Upgrade to Pro — share decks privately, control downloads, hide ads and more …

XSSの入力値を調べてみた / searching xss insertion value

Tomoyuki KOYAMA
February 03, 2018
Technology
3
1.2k

XSSの入力値を調べてみた / searching xss insertion value

2018/02/03 学生LT at freee

Tomoyuki KOYAMA

February 03, 2018
Tweet

More Decks by Tomoyuki KOYAMA

See All by Tomoyuki KOYAMA
Log message with JSON item count for root cause analysis in microservices
tomoyk
0
45
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
99
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
260
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
2
600
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
280
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
tomoyk
1
100
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
tomoyk
0
130
パケットを覗いてみよう / Packet workshop for beginners
tomoyk
0
230
ブレース展開のススメ
tomoyk
0
370

Other Decks in Technology

See All in Technology
self-hosted runnerと actions/cache の噛み合わせが悪かった件 #githubactionsmeetup
whywaita
PRO
1
500
サーバーレスで仮想待合室を作ろう! / Serverless Virtual Waiting Room
_kensh
3
1.2k
Legacy Software: Not Really a Problem!
ewolff
2
120
"SMB vs. EP" プロダクト特性の違いから考える「何をつくる?つくらない?」
miyashino
0
430
dbt_ベストプラクティス_完全に理解した.pdf
dach
2
120
視え方と文字の大きさ
lemon
1
180
【2023】SWR vs TanStack Query
ytaisei
1
240
【IoT-Tech Meetup #5】WireGuardを動かす環境やハードウェア紹介
soracom
PRO
0
140
GraphQLはどんな時に使うか
saboyutaka
33
7.7k
動画配信サービスの 人気番組配信のスパイクアクセスに、 サーバレスキャッシュで立ち向かう
miu_crescent
1
710
フィンテック養成勉強会#33
finengine
0
160
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
6
4.2k

Featured

See All Featured
Producing Creativity
orderedlist
PRO
336
38k
Debugging Ruby Performance
tmm1
68
11k
Making Projects Easy
brettharned
104
5.1k
jQuery: Nuts, Bolts and Bling
dougneiner
57
6.8k
Clear Off the Table
cherdarchuk
81
300k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
49
16k
Infographics Made Easy
chrislema
236
17k
Making the Leap to Tech Lead
cromwellryan
119
8.1k
Designing on Purpose - Digital PM Summit 2013
jponch
108
6.1k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
GraphQLとの向き合い方2022年版
quramy
25
11k
What's new in Ruby 2.0
geeforr
336
30k

Transcript

  1. XSS

    View Slide

  2. B1
    Twitter: @tmyk_kym
    : https://blog.koyama.me/
    : Network/Web/Server/Security
    : PyCon JP, Seccamp, etc

    View Slide

  3. XSS
    (Cross Site Scripting)
    HTML
    CWE-79: Improper Neutralization of Input During
    Web Page Generation ('Cross-site Scripting') (3.0)

    View Slide

  4. ...


    XSS Sample

    $_GET['mode'] hello


    XSS Sample
    hello

    View Slide

  5. ...


    XSS Sample

    $_GET['mode'] alert()


    XSS Sample
    alert()

    View Slide

  6. XSS
    Stored XSS( )
    Re ected XSS( )
    DOM Based XSS

    View Slide

  7. XSS
    == XSS

    View Slide

  8. alert(1)
    ">alert(1)
    " onmouseover="alert(1)
    x" onerror="alert(1) <- img src
    javascript:alert(1) <- a href

    View Slide

  9. XSS

    View Slide

  10. ?
    /
    .
    XSS .
    XSS .

    View Slide

  11. ?

    View Slide

  12. OWASP
    OWASP XSS
    2015
    XSS - OWASP
    https://jpcertcc.github.io/OWASPdocuments/CheatSheets/XSSFilterEvasion.html

    View Slide

  13. ( )
    3

    View Slide

  14. [1]
    SRC="http://example.com/xss.js">

    / .
    ...
    src="http://example.com/xss.js">

    View Slide

  15. [2]
    <alert("XSS");//<
    HTML
    XSS .
    ...
    "> alert("XSS");//<

    View Slide

  16. [3]
    cript:ale
    rt('XSS')>
    ... HTML (16 ) .
    ...
    onerror="javascript:alert('XSS')">

    View Slide

  17. ( )

    View Slide

  18. ( )

    alert(String.fromCharCode(88,83,83))>

    View Slide

  19. View Slide

  20. Electron Marp
    Electron Web ...
    alert()
    alert ...( )

    View Slide

  21. ?

    View Slide

  22. JVN#21174546: Marp JavaScript
    https://jvn.jp/jp/JVN21174546/
    However, sanitizing inline script should
    consider on future.
    [Security issue] Remote script can read user local
    resource · Issue #187 · yhatt/marp


    View Slide

  23. XSS
    XSS
    alert()
    Electron

    View Slide