Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HITCON 2017 Zeroday 發表會

Avatar for Inndy Inndy
August 26, 2017
Technology
0
1.3k

HITCON 2017 Zeroday 發表會

https://zeroday.hitcon.org/vulnerability/ZD-2016-00306
Avatar for Inndy

Inndy

August 26, 2017
Tweet

More Decks by Inndy

See All by Inndy
工程師一定要懂的 Text Encoding
Avatar for Inndy inndy
1
660
資訊安全:麻瓜的黑魔法防禦術
Avatar for Inndy inndy
3
2.9k
HackmeCTF 平台背後的心酸血淚史
Avatar for Inndy inndy
2
810
COSCUP 2018 Lightning Talk - 審稿好難,所以我們來寫程式吧
Avatar for Inndy inndy
0
430
逆向工程:從入門到放棄
Avatar for Inndy inndy
7
3.5k
No More Crypto Fails
Avatar for Inndy inndy
33
8k
你再共用密碼啊
Avatar for Inndy inndy
1
740
CTF From Zero To One
Avatar for Inndy inndy
5
5k
逆向工程基礎
Avatar for Inndy inndy
4
1.4k

Other Decks in Technology

See All in Technology
木を見て森も見る-モジュールが織りなすプロダクトの森
Avatar for KNOWLEDGE WORK / 株式会社ナレッジワーク kworkdev
PRO
0
300
dbtとリバースETLでデータ連携の複雑さに立ち向かう
Avatar for Toru Morooka morookacube
0
1.7k
AIエージェントのオブザーバビリティについて
Avatar for Yunosuke Yamada yunosukey
1
390
Google CloudのAI Agent関連のサービス紹介
Avatar for Shu Kobuchi shukob
0
150
ソフトウェアテスト 最初の一歩 〜テスト設計技法をワークで体験しながら学ぶ〜 #JaSSTTokyo / SoftwareTestingFirstStep
Avatar for nihonbuson nihonbuson
PRO
4
330
Kaigi Effect 2025 #rubykaigi2025_after
Avatar for sue445 sue445
0
340
Microsoft Fabric のライセンスについて
Avatar for Ryoma Nagata ryomaru0825
2
3.5k
golang-migrate VS Atlas !? 技術選定のポイントと学び ~DBマイグレーションツール選定の実例を通して~ / golang-migrate vs Atlas ! What is the point of technology selection and what you can learn from the examples of DB migration tool selection?
Avatar for NTT Communications nttcom
0
110
水耕栽培に全部賭けろ
Avatar for Mutz mutsumix
0
160
MagicPod MCPサーバー開発の裏側とAIエージェント活用の展望
Avatar for MagicPod magicpod
0
320
GrafanaをClaude DesktopからMCPで触ってみた
Avatar for 濱田孝治 hamadakoji
0
950
【Gen-AX】20250514開催_Findyオンラインイベント_技術選定を突き詰める
Avatar for Gen-AX株式会社 genax
0
120

Featured

See All Featured
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
56
9.4k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
Avatar for Eileen M. Uchitelle eileencodes
137
33k
Side Projects
Avatar for Sacha Greif sachag
453
42k
Distributed Sagas: A Protocol for Coordinating Microservices
Avatar for Caitie McCaffrey caitiem20
331
21k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
29
2.6k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
656
60k
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
35
2.7k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
19k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.1k
Faster Mobile Websites
Avatar for Dean Hume deanohume
307
31k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
19
1.2k
Building Applications with DynamoDB
Avatar for Matt Wood mza
94
6.4k

Transcript

  1. )*5$0/;FSPEBZ 䧮䟝銴⤑㹆涸J1IPOF4&⛓飑暟"QQ䢔呪

  2. )J 䧮僽*OOEZ BLB加啄

  3. ➛㣔䧮銴铞♧⦐ 飑暟"QQ剤㥪㢵䓳럊涸佦✲ @ sཀպ̼ @

  4. ⿡䎃厥♧㣔 䧮罉꠸騈䧮铞 ؇̫٥

  5. 厥飑暟笪畀剤馄⤑㹆ꣳꆀ㉂ㅷ ⿶ⶍ㥪䧮䟝䳖䩛堥 s٥Ī٥A

  6. None

  7. 搭䖕䧮⦛㽠䩧Ꟛ #VSQ4VJUFꟚ㨥溏꣚溏 ง๑•̀@•́ ง

  8. 䧮欽7VFKT㻨✫♧⦐溏匢 ⢵䮋鼇⤑㹆涸㉂ㅷ 齡儘⦬䊨⡲ⶍ㥪㖈欽7VFKT鄄OPEFKT䵆䖤㥪汥蕲 Aİs 

  9. ٧(́◕◞౪◟◕ 

  10. 䱺衽涮植♴鎎㋲涸"1* 须俲剤⸈㺙 ಠ@ಠ

  11. 剤⦐䊨Ⱘ〭⨞KBEY 〳⟃⿾管陼"OESPJE"QQ ҙŐ ұѨѠѽ♧

  12. s̫A _ԍ

  13. s̫A _ԍ

  14. 昸✫䵻⤑㹆涸J1IPOF4& ٧ ԫӟ ظ

  15. 㻨玑䒭䵻飑

  16. 穡卓剤"1*鸠䏞ꣳⵖ 鼩剤♧❉㼭稣眏尝岤䠑ⵌ İ

  17. 穡卓䧮♧⦐鿪尝䵻ⵌ இŐஇ

  18. 㔐곃♧♴ s٥Ī٥A

  19. "&4$#$1,$4 s٥Ī٥A

  20. 1BEEJOH0SBDMF  sİA

  21. 'JYFE,FZ*7  sİA

  22. 䧮ⶍⶍ僽♶僽铞䧮⦛欽 #SVQ4VJUF s٥Ī٥A

  23. 飑暟笪畀䥰鑪剤 44-5-4ゅ s٥Ī٥A

  24.  sİA

  25. 䖕⢵䟝䟝"QQ鿪㻨涸鸏 랃昈✫㥪⫹剤溏ⵌTRMJUF sŐA

  26. @ sཀպ̼ @

  27. 卓搭剤42-*OKFDUJPO @ sཀպ̼ @

  28. ˙08"415PQ.PCJMF3JTLT'JOBM-JTU ˙.8FBL4FSWFS4JEF$POUSPMT ˙.*OTFDVSF%BUB4UPSBHF ˙.*OTVDJFOU5SBOTQPSU-BZFS1SPUFDUJPO ˙.6OJOUFOEFE%BUB-FBLBHF ˙.1PPS"VUIPSJ[BUJPOBOE"VUIFOUJDBUJPO ˙.#SPLFO$SZQUPHSBQIZ ˙.$MJFOU4JEF*OKFDUJPO ˙ 鸏䧮尝剤庠麕

    魨⟨阮㶶贫㶸㖈1SFGFSFODF.BOBHFS酆꬗

  29. 㥶卓䧮僽䟅䠑余乹罏 ̫

  30. 䎙㣔䖕䧮䪾须俲侮椚♧♴ ⚓♳)*5$0/;FSPEBZ

  31. None

  32. ⼿⸔鹎遤醳庠

  33. 恠Ꟁ涸麕玑н sŐA й • 2016/11 送出 • ⽉月底廠商才有回應 • 修到⼀一半請我複測,接著交給其他廠商做檢測

    • 拖了了半年年,2017/05 終於公開了了!⼼心好累

  34. 鸏⚆歲涸怪峯⿶㼱✫♧⦐ sӟA

  35. 昸➊랃剚剤鸏랃㢵怪峯 sŐ

  36. 醳醢顦♳䊨玑䌌 ಠ@ಠ

  37. IUUQTMBVSFOUHJUIVCJPTPJOKFDUJPOT

  38. 䖰㷸绢㻨玑䒭涸儘⦬ 㽠ⴀ✫㉏겗 ⡹涸罉䌌铞♶㹁㽠僽怪峯⢵彂 䠮闒➮雊䧮⦛剤䊨⡲

  39. 䖎㢵剅硃䲿⣘涸眕⢿玑䒭 㽠剤㉏겗 ⡹⿡剅㽷缺1)1涸剅♧㹁䪪涸ⵌ42-*OKFDUJPO

  40. ♧饱㔐㜡怪峯 鍑对剤㉏겗涸➃來肬➮⦛ ؇̫٥