Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
古典的なStack Overflow から JIT-ROPまで
Search
@tkmru
December 15, 2016
Programming
1
350
古典的なStack Overflow から JIT-ROPまで
ゼミにて
@tkmru
December 15, 2016
Tweet
Share
More Decks by @tkmru
See All by @tkmru
株式会社ステラセキュリティ会社紹介資料/sterrasec-introduction
tkmru
0
270
リバースエンジニアリング新時代へ! GhidraとClaude DesktopをMCPで繋ぐ/findy202507
tkmru
8
2k
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
2
1.6k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
360
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
190
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
5.4k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.6k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
910
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
210
Other Decks in Programming
See All in Programming
iOSでSVG画像を扱う
kishikawakatsumi
0
170
Devoxx BE - Local Development in the AI Era
kdubois
0
140
あなたとKaigi on Rails / Kaigi on Rails + You
shimoju
0
190
オープンソースソフトウェアへの解像度🔬
utam0k
17
3.2k
組込みだけじゃない!TinyGo で始める無料クラウド開発入門
otakakot
2
380
Server Side Kotlin Meetup vol.16: 内部動作を理解して ハイパフォーマンスなサーバサイド Kotlin アプリケーションを書こう
ternbusty
3
260
Go言語はstack overflowの夢を見るか?
logica0419
0
620
Introduce Hono CLI
yusukebe
6
3.1k
Google Opalで使える37のライブラリ
mickey_kubo
3
150
開発組織の戦略的な役割と 設計スキル向上の効果
masuda220
PRO
10
1.7k
pnpm に provenance のダウングレード を検出する PR を出してみた
ryo_manba
1
160
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
670
Featured
See All Featured
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.5k
Site-Speed That Sticks
csswizardry
13
930
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
jQuery: Nuts, Bolts and Bling
dougneiner
65
7.9k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
127
54k
Java REST API Framework Comparison - PWX 2021
mraible
34
8.9k
RailsConf 2023
tenderlove
30
1.3k
Fireside Chat
paigeccino
41
3.7k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
30
2.9k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.2k
Rails Girls Zürich Keynote
gr2m
95
14k
Transcript
ݹయతͳ4UBDL0WFSqPX ͔Β +*5301·Ͱ θϛ !ULNSV
ؔݺͼग़࣌͠ͷελοΫ w DBMMGVODUJPOOBNF w ΞηϯϒϦͰDBMM໋ྩͰ͕ؔ͋ΔΞυϨεʹඈͿ w ͦͷࡍɺΓઌͷΞυϨεΛϦλʔϯΞυϨεͱͯ͠ ελοΫʹஔ͘ w ؔΛ࣮ߦ͠ऴ͑ΔͱSFU໋ྩͰϦλʔϯΞυϨεʹΔ
w DBMMGVODUJPOOBNFΛ࣮ߦͨ͠ͱ͖ͷ ɹɹɹɹɹɹɹɹɹɹɹɹɹελοΫͷ༷ࢠ ม ม ϦλʔϯΞυϨε
PWFSqPX͢Δίʔυྫ w ಡΈࠐΈαΠζΛνΣοΫ͠ͳ͍ؔΛ͍ͬͯΔͱ PWFSqPXͷݪҼͱͳΔ w FY TUSDQZ HFUT
4UBDL0WFSqPX w PWFSqPXͤ͞ɺ࣮ߦ͍ͨ͠ίʔυΛελοΫʹॻ͖ࠐΉ w ͦͷࡍɺϦλʔϯΞυϨεΛ࣮ߦ͍ͨ͠ίʔυ͕͋Δ ΞυϨεʹॻ͖͑Δ w ॻ͖͑ΒΕͨΞυϨεʹ͋Δίʔυ͕࣮ߦ͞ΕΔ CVG<> PME
ϦλʔϯΞυϨε BBBB BBBB BBBB BBBB Y PWFSqPX͢ΔલͷελοΫͷ༷ࢠ PWFSqPXͨ͠ޙͷελοΫͷ༷ࢠ
ରࡦͷҰྫ w $16ͷ/9CJU /PF9FDVUFCJU w ελοΫʹ࣮ߦͰ͖ͳ͍ྖҬΛ࡞Δ w ࣮ྫʣ-JOVY&YFD4IJFMEɺ8JO%&1 w
PWFSqPXʹΑΓελοΫ্ʹ߈ܸίʔυΛஔ͞Εͯ ελοΫ্ͷίʔυ࣮ߦͰ͖ͳ͍
301 w 3FUVSO0SJFOUFE1SPHSBNNJOH w /9CJU༗ޮԼͰTUBDL্ͷίʔυΛ࣮ߦͰ͖ͳ͍ w ͔͠͠ɺ࣮ߦՄೳͳྖҬ FYϥΠϒϥϦ ͋Δ w
࣮ߦՄೳͳྖҬͷதͰ͑ͦ͏ͳίʔυΛ அยతʹݺͼग़͢͜ͱͰҙͷಈ࡞Λͤ͞Δ͜ͱ͕ Ͱ͖Δ
w 301Ͱར༻͢Δஅยతͳίʔυͷ͜ͱΛ301HBEHFUͱ ݺͿ w SFU໋ྩ͕ޙΖʹ͍͍ͭͯΔίʔυ w FY QPQSEJSFU w SFU໋ྩΛ࣮ߦ͠Ϧλʔϯ͢ΔஅยతͳίʔυΛ
ෳݺͿ͜ͱͰతͷಈ࡞Λୡ͢Δ͜ͱ͔Β 3FUVSO0SJFOUFE1SPHSBNNJOHͱ໊͚ΒΕͨ 301
FYQMPJUͷྫ w ϦλʔϯΞυϨεΛҎԼͷॱͰॻ͖͑Δ w TZTUFN lCJOTIz Λ࣮ߦ͠γΣϧΛىಈ w QPQSEJSFUͷΞυϨεҾΛηοτ͢Δ w
ελοΫʹCJOTIͷΞυϨεΛੵΜͰ͓͘ w DBMMTZTUFN ͷΞυϨεTZTUFN ΛݺͿ
301ͷσϞ
ରࡦͷҰྫ w "4-3 "EESFTT4QBDF-BZPVU3BOEPNJ[BUJPO w ΞυϨεۭؒஔΛϥϯμϜʹ͢Δ w ελοΫɺώʔϓɺσʔλྖҬͷΞυϨε͕ϥϯμϜʹ w
ܾΊଧͪͰΞυϨεΛࢦఆ͢Δ߈ܸΛແޮԽͰ͖Δ
"4-3 -JOVY ͷ w (05ͷΞυϨε͕ݻఆͷ·· w (05 (MPCBM0⒎TFU5BCMF w
γϯϘϧ ؔ ͷϙΠϯλͷྻ w ؔͷΞυϨεΛղܾ͢ΔͨΊͷྖҬ
+*5301 w +VTU*O5JNF301 w (05ʹొ͞Ε͍ͯΔؔΛͬͯɺ࣮ߦதʹ ࣮ߦՄೳྖҬΛಡΈऔΔ w ಡΈऔͬͨྖҬʹ͋Δ301HBEHFUΛ͏ w ΞυϨε͕ϥϯμϜԽ͞Εͨ͋ͱʹಡΈऔΔ͜ͱͰɹ
"4-3Λճආ
+*5301ͷରࡦ w ͍Ζ͍Ζจ͕ग़͍ͯΔ͕ɺ࣮ࡍʹ04ίϯύΠϥʹ࣮ ͞Εͨͷݱ࣌Ͱͳ͍ɻ w ࠓޙɺࢹ͍͖͍ͯͨ͠
ࢀߟจݙ w "OUJ301ࡇΓͩͥʂ64&/*94FDVSJUZ301 3FUVSOPGUIFFEJZV[VIBSBͷه IUUQZV[VIBSBIBUFOBCMPHKQFOUSZ w +*5301؇ख๏)FJTFOCZUFʹ͍ͭͯ·ͱΊͯΈΔ ͍ΖςΫϊϩδʔIUUQJOB[IBUFOBCMPHDPN FOUSZ