Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
脆弱性を作ってみた
Search
Sota Sugiura
December 22, 2016
Technology
1
560
脆弱性を作ってみた
雑兵MeetUp #8@21cafe
Sota Sugiura
December 22, 2016
Tweet
Share
More Decks by Sota Sugiura
See All by Sota Sugiura
内製したSlack Appで頑張るIncident Response@Waroom Meetup #1 / Incident Response with Slack App in 10X
sota1235
0
1.6k
20220926_セキュリティチームの今_for_Drs._Prime_公開用.pdf
sota1235
0
130
再発防止策を考える技術 / #phpconsen
sota1235
10
3.9k
How to choose the best npm module for your team?
sota1235
9
600
Realtime Database for high traffic production application
sota1235
7
4k
Road to migrate JP Web as a microservice
sota1235
4
1.6k
インターフェース再入門 / Think Interface again
sota1235
6
11k
再発防止策を考える技術 #phpconfuk_rej
sota1235
1
1.2k
Update around Firebase #io18
sota1235
3
4.3k
Other Decks in Technology
See All in Technology
React開発にStorybookとCopilotを導入して、爆速でUIを編集・確認する方法
yu_kod
1
120
asken AI勉強会(Android)
tadashi_sato
0
160
改めてAWS WAFを振り返る~業務で使うためのポイント~
masakiokuda
1
210
Lazy application authentication with Tailscale
bluehatbrit
0
140
Glacierだからってコストあきらめてない? / JAWS Meet Glacier Cost
taishin
1
120
CI/CD/IaC 久々に0から環境を作ったらこうなりました
kaz29
1
220
使いたいMCPサーバーはWeb APIをラップして自分で作る #QiitaBash
bengo4com
0
1.5k
20250707-AI活用の個人差を埋めるチームづくり
shnjtk
1
190
Beyond Kaniko: Navigating Unprivileged Container Image Creation
f30
0
120
高速なプロダクト開発を実現、創業期から掲げるエンタープライズアーキテクチャ
kawauso
2
6.4k
赤煉瓦倉庫勉強会「Databricksを選んだ理由と、絶賛真っ只中のデータ基盤移行体験記」
ivry_presentationmaterials
1
150
マネジメントって難しい、けどおもしろい / Management is tough, but fun! #em_findy
ar_tama
2
300
Featured
See All Featured
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
17
950
The Art of Programming - Codeland 2020
erikaheidi
54
13k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
46
9.6k
The Straight Up "How To Draw Better" Workshop
denniskardys
234
140k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
Visualization
eitanlees
146
16k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Navigating Team Friction
lara
187
15k
Balancing Empowerment & Direction
lara
1
400
Art, The Web, and Tiny UX
lynnandtonic
299
21k
Become a Pro
speakerdeck
PRO
28
5.4k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Transcript
੬ऑੑΛ࡞ͬͯΈͨ !TPUB͖ΓΜ ࡶฌ.FFU6Q
ࣗݾհ w ͖ΓΜͰ͢ w !TPUB w ໌͔Βࢮͷ͕ؒ࢝·Γ· ͕͢Έͳ͞ΜਐḿͲ͏Ͱ͔͢
੬ऑੑΛ࡞ͬͪΌͬͨͰͳ͘ ࡞ͬͯΈͨͰ͢ ̃䯡ՙ☭岩ՙՊլՖ㈕ՙՊլ
߈ܸຊೳͷ w ਓਐԽ͢ΔલԐͩͬͨ w ՐΛ͍ɺಓ۩Λ͍ɺङΓΛߦ͏͜ͱͰੜ͖ Ԇͼ͖ͯͨ w ߈ܸ͢Δ͜ͱͱੜ͖Δ͜ͱͦͷͷ
ਓੜJT ԐͷγϦʔζΑΓ
ϓϩάϥϚʹ͓͚Δ߈ܸຊೳ w ϓϩάϥϚਓؒ w વɺ߈ܸຊೳΛඋ͍͑ͯΔ w ࣮ϓϩάϥϚͱ߈ܸੑີʹؔͯ͠Δͱ ݴΘΕ͍ͯΔ
·͊ӕͳΜͰ͚͢Ͳ IUUQKJHPLVOPDPNFJE@IUNM
·͊ӕͳΜͰ͚͢Ͳ Ͱ૽ͳਓ͕ଟ͍ؾ͠·͢ΑͶ IUUQKJHPLVOPDPNFJE@IUNM
ݱ࣮ݫ͍͠ IUUQTUXJUUFSDPNIULC@TUBUVT
ݱ࣮ݫ͍͠ IUUQTUXJUUFSDPNIULC@TUBUVT
ఘΊΔ͔͠ແ͍ͷ͔ w ߹๏తʹ߈ܸຊೳΛຬͨ͢ํ๏͕ʜ w ͋Γ·͊ SZ
$BQUVSF 5IF 'MBH
$BQUVSF5IF'MBH w ضऔΓ߹ઓ w αʔόʹ৵ೖͨ͠ΓηΩϡϦςΟʹ·ͭΘΔ Λղ͍ͯضΛऔΔ w 4&$$0/ͱ͔༗໊Ͱ͢ΑͶ
ຊ w ઌɺ͚ʹ$5'Λͬͨ w ඍົʹܦݧ͕͋ͬͨͷͰ࡞Γͱ͔ͬͨ
༷ࢠ
༷ࢠ
ग़δϟϯϧΛܾΊΔ w $5'ͷकඋൣғΊͪΌͪ͘Όେ w ҉߸ ϑΝΠϧղੳ ωοτϫʔΫ 8FC 'PSFOTJDT
QXO FUD w ࠓճ8FCͷਓ͕ଟ͔ͬͨͷͰ8FCଟΊʹͨ͠
Λߟ͑Δ w ͱ͍ͬͯࢲॳ৺ऀͳͷͰաڈͱ͔੬ऑੑ Λௐͳ͕Βߟ͑Δ w ͓͠Ζ͔ͬͨΓֶͼʹͳΓͦ͏ͳͷ͕͋Ε ࠾༻͍ͯ͘͠
Λߟ͑Δ
γφϦΦΛҙࣝ͢Δ w ͜Μͳ੬ऑੑ͕͋ͬͨΒ͜Μͳ͜ͱ͕Ͱ͖ͪΌ ͏ΑͶɺΈ͍ͨͳͷΛߟ͑Δ
Կݸ͔հ
ྫ͑ψϧόΠτ߈ܸ w /6--จࣈΛจࣈྻͷऴจࣈͱͯ͠ೝࣝ͢Δ ͜ͱΛར༻ͨ͠߈ܸ w ࠓճ1)1Ͱ࣮ͨ͠
ψϧόΠτ߈ܸ <?php $filename = $_GET['filename'].'png'; echo file_get_contents($filename);
ψϧόΠτ߈ܸ <?php $filename = $_GET['filename'].'png'; echo file_get_contents($filename); // /index.php?filename=/etc/passwd //
Ͱ.png͕अຐͦ͏…
ψϧόΠτ߈ܸ w ͓ΉΖʹJOEFYQIQ pMFOBNFUD QBTTXEʹΞΫηε͢Δ w ͢ΔͱpMF@HFU@DPOUFOUTΛऴจࣈͱ ͯ͠ೝࣝ͢ΔͷͰQOH͕ࣺͯΒΕΔ
ψϧόΠτ߈ܸ <?php $filename = $_GET['filename'].'png'; echo file_get_contents($filename); // /index.php?filename=/etc/passwd%00 //
ϢʔβҰཡൈ͚Δͧʂ
ྫ͑/P42-*OKFDUJPO w υΩϡϝϯτ%#Ͱى͖͏Δ੬ऑੑ w 1)1 NPOHP%#Ͱ࣮Ͱ͖Δ
/P42-ΠϯδΣΫγϣϯ <?php $name = $_GET['name']; return $db->find(['name' => $name]); //
/index.php?name=kirin
/P42-ΠϯδΣΫγϣϯ <?php $name = $_GET['name']; return $db->find(['name' => $name]); //
/index.php?name[$ne]=xͬͯΔͱ…
ྫ͑/P42-*OKFDUJPO w 1)1Ͱ(&5ΫΤϦετϦϯάΛ࿈ྻͰड ͚औΕΔ w OBNF<OF>YͬͯΔͱҎԼͷΑ͏ͳ͕ ͬͯ͘Δ
ྫ͑/P42-*OKFDUJPO w ͜ͷΫΤϦ͕ͦͷ··NPOHPʹΔͱ42-Ͱ ݴ͏ͱ͜Ζͷ8)&3&OBNFbY`ͱ͍͏݅ ཱ͕ͯ͠͠·͏
ͳΜͰ1)1͔ͬΓ͔ͬͯʁ w ؾ͍ͯ͠·ͬͨਓফ͞ΕΔͷͰؾ͔ͮͳ͍ ϑϦΛ͠·͠ΐ͏Ͷ ?Т? w 1)1Yd͓͏ɺܑ͓͞Μͱͷଋͩ ?Т?
ଞʹʜ w ύεϫʔυ͖ͭ;*1ղੳ w %JHFTU#BTJDBVUIFOUJDBUJPO w 944 w ҉߸ղੳ 305ͱ͔୯Ұࣈࣜͱ͔
ਅ໘ͳ w ࡞͢Δʹͭͷࢹ͕ඞཁ w ߈ܸऀࢹ w ։ൃऀࢹ w ʮప໌͚ʹ։ൃͯͨ͠ΒΪϦΪϦ͋Γ͏ΔʯΈ ͍ͨͳͭΛ࡞Δͷָ͍͠͠ษڧʹͳΔΑ
·ͱΊɿ$5'͠Α͏ w ߹๏తʹ߈ܸຊೳΛຬͨͤΔͷͰΦεεϝ w 8FCʹݶΒͣ෯͍ࣝΛٻΊΒΕΔͷͰษڧ ʹͳΔ w ৗறܕ$5'͋ΔͷͰڵຯ͕͋Δํͥͻ