Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HITCON 2017 Zeroday 發表會

Avatar for Inndy Inndy
August 26, 2017
Technology
1.4k
0

HITCON 2017 Zeroday 發表會

https://zeroday.hitcon.org/vulnerability/ZD-2016-00306

Avatar for Inndy

Inndy

August 26, 2017

More Decks by Inndy

See All by Inndy
工程師一定要懂的 Text Encoding
Avatar for Inndy inndy
1
760
資訊安全:麻瓜的黑魔法防禦術
Avatar for Inndy inndy
3
3.1k
HackmeCTF 平台背後的心酸血淚史
Avatar for Inndy inndy
2
870
COSCUP 2018 Lightning Talk - 審稿好難,所以我們來寫程式吧
Avatar for Inndy inndy
0
500
逆向工程:從入門到放棄
Avatar for Inndy inndy
7
3.6k
No More Crypto Fails
Avatar for Inndy inndy
34
8.3k
你再共用密碼啊
Avatar for Inndy inndy
1
790
CTF From Zero To One
Avatar for Inndy inndy
5
5.3k
逆向工程基礎
Avatar for Inndy inndy
4
1.5k

Other Decks in Technology

See All in Technology
世界の中心でApp Runnerを叫ぶ FINAL
Avatar for つくぼし tsukuboshi
0
260
Vision Banana: Image Generators are Generalist Vision Learners
Avatar for Kazuyuki Miyazawa kzykmyzw
0
360
アプリブロック機能のつくりかたと、AIとHTMLの不合理な相性の良さについて
Avatar for kumamotone kumamotone
1
250
SLI/SLO、「完全に理解した」から「チョットデキル」へ
Avatar for maru maruloop
5
440
Oracle Base Database Service 技術詳細
Avatar for oracle4engineer oracle4engineer
PRO
15
100k
サンプリングは「作る」のか「使う」のか? 分散トレースのコストと運用を両立する実践的戦略 / Why you need the tail sampling and why you don't want it
Avatar for ymotongpoo ymotongpoo
4
170
データモデリング通り #5オンライン勉強会: AIに『ビジネスの文脈』を教え込むデータモデリング
Avatar for データ横丁 datayokocho
0
260
古今東西SRE
Avatar for Kaoru okaru
2
180
鹿野さんに聞く!CSSの最新トレンド Ver.2026
Avatar for tonkotsuboy_com tonkotsuboy_com
6
2.9k
2026年春のAgentCoreアプデ 細かいやつ全部まとめ
Avatar for みのるん minorun365
3
220
続 運用改善、不都合な真実 〜 物理制約のない運用改善はほとんど無価値 / 20260518-ssmjp-kaizen-no-value-without-physical-constraints
Avatar for opelab opelab
1
130
Claude Codeウェビナー資料 - AWSの最新機能をClaude Codeで高速に検証する
Avatar for ONOYAMA Shodai oshanqq
0
240

Featured

See All Featured
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
160
Code Reviewing Like a Champion
Avatar for maltzj maltzj
528
40k
Groundhog Day: Seeking Process in Gaming for Health
Avatar for Sebastian Deterding codingconduct
0
170
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
5k
Leading Effective Engineering Teams in the AI Era
Avatar for Addy Osmani addyosmani
9
1.9k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
340
58k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
Avatar for Aki / @LoveIdahoBurger aki_iinuma
128
55k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
Avatar for Kenny Baas-Schwegler baasie
0
340
Sam Torres - BigQuery for SEOs
Avatar for Tech SEO Connect techseoconnect
PRO
0
260
Designing for Timeless Needs
Avatar for Cassini Nazir cassininazir
0
220
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
199
73k
The Curse of the Amulet
Avatar for Matthew Lei leimatthew05
1
12k

Transcript

  1. )*5$0/;FSPEBZ 䧮䟝銴⤑㹆涸J1IPOF4&⛓飑暟"QQ䢔呪

  2. )J 䧮僽*OOEZ BLB加啄

  3. ➛㣔䧮銴铞♧⦐ 飑暟"QQ剤㥪㢵䓳럊涸佦✲ @ sཀպ̼ @

  4. ⿡䎃厥♧㣔 䧮罉꠸騈䧮铞 ؇̫٥

  5. 厥飑暟笪畀剤馄⤑㹆ꣳꆀ㉂ㅷ ⿶ⶍ㥪䧮䟝䳖䩛堥 s٥Ī٥A

  6. None

  7. 搭䖕䧮⦛㽠䩧Ꟛ #VSQ4VJUFꟚ㨥溏꣚溏 ง๑•̀@•́ ง

  8. 䧮欽7VFKT㻨✫♧⦐溏匢 ⢵䮋鼇⤑㹆涸㉂ㅷ 齡儘⦬䊨⡲ⶍ㥪㖈欽7VFKT鄄OPEFKT䵆䖤㥪汥蕲 Aİs 

  9. ٧(́◕◞౪◟◕ 

  10. 䱺衽涮植♴鎎㋲涸"1* 须俲剤⸈㺙 ಠ@ಠ

  11. 剤⦐䊨Ⱘ〭⨞KBEY 〳⟃⿾管陼"OESPJE"QQ ҙŐ ұѨѠѽ♧

  12. s̫A _ԍ

  13. s̫A _ԍ

  14. 昸✫䵻⤑㹆涸J1IPOF4& ٧ ԫӟ ظ

  15. 㻨玑䒭䵻飑

  16. 穡卓剤"1*鸠䏞ꣳⵖ 鼩剤♧❉㼭稣眏尝岤䠑ⵌ İ

  17. 穡卓䧮♧⦐鿪尝䵻ⵌ இŐஇ

  18. 㔐곃♧♴ s٥Ī٥A

  19. "&4$#$1,$4 s٥Ī٥A

  20. 1BEEJOH0SBDMF  sİA

  21. 'JYFE,FZ*7  sİA

  22. 䧮ⶍⶍ僽♶僽铞䧮⦛欽 #SVQ4VJUF s٥Ī٥A

  23. 飑暟笪畀䥰鑪剤 44-5-4ゅ s٥Ī٥A

  24.  sİA

  25. 䖕⢵䟝䟝"QQ鿪㻨涸鸏 랃昈✫㥪⫹剤溏ⵌTRMJUF sŐA

  26. @ sཀպ̼ @

  27. 卓搭剤42-*OKFDUJPO @ sཀպ̼ @

  28. ˙08"415PQ.PCJMF3JTLT'JOBM-JTU ˙.8FBL4FSWFS4JEF$POUSPMT ˙.*OTFDVSF%BUB4UPSBHF ˙.*OTVDJFOU5SBOTQPSU-BZFS1SPUFDUJPO ˙.6OJOUFOEFE%BUB-FBLBHF ˙.1PPS"VUIPSJ[BUJPOBOE"VUIFOUJDBUJPO ˙.#SPLFO$SZQUPHSBQIZ ˙.$MJFOU4JEF*OKFDUJPO ˙ 鸏䧮尝剤庠麕

    魨⟨阮㶶贫㶸㖈1SFGFSFODF.BOBHFS酆꬗

  29. 㥶卓䧮僽䟅䠑余乹罏 ̫

  30. 䎙㣔䖕䧮䪾须俲侮椚♧♴ ⚓♳)*5$0/;FSPEBZ

  31. None

  32. ⼿⸔鹎遤醳庠

  33. 恠Ꟁ涸麕玑н sŐA й • 2016/11 送出 • ⽉月底廠商才有回應 • 修到⼀一半請我複測,接著交給其他廠商做檢測

    • 拖了了半年年,2017/05 終於公開了了!⼼心好累

  34. 鸏⚆歲涸怪峯⿶㼱✫♧⦐ sӟA

  35. 昸➊랃剚剤鸏랃㢵怪峯 sŐ

  36. 醳醢顦♳䊨玑䌌 ಠ@ಠ

  37. IUUQTMBVSFOUHJUIVCJPTPJOKFDUJPOT

  38. 䖰㷸绢㻨玑䒭涸儘⦬ 㽠ⴀ✫㉏겗 ⡹涸罉䌌铞♶㹁㽠僽怪峯⢵彂 䠮闒➮雊䧮⦛剤䊨⡲

  39. 䖎㢵剅硃䲿⣘涸眕⢿玑䒭 㽠剤㉏겗 ⡹⿡剅㽷缺1)1涸剅♧㹁䪪涸ⵌ42-*OKFDUJPO

  40. ♧饱㔐㜡怪峯 鍑对剤㉏겗涸➃來肬➮⦛ ؇̫٥