Upgrade to Pro — share decks privately, control downloads, hide ads and more …

古典的なStack Overflow から JIT-ROPまで

Avatar for @tkmru @tkmru
December 15, 2016
Programming
1
350

古典的なStack Overflow から JIT-ROPまで

ゼミにて
Avatar for @tkmru

@tkmru

December 15, 2016
Tweet

More Decks by @tkmru

See All by @tkmru
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
Avatar for @tkmru tkmru
2
1.4k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
Avatar for @tkmru tkmru
0
330
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
Avatar for @tkmru tkmru
0
170
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
Avatar for @tkmru tkmru
0
5.4k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
Avatar for @tkmru tkmru
1
4.5k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
Avatar for @tkmru tkmru
3
890
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
Avatar for @tkmru tkmru
0
200
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
Avatar for @tkmru tkmru
0
4.2k
めんどうくさいゲームセキュリティ
Avatar for @tkmru tkmru
20
11k

Other Decks in Programming

See All in Programming
赤裸々に公開。 TSKaigiのオフシーズン
Avatar for Yoshiteru Takeshita takezoux2
0
130
Elixir で IoT 開発、 Nerves なら簡単にできる!?
Avatar for pojiro pojiro
1
150
エラーって何種類あるの?
Avatar for Takuma Kajikawa kajitack
5
160
無関心の谷
Avatar for kanayannet kanayannet
0
180
今ならAmazon ECSのサービス間通信をどう選ぶか / Selection of ECS Interservice Communication 2025
Avatar for Tetsuya Kikuchi tkikuc
3
710
deno-redisの紹介とJSRパッケージの運用について (toranoana.deno #21)
Avatar for uki00a uki00a
0
100
既存デザインを変更せずにタップ領域を広げる方法
Avatar for Tiphaine tahia910
1
230
Javaに鉄道指向プログラミング (Railway Oriented Pro gramming) のエッセンスを取り入れる/Bringing the Essence of Railway-Oriented Programming to Java
Avatar for takumi.okamoto cocet33000
2
580
從零到一:搭建你的第一個 Observability 平台
Avatar for Blueswen blueswen
1
950
Webからモバイルへ Vue.js × Capacitor 活用事例
Avatar for Naoki Haba naokihaba
0
710
Cursor AI Agentと伴走する アプリケーションの高速リプレイス
Avatar for どすこい daisuketakeda
1
120
A2A プロトコルを試してみる
Avatar for azukiazusa azukiazusa1
2
560

Featured

See All Featured
KATA
Avatar for Megan Lloyd mclloyd
29
14k
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
77
5.8k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
329
24k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
200k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
329
21k
Building an army of robots
Avatar for Kyle Neath kneath
306
45k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
206
24k
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
63
7.8k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
159
23k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
8
660
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.4k
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
55
5.6k

Transcript

  1. ݹయతͳ4UBDL0WFSqPX ͔Β +*5301·Ͱ θϛ !ULNSV

  2. ؔ਺ݺͼग़࣌͠ͷελοΫ w DBMMGVODUJPOOBNF w ΞηϯϒϦͰ͸DBMM໋ྩͰؔ਺͕͋ΔΞυϨεʹඈͿ w ͦͷࡍɺ໭ΓઌͷΞυϨεΛϦλʔϯΞυϨεͱͯ͠
 ελοΫʹஔ͘ w ؔ਺Λ࣮ߦ͠ऴ͑ΔͱSFU໋ྩͰϦλʔϯΞυϨεʹ໭Δ

    w DBMMGVODUJPOOBNFΛ࣮ߦͨ͠ͱ͖ͷ
 ɹɹɹɹɹɹɹɹɹɹɹɹɹελοΫͷ༷ࢠ
 ม਺ ม਺ ϦλʔϯΞυϨε

  3. PWFSqPX͢Δίʔυྫ w ಡΈࠐΈαΠζΛνΣοΫ͠ͳ͍ؔ਺Λ࢖͍ͬͯΔͱ
 PWFSqPXͷݪҼͱͳΔ w FY TUSDQZ HFUT

  4. 4UBDL0WFSqPX w PWFSqPXͤ͞ɺ࣮ߦ͍ͨ͠ίʔυΛελοΫʹॻ͖ࠐΉ w ͦͷࡍɺϦλʔϯΞυϨεΛ࣮ߦ͍ͨ͠ίʔυ͕͋Δ
 ΞυϨεʹॻ͖׵͑Δ w ॻ͖׵͑ΒΕͨΞυϨεʹ͋Δίʔυ͕࣮ߦ͞ΕΔ CVG<> PME&#1

    ϦλʔϯΞυϨε BBBB BBBB BBBB BBBB Y PWFSqPX͢ΔલͷελοΫͷ༷ࢠ PWFSqPXͨ͠ޙͷελοΫͷ༷ࢠ

  5. ରࡦͷҰྫ w $16ͷ/9CJU /PF9FDVUFCJU  w ελοΫʹ࣮ߦͰ͖ͳ͍ྖҬΛ࡞Δ w ࣮૷ྫʣ-JOVY&YFD4IJFMEɺ8JO%&1 w

    PWFSqPXʹΑΓελοΫ্ʹ߈ܸίʔυΛ഑ஔ͞Εͯ΋
 ελοΫ্ͷίʔυ͸࣮ߦͰ͖ͳ͍

  6. 301 w 3FUVSO0SJFOUFE1SPHSBNNJOH w /9CJU༗ޮԼͰ͸TUBDL্ͷίʔυΛ࣮ߦͰ͖ͳ͍ w ͔͠͠ɺ࣮ߦՄೳͳྖҬ FYϥΠϒϥϦ ͸͋Δ w

    ࣮ߦՄೳͳྖҬͷதͰ࢖͑ͦ͏ͳίʔυΛ
 அยతʹݺͼग़͢͜ͱͰ೚ҙͷಈ࡞Λͤ͞Δ͜ͱ͕
 Ͱ͖Δ

  7. w 301Ͱར༻͢Δஅยతͳίʔυͷ͜ͱΛ301HBEHFUͱ ݺͿ w SFU໋ྩ͕ޙΖʹ͍͍ͭͯΔίʔυ w FY QPQSEJSFU w SFU໋ྩΛ࣮ߦ͠Ϧλʔϯ͢ΔஅยతͳίʔυΛ


    ෳ਺ݺͿ͜ͱͰ໨తͷಈ࡞Λୡ੒͢Δ͜ͱ͔Β
 3FUVSO0SJFOUFE1SPHSBNNJOHͱ໊෇͚ΒΕͨ 301

  8. FYQMPJUͷྫ w ϦλʔϯΞυϨεΛҎԼͷॱͰॻ͖׵͑Δ w TZTUFN lCJOTIz Λ࣮ߦ͠γΣϧΛىಈ w QPQSEJSFUͷΞυϨεҾ਺Ληοτ͢Δ w

    ελοΫʹ͸CJOTIͷΞυϨεΛੵΜͰ͓͘ w DBMMTZTUFN ͷΞυϨεTZTUFN ΛݺͿ

  9. 301ͷσϞ

  10. ରࡦͷҰྫ w "4-3 "EESFTT4QBDF-BZPVU3BOEPNJ[BUJPO  w ΞυϨεۭؒ഑ஔΛϥϯμϜʹ͢Δ w ελοΫɺώʔϓɺσʔλྖҬͷΞυϨε͕ϥϯμϜʹ w

    ܾΊଧͪͰΞυϨεΛࢦఆ͢Δ߈ܸΛແޮԽͰ͖Δ

  11. "4-3 -JOVY ͷ໰୊఺ w (05ͷΞυϨε͕ݻఆͷ·· w (05 (MPCBM0⒎TFU5BCMF  w

    γϯϘϧ ؔ਺ ΁ͷϙΠϯλͷ഑ྻ w ؔ਺ͷΞυϨεΛղܾ͢ΔͨΊͷྖҬ

  12. +*5301 w +VTU*O5JNF301 w (05ʹొ࿥͞Ε͍ͯΔؔ਺Λ࢖ͬͯɺ࣮ߦதʹ
 ࣮ߦՄೳྖҬΛಡΈऔΔ w ಡΈऔͬͨྖҬʹ͋Δ301HBEHFUΛ࢖͏ w ΞυϨε͕ϥϯμϜԽ͞Εͨ͋ͱʹಡΈऔΔ͜ͱͰɹ

    "4-3Λճආ

  13. +*5301ͷରࡦ w ͍Ζ͍Ζ࿦จ͕ग़͍ͯΔ͕ɺ࣮ࡍʹ04΍ίϯύΠϥʹ࣮ ૷͞Εͨ΋ͷ͸ݱ࣌఺Ͱ͸ͳ͍ɻ w ࠓޙɺ஫ࢹ͍͖͍ͯͨ͠

  14. ࢀߟจݙ w "OUJ301ࡇΓͩͥʂ64&/*94FDVSJUZ301 3FUVSOPGUIFFEJZV[VIBSBͷ೔ه
 IUUQZV[VIBSBIBUFOBCMPHKQFOUSZ  w +*5301؇࿨ख๏)FJTFOCZUFʹ͍ͭͯ·ͱΊͯΈΔ΋ ΋͍ΖςΫϊϩδʔIUUQJOB[IBUFOBCMPHDPN FOUSZ