Upgrade to Pro — share decks privately, control downloads, hide ads and more …

地雷探しに脆弱性を使うのは間違っているだろうか Hack a Minesweeper

Avatar for Mr.Rabbit Mr.Rabbit
December 07, 2017
0
200

地雷探しに脆弱性を使うのは間違っているだろうか Hack a Minesweeper

2017年6月3日(土) AKIBASECで発表さてもらったLT資料です。

Avatar for Mr.Rabbit

Mr.Rabbit

December 07, 2017
Tweet

More Decks by Mr.Rabbit

See All by Mr.Rabbit
BOCCHI
Avatar for Mr.Rabbit 01rabbit
0
17
KaliPAKU
Avatar for Mr.Rabbit 01rabbit
0
17
Babbly
Avatar for Mr.Rabbit 01rabbit
0
61
P.A.K.U.R.I SECCON2019 Akihabara YOROZU
Avatar for Mr.Rabbit 01rabbit
1
110
P.A.K.U.R.I AVTOKYO HIVE
Avatar for Mr.Rabbit 01rabbit
0
74
The Empire Strikes Back ~MR.RABBIT 帝国の逆襲~
Avatar for Mr.Rabbit 01rabbit
0
230
あの日学んだ攻撃の方法を僕達はまだ知らない。
Avatar for Mr.Rabbit 01rabbit
0
190
MR.RABBIT 聞いた事はあるけど、実際には見た事がないハッキングガジェット
Avatar for Mr.Rabbit 01rabbit
2
7.3k

Featured

See All Featured
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
56
14k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
190
11k
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
Building Applications with DynamoDB
Avatar for Matt Wood mza
96
6.7k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
21
1.2k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
10
660
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
24
1.5k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
303
21k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
234
18k

Transcript

  1.  BLJCBTFD ͏͗͞ !SBJU

  2. ࣗݾ঺հ ͏͗͞ w झຯͰϖωτϨʔγϣϯςετΛͯ͠Δ w झຯͰ߈ܸݕূΛ͍ͯ͠Δ w ݱࡏɺઈࢍෆ຾঱ൃ঱தX ͏͞ϒϩ ɹIUUQSBJUCMPHIBUFCMPKQ

    5XJUUFS ɹ!SBJU

  3. –ͱ͋Δຐज़ͷېॻ໨࿥ lຐज़ͱ͸ɺ࠽ೳͷແ͍ਓ͕ؒͦΕͰ΋࠽ೳ͋Δ ਓؒͱର౳ʹͳΔҝͷٕज़z

  4. ಥવͰ͕࣭͢໰Ͱ͢ʂ ϚΠϯεΠʔύͬͯ஌ͬͯ·͔͢ʁ ɹϚΠϯεΠʔύʢ.JOFTXFFQFSʣ͸೥୅ ʹൃ໌͞ΕͨɺҰਓ༻ͷίϯϐϡʔλήʔϜͰ͋ ΔɻήʔϜͷ໨త͸஍ཕݪ͔Β஍ཕΛऔΓআ͘͜ ͱͰ͋Δɻ 8JLJQFEJBΑΓ

  5. ;ͱࢥͬͨɾɾɾ

  6. ্ڃΛΫϦΞ͍ͨ͠ʂ ˞্ڃͷੈքه࿥͸ඵɹ8JLJQFEJBΑΓ

  7. ͨͱ͑ ͲΜͳखஈΛ࢖ͬͯͰ΋ʂʂ

  8. ໨ඪͱ͢Δ͜ͱ w ϚΠϯεΠʔύ͕ಈ͍͍ͯΔ8JOEPXTͷ੬ऑੑΛ ಥ͍ͯϋοΫ͢Δ w 8JOEPXTΛϋοΫͨ͠ޙɺϚΠϯεΠʔύΛϋο Ϋͯ͠Έͯཪٕ͕ແ͍͔୳ͯ͠ݟΔ

  9. ؀ڥ 8JOEPXT91  ,BMJ-JOVY 

  10. खॱ  /NBQΛ࢖ͬͯ8JOEPXT91Λௐࠪ͢Δ  .FUBTQMPJUΛ࢖༻ͯ͠৵ೖ͢Δ  ৵ೖͨ͠Β.FUFSQSFUFSΛۦ࢖ͯ͠.JOFTXFFQFS ΛϋοΫ͢ΔXɹʢ࣮ԋʣ

  11. ϙʔτεΩϟϯͯ͠Έͨ ͕ɺ։͍͍ͯΔͱ͍͏͜ͱ͸ɾɾɾ /4"ͷΞϨ͕ɾɾɾ

  12. &UFSOBM#MVF .4 ͷ֬ೝ %PVCMF1VMTBSΛ࢓ࠐΊΔʂʂ ੬ऑੑൃݟʂʂ

  13. &YQMPJU͢Δ ৵ೖ׬ྃʂ

  14. .FUFSQSFUFS͔Β .JNJLBU[ΛಡΈࠐΉ ಡΈࠐΉ͜ͱͰʮNJNJLBU[@DPNNBOEʯ͕࢖͑ ΔΑ͏ʹͳΔ ˞NJNJLBU[ͱ͸ 8JOEPXTͷύεϫʔυΛΫϥοΫ͢Δπʔϧ

  15. NJNJLBU[@DPNNBOEͷ࣮ߦ ͜͜ͰʮNJNJLBU[@DPNNBOEGXJONJOFJOGPTʯ ͱೖྗ͢Δͱɾɾɾ

  16. ͋Εʁ౴͑ݟ͑ͯΔX ,BMJ-JOVY 8JOEPXT91

  17. ͋Εʁ౴͑ݟ͑ͯΔX ,BMJ-JOVY 8JOEPXT91

  18. ͜ΕͰ্ڃΫϦΞͰ͖Δ ??

  20. NJNJLBU[@DPNNBOEʹ͸ ΋ͬͱੌ͍෺͕͋Δ ͜͜ͰʮNJNJLBU[@DPNNBOEGXJONJOFDIFBUʯ ͱೖྗ͢Δͱɾɾɾ

  21. ͑ʂʁ DIFBUίϚϯυΛૹͬͨޙʹɺ൫໘ͷۭ͖εϖʔεΛΫϦοΫ ͢ΔͱΫϦΞʂʂॴཁ࣌ؒ ̍ඵʂʂ

  22. ࣮ԋ

  23. ·ͱΊ w ੬ऑੑͷ࢒Δ8JOEPXT্ͷϚΠϯεΠʔύ͸ɺҶ ͮΔࣜʹήʔϜΛ߈ུ͞Εͯ͠·͏ w ཁ͢Δʹେਓؾͳ͍ϋοΧʔ͕ɺϜΩʹͳΔͱϚΠ ϯεΠʔύΛ̍ඵͰΫϦΞ͢Δ w ෺ࣄΛଟ֯తʹݟΔͱ໘ന͍ൃݟ΋͋Δ

  24. ऴΘΓ