Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
地雷探しに脆弱性を使うのは間違っているだろうか Hack a Minesweeper
Search
MR.RABBIT
December 07, 2017
0
180
地雷探しに脆弱性を使うのは間違っているだろうか Hack a Minesweeper
2017年6月3日(土) AKIBASECで発表さてもらったLT資料です。
MR.RABBIT
December 07, 2017
Tweet
Share
More Decks by MR.RABBIT
See All by MR.RABBIT
P.A.K.U.R.I SECCON2019 Akihabara YOROZU
01rabbit
1
95
P.A.K.U.R.I AVTOKYO HIVE
01rabbit
0
49
The Empire Strikes Back ~MR.RABBIT 帝国の逆襲~
01rabbit
0
220
あの日学んだ攻撃の方法を僕達はまだ知らない。
01rabbit
0
170
MR.RABBIT 聞いた事はあるけど、実際には見た事がないハッキングガジェット
01rabbit
2
7.2k
Featured
See All Featured
Gamification - CAS2011
davidbonilla
79
5k
A Tale of Four Properties
chriscoyier
155
22k
Building Applications with DynamoDB
mza
90
6k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
248
20k
In The Pink: A Labor of Love
frogandcode
139
22k
Clear Off the Table
cherdarchuk
91
320k
How to name files
jennybc
75
98k
How GitHub (no longer) Works
holman
310
140k
Building Flexible Design Systems
yeseniaperezcruz
325
38k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
45
4.8k
Ruby is Unlike a Banana
tanoku
96
11k
The Art of Programming - Codeland 2020
erikaheidi
48
13k
Transcript
BLJCBTFD ͏͗͞ !SBJU
ࣗݾհ ͏͗͞ w झຯͰϖωτϨʔγϣϯςετΛͯ͠Δ w झຯͰ߈ܸݕূΛ͍ͯ͠Δ w ݱࡏɺઈࢍෆൃதX ͏͞ϒϩ ɹIUUQSBJUCMPHIBUFCMPKQ
5XJUUFS ɹ!SBJU
–ͱ͋Δຐज़ͷېॻ lຐज़ͱɺ࠽ೳͷແ͍ਓ͕ؒͦΕͰ࠽ೳ͋Δ ਓؒͱରʹͳΔҝͷٕज़z
ಥવͰ͕࣭͢Ͱ͢ʂ ϚΠϯεΠʔύͬͯͬͯ·͔͢ʁ ɹϚΠϯεΠʔύʢ.JOFTXFFQFSʣ ʹൃ໌͞ΕͨɺҰਓ༻ͷίϯϐϡʔλήʔϜͰ͋ ΔɻήʔϜͷతཕݪ͔ΒཕΛऔΓআ͘͜ ͱͰ͋Δɻ 8JLJQFEJBΑΓ
;ͱࢥͬͨɾɾɾ
্ڃΛΫϦΞ͍ͨ͠ʂ ˞্ڃͷੈքهඵɹ8JLJQFEJBΑΓ
ͨͱ͑ ͲΜͳखஈΛͬͯͰʂʂ
ඪͱ͢Δ͜ͱ w ϚΠϯεΠʔύ͕ಈ͍͍ͯΔ8JOEPXTͷ੬ऑੑΛ ಥ͍ͯϋοΫ͢Δ w 8JOEPXTΛϋοΫͨ͠ޙɺϚΠϯεΠʔύΛϋο Ϋͯ͠Έͯཪٕ͕ແ͍͔୳ͯ͠ݟΔ
ڥ 8JOEPXT91 ,BMJ-JOVY
खॱ /NBQΛͬͯ8JOEPXT91Λௐࠪ͢Δ .FUBTQMPJUΛ༻ͯ͠৵ೖ͢Δ ৵ೖͨ͠Β.FUFSQSFUFSΛۦͯ͠.JOFTXFFQFS ΛϋοΫ͢ΔXɹʢ࣮ԋʣ
ϙʔτεΩϟϯͯ͠Έͨ ͕ɺ։͍͍ͯΔͱ͍͏͜ͱɾɾɾ /4"ͷΞϨ͕ɾɾɾ
&UFSOBM#MVF .4 ͷ֬ೝ %PVCMF1VMTBSΛࠐΊΔʂʂ ੬ऑੑൃݟʂʂ
&YQMPJU͢Δ ৵ೖྃʂ
.FUFSQSFUFS͔Β .JNJLBU[ΛಡΈࠐΉ ಡΈࠐΉ͜ͱͰʮNJNJLBU[@DPNNBOEʯ͕͑ ΔΑ͏ʹͳΔ ˞NJNJLBU[ͱ 8JOEPXTͷύεϫʔυΛΫϥοΫ͢Δπʔϧ
NJNJLBU[@DPNNBOEͷ࣮ߦ ͜͜ͰʮNJNJLBU[@DPNNBOEGXJONJOFJOGPTʯ ͱೖྗ͢Δͱɾɾɾ
͋Εʁ͑ݟ͑ͯΔX ,BMJ-JOVY 8JOEPXT91
͋Εʁ͑ݟ͑ͯΔX ,BMJ-JOVY 8JOEPXT91
͜ΕͰ্ڃΫϦΞͰ͖Δ ??
൱
NJNJLBU[@DPNNBOEʹ ͬͱੌ͍͕͋Δ ͜͜ͰʮNJNJLBU[@DPNNBOEGXJONJOFDIFBUʯ ͱೖྗ͢Δͱɾɾɾ
͑ʂʁ DIFBUίϚϯυΛૹͬͨޙʹɺ൫໘ͷۭ͖εϖʔεΛΫϦοΫ ͢ΔͱΫϦΞʂʂॴཁ࣌ؒ ̍ඵʂʂ
࣮ԋ
·ͱΊ w ੬ऑੑͷΔ8JOEPXT্ͷϚΠϯεΠʔύɺҶ ͮΔࣜʹήʔϜΛ߈ུ͞Εͯ͠·͏ w ཁ͢Δʹେਓؾͳ͍ϋοΧʔ͕ɺϜΩʹͳΔͱϚΠ ϯεΠʔύΛ̍ඵͰΫϦΞ͢Δ w ࣄΛଟ֯తʹݟΔͱ໘ന͍ൃݟ͋Δ
ऴΘΓ