Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
古典的なStack Overflow から JIT-ROPまで
Search
@tkmru
December 15, 2016
Programming
1
350
古典的なStack Overflow から JIT-ROPまで
ゼミにて
@tkmru
December 15, 2016
Tweet
Share
More Decks by @tkmru
See All by @tkmru
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
2
1.4k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
330
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
170
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
5.4k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.5k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
890
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
200
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
tkmru
0
4.2k
めんどうくさいゲームセキュリティ
tkmru
20
11k
Other Decks in Programming
See All in Programming
Azure AI Foundryではじめてのマルチエージェントワークフロー
seosoft
0
130
iOSアプリ開発で 関数型プログラミングを実現する The Composable Architectureの紹介
yimajo
2
210
5つのアンチパターンから学ぶLT設計
narihara
1
110
What Spring Developers Should Know About Jakarta EE
ivargrimstad
0
240
GitHub Copilot and GitHub Codespaces Hands-on
ymd65536
1
120
ReadMoreTextView
fornewid
1
480
Julia という言語について (FP in Julia « SIDE: F ») for 関数型まつり2025
antimon2
3
980
Code as Context 〜 1にコードで 2にリンタ 34がなくて 5にルール? 〜
yodakeisuke
0
100
GraphRAGの仕組みまるわかり
tosuri13
8
480
Rubyでやりたい駆動開発 / Ruby driven development
chobishiba
1
400
プロダクト志向なエンジニアがもう一歩先の価値を目指すために意識したこと
nealle
0
110
Result型で“失敗”を型にするPHPコードの書き方
kajitack
4
380
Featured
See All Featured
Reflections from 52 weeks, 52 projects
jeffersonlam
351
20k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
We Have a Design System, Now What?
morganepeng
53
7.7k
Statistics for Hackers
jakevdp
799
220k
Side Projects
sachag
455
42k
Testing 201, or: Great Expectations
jmmastey
42
7.5k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
790
Agile that works and the tools we love
rasmusluckow
329
21k
How GitHub (no longer) Works
holman
314
140k
Embracing the Ebb and Flow
colly
86
4.7k
Unsuck your backbone
ammeep
671
58k
Transcript
ݹయతͳ4UBDL0WFSqPX ͔Β +*5301·Ͱ θϛ !ULNSV
ؔݺͼग़࣌͠ͷελοΫ w DBMMGVODUJPOOBNF w ΞηϯϒϦͰDBMM໋ྩͰ͕ؔ͋ΔΞυϨεʹඈͿ w ͦͷࡍɺΓઌͷΞυϨεΛϦλʔϯΞυϨεͱͯ͠ ελοΫʹஔ͘ w ؔΛ࣮ߦ͠ऴ͑ΔͱSFU໋ྩͰϦλʔϯΞυϨεʹΔ
w DBMMGVODUJPOOBNFΛ࣮ߦͨ͠ͱ͖ͷ ɹɹɹɹɹɹɹɹɹɹɹɹɹελοΫͷ༷ࢠ ม ม ϦλʔϯΞυϨε
PWFSqPX͢Δίʔυྫ w ಡΈࠐΈαΠζΛνΣοΫ͠ͳ͍ؔΛ͍ͬͯΔͱ PWFSqPXͷݪҼͱͳΔ w FY TUSDQZ HFUT
4UBDL0WFSqPX w PWFSqPXͤ͞ɺ࣮ߦ͍ͨ͠ίʔυΛελοΫʹॻ͖ࠐΉ w ͦͷࡍɺϦλʔϯΞυϨεΛ࣮ߦ͍ͨ͠ίʔυ͕͋Δ ΞυϨεʹॻ͖͑Δ w ॻ͖͑ΒΕͨΞυϨεʹ͋Δίʔυ͕࣮ߦ͞ΕΔ CVG<> PME
ϦλʔϯΞυϨε BBBB BBBB BBBB BBBB Y PWFSqPX͢ΔલͷελοΫͷ༷ࢠ PWFSqPXͨ͠ޙͷελοΫͷ༷ࢠ
ରࡦͷҰྫ w $16ͷ/9CJU /PF9FDVUFCJU w ελοΫʹ࣮ߦͰ͖ͳ͍ྖҬΛ࡞Δ w ࣮ྫʣ-JOVY&YFD4IJFMEɺ8JO%&1 w
PWFSqPXʹΑΓελοΫ্ʹ߈ܸίʔυΛஔ͞Εͯ ελοΫ্ͷίʔυ࣮ߦͰ͖ͳ͍
301 w 3FUVSO0SJFOUFE1SPHSBNNJOH w /9CJU༗ޮԼͰTUBDL্ͷίʔυΛ࣮ߦͰ͖ͳ͍ w ͔͠͠ɺ࣮ߦՄೳͳྖҬ FYϥΠϒϥϦ ͋Δ w
࣮ߦՄೳͳྖҬͷதͰ͑ͦ͏ͳίʔυΛ அยతʹݺͼग़͢͜ͱͰҙͷಈ࡞Λͤ͞Δ͜ͱ͕ Ͱ͖Δ
w 301Ͱར༻͢Δஅยతͳίʔυͷ͜ͱΛ301HBEHFUͱ ݺͿ w SFU໋ྩ͕ޙΖʹ͍͍ͭͯΔίʔυ w FY QPQSEJSFU w SFU໋ྩΛ࣮ߦ͠Ϧλʔϯ͢ΔஅยతͳίʔυΛ
ෳݺͿ͜ͱͰతͷಈ࡞Λୡ͢Δ͜ͱ͔Β 3FUVSO0SJFOUFE1SPHSBNNJOHͱ໊͚ΒΕͨ 301
FYQMPJUͷྫ w ϦλʔϯΞυϨεΛҎԼͷॱͰॻ͖͑Δ w TZTUFN lCJOTIz Λ࣮ߦ͠γΣϧΛىಈ w QPQSEJSFUͷΞυϨεҾΛηοτ͢Δ w
ελοΫʹCJOTIͷΞυϨεΛੵΜͰ͓͘ w DBMMTZTUFN ͷΞυϨεTZTUFN ΛݺͿ
301ͷσϞ
ରࡦͷҰྫ w "4-3 "EESFTT4QBDF-BZPVU3BOEPNJ[BUJPO w ΞυϨεۭؒஔΛϥϯμϜʹ͢Δ w ελοΫɺώʔϓɺσʔλྖҬͷΞυϨε͕ϥϯμϜʹ w
ܾΊଧͪͰΞυϨεΛࢦఆ͢Δ߈ܸΛແޮԽͰ͖Δ
"4-3 -JOVY ͷ w (05ͷΞυϨε͕ݻఆͷ·· w (05 (MPCBM0⒎TFU5BCMF w
γϯϘϧ ؔ ͷϙΠϯλͷྻ w ؔͷΞυϨεΛղܾ͢ΔͨΊͷྖҬ
+*5301 w +VTU*O5JNF301 w (05ʹొ͞Ε͍ͯΔؔΛͬͯɺ࣮ߦதʹ ࣮ߦՄೳྖҬΛಡΈऔΔ w ಡΈऔͬͨྖҬʹ͋Δ301HBEHFUΛ͏ w ΞυϨε͕ϥϯμϜԽ͞Εͨ͋ͱʹಡΈऔΔ͜ͱͰɹ
"4-3Λճආ
+*5301ͷରࡦ w ͍Ζ͍Ζจ͕ग़͍ͯΔ͕ɺ࣮ࡍʹ04ίϯύΠϥʹ࣮ ͞Εͨͷݱ࣌Ͱͳ͍ɻ w ࠓޙɺࢹ͍͖͍ͯͨ͠
ࢀߟจݙ w "OUJ301ࡇΓͩͥʂ64&/*94FDVSJUZ301 3FUVSOPGUIFFEJZV[VIBSBͷه IUUQZV[VIBSBIBUFOBCMPHKQFOUSZ w +*5301؇ख๏)FJTFOCZUFʹ͍ͭͯ·ͱΊͯΈΔ ͍ΖςΫϊϩδʔIUUQJOB[IBUFOBCMPHDPN FOUSZ