CODE BLUE 2014 : バグハンターの愉しみ by キヌガワマサト Masato Kinugawa
51
バグハンター の愉しみ Masato Kinugawa たの
Transcript of CODE BLUE 2014 : バグハンターの愉しみ by キヌガワマサト Masato Kinugawa
- 1. MasatoKinugawa
- 2. MasatoKinugawa () XSS
- 3. BountyProgram
- 4. BugBounty
- 5. 27135346
- 6. 27135346 (8)
- 7. !2010Google !
- 8. !GoogleVulnerabilityRewardProgram !1=$100~20,000 $130,803.7 127(/191)
- 9. UPUP!$
- 10.
- 11. ! ! ! !
- 12. !Google !$5,000()
- 13. https://accounts.google.com/example?oe=utf-32 HTTP/1.1200OK Alternate-Protocol:443:quic,p=0.01 Cache-Control:private,max-age=0 Content-Encoding:gzip Content-Type:text/html;charset=UTF-32 ... !URL !UTF-32
- 14. scriptalert(1)/script
- 15.
- 16. 0000220000003E0000003C00 000000730000006300000072 000000690000007000000074 00003E00000000610000006C 000000650000007200000074 000000280000003100000029 00003C000000002F00000073 000000630000007200000069 000000700000007400003E00 s c r i p t a l e r t ( 1 ) / s c r i p t UTF-3241
- 17. IEUTF-32 0000220000003E0000003C00 000000730000006300000072 000000690000007000000074 00003E00000000610000006C 000000650000007200000074 000000280000003100000029 00003C000000002F00000073 000000630000007200000069 000000700000007400003E00 s c r i p t a l e r t ( 1 ) / s c r i p t
- 18. http://l0.cm/encodings/table/
- 19. IE( s c r i p t > a l e r t ( 1 ) / s c r i p t >
- 20. / 1 1 1 1 1 11 11 11 1 1 11 11 11 111 11 11 11 1 1 11 1 1 1 1 1
- 21. !28.7% !87%IE
- 22. ! !IE Web
- 23. location.hrefJavaScript URL1 http://example.com/ http://example.com/ location.href
- 24. http://evil%[email protected]/ location.href http://evil/@example.com/ @URL URL
- 25. location.href @
- 26. http://evil%[email protected]/
- 27. ! !RSSfeed://URL !URL@ ! XSS(^o^)/
- 28. feed://URL (=)
- 29. XSS XSS
- 30.
- 31. feed://l0.cm%2Fcb.rss%[email protected]/
- 32. feed://l0.cm%2Fcb.rss%[email protected]/ alert('CODEBLUE2n'+ document.domain+'')
- 33. !/ ! http://masatokinugawa.l0.cm/
- 34. ! ! !XSS6
- 35. ! 22009 ! !XSS6 2009
- 36. 2009 2010
- 37. : Google
- 38. ! !
- 39. ! ! ! ! !
- 40. 1
- 41. ()
- 42.
- 43. @kinugawamasato masatokinugawa[at]gmail.com Contact
![Masato Yamanaka (Saitama University) collaborators Shigeki Matsumoto Joe Sato Masato Senami arXiv:0705.0934 [hep-ph]Phys.Lett.B647:466-471 and Relic abundance.](https://static.fdocument.pub/doc/165x107/56649ee45503460f94bf351a/masato-yamanaka-saitama-university-collaborators-shigeki-matsumoto-joe-sato.jpg)
