Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to hack metacpan.org

mala
September 04, 2014
Programming
7
1.3k

How to hack metacpan.org

YAPC::Asia 2014 Reject con LT
2014-09-03

mala

September 04, 2014
Tweet

More Decks by mala

See All by mala
The Evolution of Alert & Notification System / Becks Japan #1
mala
11
8.8k
TBD/Shibuya.XSS techtalk #8
mala
5
2.6k
実例に学ぶXSS脆弱性の発見と修正方法/line_dm 16 20160916 how to find and fix xss
mala
25
9.3k
超絶技巧CSRF / Shibuya.XSS techtalk #7
mala
40
14k
SECCON2013 slide
mala
14
2.9k

Other Decks in Programming

See All in Programming
KawaiiLT 登壇資料 キャリアとモチベーション
hiiragi
0
110
AIコードエディタの基盤となるLLMのFlutter性能評価
alquist4121
0
210
The Efficiency Paradox and How to Save Yourself and the World
hollycummins
0
110
Youtube Lofier - Chrome拡張開発
ninikoko
0
2.4k
List とは何か? / PHPerKaigi 2025
meihei3
0
870
国漢文混用体からHolloまで
minhee
1
190
タイムゾーンの奥地は思ったよりも闇深いかもしれない
suguruooki
1
650
Java 24まとめ / Java 24 summary
kishida
3
500
The Evolution of the CRuby Build System
kateinoigakukun
0
700
Enterprise Web App. Development (1): Build Tool Training Ver. 5
knakagawa
1
110
エンジニア未経験が最短で戦力になるためのTips
gokana
0
270
On-the-fly Suggestions of Rewriting Method Deprecations
ohbarye
1
2k

Featured

See All Featured
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.1k
Writing Fast Ruby
sferik
628
61k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.4k
Statistics for Hackers
jakevdp
798
220k
Testing 201, or: Great Expectations
jmmastey
42
7.5k
A designer walks into a library…
pauljervisheath
205
24k
[RailsConf 2023] Rails as a piece of cake
palkan
54
5.4k
Designing for humans not robots
tammielis
252
25k
GitHub's CSS Performance
jonrohan
1030
460k
Music & Morning Musume
bryan
47
6.5k
GraphQLとの向き合い方2022年版
quramy
46
14k
StorybookのUI Testing Handbookを読んだ
zakiyama
29
5.6k

Transcript

  1. )PXUPIBDL NFUBDQBOPSH NBMB

  2. :"1$ߦͬͯͳ͍

  3. ͖ΐ͏ͷςʔϚ w )PXUPIBDLNFUBDQBOPSH ! w ѱ͍ҙຯͰ

  4. NFUBDQBOPSHͰͷ SFNPUFDPEFFYFDVUJPO w िؒ΄ͲલʹใࠂpYFE w 1MBDL.JEEMFXBSF4FTTJPO$PPLJF w NFUBDQBOPSH௚͔ͬͯΒৄࡉॻ͜͏ͱࢥͬͨΒ NJZBHBXB͞Μ͕௒଎ͰϦϦʔεͨ͠ͷͰ NFUBDQBOPSHθϩσΠެ։ঢ়ଶͩͬͨ

  5. ͝ଘ஌Ͱ͔͢ʁ 4UPSBCMFͰ ೚ҙίʔυ࣮ߦ

  6. ΦϒδΣΫτσγϦΞϥΠβ Λ௨ͨ͡ίʔυ࣮ߦ w ෳ਺ͷݴޠͰಉ༷ͷ໰୊͕ใࠂ͞Ε͍ͯΔ w ೚ҙͷΫϥεͷΦϒδΣΫτΛ෮ݩͰ͖Δ΋ͷ w 3VCZ :".- .BSTIBM

    w 1FSM 4UPSBCMF :".- 9.-

  7. $PPLJFܦ༝Ͱͷ 4UPSBCMFΦϒδΣΫτ w σγϦΞϥΠζͷλΠϛϯάͰίʔυ࣮ߦग़དྷΔ w $PPLJFʹ4UPSBCMFͰσʔλอଘ͢Δηογϣϯ Ϛωʔδϟ͕͋Δ w )."$ॺ໊ʹΑΔվ᜵๷ࢭ͕ͳ͍PS伴͕ऑ͍ PS伴͕࿙ΕΔέʔεͰDPPLJF͕վ᜵Ͱ͖Δ

    w ࡉ޻ͨ͠$PPLJFΛ࢖ͬͨ೚ҙίʔυ࣮ߦग़དྷΔ

  8. ͍͔ͭ͘ใࠂ͞Ε͍ͯΔ w SFQPSUFECZNBMB ͍͖͞Μ  w )5514FTTJPO "NPO w 1MBDL.JEEMFXBSF4FTTJPO$PPLJF

    w ೥ w 4UPSBCMFUIBXDBMMFEPODPPLJFEBUBJONVMUJQMF $1"/NPEVMFT w IUUQTFDMJTUTPSHPTTTFDR

  9. Өڹൣғ w ΦϒδΣΫτ͕෮ݩ͞ΕΔͱ͍͏͜ͱ͸ w ԿΒ͔ͷॳظԽॲཧ͕࣮ߦ͞ΕͨΓ w ഁغ͞ΕΔλΠϛϯάͰσετϥΫλ͕࣮ߦ͞ΕͨΓ w ܕม׵ͷλΠϛϯάͰԿ͔͕͓͖ͨΓ
 ʢίʔυຒΊࠐΊΔςϯϓϨʔτΤϯδϯͱ͔ʣ

    w ͦͷଞ΋Ζ΋Ζͷ༧ظ͠ͳ͍໰୊

  10. ΦϒδΣΫτσγϦΞϥΠβ ͸ةݥ w ϓϨʔϯͳϋογϡΑΓ΋༧ظ͠ͳ͍͜ͱ͕ى ͖Δ w CMFTTFEIBTIඞཁͳ͚Ε͹
 4UPSBCMFΛ࢖Θͳ͍΄͏͕͍͍

  11. +40/ʹ͢Ε͹҆શʁ w ͓͓ΉͶͦ͏ w σγϦΞϥΠζͷΈͰ໰୊͸ى͖ͳ͍ w +40/ 42-JOKFDUJPO w จࣈྻ͕དྷΔͱࢥͬͯΔՕॴʹϋογϡ΍഑ྻ

    ͕ೖΔ͜ͱͰ༧ظ͠ͳ͍ಈ࡞͕ى͜ΔՄೳੑ

  12. 4UPSBCMFͷಛච͢΂͖఺ w ೚ҙͷϞδϡʔϧͷϩʔυ͕Մೳ w PWFSMPBE͕࢖ΘΕ͍ͯΔΦϒδΣΫτΛGSFF[F͢Δͱɺ PWFSMPBEϑϥά෇͖Ͱอଘ͞ΕΔ w PWFSMPBEϑϥά͕෇͍͍ͯΔ4UPSBCMFEPDVNFOUΛ ϩʔυ͢ΔࡍʹɺಁաతʹϞδϡʔϧΛϩʔυ͢Δ w

    ຊདྷͳΒPWFSMPBE͕࢖ΘΕ͍ͯͳ͍ϞδϡʔϧͰ΋ɺ͜ ͷϑϥάΛઃఆ͢Δ͜ͱͰɺ೚ҙͷϞδϡʔϧΛϩʔυ Մೳ

  13. ͜Ε͸ط஌ͷ໰୊Ͱ͋Δ w NBTUFSJOHQFSMPSHUIFTUPSBCMF TFDVSJUZQSPCMFN w ۙ೥ʹͳͬͯEPDVNFOUʹॻ͔Εͨ w IUUQQFSMHJUQFSMPSHQFSMHJUDPNNJU GBDCCECGFEEB DFF

  14. σετϥΫλ࣮ߦ 㲈೚ҙίʔυ࣮ߦ w σετϥΫλ࣮ߦͰ͸ग़དྷΔ͜ͱ͕ݶΒΕΔ w యܕతͳͷ͸Ұ࣌ϑΝΠϧ࡟আ
 ˠ೚ҙϑΝΠϧ࡟আ w ͤΊͯϑΝΠϧॻ͖ࠐΈ͕ग़དྷΕ͹ɾɾɾ w

    ѱ༻Ͱ͖ͦ͏ͳ$1"/ϞδϡʔϧΛ୳͢

  15. ݬͷ೚ҙίʔυ࣮ߦՄೳϞδϡʔϧΛ୳ͯ͠ w σετϥΫλ಺Ͱίʔυ࣮ߦͰ͖ͦ͏ͳ΋ͷΛ୳ ͢ w FWBMTFMG\DPEF^ w PQFO ') TFMG\pMFOBNF^

     w TZTUFN FYFD EP HMPC FUD w ͦ͏ͦ͏ͳ͍Α

  16. ϑΝΠϧ΁ͷॻ͖ࠐΈ w ϑΝΠϧ΁ͷॻ͖ࠐΈ͕ग़དྷΕ͹ɺQNϑΝΠϧ Λੜ੒ͯ͠ϩʔυͯ͠΍Ε͹೚ҙίʔυ࣮ߦग़ དྷΔͷͰ͸ͳ͍͔ʁ w ࣮ࡍͷΞϓϦέʔγϣϯ͸VTFMJCͯ͠Δ͜ͱ͕ ଟ͍ MJCMPDBM 

    w ΧϨϯτσΟϨΫτϦҎԼͷϑΝΠϧʹ͋Δఔ౓ ࣗ༝ͳϑΥʔϚοτͰॻ͖ࠐΈ͕ग़དྷΕ͹ɻɻ

  17. σετϥΫλͰϑΝΠϧʹॻ͖ࠐΉ $1"/Ϟδϡʔϧ w ࣮ࡏͨ͠ w ໨HSFQ͠·ͬͯ͘ൃݟ w ࣗಈηʔϒ΍ϩάϑΝΠϧͷqVTIܥͷػೳ w QNϑΝΠϧΛੜ੒ͯ͠ϩʔυ·ͰՄೳ

    w ςϯϓϨʔτվ᜵͔Β೚ҙίʔυ࣮ߦ͕Մೳ

  18. 4UPSBCMFͰͷίʔυ࣮ߦ w ਂࠁ౓্͕͕ͬͨͱߟ͑ͯྑ͍
 જࡏత೚ҙίʔυ࣮ߦˠ࣮֬ͳ೚ҙίʔυ࣮ߦ  w ਖ਼֬ʹ͸ʮΠϯετʔϧ͞Ε͍ͯΔϞδϡʔϧ࣍ୈͰ೚ ҙίʔυ࣮ߦ͕Մೳʯ w ͔ͳΓଟ͘ͷ؀ڥͰΠϯετʔϧ͞Ε͍ͯΔϞδϡʔϧ

    ͰՄೳͩͬͨ w QFSMTFDVSJUZʹใࠂ FYQMPJUެ։͕ద੾͔Ͳ͏͔૬ஊ த

  19. ·ͱΊ w 4UPSBCMF ͱ͍͏͔CMFTTFEIBTIΛ෮ݩͰ͖Δ γϦΞϥΠβ͸೚ҙίʔυ࣮ߦʹܨ͕Δةݥ͕ ͋Δ w "NPOͱ1MBDL.JEEMFXBSF4FTTJPOΛ֘౰͢ Δ࢖͍ํͯ͠Δਓ͸Ξφ΢ϯεಡΜͰରԠͯ͠Ͷɻ w

    )BQQZ)BDLJOH