Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goなどで作る脆弱性対策ゲーム / go-bigbridge

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for KONDO Uchio KONDO Uchio
June 14, 2018
Technology
1
910

Goなどで作る脆弱性対策ゲーム / go-bigbridge

@Fukuoka.go #11

https://fukuokago.connpass.com/event/87684/

Avatar for KONDO Uchio

KONDO Uchio

June 14, 2018
Tweet

More Decks by KONDO Uchio

See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
Avatar for KONDO Uchio udzura
5
2.5k
Ruby x BPF in Action / RubyKaigi 2022
Avatar for KONDO Uchio udzura
0
280
Narrative of Ruby & Rust
Avatar for KONDO Uchio udzura
0
250
開発者生産性指標の可視化 / pepabo-four-keys
Avatar for KONDO Uchio udzura
3
1.8k
Talk of RBS
Avatar for KONDO Uchio udzura
0
480
Re: みなさん最近どうですか? / FGN tech meetup in 2021
Avatar for KONDO Uchio udzura
0
830
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
Avatar for KONDO Uchio udzura
2
780
Device access filtering in cgroup v2
Avatar for KONDO Uchio udzura
1
980
"Story of Rucy" on RubyKaigi takeout 2021
Avatar for KONDO Uchio udzura
0
880

Other Decks in Technology

See All in Technology
20260204_Midosuji_Tech
Avatar for Takuya Yonezawa takuyay0ne
1
150
Context Engineeringが企業で不可欠になる理由
Avatar for Hirosato Gamo hirosatogamo
PRO
3
570
名刺メーカーDevグループ 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
1k
AIエージェントを開発しよう!-AgentCore活用の勘所-
Avatar for YukiOgawa yukiogawa
0
160
こんなところでも(地味に)活躍するImage Modeさんを知ってるかい?- Image Mode for OpenShift -
Avatar for Masataka Tsukamoto tsukaman
0
140
CDKで始めるTypeScript開発のススメ
Avatar for つくぼし tsukuboshi
1
400
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
Avatar for ktykogm 0gm
0
900
データの整合性を保ちたいだけなんだ
Avatar for ShoheiMitani shoheimitani
8
3.1k
SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026
Avatar for AEON aeonpeople
6
2.3k
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
Avatar for Miki Matsumoto mikimatsumoto
0
230
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
260
AWS Network Firewall Proxyを触ってみた
Avatar for nagisa_53 nagisa53
1
230

Featured

See All Featured
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1371
200k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
54
8k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
Chasing Engaging Ingredients in Design
Avatar for Sebastian Deterding codingconduct
0
110
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
791
250k
What Being in a Rock Band Can Teach Us About Real World SEO
Avatar for Ade Holder 427marketing
0
170
KATA
Avatar for Megan Lloyd mclloyd
PRO
34
15k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
Avatar for AKADEMIYA2063 akademiya2063
PRO
1
54
Everyday Curiosity
Avatar for Cassini Nazir cassininazir
0
130
How to Grow Your eCommerce with AI & Automation
Avatar for Katarina Dahlin katarinadahlin
PRO
0
110
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
659
61k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
Avatar for Tech SEO Connect techseoconnect
PRO
0
57

Transcript

  1. 6DIJP,POEP 'VLVPLBHP (PͳͲͰ࡞Δ੬ऑੑରࡦήʔϜ

  2. (.0ϖύϘγχΞϓϦϯγύϧ ۙ౻͏͓ͪ!VE[VSB 044ϓϩμΫτ w NSVCZͷίϯςφϥϯλΠϜ)BDPOJXB w 3VCZͷ ZFU"OPUIFS 0QFO4UBDLDMJFOU:BP 3VCZ͸೥΄Ͳɺ(P͸೥͙Β͍ʁ

    ޷͖ͳϥΠϒϥϦIBTIJDPSQIDM ར༻ϒΩϓϥΠϜγϡʔλʔίϥϘ ηΩϡϦςΟ͸ษڧ࢝͠Ίͨ͹͔ΓͰ͢

  3. "MTPB3VCZJTU

  4. 13

  5. 'VLVPLBSC ! ԙϖύες

  6. 8FCΞϓϦέʔγϣϯͷ ੬ऑੑ

  7. 944

  8. $43'

  9. 42- *OKFDUJPO

  10. ߈ܸ͞Εͨ͜ͱ ͋Γ·͔͢ʁ

  11. ߈ܸΛ஌Γ͍ͨ ๷ޚ͍ͨ͠

  12. ࿅शʢʁʣ͠Α͏

  13. DG%78" w%BNO7VMOFSBCMF8FC"QQMJDBUJPO w͋͑ͯ੬ऑͳ࡞Γʹͨ͠΢ΣϒΞϓϦέʔγϣϯ w༷ʑͳ߈ܸΛ࣮ࡍʹߦ͏͜ͱͰɺ߈ܸଆͷؾ࣋ͪʹͳΓ
 ͦΕ͕։ൃʹ͓͍ͯ΋໾ʹཱͭ wΞϓϦέʔγϣϯͷ੬ऑ౓߹͍ΛઃఆͰ͖ͯศརʢʁʣ IUUQXXXEWXBDPVL

  14. ߈ܸΛͯ͠ΈΔͱ

  15. None

  16. ͜ΕΛࣗಈԽ͢Δͱ

  17. ๷ޚଆͷ ࿅शʹ΋࢖͑ΔͷͰ͸ʁ

  18. CJHCSJEHFϓϩδΣΫτʢԾʣ wೋͭͷίϯςφΛ࡞Δ߈ܸଆɺ๷ޚଆ w߈ܸଆ͸όΠφϦͰϒϥοΫϘοΫεͷϓϩάϥϜ w๷ޚଆ͸"QBDIF NPE@QIQͳ੬ऑͳΞϓϦέʔγϣϯ
 TTIͰௐࠪՄೳͳΑ͏ɺγεςϜίϯςφʹͳ͍ͬͯΔ

  19. CJHCSJEHF IUUQTDTLZVTIVVBDKQFOQJUQSP

  20. ߏ੒ Binary Apache MySQL App (PHP) SSHD Attacker Defender

  21. ๷ޚଆ͔ΒৄࡉΛɻ wTPWFSMBZͱ͍͏ɺ%PDLFS΍ίϯςφʹಛԽͨ͠γϯϓϧͳJOJUͷ࢓ ૊ΈΛ࢖ͬͯγεςϜίϯςφΛ࡞Δɻ wTTIE ϩάͷͨΊSTZTMPH ɺBQBDIFɺ.Z42-Λࣂ͍ͬͯΔ wPDUPQBTTͰTTIϩάΠϯपΓΛ؆୯ʹ IUUQTHJUIVCDPNKVTUDPOUBJOFSTTPWFSMBZ

  22. ߈ܸଆɻ wṖͷόΠφϦ͕͋Δ wઃఆʹ͸ɺ߈ܸઌͷΞυϨεͳͲͷ৘ใ͔͠౉ͤͳ͘ɺͲ͏͍͏߈ܸ Λ͍ͯ͠Δ͔͸Θ͔Βͳ͍ wىಈ͢Δͱɺର৅΁ͷ߈ܸͷ੒ޭࣦഊ͚͕ͩΘ͔Δ wˠ๷ޚଆͷϩάͳͲΛ֬ೝ͠ɺΞϓϦΛվमͯ͠

  23. ߈ܸϕϯνϚʔΫͷྲྀΕ w߈ܸଆͰόΠφϦىಈˠ๷ޚଆͰϩάͳͲΛ֬ೝ wˠ๷ޚଆͷઃఆΛมߋͨ͠ΓɺΞϓϦΛվम wˠ࠶౓߈ܸΛ͠ɺࣦഊͨ͠Β๷Ӵ੒ޭʂʂʂ̍

  24. ṖͷόΠφϦ

  25. ͦ͜ͰɺΛ࢖͏

  26. ࣮૷ͷྫ

  27. ໾ʹཱͭ΋ͷ wIFBE[PPTVSG wঢ়ଶΛอͭ͜ͱ͕Ͱ͖Δ΢ΣϒεΫϨΠύʔϥΠϒϥϦ IUUQTHJUIVCDPNIFBE[PPTVSG

  28. EFNP wʢतۀͰ࢖͏ͱ͍͏͜ͱͰɺৄࡉ͸·ͩφΠγϣʣ

  29. ࠓޙ΍Γ͍ͨ͜ͱ w߈ܸͷόϦΤʔγϣϯΛ૿΍͢ w؆୯ͳରࡦͰ͋ͬͨΒ߈ܸଆͰݟൈ͔Εͯ͢Γൈ͚Δ΍ͭͱ͔ w߈ܸόΠφϦΛ΋ͬͱ೉ಡԽ͢Δ w๷ޚଆɺ1)1Ҏ֎ͷݴޠϑϨʔϜϫʔΫΛ૿΍͢

  30. จࣈྻΛӅ͍ͨ͠ w(Pݴޠ੡ͷόΠφϦͰ΋ɺ΋ͪΖΜTUSJOHT  ͳͲͰ߈ܸख๏ʹؔ ܎͢Δจࣈྻ͸ݟ͑ͯ͠·͏ɻ wจࣈσʔλΛ·ͱΊͯ֎෦͔Βఏڙͭͭɺ҉߸Խ͞ΕͨܗͰόΠφϦ ؚΉΑ͏ͳπʔϧΛ࡞ΕΔͱྑͦ͞͏ʁ wʢ΋ͪΖΜɺҰൠతͳ࿩ͰόΠφϦ಺ͷจࣈྻΛ҉߸Խͯ͠΋
 ɹͦΜͳʹηΩϡϦςΟରࡦʹ͸ͳΒͳ͍ɻΫΠζͷ೉қ౓తͳ࿩Ͱʣ

  31. None

  32. PT&YJU