Upgrade to Pro — share decks privately, control downloads, hide ads and more …

古典的なStack Overflow から JIT-ROPまで

Avatar for @tkmru @tkmru
December 15, 2016
Programming
1
340

古典的なStack Overflow から JIT-ROPまで

ゼミにて
Avatar for @tkmru

@tkmru

December 15, 2016
Tweet

More Decks by @tkmru

See All by @tkmru
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
Avatar for @tkmru tkmru
2
1.4k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
Avatar for @tkmru tkmru
0
330
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
Avatar for @tkmru tkmru
0
170
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
Avatar for @tkmru tkmru
0
5.4k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
Avatar for @tkmru tkmru
1
4.5k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
Avatar for @tkmru tkmru
3
880
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
Avatar for @tkmru tkmru
0
200
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
Avatar for @tkmru tkmru
0
4.1k
めんどうくさいゲームセキュリティ
Avatar for @tkmru tkmru
20
11k

Other Decks in Programming

See All in Programming
Parallel::Pipesの紹介
Avatar for Shoichi Kaji skaji
2
860
Rethinking Data Access: The New httpResource in Angular
Avatar for Manfred Steyer manfredsteyer
PRO
0
210
RubyKaigi Hack Space in Tokyo & 函館最速 "予習" 会 / RubyKaigi Hack Space in Tokyo & The Fastest Briefing of RubyKaigi 2026 in Hakodate
Avatar for moznion moznion
1
120
Investigating Multithreaded PostgreSQL
Avatar for Thomas Munro macdice
0
150
AIにコードを生成するコードを作らせて、再現性を担保しよう! / Let AI generate code to ensure reproducibility
Avatar for Yusuke Yamada yamachu
7
6k
CQRS/ESのクラスとシステムフロー ~ RailsでフルスクラッチでCQRSESを組んで みたことから得た学び~
Avatar for suzuki masayuki suzukimar
0
190
CRUD から CQRS へ ~ 分離が可能にする柔軟性
Avatar for Takashi Kawae tkawae
0
220
Cloudflare Realtime と Workers でつくるサーバーレス WebRTC
Avatar for Taiyu Yoshizawa nekoya3
0
220
❄️ tmux-nixの実装を通して学ぶNixOSモジュール
Avatar for Mutsuha Asada momeemt
1
120
漸進。
Avatar for TOMIKAWA Sotaro ssssota
0
900
Perlで痩せる
Avatar for Yuuki Shimizu yuukis
1
640
Blueskyのプラグインを作ってみた
Avatar for Hakkadaikon hakkadaikon
1
260

Featured

See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
29
9.5k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
656
60k
Visualization
Avatar for Eitan Lees eitanlees
146
16k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
Avatar for Eileen M. Uchitelle eileencodes
25
2.8k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
15
880
Side Projects
Avatar for Sacha Greif sachag
454
42k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
188
11k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
245
12k
It's Worth the Effort
Avatar for 3n 3n
184
28k
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
40
7.3k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
34
2.3k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
299
50k

Transcript

  1. ݹయతͳ4UBDL0WFSqPX ͔Β +*5301·Ͱ θϛ !ULNSV

  2. ؔ਺ݺͼग़࣌͠ͷελοΫ w DBMMGVODUJPOOBNF w ΞηϯϒϦͰ͸DBMM໋ྩͰؔ਺͕͋ΔΞυϨεʹඈͿ w ͦͷࡍɺ໭ΓઌͷΞυϨεΛϦλʔϯΞυϨεͱͯ͠
 ελοΫʹஔ͘ w ؔ਺Λ࣮ߦ͠ऴ͑ΔͱSFU໋ྩͰϦλʔϯΞυϨεʹ໭Δ

    w DBMMGVODUJPOOBNFΛ࣮ߦͨ͠ͱ͖ͷ
 ɹɹɹɹɹɹɹɹɹɹɹɹɹελοΫͷ༷ࢠ
 ม਺ ม਺ ϦλʔϯΞυϨε

  3. PWFSqPX͢Δίʔυྫ w ಡΈࠐΈαΠζΛνΣοΫ͠ͳ͍ؔ਺Λ࢖͍ͬͯΔͱ
 PWFSqPXͷݪҼͱͳΔ w FY TUSDQZ HFUT

  4. 4UBDL0WFSqPX w PWFSqPXͤ͞ɺ࣮ߦ͍ͨ͠ίʔυΛελοΫʹॻ͖ࠐΉ w ͦͷࡍɺϦλʔϯΞυϨεΛ࣮ߦ͍ͨ͠ίʔυ͕͋Δ
 ΞυϨεʹॻ͖׵͑Δ w ॻ͖׵͑ΒΕͨΞυϨεʹ͋Δίʔυ͕࣮ߦ͞ΕΔ CVG<> PME&#1

    ϦλʔϯΞυϨε BBBB BBBB BBBB BBBB Y PWFSqPX͢ΔલͷελοΫͷ༷ࢠ PWFSqPXͨ͠ޙͷελοΫͷ༷ࢠ

  5. ରࡦͷҰྫ w $16ͷ/9CJU /PF9FDVUFCJU  w ελοΫʹ࣮ߦͰ͖ͳ͍ྖҬΛ࡞Δ w ࣮૷ྫʣ-JOVY&YFD4IJFMEɺ8JO%&1 w

    PWFSqPXʹΑΓελοΫ্ʹ߈ܸίʔυΛ഑ஔ͞Εͯ΋
 ελοΫ্ͷίʔυ͸࣮ߦͰ͖ͳ͍

  6. 301 w 3FUVSO0SJFOUFE1SPHSBNNJOH w /9CJU༗ޮԼͰ͸TUBDL্ͷίʔυΛ࣮ߦͰ͖ͳ͍ w ͔͠͠ɺ࣮ߦՄೳͳྖҬ FYϥΠϒϥϦ ͸͋Δ w

    ࣮ߦՄೳͳྖҬͷதͰ࢖͑ͦ͏ͳίʔυΛ
 அยతʹݺͼग़͢͜ͱͰ೚ҙͷಈ࡞Λͤ͞Δ͜ͱ͕
 Ͱ͖Δ

  7. w 301Ͱར༻͢Δஅยతͳίʔυͷ͜ͱΛ301HBEHFUͱ ݺͿ w SFU໋ྩ͕ޙΖʹ͍͍ͭͯΔίʔυ w FY QPQSEJSFU w SFU໋ྩΛ࣮ߦ͠Ϧλʔϯ͢ΔஅยతͳίʔυΛ


    ෳ਺ݺͿ͜ͱͰ໨తͷಈ࡞Λୡ੒͢Δ͜ͱ͔Β
 3FUVSO0SJFOUFE1SPHSBNNJOHͱ໊෇͚ΒΕͨ 301

  8. FYQMPJUͷྫ w ϦλʔϯΞυϨεΛҎԼͷॱͰॻ͖׵͑Δ w TZTUFN lCJOTIz Λ࣮ߦ͠γΣϧΛىಈ w QPQSEJSFUͷΞυϨεҾ਺Ληοτ͢Δ w

    ελοΫʹ͸CJOTIͷΞυϨεΛੵΜͰ͓͘ w DBMMTZTUFN ͷΞυϨεTZTUFN ΛݺͿ

  9. 301ͷσϞ

  10. ରࡦͷҰྫ w "4-3 "EESFTT4QBDF-BZPVU3BOEPNJ[BUJPO  w ΞυϨεۭؒ഑ஔΛϥϯμϜʹ͢Δ w ελοΫɺώʔϓɺσʔλྖҬͷΞυϨε͕ϥϯμϜʹ w

    ܾΊଧͪͰΞυϨεΛࢦఆ͢Δ߈ܸΛແޮԽͰ͖Δ

  11. "4-3 -JOVY ͷ໰୊఺ w (05ͷΞυϨε͕ݻఆͷ·· w (05 (MPCBM0⒎TFU5BCMF  w

    γϯϘϧ ؔ਺ ΁ͷϙΠϯλͷ഑ྻ w ؔ਺ͷΞυϨεΛղܾ͢ΔͨΊͷྖҬ

  12. +*5301 w +VTU*O5JNF301 w (05ʹొ࿥͞Ε͍ͯΔؔ਺Λ࢖ͬͯɺ࣮ߦதʹ
 ࣮ߦՄೳྖҬΛಡΈऔΔ w ಡΈऔͬͨྖҬʹ͋Δ301HBEHFUΛ࢖͏ w ΞυϨε͕ϥϯμϜԽ͞Εͨ͋ͱʹಡΈऔΔ͜ͱͰɹ

    "4-3Λճආ

  13. +*5301ͷରࡦ w ͍Ζ͍Ζ࿦จ͕ग़͍ͯΔ͕ɺ࣮ࡍʹ04΍ίϯύΠϥʹ࣮ ૷͞Εͨ΋ͷ͸ݱ࣌఺Ͱ͸ͳ͍ɻ w ࠓޙɺ஫ࢹ͍͖͍ͯͨ͠

  14. ࢀߟจݙ w "OUJ301ࡇΓͩͥʂ64&/*94FDVSJUZ301 3FUVSOPGUIFFEJZV[VIBSBͷ೔ه
 IUUQZV[VIBSBIBUFOBCMPHKQFOUSZ  w +*5301؇࿨ख๏)FJTFOCZUFʹ͍ͭͯ·ͱΊͯΈΔ΋ ΋͍ΖςΫϊϩδʔIUUQJOB[IBUFOBCMPHDPN FOUSZ