Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Goなどで作る脆弱性対策ゲーム / go-bigbridge
Search
KONDO Uchio
June 14, 2018
Technology
1
890
Goなどで作る脆弱性対策ゲーム / go-bigbridge
@Fukuoka.go #11
https://fukuokago.connpass.com/event/87684/
KONDO Uchio
June 14, 2018
Tweet
Share
More Decks by KONDO Uchio
See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
udzura
5
2.4k
Ruby x BPF in Action / RubyKaigi 2022
udzura
0
260
Narrative of Ruby & Rust
udzura
0
230
開発者生産性指標の可視化 / pepabo-four-keys
udzura
3
1.7k
Talk of RBS
udzura
0
450
Re: みなさん最近どうですか? / FGN tech meetup in 2021
udzura
0
790
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
udzura
2
740
Device access filtering in cgroup v2
udzura
1
930
"Story of Rucy" on RubyKaigi takeout 2021
udzura
0
850
Other Decks in Technology
See All in Technology
mruby(PicoRuby)で ファミコン音楽を奏でる
kishima
1
290
Devinを使ったモバイルアプリ開発 / Mobile app development with Devin
yanzm
0
190
[CV勉強会@関東 CVPR2025 読み会] MegaSaM: Accurate, Fast, and Robust Structure and Motion from Casual Dynamic Videos (Li+, CVPR2025)
abemii
0
200
知られざるprops命名の慣習 アクション編
uhyo
11
2.6k
新規案件の立ち上げ専門チームから見たAI駆動開発の始め方
shuyakinjo
0
150
Goss: Faiss向けの新しい本番環境対応 Goバインディング #coefl_go_jp
bengo4com
0
1.4k
ゆるふわエンジニアでもAIフローにチャレンジしたい!!~Zapierのすゝめ~
masakiokuda
2
100
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
30k
Claude Code x Androidアプリ 開発
kgmyshin
1
600
Goss: New Production-Ready Go Binding for Faiss #coefl_go_jp
bengo4com
0
1.1k
kintone開発チームの紹介
cybozuinsideout
PRO
0
73k
新卒(ほぼ)専業Kagglerという選択肢
nocchi1
1
2.4k
Featured
See All Featured
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
820
How to train your dragon (web standard)
notwaldorf
96
6.2k
The Straight Up "How To Draw Better" Workshop
denniskardys
236
140k
Why Our Code Smells
bkeepers
PRO
338
57k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
Building Adaptive Systems
keathley
43
2.7k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Side Projects
sachag
455
43k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Music & Morning Musume
bryan
46
6.7k
Transcript
6DIJP,POEP 'VLVPLBHP (PͳͲͰ࡞Δ੬ऑੑରࡦήʔϜ
(.0ϖύϘγχΞϓϦϯγύϧ ۙ౻͏͓ͪ!VE[VSB 044ϓϩμΫτ w NSVCZͷίϯςφϥϯλΠϜ)BDPOJXB w 3VCZͷ ZFU"OPUIFS 0QFO4UBDLDMJFOU:BP 3VCZ΄Ͳɺ(P͙Β͍ʁ
͖ͳϥΠϒϥϦIBTIJDPSQIDM ར༻ϒΩϓϥΠϜγϡʔλʔίϥϘ ηΩϡϦςΟษڧ࢝͠Ί͔ͨΓͰ͢
"MTPB3VCZJTU
13
'VLVPLBSC ! ԙϖύες
8FCΞϓϦέʔγϣϯͷ ੬ऑੑ
944
$43'
42- *OKFDUJPO
߈ܸ͞Εͨ͜ͱ ͋Γ·͔͢ʁ
߈ܸΛΓ͍ͨ ޚ͍ͨ͠
࿅शʢʁʣ͠Α͏
DG%78" w%BNO7VMOFSBCMF8FC"QQMJDBUJPO w͋͑ͯ੬ऑͳ࡞Γʹͨ͠ΣϒΞϓϦέʔγϣϯ w༷ʑͳ߈ܸΛ࣮ࡍʹߦ͏͜ͱͰɺ߈ܸଆͷؾ࣋ͪʹͳΓ ͦΕ͕։ൃʹ͓͍ͯʹཱͭ wΞϓϦέʔγϣϯͷ੬ऑ߹͍ΛઃఆͰ͖ͯศརʢʁʣ IUUQXXXEWXBDPVL
߈ܸΛͯ͠ΈΔͱ
None
͜ΕΛࣗಈԽ͢Δͱ
ޚଆͷ ࿅शʹ͑ΔͷͰʁ
CJHCSJEHFϓϩδΣΫτʢԾʣ wೋͭͷίϯςφΛ࡞Δ߈ܸଆɺޚଆ w߈ܸଆόΠφϦͰϒϥοΫϘοΫεͷϓϩάϥϜ wޚଆ"QBDIF NPE@QIQͳ੬ऑͳΞϓϦέʔγϣϯ TTIͰௐࠪՄೳͳΑ͏ɺγεςϜίϯςφʹͳ͍ͬͯΔ
CJHCSJEHF IUUQTDTLZVTIVVBDKQFOQJUQSP
ߏ Binary Apache MySQL App (PHP) SSHD Attacker Defender
ޚଆ͔ΒৄࡉΛɻ wTPWFSMBZͱ͍͏ɺ%PDLFSίϯςφʹಛԽͨ͠γϯϓϧͳJOJUͷ ΈΛͬͯγεςϜίϯςφΛ࡞Δɻ wTTIE ϩάͷͨΊSTZTMPH ɺBQBDIFɺ.Z42-Λࣂ͍ͬͯΔ wPDUPQBTTͰTTIϩάΠϯपΓΛ؆୯ʹ IUUQTHJUIVCDPNKVTUDPOUBJOFSTTPWFSMBZ
߈ܸଆɻ wṖͷόΠφϦ͕͋Δ wઃఆʹɺ߈ܸઌͷΞυϨεͳͲͷใ͔ͤ͠ͳ͘ɺͲ͏͍͏߈ܸ Λ͍ͯ͠Δ͔Θ͔Βͳ͍ wىಈ͢Δͱɺରͷ߈ܸͷޭࣦഊ͚͕ͩΘ͔Δ wˠޚଆͷϩάͳͲΛ֬ೝ͠ɺΞϓϦΛվमͯ͠
߈ܸϕϯνϚʔΫͷྲྀΕ w߈ܸଆͰόΠφϦىಈˠޚଆͰϩάͳͲΛ֬ೝ wˠޚଆͷઃఆΛมߋͨ͠ΓɺΞϓϦΛվम wˠ࠶߈ܸΛ͠ɺࣦഊͨ͠ΒӴޭʂʂʂ̍
ṖͷόΠφϦ
ͦ͜ͰɺΛ͏
࣮ͷྫ
ʹཱͭͷ wIFBE[PPTVSG wঢ়ଶΛอͭ͜ͱ͕Ͱ͖ΔΣϒεΫϨΠύʔϥΠϒϥϦ IUUQTHJUIVCDPNIFBE[PPTVSG
EFNP wʢतۀͰ͏ͱ͍͏͜ͱͰɺৄࡉ·ͩφΠγϣʣ
ࠓޙΓ͍ͨ͜ͱ w߈ܸͷόϦΤʔγϣϯΛ૿͢ w؆୯ͳରࡦͰ͋ͬͨΒ߈ܸଆͰݟൈ͔Εͯ͢Γൈ͚Δͭͱ͔ w߈ܸόΠφϦΛͬͱಡԽ͢Δ wޚଆɺ1)1Ҏ֎ͷݴޠϑϨʔϜϫʔΫΛ૿͢
จࣈྻΛӅ͍ͨ͠ w(PݴޠͷόΠφϦͰɺͪΖΜTUSJOHT ͳͲͰ߈ܸख๏ʹؔ ͢Δจࣈྻݟ͑ͯ͠·͏ɻ wจࣈσʔλΛ·ͱΊͯ֎෦͔Βఏڙͭͭɺ҉߸Խ͞ΕͨܗͰόΠφϦ ؚΉΑ͏ͳπʔϧΛ࡞ΕΔͱྑͦ͞͏ʁ wʢͪΖΜɺҰൠతͳͰόΠφϦͷจࣈྻΛ҉߸Խͯ͠ ɹͦΜͳʹηΩϡϦςΟରࡦʹͳΒͳ͍ɻΫΠζͷқతͳͰʣ
None
PT&YJU