Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Goなどで作る脆弱性対策ゲーム / go-bigbridge
Search
KONDO Uchio
June 14, 2018
Technology
1
890
Goなどで作る脆弱性対策ゲーム / go-bigbridge
@Fukuoka.go #11
https://fukuokago.connpass.com/event/87684/
KONDO Uchio
June 14, 2018
Tweet
Share
More Decks by KONDO Uchio
See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
udzura
5
2.4k
Ruby x BPF in Action / RubyKaigi 2022
udzura
0
250
Narrative of Ruby & Rust
udzura
0
220
開発者生産性指標の可視化 / pepabo-four-keys
udzura
3
1.7k
Talk of RBS
udzura
0
450
Re: みなさん最近どうですか? / FGN tech meetup in 2021
udzura
0
780
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
udzura
2
730
Device access filtering in cgroup v2
udzura
1
910
"Story of Rucy" on RubyKaigi takeout 2021
udzura
0
830
Other Decks in Technology
See All in Technology
Lufthansa ®️ USA Contact Numbers: Complete 2025 Support Guide
lufthanahelpsupport
0
190
敢えて生成AIを使わないマネジメント業務
kzkmaeda
2
440
高速なプロダクト開発を実現、創業期から掲げるエンタープライズアーキテクチャ
kawauso
2
9.2k
React開発にStorybookとCopilotを導入して、爆速でUIを編集・確認する方法
yu_kod
1
270
MobileActOsaka_250704.pdf
akaitadaaki
0
120
AIの全社活用を推進するための安全なレールを敷いた話
shoheimitani
2
510
Delta airlines®️ USA Contact Numbers: Complete 2025 Support Guide
airtravelguide
0
340
Lazy application authentication with Tailscale
bluehatbrit
0
210
AI時代の開発生産性を加速させるアーキテクチャ設計
plaidtech
PRO
3
150
Flutter向けPDFビューア、pdfrxのpdfium WASM対応について
espresso3389
0
130
PO初心者が考えた ”POらしさ”
nb_rady
0
210
スタートアップに選択肢を 〜生成AIを活用したセカンダリー事業への挑戦〜
nstock
0
170
Featured
See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.4k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.7k
How STYLIGHT went responsive
nonsquared
100
5.6k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
281
13k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
BBQ
matthewcrist
89
9.7k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
50
5.5k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.9k
Agile that works and the tools we love
rasmusluckow
329
21k
Building a Modern Day E-commerce SEO Strategy
aleyda
42
7.4k
Transcript
6DIJP,POEP 'VLVPLBHP (PͳͲͰ࡞Δ੬ऑੑରࡦήʔϜ
(.0ϖύϘγχΞϓϦϯγύϧ ۙ౻͏͓ͪ!VE[VSB 044ϓϩμΫτ w NSVCZͷίϯςφϥϯλΠϜ)BDPOJXB w 3VCZͷ ZFU"OPUIFS 0QFO4UBDLDMJFOU:BP 3VCZ΄Ͳɺ(P͙Β͍ʁ
͖ͳϥΠϒϥϦIBTIJDPSQIDM ར༻ϒΩϓϥΠϜγϡʔλʔίϥϘ ηΩϡϦςΟษڧ࢝͠Ί͔ͨΓͰ͢
"MTPB3VCZJTU
13
'VLVPLBSC ! ԙϖύες
8FCΞϓϦέʔγϣϯͷ ੬ऑੑ
944
$43'
42- *OKFDUJPO
߈ܸ͞Εͨ͜ͱ ͋Γ·͔͢ʁ
߈ܸΛΓ͍ͨ ޚ͍ͨ͠
࿅शʢʁʣ͠Α͏
DG%78" w%BNO7VMOFSBCMF8FC"QQMJDBUJPO w͋͑ͯ੬ऑͳ࡞Γʹͨ͠ΣϒΞϓϦέʔγϣϯ w༷ʑͳ߈ܸΛ࣮ࡍʹߦ͏͜ͱͰɺ߈ܸଆͷؾ࣋ͪʹͳΓ ͦΕ͕։ൃʹ͓͍ͯʹཱͭ wΞϓϦέʔγϣϯͷ੬ऑ߹͍ΛઃఆͰ͖ͯศརʢʁʣ IUUQXXXEWXBDPVL
߈ܸΛͯ͠ΈΔͱ
None
͜ΕΛࣗಈԽ͢Δͱ
ޚଆͷ ࿅शʹ͑ΔͷͰʁ
CJHCSJEHFϓϩδΣΫτʢԾʣ wೋͭͷίϯςφΛ࡞Δ߈ܸଆɺޚଆ w߈ܸଆόΠφϦͰϒϥοΫϘοΫεͷϓϩάϥϜ wޚଆ"QBDIF NPE@QIQͳ੬ऑͳΞϓϦέʔγϣϯ TTIͰௐࠪՄೳͳΑ͏ɺγεςϜίϯςφʹͳ͍ͬͯΔ
CJHCSJEHF IUUQTDTLZVTIVVBDKQFOQJUQSP
ߏ Binary Apache MySQL App (PHP) SSHD Attacker Defender
ޚଆ͔ΒৄࡉΛɻ wTPWFSMBZͱ͍͏ɺ%PDLFSίϯςφʹಛԽͨ͠γϯϓϧͳJOJUͷ ΈΛͬͯγεςϜίϯςφΛ࡞Δɻ wTTIE ϩάͷͨΊSTZTMPH ɺBQBDIFɺ.Z42-Λࣂ͍ͬͯΔ wPDUPQBTTͰTTIϩάΠϯपΓΛ؆୯ʹ IUUQTHJUIVCDPNKVTUDPOUBJOFSTTPWFSMBZ
߈ܸଆɻ wṖͷόΠφϦ͕͋Δ wઃఆʹɺ߈ܸઌͷΞυϨεͳͲͷใ͔ͤ͠ͳ͘ɺͲ͏͍͏߈ܸ Λ͍ͯ͠Δ͔Θ͔Βͳ͍ wىಈ͢Δͱɺରͷ߈ܸͷޭࣦഊ͚͕ͩΘ͔Δ wˠޚଆͷϩάͳͲΛ֬ೝ͠ɺΞϓϦΛվमͯ͠
߈ܸϕϯνϚʔΫͷྲྀΕ w߈ܸଆͰόΠφϦىಈˠޚଆͰϩάͳͲΛ֬ೝ wˠޚଆͷઃఆΛมߋͨ͠ΓɺΞϓϦΛվम wˠ࠶߈ܸΛ͠ɺࣦഊͨ͠ΒӴޭʂʂʂ̍
ṖͷόΠφϦ
ͦ͜ͰɺΛ͏
࣮ͷྫ
ʹཱͭͷ wIFBE[PPTVSG wঢ়ଶΛอͭ͜ͱ͕Ͱ͖ΔΣϒεΫϨΠύʔϥΠϒϥϦ IUUQTHJUIVCDPNIFBE[PPTVSG
EFNP wʢतۀͰ͏ͱ͍͏͜ͱͰɺৄࡉ·ͩφΠγϣʣ
ࠓޙΓ͍ͨ͜ͱ w߈ܸͷόϦΤʔγϣϯΛ૿͢ w؆୯ͳରࡦͰ͋ͬͨΒ߈ܸଆͰݟൈ͔Εͯ͢Γൈ͚Δͭͱ͔ w߈ܸόΠφϦΛͬͱಡԽ͢Δ wޚଆɺ1)1Ҏ֎ͷݴޠϑϨʔϜϫʔΫΛ૿͢
จࣈྻΛӅ͍ͨ͠ w(PݴޠͷόΠφϦͰɺͪΖΜTUSJOHT ͳͲͰ߈ܸख๏ʹؔ ͢Δจࣈྻݟ͑ͯ͠·͏ɻ wจࣈσʔλΛ·ͱΊͯ֎෦͔Βఏڙͭͭɺ҉߸Խ͞ΕͨܗͰόΠφϦ ؚΉΑ͏ͳπʔϧΛ࡞ΕΔͱྑͦ͞͏ʁ wʢͪΖΜɺҰൠతͳͰόΠφϦͷจࣈྻΛ҉߸Խͯ͠ ɹͦΜͳʹηΩϡϦςΟରࡦʹͳΒͳ͍ɻΫΠζͷқతͳͰʣ
None
PT&YJU