Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goなどで作る脆弱性対策ゲーム / go-bigbridge

Avatar for KONDO Uchio KONDO Uchio
June 14, 2018
Technology
1
890

Goなどで作る脆弱性対策ゲーム / go-bigbridge

@Fukuoka.go #11

https://fukuokago.connpass.com/event/87684/
Avatar for KONDO Uchio

KONDO Uchio

June 14, 2018
Tweet

More Decks by KONDO Uchio

See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
Avatar for KONDO Uchio udzura
5
2.4k
Ruby x BPF in Action / RubyKaigi 2022
Avatar for KONDO Uchio udzura
0
250
Narrative of Ruby & Rust
Avatar for KONDO Uchio udzura
0
220
開発者生産性指標の可視化 / pepabo-four-keys
Avatar for KONDO Uchio udzura
3
1.7k
Talk of RBS
Avatar for KONDO Uchio udzura
0
450
Re: みなさん最近どうですか? / FGN tech meetup in 2021
Avatar for KONDO Uchio udzura
0
780
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
Avatar for KONDO Uchio udzura
2
730
Device access filtering in cgroup v2
Avatar for KONDO Uchio udzura
1
910
"Story of Rucy" on RubyKaigi takeout 2021
Avatar for KONDO Uchio udzura
0
830

Other Decks in Technology

See All in Technology
React開発にStorybookとCopilotを導入して、爆速でUIを編集・確認する方法
Avatar for yut yu_kod
1
270
KubeCon + CloudNativeCon Japan 2025 Recap by CA
Avatar for YuyaKoda ponkio_o
PRO
0
300
Lufthansa ®️ USA Contact Numbers: Complete 2025 Support Guide
Avatar for danielconkling870 lufthanahelpsupport
0
190
生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub
Avatar for MasahiroKawahara masahirokawahara
0
470
SaaS型なのに自由度の高い本格CMSでサイト構築と運用のコスパ&タイパUP! MovableType.net の便利機能とユーザー事例のご紹介
Avatar for hayase masakah
0
110
スタートアップに選択肢を 〜生成AIを活用したセカンダリー事業への挑戦〜
Avatar for Nstock nstock
0
170
20250705 Headlamp: 專注可擴展性的 Kubernetes 用戶界面
Avatar for Phil Huang pichuang
0
270
Tokyo_reInforce_2025_recap_iam_access_analyzer
Avatar for h-ashisan hiashisan
0
180
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
47
19k
さくらのIaaS基盤のモニタリングとOpenTelemetry/OSC Hokkaido 2025
Avatar for FUJIWARA Shunichiro fujiwara3
3
440
AWS Organizations 新機能!マルチパーティ承認の紹介
Avatar for yhana yhana
1
280
Lazy application authentication with Tailscale
Avatar for Elliot Blackburn bluehatbrit
0
210

Featured

See All Featured
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
48
2.9k
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
140
7k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
281
13k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.1k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
430
65k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.7k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
181
54k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
Avatar for Aki / @LoveIdahoBurger aki_iinuma
126
53k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
50
5.5k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
23
3.5k
Visualization
Avatar for Eitan Lees eitanlees
146
16k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
271
21k

Transcript

  1. 6DIJP,POEP 'VLVPLBHP (PͳͲͰ࡞Δ੬ऑੑରࡦήʔϜ

  2. (.0ϖύϘγχΞϓϦϯγύϧ ۙ౻͏͓ͪ!VE[VSB 044ϓϩμΫτ w NSVCZͷίϯςφϥϯλΠϜ)BDPOJXB w 3VCZͷ ZFU"OPUIFS 0QFO4UBDLDMJFOU:BP 3VCZ͸೥΄Ͳɺ(P͸೥͙Β͍ʁ

    ޷͖ͳϥΠϒϥϦIBTIJDPSQIDM ར༻ϒΩϓϥΠϜγϡʔλʔίϥϘ ηΩϡϦςΟ͸ษڧ࢝͠Ίͨ͹͔ΓͰ͢

  3. "MTPB3VCZJTU

  4. 13

  5. 'VLVPLBSC ! ԙϖύες

  6. 8FCΞϓϦέʔγϣϯͷ ੬ऑੑ

  7. 944

  8. $43'

  9. 42- *OKFDUJPO

  10. ߈ܸ͞Εͨ͜ͱ ͋Γ·͔͢ʁ

  11. ߈ܸΛ஌Γ͍ͨ ๷ޚ͍ͨ͠

  12. ࿅शʢʁʣ͠Α͏

  13. DG%78" w%BNO7VMOFSBCMF8FC"QQMJDBUJPO w͋͑ͯ੬ऑͳ࡞Γʹͨ͠΢ΣϒΞϓϦέʔγϣϯ w༷ʑͳ߈ܸΛ࣮ࡍʹߦ͏͜ͱͰɺ߈ܸଆͷؾ࣋ͪʹͳΓ
 ͦΕ͕։ൃʹ͓͍ͯ΋໾ʹཱͭ wΞϓϦέʔγϣϯͷ੬ऑ౓߹͍ΛઃఆͰ͖ͯศརʢʁʣ IUUQXXXEWXBDPVL

  14. ߈ܸΛͯ͠ΈΔͱ

  15. None

  16. ͜ΕΛࣗಈԽ͢Δͱ

  17. ๷ޚଆͷ ࿅शʹ΋࢖͑ΔͷͰ͸ʁ

  18. CJHCSJEHFϓϩδΣΫτʢԾʣ wೋͭͷίϯςφΛ࡞Δ߈ܸଆɺ๷ޚଆ w߈ܸଆ͸όΠφϦͰϒϥοΫϘοΫεͷϓϩάϥϜ w๷ޚଆ͸"QBDIF NPE@QIQͳ੬ऑͳΞϓϦέʔγϣϯ
 TTIͰௐࠪՄೳͳΑ͏ɺγεςϜίϯςφʹͳ͍ͬͯΔ

  19. CJHCSJEHF IUUQTDTLZVTIVVBDKQFOQJUQSP

  20. ߏ੒ Binary Apache MySQL App (PHP) SSHD Attacker Defender

  21. ๷ޚଆ͔ΒৄࡉΛɻ wTPWFSMBZͱ͍͏ɺ%PDLFS΍ίϯςφʹಛԽͨ͠γϯϓϧͳJOJUͷ࢓ ૊ΈΛ࢖ͬͯγεςϜίϯςφΛ࡞Δɻ wTTIE ϩάͷͨΊSTZTMPH ɺBQBDIFɺ.Z42-Λࣂ͍ͬͯΔ wPDUPQBTTͰTTIϩάΠϯपΓΛ؆୯ʹ IUUQTHJUIVCDPNKVTUDPOUBJOFSTTPWFSMBZ

  22. ߈ܸଆɻ wṖͷόΠφϦ͕͋Δ wઃఆʹ͸ɺ߈ܸઌͷΞυϨεͳͲͷ৘ใ͔͠౉ͤͳ͘ɺͲ͏͍͏߈ܸ Λ͍ͯ͠Δ͔͸Θ͔Βͳ͍ wىಈ͢Δͱɺର৅΁ͷ߈ܸͷ੒ޭࣦഊ͚͕ͩΘ͔Δ wˠ๷ޚଆͷϩάͳͲΛ֬ೝ͠ɺΞϓϦΛվमͯ͠

  23. ߈ܸϕϯνϚʔΫͷྲྀΕ w߈ܸଆͰόΠφϦىಈˠ๷ޚଆͰϩάͳͲΛ֬ೝ wˠ๷ޚଆͷઃఆΛมߋͨ͠ΓɺΞϓϦΛվम wˠ࠶౓߈ܸΛ͠ɺࣦഊͨ͠Β๷Ӵ੒ޭʂʂʂ̍

  24. ṖͷόΠφϦ

  25. ͦ͜ͰɺΛ࢖͏

  26. ࣮૷ͷྫ

  27. ໾ʹཱͭ΋ͷ wIFBE[PPTVSG wঢ়ଶΛอͭ͜ͱ͕Ͱ͖Δ΢ΣϒεΫϨΠύʔϥΠϒϥϦ IUUQTHJUIVCDPNIFBE[PPTVSG

  28. EFNP wʢतۀͰ࢖͏ͱ͍͏͜ͱͰɺৄࡉ͸·ͩφΠγϣʣ

  29. ࠓޙ΍Γ͍ͨ͜ͱ w߈ܸͷόϦΤʔγϣϯΛ૿΍͢ w؆୯ͳରࡦͰ͋ͬͨΒ߈ܸଆͰݟൈ͔Εͯ͢Γൈ͚Δ΍ͭͱ͔ w߈ܸόΠφϦΛ΋ͬͱ೉ಡԽ͢Δ w๷ޚଆɺ1)1Ҏ֎ͷݴޠϑϨʔϜϫʔΫΛ૿΍͢

  30. จࣈྻΛӅ͍ͨ͠ w(Pݴޠ੡ͷόΠφϦͰ΋ɺ΋ͪΖΜTUSJOHT  ͳͲͰ߈ܸख๏ʹؔ ܎͢Δจࣈྻ͸ݟ͑ͯ͠·͏ɻ wจࣈσʔλΛ·ͱΊͯ֎෦͔Βఏڙͭͭɺ҉߸Խ͞ΕͨܗͰόΠφϦ ؚΉΑ͏ͳπʔϧΛ࡞ΕΔͱྑͦ͞͏ʁ wʢ΋ͪΖΜɺҰൠతͳ࿩ͰόΠφϦ಺ͷจࣈྻΛ҉߸Խͯ͠΋
 ɹͦΜͳʹηΩϡϦςΟରࡦʹ͸ͳΒͳ͍ɻΫΠζͷ೉қ౓తͳ࿩Ͱʣ

  31. None

  32. PT&YJU