Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
脆弱性を作ってみた
Search
Sota Sugiura
December 22, 2016
Technology
1
560
脆弱性を作ってみた
雑兵MeetUp #8@21cafe
Sota Sugiura
December 22, 2016
Tweet
Share
More Decks by Sota Sugiura
See All by Sota Sugiura
内製したSlack Appで頑張るIncident Response@Waroom Meetup #1 / Incident Response with Slack App in 10X
sota1235
0
1.6k
20220926_セキュリティチームの今_for_Drs._Prime_公開用.pdf
sota1235
0
130
再発防止策を考える技術 / #phpconsen
sota1235
10
3.9k
How to choose the best npm module for your team?
sota1235
9
600
Realtime Database for high traffic production application
sota1235
7
4k
Road to migrate JP Web as a microservice
sota1235
4
1.6k
インターフェース再入門 / Think Interface again
sota1235
6
11k
再発防止策を考える技術 #phpconfuk_rej
sota1235
1
1.2k
Update around Firebase #io18
sota1235
3
4.3k
Other Decks in Technology
See All in Technology
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
820
SRE with AI:実践から学ぶ、運用課題解決と未来への展望
yoshiiryo1
0
310
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.2k
〜『世界中の家族のこころのインフラ』を目指して”次の10年”へ〜 SREが導いたグローバルサービスの信頼性向上戦略とその舞台裏 / Towards the Next Decade: Enhancing Global Service Reliability
kohbis
3
1.5k
Rethinking Incident Response: Context-Aware AI in Practice
rrreeeyyy
2
940
Digitization部 紹介資料
sansan33
PRO
1
4.5k
ロールが細分化された組織でSREは何をするか?
tgidgd
1
420
対話型音声AIアプリケーションの信頼性向上の取り組み
ivry_presentationmaterials
3
1k
IPA&AWSダブル全冠が明かす、人生を変えた勉強法のすべて
iwamot
PRO
2
230
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
13k
AWS CDK 入門ガイド これだけは知っておきたいヒント集
anank
5
750
毎晩の 負荷試験自動実行による効果
recruitengineers
PRO
5
180
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
How to Think Like a Performance Engineer
csswizardry
25
1.7k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.9k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
21
1.3k
Being A Developer After 40
akosma
90
590k
How STYLIGHT went responsive
nonsquared
100
5.6k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
830
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Six Lessons from altMBA
skipperchong
28
3.9k
Music & Morning Musume
bryan
46
6.7k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Transcript
੬ऑੑΛ࡞ͬͯΈͨ !TPUB͖ΓΜ ࡶฌ.FFU6Q
ࣗݾհ w ͖ΓΜͰ͢ w !TPUB w ໌͔Βࢮͷ͕ؒ࢝·Γ· ͕͢Έͳ͞ΜਐḿͲ͏Ͱ͔͢
੬ऑੑΛ࡞ͬͪΌͬͨͰͳ͘ ࡞ͬͯΈͨͰ͢ ̃䯡ՙ☭岩ՙՊլՖ㈕ՙՊլ
߈ܸຊೳͷ w ਓਐԽ͢ΔલԐͩͬͨ w ՐΛ͍ɺಓ۩Λ͍ɺङΓΛߦ͏͜ͱͰੜ͖ Ԇͼ͖ͯͨ w ߈ܸ͢Δ͜ͱͱੜ͖Δ͜ͱͦͷͷ
ਓੜJT ԐͷγϦʔζΑΓ
ϓϩάϥϚʹ͓͚Δ߈ܸຊೳ w ϓϩάϥϚਓؒ w વɺ߈ܸຊೳΛඋ͍͑ͯΔ w ࣮ϓϩάϥϚͱ߈ܸੑີʹؔͯ͠Δͱ ݴΘΕ͍ͯΔ
·͊ӕͳΜͰ͚͢Ͳ IUUQKJHPLVOPDPNFJE@IUNM
·͊ӕͳΜͰ͚͢Ͳ Ͱ૽ͳਓ͕ଟ͍ؾ͠·͢ΑͶ IUUQKJHPLVOPDPNFJE@IUNM
ݱ࣮ݫ͍͠ IUUQTUXJUUFSDPNIULC@TUBUVT
ݱ࣮ݫ͍͠ IUUQTUXJUUFSDPNIULC@TUBUVT
ఘΊΔ͔͠ແ͍ͷ͔ w ߹๏తʹ߈ܸຊೳΛຬͨ͢ํ๏͕ʜ w ͋Γ·͊ SZ
$BQUVSF 5IF 'MBH
$BQUVSF5IF'MBH w ضऔΓ߹ઓ w αʔόʹ৵ೖͨ͠ΓηΩϡϦςΟʹ·ͭΘΔ Λղ͍ͯضΛऔΔ w 4&$$0/ͱ͔༗໊Ͱ͢ΑͶ
ຊ w ઌɺ͚ʹ$5'Λͬͨ w ඍົʹܦݧ͕͋ͬͨͷͰ࡞Γͱ͔ͬͨ
༷ࢠ
༷ࢠ
ग़δϟϯϧΛܾΊΔ w $5'ͷकඋൣғΊͪΌͪ͘Όେ w ҉߸ ϑΝΠϧղੳ ωοτϫʔΫ 8FC 'PSFOTJDT
QXO FUD w ࠓճ8FCͷਓ͕ଟ͔ͬͨͷͰ8FCଟΊʹͨ͠
Λߟ͑Δ w ͱ͍ͬͯࢲॳ৺ऀͳͷͰաڈͱ͔੬ऑੑ Λௐͳ͕Βߟ͑Δ w ͓͠Ζ͔ͬͨΓֶͼʹͳΓͦ͏ͳͷ͕͋Ε ࠾༻͍ͯ͘͠
Λߟ͑Δ
γφϦΦΛҙࣝ͢Δ w ͜Μͳ੬ऑੑ͕͋ͬͨΒ͜Μͳ͜ͱ͕Ͱ͖ͪΌ ͏ΑͶɺΈ͍ͨͳͷΛߟ͑Δ
Կݸ͔հ
ྫ͑ψϧόΠτ߈ܸ w /6--จࣈΛจࣈྻͷऴจࣈͱͯ͠ೝࣝ͢Δ ͜ͱΛར༻ͨ͠߈ܸ w ࠓճ1)1Ͱ࣮ͨ͠
ψϧόΠτ߈ܸ <?php $filename = $_GET['filename'].'png'; echo file_get_contents($filename);
ψϧόΠτ߈ܸ <?php $filename = $_GET['filename'].'png'; echo file_get_contents($filename); // /index.php?filename=/etc/passwd //
Ͱ.png͕अຐͦ͏…
ψϧόΠτ߈ܸ w ͓ΉΖʹJOEFYQIQ pMFOBNFUD QBTTXEʹΞΫηε͢Δ w ͢ΔͱpMF@HFU@DPOUFOUTΛऴจࣈͱ ͯ͠ೝࣝ͢ΔͷͰQOH͕ࣺͯΒΕΔ
ψϧόΠτ߈ܸ <?php $filename = $_GET['filename'].'png'; echo file_get_contents($filename); // /index.php?filename=/etc/passwd%00 //
ϢʔβҰཡൈ͚Δͧʂ
ྫ͑/P42-*OKFDUJPO w υΩϡϝϯτ%#Ͱى͖͏Δ੬ऑੑ w 1)1 NPOHP%#Ͱ࣮Ͱ͖Δ
/P42-ΠϯδΣΫγϣϯ <?php $name = $_GET['name']; return $db->find(['name' => $name]); //
/index.php?name=kirin
/P42-ΠϯδΣΫγϣϯ <?php $name = $_GET['name']; return $db->find(['name' => $name]); //
/index.php?name[$ne]=xͬͯΔͱ…
ྫ͑/P42-*OKFDUJPO w 1)1Ͱ(&5ΫΤϦετϦϯάΛ࿈ྻͰड ͚औΕΔ w OBNF<OF>YͬͯΔͱҎԼͷΑ͏ͳ͕ ͬͯ͘Δ
ྫ͑/P42-*OKFDUJPO w ͜ͷΫΤϦ͕ͦͷ··NPOHPʹΔͱ42-Ͱ ݴ͏ͱ͜Ζͷ8)&3&OBNFbY`ͱ͍͏݅ ཱ͕ͯ͠͠·͏
ͳΜͰ1)1͔ͬΓ͔ͬͯʁ w ؾ͍ͯ͠·ͬͨਓফ͞ΕΔͷͰؾ͔ͮͳ͍ ϑϦΛ͠·͠ΐ͏Ͷ ?Т? w 1)1Yd͓͏ɺܑ͓͞Μͱͷଋͩ ?Т?
ଞʹʜ w ύεϫʔυ͖ͭ;*1ղੳ w %JHFTU#BTJDBVUIFOUJDBUJPO w 944 w ҉߸ղੳ 305ͱ͔୯Ұࣈࣜͱ͔
ਅ໘ͳ w ࡞͢Δʹͭͷࢹ͕ඞཁ w ߈ܸऀࢹ w ։ൃऀࢹ w ʮప໌͚ʹ։ൃͯͨ͠ΒΪϦΪϦ͋Γ͏ΔʯΈ ͍ͨͳͭΛ࡞Δͷָ͍͠͠ษڧʹͳΔΑ
·ͱΊɿ$5'͠Α͏ w ߹๏తʹ߈ܸຊೳΛຬͨͤΔͷͰΦεεϝ w 8FCʹݶΒͣ෯͍ࣝΛٻΊΒΕΔͷͰษڧ ʹͳΔ w ৗறܕ$5'͋ΔͷͰڵຯ͕͋Δํͥͻ