΁ͷࢦఆ → ϩʔυ࣌ʹscript࣮ߦ img src΄͔ → ੲ͸࣮ߦ͞Ε͕ͨࠓ͸࣮ߦ͞Εͳ͍

Slide 29

Slide 29 text

͜͜Β΁Μ͸ී௨ͷXSS ੈͷதʹ͸·ͩ·ͩͨ͘͞Μ ࣗࣾαʔϏεͰ͸͋·Γݟ͔͚ͳ͘ͳΓ·ͨ͠

Slide 30

Slide 30 text

DOM based XSS DOM based XSS jQueryΛ࢖͍ͬͯΔέʔε ֎෦υϝΠϯΛXHRͰಡΈࠐΊͯ͠·͏έʔε

Slide 31

Slide 31 text

jQuery Mobile jQuery Mobileͷѱເ ͷѱເ ෳ਺ͷXSS੬ऑੑͷଘࡏ چόʔδϣϯ࢖ͬͯΔαΠτ΄΅શ෦XSSՄೳ ެࣜαΠτͷར༻ࣄྫ͔Βඈ΂Δϖʔδ΄΅શ෦

Slide 32

Slide 32 text

ݪҼͱରࡦ ݪҼͱରࡦ location.hashʹࢦఆ͞ΕͨύεΛಡΈࠐΜͰHTMLͷ෦෼ ॻ͖׵͑ jQuery Mobileͷجຊػೳ ೚ҙͷURLΛϩʔυՄೳʹͳ͍ͬͯͨ → දࣔதͷυϝΠ ϯͷݖݶͰධՁ͞ΕΔ

Slide 33

Slide 33 text

ରࡦ͸ ରࡦ͸ ಡΈ͜ΉલʹݱࡏදࣔதͷυϝΠϯͱҰக͢Δ͔Ͳ͏͔ݕ ࠪ͢ΔΑ͏ʹ ະͩʹજࡏతͳ໰୊͸͋Δ ʮಉҰυϝΠϯʯͷϦιʔε͸HTMLͱͯ͠ಡΈࠐΜͰ ΋҆શͩɺͱ͍͏҉໧ͷલఏ

Slide 34

Slide 34 text

HTML͡Όͳ͍΋ͷ͕HTMLͱͯ͠ධՁ͞ΕΔ໰୊ Ҏલ͸ IEݶఆͷ໰୊ͱͯ͠ଘࡏ X-Content-Type-Options: nosniff

Slide 35

Slide 35 text

JS JSͰͷಈతϩʔυͱͷ૊Έ߹Θͤ Ͱͷಈతϩʔυͱͷ૊Έ߹Θͤ ςΩετϑΝΠϧ ը૾(ͷίϝϯτ෦෼ʹHTML) JSONɺCSV etc HTML͡Όͳ͍΋ͷ͕HTMLͱͯ͠ධՁ͞ΕΔ ϦμΠϨΫλͳͲ͕བྷΉͱ࿩͕΍΍͘͜͠ͳΓ·͢

Slide 36

Slide 36 text

Ruby on Rails Ruby on Rails ͷ ͷ Turbolinks Turbolinks Ajax + history.pushState Ͱߴ଎ʹը໘੾Γସ͑ githubͰ΍ͬͯΔΑ͏ͳ΍ͭ

Slide 37

Slide 37 text

jQuery Mobileͱಉ༷ͷ໰୊ Ϣʔβʔ͕αΠτ಺ͷ೚ҙͷURLʹϦϯΫΛషΕΔΑ͏ ͳέʔε ΍΍ಛघ͕ͩे෼ʹ༗ΓಘΔ(જࡏతXSS) ରԠ: htmlͷΈड͚ೖΕɺϦμΠϨΫτΛڋ൱ Rails ϓνίϛολʔ

Slide 38

Slide 38 text

AngularJS AngularJS ࠷ۙΞπ͍ͱ࿩୊ͷ ৼΔ෣͍Λهड़͍͍ͯ͠ײ͡ʹMVCͯ͘͠ΕΔ΍ͭ Ϣʔβʔ͕class໊Λࣗ༝ʹॻ͚ΔΑ͏ͳέʔεʁʁʁ ྲྀੴʹͳͦ͞͏͚ͩͲࠓޙ໰୊ʹͳΔ͔΋ Ή͠Ζ Content Security Policy bypass ͱͯ͠ͷϦεΫ https://code.google.com/p/mustache- security/wiki/AngularJS

Slide 39

Slide 39 text

ϦονςΩετΤσΟλ্Ͱͷ ϦονςΩετΤσΟλ্ͰͷXSS XSS ϦονςΩετΤσΟλͷiframe಺ͰͷXSS TinyMCE΍ɺͦͷ೿ੜϓϩμΫτ ࠷ۙଟ਺ใࠂ

Slide 40

Slide 40 text

ࣗࣾαʔϏεͰͷࣄྫ ࣗࣾαʔϏεͰͷࣄྫ livedoor Blog NAVERͷαʔϏε

Slide 41

Slide 41 text

ଞࣾαʔϏεͰͷࣄྫ ଞࣾαʔϏεͰͷࣄྫ wordpress.com XSS मਖ਼ࡁΈ Movable Type XSS मਖ਼ࡁΈ ΄͔ʹ΋ௐ੔தͷ͍͔ͭ͘

Slide 42

Slide 42 text

HTML HTMLύʔαͷڍಈͷҧ͍ʹΑΔ ύʔαͷڍಈͷҧ͍ʹΑΔXSS XSS ղऍʹϒϨ͕ੜ͡ΔΑ͏ͳHTMLΛೖྗ͢Δ αʔόʔଆ΍JSͷϑΟϧλΛ͢Γൈ͚Δɻ ېࢭ͞ΕͯΔ͸ͣͷλά͕௨Δ!

Slide 43

Slide 43 text

Flash based XSS Flash based XSS ී௨ͷXSS͸ݟ͔ͭΓʹ͘͘ͳ͍ͬͯΔ Flash based XSS͕Ξπ͍! ࣄྫʹ͍ͭͯ·ͱΊͯ·͢ http://subtech.g.hatena.ne.jp/mala/20130604/1370328779

Slide 44

Slide 44 text

Flash based XSS Flash based XSSͷݪҼ ͷݪҼ ExternalInterface.call htmlText ʹΑΔλάग़ྗ ֎෦swfͷϩʔυ

Slide 45

Slide 45 text

Flash FlashͷηΩϡΞίʔσΟϯά ͷηΩϡΞίʔσΟϯά? ? ࠓ͞ΒͲ͏͠Α͏΋ͳ͍ ࠓ͔ΒFlashॻ͘ਓ͸͋·Γ͍ͳ͍ ඞཁͱ͞ΕͯΔέʔεͰద੾ͳϥΠϒϥϦΛ࢖͏ ϝϯς͞ΕͯΔϥΠϒϥϦ͔Ͳ͏͔ͷબఆ͕େࣄ

Slide 46

Slide 46 text

ஶ໊Ͳ͜Ζ ஶ໊Ͳ͜Ζ swfupload zeroclipboard ಈըϓϨΠϠʔ͋Ε͜Ε

Slide 47

Slide 47 text

ಈըϓϨΠϠʔͷ ಈըϓϨΠϠʔͷXSS XSS videoλάͷfallbackͱͯ͠Flash ·ͩඞཁͱ͞ΕΔঢ়گ

Slide 48

Slide 48 text

ಈըϓϨΠϠʔͷ ಈըϓϨΠϠʔͷXSS XSS ͿͬͪΌ͚શ෦μϝͩͬͨ ͋Ε΋͜Ε΋શ෦XSS͕͋Δ JWPlayer, Video-js, mediaelement, flowplayer, etc ݹ͍όʔδϣϯ࢖͕֮ͬͨ͑͋ΔͳΒߋ৽Λɻ

Slide 49

Slide 49 text

ࣗࣾαΠτͰͷࣄྫ ࣗࣾαΠτͰͷࣄྫ ͨ͘͘͢͝͞Μ ϒϩάʹॻ͍͔ͯΒؾ෇͍ͨ΋ͷ΋͋Γ

Slide 50

Slide 50 text

ଞࣾαΠτͰͷࣄྫ ଞࣾαΠτͰͷࣄྫ IPA੬ऑੑใࠂ૭ޱʹಧग़ ௐ੔த

Slide 51

Slide 51 text

ͳΜͰ͜Μͳ͜ͱʹͳͬͯΔͷʁ ͳΜͰ͜Μͳ͜ͱʹͳͬͯΔͷʁ FlashଆͰͷΠϕϯτΛJavaScriptʹ௨஌ ݺ͹ΕΔؔ਺ΛΧελϚΠζग़དྷΔΑ͏ʹͳ͍ͬͯΔ΋ͷ ͕ଟ͍ some_swf?debug=function(){alert(/XSS/)} ͦ΋ͦ΋Flash → JS΁ͷҾ਺ड͚౉͠ͷࡍͷॲཧ͕όάͬ ͯͨΓ͢Δ

Slide 52

Slide 52 text

Flash Flashͷ໰୊ ͷ໰୊ PlayerଆͰ௚͢΂͖όά͕௚Βͳ͍ ࣌ͱͯ͠ޓ׵ੑͷͨΊʹෆద੾ͳ࢓༷ͷ··์ஔ ଟ͘ͷswf͕ݹ͍όʔδϣϯͷϚϚ์ஔ͞Ε͍ͯΔ

Slide 53

Slide 53 text

Web Webͷ࿩ ͷ࿩ ͍͍ͩͨ͜Μͳײ͡

Slide 54

Slide 54 text

Web Web → → εϚϗ εϚϗ ੬ऑੑͷൃੜ͠΍͍͢ϙΠϯτ͸ಉ͡ WebView + XSS CSRFʹࣅͨ΋ͷ(Cross-Application request forgeries) ଞݴޠͱͷϒϦοδػೳ

Slide 55

Slide 55 text

εϚϗΞϓϦͱ͍ͬͯ΋ εϚϗΞϓϦͱ͍ͬͯ΋ ৭ʑ ৭ʑ Webϕʔεͷ΋ͷ HTML5ϕʔεͷ΋ͷ ϓϥοτϑΥʔϜݻ༗ͷUIίϯϙʔωϯτ࢖͏΋ͷ

Slide 56

Slide 56 text

Web WebϕʔεͷΞϓϦ ϕʔεͷΞϓϦ εϚϗ޲͚ͷWebαΠτ ͋Δ͍͸ͦΕΛදࣔ͢Δ͚ͩͷΞϓϦ

Slide 57

Slide 57 text

ωΠςΟϒدΓͷΞϓϦ ωΠςΟϒدΓͷΞϓϦ ϩʔΧϧͷHTML5 + JSͰ࡞ΒΕ͍ͯΔ΋ͷ ϓϥοτϑΥʔϜωΠςΟϒͷUIίϯϙʔωϯτͰ࡞Β Ε͍ͯΔ΋ͷ ͍ͣΕʹͤΑ಺෦Ͱ͸http/https࢖ͬͯΔ͜ͱ͕ຆͲ

Slide 58

Slide 58 text

εϚϗΞϓϦͱ͸ εϚϗΞϓϦͱ͸ ݁ہͷͱ͜ΖಛఆαʔϏε޲͚ͷઐ༻ϒϥ΢β Ͱ͋Δ͜ͱ͕ඇৗʹଟ͍ Webͷٕज़ɺϊ΢ϋ΢͕ྲྀ༻Ͱ͖Δ HTML/JSΛௐࠪ͢Δ͜ͱͰ੬ऑੑΛݟ͚ͭΒΕΔ WebͰى͖ͯΔ͜ͱ͸εϚϗΞϓϦ্Ͱ΋ى͖Δ

Slide 59

Slide 59 text

ௐࠪํ๏ͷ࿩ ௐࠪํ๏ͷ࿩

Slide 60

Slide 60 text

ௐ΂ํ ௐ΂ํ ௨৴ΛΩϟϓνϟͯ͠ௐ΂Δ ΞϓϦέʔγϣϯͷอଘ͍ͯ͠ΔσʔλΛௐ΂Δ ιʔείʔυ͔Βௐ΂Δ(ࣗࣾΞϓϦ) ϦόʔεΤϯδχΞϦϯά(Android)

Slide 61

Slide 61 text

௨৴ͷղੳ ௨৴ͷղੳ ࠷ۙ͸΋ͬͺΒmitmproxyͱ͍͏ͷΛ࢖ͬͯ·͢

Slide 62

Slide 62 text

mitmproxy mitmproxy pythonͰॻ͔Εͨproxyαʔόʔ ୺຤ʹϧʔτূ໌ॻΛೖΕͯHTTPSͷ௨৴ΛΩϟϓνϟ http://mitmproxy.org

Slide 63

Slide 63 text

mitmproxy mitmproxy WiFiཱͯΔͷ໘౗ͳͷͰVPNܦ༝Ͱ࢖͑ΔΑ͏ʹͯ͋͠ Δ VPN༗ޮʹ → 80,443ͷશͯͷ௨৴Λmitmproxyͷಁաϓ ϩΩγܦ༝ʹɻ iOSͰ΋AndroidͰ΋VPNͷઃఆ͸͋·Γ೉͘͠ͳ͍

Slide 64

Slide 64 text

Why VPN Why VPN ࣾ಺Ͱ։ൃ༻ʹWiFiΞΫηεϙΠϯτ࡞Δਓଟ͗͢ ׯবͯ͠ແઢͭͳ͕Γʹ͘͘ͳΔ ໺ྑWiFiېࢭྩ͕ग़ͨ

Slide 65

Slide 65 text

௨৴ΛΩϟϓνϟͯ͠෼͔Δ͜ͱ ௨৴ΛΩϟϓνϟͯ͠෼͔Δ͜ͱ ಺෦Ͱୟ͍͍ͯΔAPI → ͜Ε௚઀ΞΫηεͨ͠ΒͲ͏ͳ ΔΜͩΖʁ ฏจ௨৴ → վ᜵͞Εͨ৔߹ͷӨڹ͸Ͳͷఔ౓ʁ ΞΫηεղੳ΍τϥοΩϯάͰૹΒΕ͍ͯΔσʔλ

Slide 66

Slide 66 text

อଘ͍ͯ͠ΔσʔλΛௐ΂Δ อଘ͍ͯ͠ΔσʔλΛௐ΂Δ ୺຤ͱUSBέʔϒϧͰ઀ଓͯ͠Ϛ΢ϯτ อଘ͞Ε͍ͯΔϑΝΠϧΛௐ΂ͨΓॻ͖׵͑ͨΓ σΟϨΫτϦߏ੒Λௐ΂Δ → ݸਓ৘ใ͕อଘ͞Εͯͦ͏ ͳϑΝΠϧΛݟ͚ͭΔ ΞϓϦ಺ͷ੬ऑੑͰϑΝΠϧ͕ಡΊͳ͍͔ௐ΂Δ

Slide 67

Slide 67 text

ιʔείʔυ͔Βௐ΂Δ ιʔείʔυ͔Βௐ΂Δ apkͷٯίϯύΠϧ ࣗࣾΞϓϦͷιʔείʔυ͔Β ࠷΋ޮ཰͕Α͘໢ཏతʹௐ΂ΒΕΔ

Slide 68

Slide 68 text

ௐࠪํ๏ ௐࠪํ๏ େମ͜Μͳײ͡

Slide 69

Slide 69 text

੬ऑੑͷ͋ͬͨΞϓϦͷࣄ ੬ऑੑͷ͋ͬͨΞϓϦͷࣄ ྫ ྫ ࣗ෼͕ൃݟใࠂ͖ͯͨ͠΋ͷ

Slide 70

Slide 70 text

έʔεελσΟ έʔεελσΟ WebView WebViewʹؔ͢Δ΋ͷ ʹؔ͢Δ΋ͷ

Slide 71

Slide 71 text

Sparrow, Mailbox, Boxcar, LINE, NAVER, Google, etc

Slide 72

Slide 72 text

ϝʔϧΞϓϦͰͷ ϝʔϧΞϓϦͰͷXSS XSS HTMLϝʔϧදࣔػೳͰscript࣮ߦՄೳͳࣄྫ͕ଟ਺ Sparrow Mailbox

Slide 73

Slide 73 text

Sparrow Sparrow ධ൑ͷྑ͍ϝʔϧΫϥΠΞϯτ Googleʹങऩ͞Εͨ ͦͷগ͠લʹͪΐ͏Ͳόάใࠂ͍ͯͨ͠

Slide 74

Slide 74 text

No content

Slide 75

Slide 75 text

Sparrow Sparrowͷέʔε ͷέʔε ͱ͋ΔαʔϏεͷ໊લͷઃఆʹHTMLλάΛೖΕ͍ͯͨ ͓஌Βͤϝʔϧͷ໊݅෦෼Ͱλά͕༗ޮʹͳ͍ͬͯͨ ո͍͠ͱࢥͬͯݕূ ϒϥοΫϦετͰͷ੍ݶͩͬͨ

Slide 76

Slide 76 text

audio΍video༻ͷ৽͍͠Πϕϯτϋϯυϥ طଘͷϒϥοΫϦετʹॻ͍ͯͳ͍ → ௨Δ OSXͰ໰୊͕͋ͬͨͷͰiOSόʔδϣϯ΋ௐ΂Δ ಉ༷ʹϝʔϧදࣔը໘ͰJavaScript࣮ߦՄೳͩͬͨ

Slide 77

Slide 77 text

Կ͕ग़དྷͨͷ͔ʁ Կ͕ग़དྷͨͷ͔ʁ JavaScript͔Βϝʔϧຊจͷೖ͍ͬͯΔsqliteϑΝΠϧʹΞ ΫηεՄೳͩͬͨ ड৴ͨ͠શͯͷϝʔϧΛ౪ΈऔΔ͜ͱ͕Մೳ iOS5Ͱ͸ΞυϨεாͷσʔλϕʔεϑΝΠϧͷಡΈऔΓ ΋Մೳ

Slide 78

Slide 78 text

Կނ͜͏ͳΔͷ͔ʁ Կނ͜͏ͳΔͷ͔ʁ ݖݶͷڧ͍UIWebViewͰϝʔϧΛද͍ࣔͯ͠Δ BaseURL͕ແࢦఆ or file:// ͦͷΞϓϦͷDocumentʹΞΫηεՄೳʹͳΔ

Slide 79

Slide 79 text

Mailbox Mailboxͷࣄྫ ͷࣄྫ Dropboxʹങऩ͞Εͨ Gmail༻ΫϥΠΞϯτɺOAuth࢖ͬͯαʔόʔαΠυͰड ৴͍ͯ͠Δ MailboxͷαʔόʔଆͰλάΛϑΟϧλՄೳ ւ֎Ͱ໰୊Λࢦఠ͞ΕͯαʔόʔଆͰͷϑΟϧλͰରԠ͠ ͍ͯͨ

Slide 80

Slide 80 text

Mailbox Mailboxͷࣄྫ ͷࣄྫ 2013೥9݄ HTMLϝʔϧ಺ͰͷJavaScript࣮ߦͷ໰୊͕ࢦఠ͞ΕΔ http://miki.it/blog/2013/9/24/mailboxapp-javascript- execution/

Slide 81

Slide 81 text

No content

Slide 82

Slide 82 text

"As many have noted, the real risks presented by running javascript within Mailbox are extremely limited thanks to how iOS is designed." ଟ͘ͷਓ͕ࢦఠͯ͠ΔΑ͏ʹMailbox্Ͱͷjavascript࣮ߦʹ ΑΔϦεΫ͸ۃΊͯݶఆతͰ͢ɺiOSͷઃܭʹײँ

Slide 83

Slide 83 text

"extremely limited" "thanks to how iOS is designed."

Slide 84

Slide 84 text

͓લ͸ԿΛݴ͍ͬͯΔΜͩ

Slide 85

Slide 85 text

͓͍ΠλϦΞͷϒϩΨʔ ͓͍ΠλϦΞͷϒϩΨʔ ಈըͱͬͯ௕จॻ͍ͯΔՋ͋ͬͨΒ alert(location) Λॻ͚ ӨڹൣғΛద੾ʹ೺Ѳ͢Δ͜ͱ͕ඞཁ

Slide 86

Slide 86 text

όάใࠂʹಈը͸͍Βͳ͍ Google: σϞಈըΑΓ୹͍࣮ূίʔυ

Slide 87

Slide 87 text

Mailbox MailboxͷରԠ ͷରԠ ެࣜϒϩάͰʮsandboxʹΑͬͯӨڹ͸ۃখʯͱΞφ΢ϯ ε ਖ਼௚͜ͷஈ֊Ͱ͸ɺ෼͔Βͳ͍ ʮ͋ɺ͍ͭ͜෼͔ͬͯͳͦ͞͏ʯ→ ௐ΂Δ

Slide 88

Slide 88 text

Mailbox Mailboxͷࣄྫ ͷࣄྫ ݩͷใࠂऀ: ൈ͚͕͋ͬͯ࠶౓मਖ਼ɺͱ͍͏هࣄ ·ͩ·ͩൈ͚݀͋ΔΜ͡Όͳ͍ͷʁ → ͜͜ͰHTMLύʔαͷڍಈͷҧ͍ʹΑΔXSS

Slide 89

Slide 89 text

Mailbox Mailboxͷࣄྫ ͷࣄྫ มͳλάͨ͘͞Μ࡞ͬͯࢼ͢ ී௨ͷϝʔϥʔͰ͸ૹΕͳ͍͜ͱ͕ଟ͍ HTMLϝʔϧૹ৴scriptॻ͘ or ϝʔϥͷૹ৴଴ͪϑΝΠϧ ΛΤσΟλͰฤू

Slide 90

Slide 90 text

͜͏͍͏ͷͰ͢ ͜͏͍͏ͷͰ͢ < script> your code here < /script> -->

Slide 91

Slide 91 text

< script> your code here < /script> --> HTMLύʔαϥΠϒϥϦͷଟ͘͸ίϝϯτͱͯ͠ղऍ ࣮ࡍͷϒϥ΢βͰ͸Ұߦ໨Ͱίϝϯτऴྃͱݟͳ͢ ஌Βͳ͍ͱؾ෇͔ͳ͍

Slide 92

Slide 92 text

ύʔαͷڍಈͷҧ͍ʹΑΔ ύʔαͷڍಈͷҧ͍ʹΑΔ XSS XSS ϒϥοΫϦετ͸ةݥͰ͢ ύʔεͯ͠ɺਖ਼نԽͨ͠HTMLΛ࠶ߏ੒͢Δ͜ͱ

Slide 93

Slide 93 text

UIWebView + XSS UIWebView + XSS Sparrow΋Mailbox΋UIWebView಺ͰJavaScript͕࣮ߦͰ ͖ͨ ࣮ࡍͷͱ͜ΖͲ͜·Ͱग़དྷͨͷ͔ʁ ηΩϡϦςΟݚڀऀ΋ϦεΫΛਖ਼͘͠ೝࣝग़དྷ͍ͯͳ͍ ݩͷใࠂऀ͸ʮJailbreak͞ΕͯΔσόΠεͰةݥʯͱओு

Slide 94

Slide 94 text

Jailbreak Jailbreakͯ͠Δͱةݥ ͯ͠Δͱةݥ? ? iOSؔ܎ͰΑ͘ฉ͘ϑϨʔζɻ Jailbreak͸ϚδͰؔ܎ͳ͍Ͱ͢ WebKitͷόάΛ͍ͭͨΒةݥ → ͦΕ͸WebKitͷόάͰ ͢

Slide 95

Slide 95 text

ਖ਼͍͠౴͑ ਖ਼͍͠౴͑ BaseURLʹΑΔ UIWebViewͷBaseURLͰ͢

Slide 96

Slide 96 text

JS࣮ߦग़དྷΔ͚ͩͰةݥͩͬͨΒϒϥ΢β͕ةݥ Ͳ͏͍͏ݖݶɺίϯςΩετͰಈ͍ͯΔͷ͔͕ॏཁ

Slide 97

Slide 97 text

Mailboxͷ৔߹

Slide 98

Slide 98 text

file:// Ͱಈ͍ͯΔ!! ͳΜ͔·ͣͦ͏

Slide 99

Slide 99 text

PoC PoCΛ࡞Δ Λ࡞Δ 1. σʔλΛอଘͯ͠ΔύεΛௐ΂Δ(iPhone Explorer౳) 2. JS͔ΒϑΝΠϧಡΈऔΔίʔυΛॻ͘ 3. ϑΝΠϧαΠζऔΕΕ͹੒ޭ 4. ϦϞʔτʹσʔλૹΔίʔυΛॻ͘

Slide 100

Slide 100 text

࣮ࡍͷڴҖ͸ʁ ࣮ࡍͷڴҖ͸ʁ Sparrow΋Mailbox΋ڧ͍ݖݶͷWebViewͰಈ࡞ɻ ʮड৴ࡁΈϝʔϧΛશͯ౪Έग़ͤΔ͜ͱ͕ग़དྷΔ੬ऑੑʯ ͩͬͨ

Slide 101

Slide 101 text

ͦͷޙ ͦͷޙ Mailbox Appͷ໰୊͸मਖ਼͞Εͨ ͦ΋ͦ΋ʮWebViewͷݖݶΛ੍ݶͨ͠΄͏͕ྑ͍ʯͱΞ υόΠε ʮϒϩάهࣄΛగਖ਼ͨ͠΄͏͕ྑ͍ʯͱ΋ΞυόΠε

Slide 102

Slide 102 text

Dropboxͷ༰ྔ૿͑ͨ 10GB

Slide 103

Slide 103 text

ࠓ࣌10GB? ͱจ۟ݴͬͨΒ 100GB ૿͑ͨ

Slide 104

Slide 104 text

ࣗࣾͰͷࣄྫ ࣗࣾͰͷࣄྫ εϚϗΞϓϦதͰͷXSS ࣗ෼ͷϒϩάͰղઆهࣄΛॻ͘ ͔ࣗࣾ͠͠΍άϧʔϓձࣾͷΞϓϦͰಉ౳ͷ໰୊ ಉ͡આ໌Λ܁Γฦ͢೔ʑ oh..

Slide 105

Slide 105 text

ڞ௨ͯ͠ݴ͑Δ͜ͱ ڞ௨ͯ͠ݴ͑Δ͜ͱ ڧ͍ݖݶΛ࣋ͭWebViewͰͷJavaScript࣮ߦ ։ൃݩ: sandboxͰ੍ݶ͞ΕΔͱओு ࣮ࡍ͸: ϝʔϧͷσʔλϕʔεશ෦ಡΊΔɺiOSͷΞυϨ εாಡΊΔ ։ൃऀ͕ϦεΫΛਖ਼͘͠ೝࣝͰ͖͍ͯͳ͍

Slide 106

Slide 106 text

੬ऑੑݟ͚ͭͨΒ ੬ऑੑݟ͚ͭͨΒ Ͳ͜·Ͱѱ༻Ͱ͖Δ͔ௐ΂Δ͜ͱ·Ͱηοτ "JavaScript͕࣮ߦͰ͖Δόά" ͳͷ͔ "ݸਓ৘ใΛ౪Έग़ ͤΔ੬ऑੑ" ͳͷ͔

Slide 107

Slide 107 text

࠷ॳ͸ࣗ෼΋ʮͦΜͳ͜ͱͰ͖Μͷʁʁʯͩͬͨ ϓϥοτϑΥʔϜຖʹϦεΫ͸ҟͳΔ ͦͷϓϥοτϑΥʔϜ্ͷόϦόϦݱ໾։ൃऀ͡Όͳ͍ͱ ෼͔Βͳ͍ ͦ͏͍͏ਓ͕ηΩϡϦςΟʹڵຯͳ͍ͱ → ৘ใग़·Θ Βͳ͍ laiso͞Μͱ͍͏ͻͱ͕ௐ΂ͯ͘Εͨ http://d.hatena.ne.jp/laiso+iphone/20111003/1317651353

Slide 108

Slide 108 text

iOS iOSͷΞυϨεாͷύʔϛο ͷΞυϨεாͷύʔϛο γϣϯ γϣϯ addressbook.sqlitedb iOS5: file:// ͔ΒͰ͋Ε͹ڐՄແ͘ಡΈࠐΊͨ iOS6: ΞϓϦ͕Ұ౓ΞυϨεாΛಡΈࠐΜͩޙͳΒಡΈࠐ Ίͨ iOS7: file:// Ͱ௚઀ΞΫηε͕ෆՄೳʹͳͬͨ

Slide 109

Slide 109 text

ΞυϨεா௚ಡΈ໰୊ ΞυϨεா௚ಡΈ໰୊ UIWebView্ͷJavaScript͔ΒϩʔΧϧϑΝΠϧ͕ಡΊΔ ͦͷΞϓϦͷυΩϡϝϯτͳΒOK OSͷΞυϨεாͷsqliteϑΝΠϧಡΊΔҙຯ͕Ͳ͜ʹʁ Ξοϓϧʹ໰͍߹ͤͯΈͨΓɻ

Slide 110

Slide 110 text

ԶʮͳΜͰJavaScript͔ΒΞυϨεுಡΊͪΌ͏ͷʁʯ ΞʮͦΕ͸ΞϓϦଆͷ໰୊Ͱ͢ɺͪ͜ΒͷηΩϡΞίʔ σΟϯάʹؔ͢ΔߨԋಈըΛɾɾɾʯ

Slide 111

Slide 111 text

ԶʮiOS7 betaͰ͸௚ͬͯΔΈ͍ͨͳΜ͚ͩͲʯ ΞʮiOS7 Ͱ͸SandboxͷڧԽ͕ߦΘΕͯɾɾɾʯ

Slide 112

Slide 112 text

׬શͳमਖ਼͸iOS7Ҏ߱

Slide 113

Slide 113 text

େࣄͳ͜ͱ େࣄͳ͜ͱ Sandbox͕ԿΛอޢ͢Δ΋ͷͳͷ͔ཧղ͢Δ͜ͱ ΞϓϦέʔγϣϯ͝ͱͷϓϩηεͷ෼཭ iOSͷઃܭʹײँ͢Δલʹௐ΂·͠ΐ͏

Slide 114

Slide 114 text

Sandbox Sandboxͷ໨త͸ ͷ໨త͸ ʮผϓϩηεʯ͔ΒׯবͰ͖ͳ͘͢Δ͜ͱ ࣗ෼ࣗ਎ͷอ͍࣋ͯ͠Δσʔλ͸ଟ͘ͷ৔߹ɺ౰વʹಡΊ Δ

Slide 115

Slide 115 text

on Android on Android

Slide 116

Slide 116 text

Android Androidʹ΍΍ݻ༗ͷ໰୊ ʹ΍΍ݻ༗ͷ໰୊ addJavascriptInterfaceͷ໰୊ WebViewΛ࢖͍ͬͯΔΞϓϦͷඇৗʹଟ͕͘ӨڹΛड͚ Δ ࢀߟ: http://ierae.co.jp/uploads/webview.pdf

Slide 117

Slide 117 text

addJavascriptInterface addJavascriptInterfaceͷ໰ ͷ໰ ୊ͱ͸ ୊ͱ͸ JavaScript͔ΒΞϓϦଆͷؔ਺Λݺͼग़ͨ͢ΊͷϒϦοδ ຊདྷ։ൃऀͷࢦఆͨ͠ϝιου͔͠ݺͼग़ͤͳ͍ͱ͓΋͍ ͖΍ JavaͷϦϑϨΫγϣϯΛ࢖ͬͯ೚ҙͷϝιουݺͼग़͠Մ ೳ

Slide 118

Slide 118 text

࢖ͬͯͳ͚Ε͹໰୊ͳ͍ʁ

Slide 119

Slide 119 text

Androidͷݹ͍όʔδϣϯͰ͸(Android 3 - 4.1) ඪ४ͷWebViewίϯϙʔωϯτ͕σϑΥϧτͰ addJavascriptInterfaceΛ࢖༻ addJavascriptInterface࢖͕֮ͬͨ͑ͳͯ͘΋໰୊͕ى͖ Δ!! WebView૊ΈࠐΜͰΔ͚ͩͰ໰୊͕͋Δ ͜ΓΌେม

Slide 120

Slide 120 text

ΞϓϦ͕೚ҙͷWebϖʔδΛදࣔͰ͖Δ = ͦͷΞϓϦͷ ݖݶͰ೚ҙίʔυ࣮ߦՄೳ ௨৴͕վ᜵͞Ε͍ͯΔ = ͦͷΞϓϦͷݖݶͰ೚ҙίʔυ ࣮ߦՄೳ ৑ஊΈ͍͚ͨͩͲຊ౰ͷ࿩

Slide 121

Slide 121 text

͜ΓΌϚζΠΑ ͜ΓΌϚζΠΑ ࡢ೥຤ʹ໰୊ʹ͍ͭͯௐࠪ ݖݶͷऑ͍ΞϓϦͰ΋: ΞϓϦέʔγϣϯҰཡͷऔಘͳͲ ͕Մೳ ݖݶͷڧ͍ΞϓϦ: ΞυϨεாಡΈࠐΈɺSMSૹ৴ etc

Slide 122

Slide 122 text

Android Androidͷ҆શੑ ͷ҆શੑ ެʹͳͬͯͳ͍͚ͩ ηΩϡϦςΟؔ܎ऀ͸஌ͬͯΔ ͪΐͬͱௐ΂Ε͹࣮ূίʔυखʹೖΔ

Slide 123

Slide 123 text

ࣄྫ ࣄྫ WebView࢖ͬͨϒϥ΢βΞϓϦ ͍͔ͭ͘ͷΞϓϦͰݕূ Android4.1ҎԼͰ੬ऑͳ΋ͷ Android4.2Ҏ߱Ͱ΋੬ऑͳ΋ͷ

Slide 124

Slide 124 text

Android4.1 Android4.1ҎԼͰةݥͳ΋ ҎԼͰةݥͳ΋ ͷ ͷ ΞϓϦ։ൃऀ͸ຆͲѱ͘ͳ͍ ඪ४ͷWebViewΛͦͷ··࢖ͬͯΔ͚ͩͰةݥ ଞͷݖݶঢ֨ܥͷόάͱ૊Έ߹ΘͤΕ͹WebαΠτ։͍ͨ ͚ͩͰ׬શঠѲ

Slide 125

Slide 125 text

Android4.2 Android4.2Ҏ߱Ͱ΋ةݥͳ Ҏ߱Ͱ΋ةݥͳ ΋ͷ ΋ͷ ͍͔ͭ͘೺Ѳ ϒϥ΢βಠࣗͷػೳ΍֦ுػೳͷͨΊʹɺ addJavascriptInterfaceΛ࢖༻

Slide 126

Slide 126 text

Android AndroidଆͰͷରԠ ଆͰͷରԠ Android API Level 17 Ͱͷมߋ ࢦఆͨ͠ϝιου͔͠ݺͼग़ͤͳ͍Α͏ʹ͢Δ͜ͱ͕Մೳ ʹ ಈ࡞ର৅σόΠε͕ݶΒΕΔ͜ͱʹͳͬͯ͠·͏ http://commonsware.com/blog/2013/02/18/webview- addjavascriptinterface-change.html http://android-developers.blogspot.jp/2013/02/security- enhancements-in-jelly-bean.html

Slide 127

Slide 127 text

Android 4.4 Android 4.4 Ͱվળ Ͱվળ ͞Ε͍ͯΔɺ͸ͣ ApplicationͷContextΦϒδΣΫτΛऔಘ͢Δ͜ͱ͕ग़དྷ ͨΫϥε͕ແ͘ͳͬͯΔ ଞʹ΋ൈ͚ಓ͕͋Δ͔΋͠Εͳ͍ [ཁௐࠪ]

Slide 128

Slide 128 text

WebView WebView࢖ͬͯΕ͹ԿͰ΋ ࢖ͬͯΕ͹ԿͰ΋ ӨڹΛड͚Δ ӨڹΛड͚Δ ޿ࠂ഑৴༻ͷSDK(ຆͲHTMLͩΑͶ) ճઢ͕৴༻ग़དྷͳ͍ঢ়گԼͰ΋҆શʹ͚ͨ͠Ε͹ɺશ௨৴ SSLඞਢʹ

Slide 129

Slide 129 text

ΞϓϦέʔγϣϯ։ൃऀଆ ΞϓϦέʔγϣϯ։ൃऀଆ ͸Ͳ͏͢΂͖ʁ ͸Ͳ͏͢΂͖ʁ ݹ͍AndroidͰ΋ͳΜͱ͔ग़དྷͳ͍͜ͱ΋ͳ͍ Chrome/Opera͸࣮ࡍʹӨڹड͚ͳ͍(ඪ४WebView࢖ͬ ͯͳ͍͔Β) ಠࣗͰWebKit૊ΈࠐΉͱ͔ɺ͏·͍͜ͱ্ॻ͖͢Δͱ ͔ɻ OSଆͷόάʹͲ͜·Ͱରॲ͢΂͖͔ͱ͍͏໰୊

Slide 130

Slide 130 text

Өڹ޿ൣ͗͢ΔͷͰOSଆͰରॲͯ͘͠ΕΔͷ͕๬·͍͠ ͕ɾɾɾ ݱ࣮తʹΞοϓσʔτࠔ೉ͳ୺຤͕ଟ਺͋Δ ʮIEͷ໰୊ͩΖʂʂʯͱݴ͍ͭͭରԠ͖ͯͨ͠ྺ࢙ͱࣅͯ Δ

Slide 131

Slide 131 text

ΞϓϦؒ࿈ܞʹ ΞϓϦؒ࿈ܞʹ ؔ͢Δ໰୊ ؔ͢Δ໰୊

Slide 132

Slide 132 text

ΞϓϦέʔγϣϯؒ࿈ܞʹ ΞϓϦέʔγϣϯؒ࿈ܞʹ ܎Δ΋ͷ ܎Δ΋ͷ γϯάϧαΠϯΦϯͱ͔ WebαΠτؒ ΞϓϦέʔγϣϯؒ

Slide 133

Slide 133 text

ೝূɺ ೝূɺOpenID OpenID΍ ΍OAuth OAuthɺ ɺ ϓϥοτϑΥʔϜ ϓϥοτϑΥʔϜSDK SDK ڧ੍తʹೝՄͤͯ͞͠·͏Α͏ͳ΋ͷ ଞਓʹ੒Γ͢·ͯ͠ϩάΠϯग़དྷͯ͠·͏΋ͷ ਖ਼نͷΞϓϦҎ֎ʹڧ੍తʹೝՄͰ͖ͯ͠·͏΋ͷ

Slide 134

Slide 134 text

OpenID, OAuth OpenID, OAuthͷ ͷCSRF CSRF໰ ໰ ୊ ୊ ϥΠϒϥϦ࢖ͬͯී௨ʹ࣮૷͚ͨͩ͠ɺͰݱঢ়๷͛ͯͳ͍ ໰୊͕͋Δ

Slide 135

Slide 135 text

Facebook SDK Facebook SDKʹΑΔ΋ͷ ʹΑΔ΋ͷ ͦͷϢʔβʔ༻ͷʮผΞϓϦʯͷΞΫηετʔΫϯΛΞϓ Ϧʹೖྗ ΧελϜURLεΩʔϜͰड͚౉͢ Ϣʔβʔ৘ใऔಘ → ϩάΠϯʹ࢖༻ ѱҙͷ͋ΔΞϓϦ։ൃऀ͕ผΞϓϦʹ੒Γ͢·͠ϩάΠϯ ՄೳʹͳΔ

Slide 136

Slide 136 text

ରࡦ ରࡦ ʮͦͷΞϓϦ༻ʹൃߦ͞Εͨtoken͔Ͳ͏͔ͷ֬ೝʯ http://oauth.jp/blog/2012/02/08/ios-sdk/

Slide 137

Slide 137 text

ରࡦ ରࡦ2 2 ΞϓϦέʔγϣϯؒͷભҠΛௐ΂Δ ݺͼग़͠ݩͷΞϓϦΛௐ΂ͯɺݕূ͢Δ ֓Ͷ҆શ ൈ͚ಓ͕͋Δ

Slide 138

Slide 138 text

ݺͼग़͠ݩͷݕূ ݺͼग़͠ݩͷݕূ: Android : Android ͷέʔε ͷέʔε 2013೥7݄: Android OS ʹ͓͍ͯΞϓϦͷॺ໊ͷݕূ͕ෆ े෼ͳ੬ऑੑ ݹ͍୺຤ + ໺ྑΞϓϦΛߟྀ͢Δ৔߹: package signature ͕ѼʹͳΒͳ͍ ਖ਼نͷΞϓϦʹݶఆ͍ͨ͠ॲཧ͕໺ྑΞϓϦ͔ΒͰ΋ୟ͚ Δ͜ͱʹ

Slide 139

Slide 139 text

ݺͼग़͠ݩͷݕূ ݺͼग़͠ݩͷݕূ: iOS : iOSͷ ͷ έʔε έʔε openURLͰଞͷΞϓϦέʔγϣϯىಈ ݺͼग़͠ݩΞϓϦͷBundle IDΛऔΕΔ WebView಺ͷϦϯΫΫϦοΫͰ΋෇͍ͪΌ͏Α ೚ҙͷWebϖʔδΛදࣔ͢ΔΑ͏ͳػೳ͕͋ΔͳΒݺͼग़ ͠ݩΞϓϦ৘ใ͸ΞςʹͳΒͳ͍

Slide 140

Slide 140 text

ѱҙͷ͋ΔΞϓϦΛೖΕͳ͚Ε͹໰୊ ѱҙͷ͋ΔΞϓϦΛೖΕͳ͚Ε͹໰୊ ͳ͍ʁ ͳ͍ʁ ֓Ͷͦͷ௨Γɻ ෆࣗ༝ͳϚʔέοτʹґଘͨ͠ηΩϡϦςΟ App Store, Google Playʹ഑෍ܗଶ͕ݶఆ ͜ͷߟ͑Ͱߦ͘ͱΞϓϦࣗ༝ʹ։ൃ/഑෍Ͱ͖ͳ͍ੈͷத ʹͳͬͯ͠·͏

Slide 141

Slide 141 text

͜Ε͔ΒΞϓϦؒ࿈ܞ࡞Δਓ΁ͷΞυ ͜Ε͔ΒΞϓϦؒ࿈ܞ࡞Δਓ΁ͷΞυ όΠε όΠε ॏཁͳॲཧ͸ඞͣϢʔβʔૢ࡞Λհࡏͤͨ͞΄͏͕ྑ͍ ৴༻Ͱ͖ΔΞϓϦಉ࢜ʹݶఆͨͭ͠΋ΓͰ͋ͬͯ΋ ຊ౰ʹݶఆͰ͖ͯΔʁ

Slide 142

Slide 142 text

ϓϩτίϧϨϕϧͰͷઃܭϛε ϓϩτίϧϨϕϧͰͷઃܭϛε ޙ͔Βํ޲मਖ਼͕ࠔ೉ɻݹ͍όʔδϣϯͷΞϓϦ͕࢒Δͱ ໽հɻ SDKͱͯ͠഑෍ → ݹ͍όʔδϣϯ͕ࢢ৔ʹ࢒Γଓ͚Δ ࠷ॳ͔Βਖ਼͍͠ઃܭࢦ਑Λ࣋ͭ͜ͱ͕େࣄ

Slide 143

Slide 143 text

ͦΕͰ΋ؒҧ͑ͯ͠·ͬͨΒ ͦΕͰ΋ؒҧ͑ͯ͠·ͬͨΒ όʔδϣϯΞοϓػߏͱద੾ͳΞφ΢ϯε ॲཧΛ׬શʹΞϓϦ಺Ͱ׬݁ͤ͞Δͱةݥ αʔόʔαΠυͰमਖ਼Ͱ͖Δ༨஍Λ࢒͓ͯ͘͠

Slide 144

Slide 144 text

։ൃऀͷδϨϯϚ ։ൃऀͷδϨϯϚ ݹ͍όʔδϣϯ͕࢒͍ͬͯΔͷͰৄࡉΛެ։Ͱ͖ͳ͍ security fix ͳͷʹ bug fix ͱࠂ஌ ਂࠁͳόά͸ڧ੍όʔδϣϯΞοϓͷ࢓૊ΈΛɻ αʔόʔଆͰରॲͰ͖ΔΑ͏ͳ࢓૊Έͷ΄͏͕҆શʁ

Slide 145

Slide 145 text

Mailbox Mailboxͷࣄྫ ͷࣄྫ GmailΛҰ౓Mailboxͷαʔόʔܦ༝Ͱड৴ ͦͷͨΊαʔόʔଆͰͷϑΟϧλͰ΋ରԠͰ͖Δ ͦͷؾʹͳΕ͹ӡӦऀ͔ΒϝʔϧΛ౪ΈݟΔ͜ͱ͕ग़དྷͯ ͠·͏ σʔλ͕Ͳ͜ʹอଘ͍ͯ͠Δͷ͔ᐆດͳੈք

Slide 146

Slide 146 text

αʔόʔαΠυ͔Β࣮ߦίʔυ͢Βߋ৽Ͱ͖ΔΑ͏ʹͳͬͯ ͍ͨ΄͏͕ ਝ଎ʹόάमਖ਼Ͱ͖Δ͚ΕͲɺ ͦΕ͸ͦΕͰ҆શ͔Ͳ͏͔ͷݕূ΋ෆՄೳͳੈք

Slide 147

Slide 147 text

εϚϗΞϓϦͷݱঢ় εϚϗΞϓϦͷݱঢ় ݖݶͷڧ͍WebViewʹϦϞʔτͷHTML΍JS͕ಡΈࠐ· ΕΔ ͦͷΞϓϦέʔγϣϯ͕҆શ͔ɺ৴༻Ͱ͖Δ͔ɺ୯ମͰ෼ ͔Βͳ͍ ղੳͯ͠΋ಈతʹड৴͢Διʔεͱηοτ͡Όͳ͍ͱ൑அ Ͱ͖ͳ͍

Slide 148

Slide 148 text

ୈࡾऀʹΑΔ҆શੑͷ୲อ͕ࠔ೉ Ϣʔβʔ͔Βݟͯ҆શ͔Ͳ͏͔൑அ͕೉͍͠

Slide 149

Slide 149 text

҆શͳΞϓϦΛ࡞ΔͨΊʹ ҆શͳΞϓϦΛ࡞ΔͨΊʹ

Slide 150

Slide 150 text

͜Ε·Ͱൃݟɺରॲ͖ͯͨ͠ܦݧ͔Β

Slide 151

Slide 151 text

1. 1. ࠜຊతͳରࡦΛ ࠜຊతͳରࡦΛ JavaScriptϑΟϧλ͢ΔલʹWebViewͷݖݶམͱͤ

Slide 152

Slide 152 text

͜Μͳ;͏ʹߟ͕͑ͪ ͜Μͳ;͏ʹߟ͕͑ͪ JavaScriptΛϑΟϧλ͢Δͷ͕ରࡦ WebViewͷݖݶΛམͱ͢ͷ͕อݥతରࡦɺϑΣΠϧηʔ ϑઃܭ

Slide 153

Slide 153 text

ॱ൪ٯʹ͠·ͤΜ͔ʁ ॱ൪ٯʹ͠·ͤΜ͔ʁ όά͕͋ͬͯ΋҆શʹ͢Δͷ͕ϑΣΠϧηʔϑ "ద੾ͳݖݶ"Ͱಈ͍ͯͳ͍ͷ͸ɺͦ΋ͦ΋͓͔͍͠

Slide 154

Slide 154 text

unix unixͷੈք؍Λࢀߟʹ ͷੈք؍Λࢀߟʹ rootݖݶͰԿ΋͔΋ಈ͍ͯΔΑ͏ͳ΋ͷ ద੾ͳݖݶͰಈ͔͢ͷ͕·ͣେલఏ

Slide 155

Slide 155 text

ϑΝΠϧύʔϛογϣϯ WebͰ͋Ε͹Same origin policy ݪ࢝తͳอޢػߏ͸ރΕͯͯόά΋গͳ͍͜ͱ͕ظ଴Ͱ͖ Δ

Slide 156

Slide 156 text

2. 2. ߈ܸγφϦΦͱอޢࢿ࢈Λҙࣝ͢Δ ߈ܸγφϦΦͱอޢࢿ࢈Λҙࣝ͢Δ

Slide 157

Slide 157 text

ྫ͑͹ ྫ͑͹ Ϣʔβʔ͕ո͍͠WiFi࢖ͬͨ Ϣʔβʔ͕ܞଳి࿩མͱͨ͠ ʮࣗݾ੹೚Ͱ͠ΐʯͱݴ͍͍ͨͱ͜Ζ

Slide 158

Slide 158 text

SSL SSL࢖͏ͳΒ ࢖͏ͳΒ ճઢ͕৴༻Ͱ͖ͳͯ͘΋҆શʹ͢Δͷ͕໨త ͦͷલఏʹཱͨͳ͚Ε͹ҙຯ͕ແ͍

Slide 159

Slide 159 text

҉߸Խ ҉߸Խ ετϨʔδ্ͷ҉߸Խ ղಡ͞ΕΔ·Ͱͷ࣌ؒՔ͗ ෺ཧతʹ౪·Εͯ΋େৎ෉ͳΑ͏ʹ͢Δͷ͕໨త

Slide 160

Slide 160 text

ྑ͋͘Δέʔε ྑ͋͘Δέʔε Android + WebViewͷ੬ऑੑ ௨৴͕վ᜵͞ΕͯΔ৔߹ʹΞϓϦͷݖݶͰ೚ҙίʔυ࣮ߦ

Slide 161

Slide 161 text

ِΞΫηεϙΠϯτ໰୊ ِΞΫηεϙΠϯτ໰୊ ಛఆͷSSIDͰࣗಈ઀ଓ͢ΔΑ͏ͳઃఆͷ୺຤͕ඇৗʹଟ ͍ ᠘࢓ֻ͚Α͏ͱࢥ͑͹؆୯

Slide 162

Slide 162 text

௨৴վ᜵͞ΕΔͱΫϦςΟΧϧʹͳΔ ௨৴վ᜵͞ΕΔͱΫϦςΟΧϧʹͳΔ έʔε έʔε έʔεόΠέʔε ൑அͰ͖ͳ͔ͬͨΒͱʹ͔͘HTTPS࢖ͬͨ΄͏͕͍͍

Slide 163

Slide 163 text

ίετͷؔ܎Ͱ೉͍͠৔߹͸ ίετͷؔ܎Ͱ೉͍͠৔߹͸ ը૾΍ಈըͳΒɻ Mozilla ͷ Active/Passive content ൑அΛࢀߟʹ https://developer.mozilla.org/en- US/docs/Security/MixedContent

Slide 164

Slide 164 text

͋Δ͍͸ॺ໊΍ϋογϡ஋ͷݕূͱηοτͰHTTPΛ࢖͏ ΞϓϦέʔγϣϯຊମʹݕূॲཧΛ૊ΈࠐΊ͹͍͍

Slide 165

Slide 165 text

3. OS 3. OSͷόάͱద౓ʹ޲͖͋͏ ͷόάͱద౓ʹ޲͖͋͏

Slide 166

Slide 166 text

iOS5,6: ΞϓϦ಺XSSͰOSͷΞυϨεா͕ಡΊΔ Android: ඪ४WebView࢖ͬͯΔΞϓϦશൠ͕ةݥ

Slide 167

Slide 167 text

։ൃऀ͸Ͳ͏͢΂͖ͳͷ͔ʁ ։ൃऀ͸Ͳ͏͢΂͖ͳͷ͔ʁ Ϣʔβʔ͸࣮ࡍʹݹ͍όʔδϣϯͷOSΛ࢖ͬͯΔ Ξοϓσʔτࠔ೉ͳ୺຤͕ଟ਺ࢢ৔ʹ࢒͍ͬͯΔ

Slide 168

Slide 168 text

Web WebαΠτͱεϚϗΞϓϦͷҧ͍ αΠτͱεϚϗΞϓϦͷҧ͍ Webͷ৔߹ geocitiesͰJavaScriptॻ͚ͯ΋ʮ੬ऑੑͩʯͱ͸ݴΘͳ͍ ຊདྷಈ͍ͪΌ͍͚ͳ͍script͕ಈ͔ͤͨΒXSS

Slide 169

Slide 169 text

εϚϗͷ৔߹ อޢ͢΂͖ػີ৘ใΛ࣋ͨͳ͍ΞϓϦͰ΋ ΞυϨεா͕ಡΊͯ͠·ͬͨΓOSͷػೳΛୟ͚ͨΓ ௨৴͕վ᜵͞Εͨ৔߹ͷӨڹ͕ແࢹͰ͖ͳ͍΄Ͳେ͖͔ͬ ͨΓ

Slide 170

Slide 170 text

ࣗ෼ͷߟ͑ ࣗ෼ͷߟ͑ ΞϓϦೖΕͯ΋ೖΕͳͯ͘΋ى͜Δ໰୊ͳΒOSͷ໰୊ ͦͷ͏ͪOSଆͷόʔδϣϯΞοϓͰউखʹ҆શʹʁʁ ͋·Γظ଴͠ͳ͍΄͏͕͍͍ ͦͷΞϓϦݻ༗Ͱ૿Ճ͢ΔϦεΫ͸ରॲͨ͠ํ͕͍͍

Slide 171

Slide 171 text

Өڹͷେ͖͍໰୊͸ݸʑͷΞϓϦ͕ରࡦͯ͘͠Εͳ͍ͱѱ ॥؀ʹͳΔ ެද͞Εͳ͍ → प஌͞Εͳ͍ → ݸਓͷ։ൃऀ͸શ͘஌Β ͳ͍ WebViewʹىҼ͢Δ໰୊ ηΩϡϦςΟؔ܎ऀ͸஌ͬͯΔ͚Ͳ։ൃऀ͕ຆͲ஌Β ͳ͍ͷͰ͸ɻ

Slide 172

Slide 172 text

Ҏ্

Slide 173

Slide 173 text

࣭ٙԠ౴

Slide 174

Slide 174 text

No content