Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Goなどで作る脆弱性対策ゲーム / go-bigbridge
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
KONDO Uchio
June 14, 2018
Technology
1
910
Goなどで作る脆弱性対策ゲーム / go-bigbridge
@Fukuoka.go #11
https://fukuokago.connpass.com/event/87684/
KONDO Uchio
June 14, 2018
Tweet
Share
More Decks by KONDO Uchio
See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
udzura
5
2.5k
Ruby x BPF in Action / RubyKaigi 2022
udzura
0
280
Narrative of Ruby & Rust
udzura
0
250
開発者生産性指標の可視化 / pepabo-four-keys
udzura
3
1.8k
Talk of RBS
udzura
0
480
Re: みなさん最近どうですか? / FGN tech meetup in 2021
udzura
0
830
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
udzura
2
780
Device access filtering in cgroup v2
udzura
1
980
"Story of Rucy" on RubyKaigi takeout 2021
udzura
0
880
Other Decks in Technology
See All in Technology
20260204_Midosuji_Tech
takuyay0ne
1
150
Context Engineeringが企業で不可欠になる理由
hirosatogamo
PRO
3
570
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
AIエージェントを開発しよう!-AgentCore活用の勘所-
yukiogawa
0
160
こんなところでも(地味に)活躍するImage Modeさんを知ってるかい?- Image Mode for OpenShift -
tsukaman
0
140
CDKで始めるTypeScript開発のススメ
tsukuboshi
1
400
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
0gm
0
900
データの整合性を保ちたいだけなんだ
shoheimitani
8
3.1k
SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026
aeonpeople
6
2.3k
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
230
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
shift_evolve
PRO
1
260
AWS Network Firewall Proxyを触ってみた
nagisa53
1
230
Featured
See All Featured
Automating Front-end Workflow
addyosmani
1371
200k
We Have a Design System, Now What?
morganepeng
54
8k
4 Signs Your Business is Dying
shpigford
187
22k
Chasing Engaging Ingredients in Design
codingconduct
0
110
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
What Being in a Rock Band Can Teach Us About Real World SEO
427marketing
0
170
KATA
mclloyd
PRO
34
15k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
54
Everyday Curiosity
cassininazir
0
130
How to Grow Your eCommerce with AI & Automation
katarinadahlin
PRO
0
110
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
57
Transcript
6DIJP,POEP 'VLVPLBHP (PͳͲͰ࡞Δ੬ऑੑରࡦήʔϜ
(.0ϖύϘγχΞϓϦϯγύϧ ۙ౻͏͓ͪ!VE[VSB 044ϓϩμΫτ w NSVCZͷίϯςφϥϯλΠϜ)BDPOJXB w 3VCZͷ ZFU"OPUIFS 0QFO4UBDLDMJFOU:BP 3VCZ΄Ͳɺ(P͙Β͍ʁ
͖ͳϥΠϒϥϦIBTIJDPSQIDM ར༻ϒΩϓϥΠϜγϡʔλʔίϥϘ ηΩϡϦςΟษڧ࢝͠Ί͔ͨΓͰ͢
"MTPB3VCZJTU
13
'VLVPLBSC ! ԙϖύες
8FCΞϓϦέʔγϣϯͷ ੬ऑੑ
944
$43'
42- *OKFDUJPO
߈ܸ͞Εͨ͜ͱ ͋Γ·͔͢ʁ
߈ܸΛΓ͍ͨ ޚ͍ͨ͠
࿅शʢʁʣ͠Α͏
DG%78" w%BNO7VMOFSBCMF8FC"QQMJDBUJPO w͋͑ͯ੬ऑͳ࡞Γʹͨ͠ΣϒΞϓϦέʔγϣϯ w༷ʑͳ߈ܸΛ࣮ࡍʹߦ͏͜ͱͰɺ߈ܸଆͷؾ࣋ͪʹͳΓ ͦΕ͕։ൃʹ͓͍ͯʹཱͭ wΞϓϦέʔγϣϯͷ੬ऑ߹͍ΛઃఆͰ͖ͯศརʢʁʣ IUUQXXXEWXBDPVL
߈ܸΛͯ͠ΈΔͱ
None
͜ΕΛࣗಈԽ͢Δͱ
ޚଆͷ ࿅शʹ͑ΔͷͰʁ
CJHCSJEHFϓϩδΣΫτʢԾʣ wೋͭͷίϯςφΛ࡞Δ߈ܸଆɺޚଆ w߈ܸଆόΠφϦͰϒϥοΫϘοΫεͷϓϩάϥϜ wޚଆ"QBDIF NPE@QIQͳ੬ऑͳΞϓϦέʔγϣϯ TTIͰௐࠪՄೳͳΑ͏ɺγεςϜίϯςφʹͳ͍ͬͯΔ
CJHCSJEHF IUUQTDTLZVTIVVBDKQFOQJUQSP
ߏ Binary Apache MySQL App (PHP) SSHD Attacker Defender
ޚଆ͔ΒৄࡉΛɻ wTPWFSMBZͱ͍͏ɺ%PDLFSίϯςφʹಛԽͨ͠γϯϓϧͳJOJUͷ ΈΛͬͯγεςϜίϯςφΛ࡞Δɻ wTTIE ϩάͷͨΊSTZTMPH ɺBQBDIFɺ.Z42-Λࣂ͍ͬͯΔ wPDUPQBTTͰTTIϩάΠϯपΓΛ؆୯ʹ IUUQTHJUIVCDPNKVTUDPOUBJOFSTTPWFSMBZ
߈ܸଆɻ wṖͷόΠφϦ͕͋Δ wઃఆʹɺ߈ܸઌͷΞυϨεͳͲͷใ͔ͤ͠ͳ͘ɺͲ͏͍͏߈ܸ Λ͍ͯ͠Δ͔Θ͔Βͳ͍ wىಈ͢Δͱɺରͷ߈ܸͷޭࣦഊ͚͕ͩΘ͔Δ wˠޚଆͷϩάͳͲΛ֬ೝ͠ɺΞϓϦΛվमͯ͠
߈ܸϕϯνϚʔΫͷྲྀΕ w߈ܸଆͰόΠφϦىಈˠޚଆͰϩάͳͲΛ֬ೝ wˠޚଆͷઃఆΛมߋͨ͠ΓɺΞϓϦΛվम wˠ࠶߈ܸΛ͠ɺࣦഊͨ͠ΒӴޭʂʂʂ̍
ṖͷόΠφϦ
ͦ͜ͰɺΛ͏
࣮ͷྫ
ʹཱͭͷ wIFBE[PPTVSG wঢ়ଶΛอͭ͜ͱ͕Ͱ͖ΔΣϒεΫϨΠύʔϥΠϒϥϦ IUUQTHJUIVCDPNIFBE[PPTVSG
EFNP wʢतۀͰ͏ͱ͍͏͜ͱͰɺৄࡉ·ͩφΠγϣʣ
ࠓޙΓ͍ͨ͜ͱ w߈ܸͷόϦΤʔγϣϯΛ૿͢ w؆୯ͳରࡦͰ͋ͬͨΒ߈ܸଆͰݟൈ͔Εͯ͢Γൈ͚Δͭͱ͔ w߈ܸόΠφϦΛͬͱಡԽ͢Δ wޚଆɺ1)1Ҏ֎ͷݴޠϑϨʔϜϫʔΫΛ૿͢
จࣈྻΛӅ͍ͨ͠ w(PݴޠͷόΠφϦͰɺͪΖΜTUSJOHT ͳͲͰ߈ܸख๏ʹؔ ͢Δจࣈྻݟ͑ͯ͠·͏ɻ wจࣈσʔλΛ·ͱΊͯ֎෦͔Βఏڙͭͭɺ҉߸Խ͞ΕͨܗͰόΠφϦ ؚΉΑ͏ͳπʔϧΛ࡞ΕΔͱྑͦ͞͏ʁ wʢͪΖΜɺҰൠతͳͰόΠφϦͷจࣈྻΛ҉߸Խͯ͠ ɹͦΜͳʹηΩϡϦςΟରࡦʹͳΒͳ͍ɻΫΠζͷқతͳͰʣ
None
PT&YJU