Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to hack metacpan.org

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for mala mala
September 04, 2014
Programming
7
1.4k

How to hack metacpan.org

YAPC::Asia 2014 Reject con LT
2014-09-03

Avatar for mala

mala

September 04, 2014
Tweet

More Decks by mala

See All by mala
The Evolution of Alert & Notification System / Becks Japan #1
Avatar for mala mala
11
9k
TBD/Shibuya.XSS techtalk #8
Avatar for mala mala
5
2.8k
実例に学ぶXSS脆弱性の発見と修正方法/line_dm 16 20160916 how to find and fix xss
Avatar for mala mala
25
9.5k
超絶技巧CSRF / Shibuya.XSS techtalk #7
Avatar for mala mala
41
15k
SECCON2013 slide
Avatar for mala mala
14
3k

Other Decks in Programming

See All in Programming
DevinとClaude Code、SREの現場で使い倒してみた件
Avatar for karia/Y.Hisamatsu karia
1
890
CSC307 Lecture 14
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
450
手戻りゼロ? Spec Driven Developmentとは@KAG AI week
Avatar for Tomoki Hirai tmhirai
1
150
encoding/json/v2のUnmarshalはこう変わった:内部実装で見る設計改善
Avatar for Hiroki Kurasawa kurakura0916
0
290
CDIの誤解しがちな仕様とその対処TIPS
Avatar for futokiyo futokiyo
0
160
クライアントワークでSREをするということ。あるいは事業会社におけるSREと同じこと・違うこと
Avatar for nnaka2992 nnaka2992
1
300
Claude Code、ちょっとした工夫で開発体験が変わる
Avatar for Toranosuke Minamikawa tigertora7571
0
190
オブザーバビリティ駆動開発って実際どうなの?
Avatar for yohfee yohfee
3
680
株式会社 Sun terras カンパニーデック
Avatar for Sun terras.Inc sunterras
0
2k
24時間止められないシステムを守る-医療ITにおけるランサムウェア対策の実際
Avatar for kouki.miura koukimiura
2
180
AI活用のコスパを最大化する方法
Avatar for Ochtum ochtum
0
120
ご飯食べながらエージェントが開発できる。そう、Agentic Engineeringならね。
Avatar for yoko / Naoki Yokomachi yokomachi
1
280

Featured

See All Featured
Between Models and Reality
Avatar for mayunak mayunak
2
220
How To Speak Unicorn (iThemes Webinar)
Avatar for Michelle Schulp Hunt marktimemedia
1
400
How STYLIGHT went responsive
Avatar for nonsquared nonsquared
100
6k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.9k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.9k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
Avatar for Katarina Dahlin katarinadahlin
PRO
1
3.5k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
Avatar for Sara Fernández Carmona sarafernandez
0
130
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.4k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
280
B2B Lead Gen: Tactics, Traps & Triumph
Avatar for Sophie Logan marketingsoph
0
65
Organizational Design Perspectives: An Ontology of Organizational Design Elements
Avatar for Dr. Kim W Petersen kimpetersen
PRO
1
620
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
57
14k

Transcript

  1. )PXUPIBDL NFUBDQBOPSH NBMB

  2. :"1$ߦͬͯͳ͍

  3. ͖ΐ͏ͷςʔϚ w )PXUPIBDLNFUBDQBOPSH ! w ѱ͍ҙຯͰ

  4. NFUBDQBOPSHͰͷ SFNPUFDPEFFYFDVUJPO w िؒ΄ͲલʹใࠂpYFE w 1MBDL.JEEMFXBSF4FTTJPO$PPLJF w NFUBDQBOPSH௚͔ͬͯΒৄࡉॻ͜͏ͱࢥͬͨΒ NJZBHBXB͞Μ͕௒଎ͰϦϦʔεͨ͠ͷͰ NFUBDQBOPSHθϩσΠެ։ঢ়ଶͩͬͨ

  5. ͝ଘ஌Ͱ͔͢ʁ 4UPSBCMFͰ ೚ҙίʔυ࣮ߦ

  6. ΦϒδΣΫτσγϦΞϥΠβ Λ௨ͨ͡ίʔυ࣮ߦ w ෳ਺ͷݴޠͰಉ༷ͷ໰୊͕ใࠂ͞Ε͍ͯΔ w ೚ҙͷΫϥεͷΦϒδΣΫτΛ෮ݩͰ͖Δ΋ͷ w 3VCZ :".- .BSTIBM

    w 1FSM 4UPSBCMF :".- 9.-

  7. $PPLJFܦ༝Ͱͷ 4UPSBCMFΦϒδΣΫτ w σγϦΞϥΠζͷλΠϛϯάͰίʔυ࣮ߦग़དྷΔ w $PPLJFʹ4UPSBCMFͰσʔλอଘ͢Δηογϣϯ Ϛωʔδϟ͕͋Δ w )."$ॺ໊ʹΑΔվ᜵๷ࢭ͕ͳ͍PS伴͕ऑ͍ PS伴͕࿙ΕΔέʔεͰDPPLJF͕վ᜵Ͱ͖Δ

    w ࡉ޻ͨ͠$PPLJFΛ࢖ͬͨ೚ҙίʔυ࣮ߦग़དྷΔ

  8. ͍͔ͭ͘ใࠂ͞Ε͍ͯΔ w SFQPSUFECZNBMB ͍͖͞Μ  w )5514FTTJPO "NPO w 1MBDL.JEEMFXBSF4FTTJPO$PPLJF

    w ೥ w 4UPSBCMFUIBXDBMMFEPODPPLJFEBUBJONVMUJQMF $1"/NPEVMFT w IUUQTFDMJTUTPSHPTTTFDR

  9. Өڹൣғ w ΦϒδΣΫτ͕෮ݩ͞ΕΔͱ͍͏͜ͱ͸ w ԿΒ͔ͷॳظԽॲཧ͕࣮ߦ͞ΕͨΓ w ഁغ͞ΕΔλΠϛϯάͰσετϥΫλ͕࣮ߦ͞ΕͨΓ w ܕม׵ͷλΠϛϯάͰԿ͔͕͓͖ͨΓ
 ʢίʔυຒΊࠐΊΔςϯϓϨʔτΤϯδϯͱ͔ʣ

    w ͦͷଞ΋Ζ΋Ζͷ༧ظ͠ͳ͍໰୊

  10. ΦϒδΣΫτσγϦΞϥΠβ ͸ةݥ w ϓϨʔϯͳϋογϡΑΓ΋༧ظ͠ͳ͍͜ͱ͕ى ͖Δ w CMFTTFEIBTIඞཁͳ͚Ε͹
 4UPSBCMFΛ࢖Θͳ͍΄͏͕͍͍

  11. +40/ʹ͢Ε͹҆શʁ w ͓͓ΉͶͦ͏ w σγϦΞϥΠζͷΈͰ໰୊͸ى͖ͳ͍ w +40/ 42-JOKFDUJPO w จࣈྻ͕དྷΔͱࢥͬͯΔՕॴʹϋογϡ΍഑ྻ

    ͕ೖΔ͜ͱͰ༧ظ͠ͳ͍ಈ࡞͕ى͜ΔՄೳੑ

  12. 4UPSBCMFͷಛච͢΂͖఺ w ೚ҙͷϞδϡʔϧͷϩʔυ͕Մೳ w PWFSMPBE͕࢖ΘΕ͍ͯΔΦϒδΣΫτΛGSFF[F͢Δͱɺ PWFSMPBEϑϥά෇͖Ͱอଘ͞ΕΔ w PWFSMPBEϑϥά͕෇͍͍ͯΔ4UPSBCMFEPDVNFOUΛ ϩʔυ͢ΔࡍʹɺಁաతʹϞδϡʔϧΛϩʔυ͢Δ w

    ຊདྷͳΒPWFSMPBE͕࢖ΘΕ͍ͯͳ͍ϞδϡʔϧͰ΋ɺ͜ ͷϑϥάΛઃఆ͢Δ͜ͱͰɺ೚ҙͷϞδϡʔϧΛϩʔυ Մೳ

  13. ͜Ε͸ط஌ͷ໰୊Ͱ͋Δ w NBTUFSJOHQFSMPSHUIFTUPSBCMF TFDVSJUZQSPCMFN w ۙ೥ʹͳͬͯEPDVNFOUʹॻ͔Εͨ w IUUQQFSMHJUQFSMPSHQFSMHJUDPNNJU GBDCCECGFEEB DFF

  14. σετϥΫλ࣮ߦ 㲈೚ҙίʔυ࣮ߦ w σετϥΫλ࣮ߦͰ͸ग़དྷΔ͜ͱ͕ݶΒΕΔ w యܕతͳͷ͸Ұ࣌ϑΝΠϧ࡟আ
 ˠ೚ҙϑΝΠϧ࡟আ w ͤΊͯϑΝΠϧॻ͖ࠐΈ͕ग़དྷΕ͹ɾɾɾ w

    ѱ༻Ͱ͖ͦ͏ͳ$1"/ϞδϡʔϧΛ୳͢

  15. ݬͷ೚ҙίʔυ࣮ߦՄೳϞδϡʔϧΛ୳ͯ͠ w σετϥΫλ಺Ͱίʔυ࣮ߦͰ͖ͦ͏ͳ΋ͷΛ୳ ͢ w FWBMTFMG\DPEF^ w PQFO ') TFMG\pMFOBNF^

     w TZTUFN FYFD EP HMPC FUD w ͦ͏ͦ͏ͳ͍Α

  16. ϑΝΠϧ΁ͷॻ͖ࠐΈ w ϑΝΠϧ΁ͷॻ͖ࠐΈ͕ग़དྷΕ͹ɺQNϑΝΠϧ Λੜ੒ͯ͠ϩʔυͯ͠΍Ε͹೚ҙίʔυ࣮ߦग़ དྷΔͷͰ͸ͳ͍͔ʁ w ࣮ࡍͷΞϓϦέʔγϣϯ͸VTFMJCͯ͠Δ͜ͱ͕ ଟ͍ MJCMPDBM 

    w ΧϨϯτσΟϨΫτϦҎԼͷϑΝΠϧʹ͋Δఔ౓ ࣗ༝ͳϑΥʔϚοτͰॻ͖ࠐΈ͕ग़དྷΕ͹ɻɻ

  17. σετϥΫλͰϑΝΠϧʹॻ͖ࠐΉ $1"/Ϟδϡʔϧ w ࣮ࡏͨ͠ w ໨HSFQ͠·ͬͯ͘ൃݟ w ࣗಈηʔϒ΍ϩάϑΝΠϧͷqVTIܥͷػೳ w QNϑΝΠϧΛੜ੒ͯ͠ϩʔυ·ͰՄೳ

    w ςϯϓϨʔτվ᜵͔Β೚ҙίʔυ࣮ߦ͕Մೳ

  18. 4UPSBCMFͰͷίʔυ࣮ߦ w ਂࠁ౓্͕͕ͬͨͱߟ͑ͯྑ͍
 જࡏత೚ҙίʔυ࣮ߦˠ࣮֬ͳ೚ҙίʔυ࣮ߦ  w ਖ਼֬ʹ͸ʮΠϯετʔϧ͞Ε͍ͯΔϞδϡʔϧ࣍ୈͰ೚ ҙίʔυ࣮ߦ͕Մೳʯ w ͔ͳΓଟ͘ͷ؀ڥͰΠϯετʔϧ͞Ε͍ͯΔϞδϡʔϧ

    ͰՄೳͩͬͨ w QFSMTFDVSJUZʹใࠂ FYQMPJUެ։͕ద੾͔Ͳ͏͔૬ஊ த

  19. ·ͱΊ w 4UPSBCMF ͱ͍͏͔CMFTTFEIBTIΛ෮ݩͰ͖Δ γϦΞϥΠβ͸೚ҙίʔυ࣮ߦʹܨ͕Δةݥ͕ ͋Δ w "NPOͱ1MBDL.JEEMFXBSF4FTTJPOΛ֘౰͢ Δ࢖͍ํͯ͠Δਓ͸Ξφ΢ϯεಡΜͰରԠͯ͠Ͷɻ w

    )BQQZ)BDLJOH