{"height":"190","author_url":"https://blog.hatena.ne.jp/xrekkusu/","url":"https://xrekkusu.hatenablog.jp/entry/2014/06/23/140659","categories":["CTF"],"type":"rich","blog_url":"https://xrekkusu.hatenablog.jp/","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fxrekkusu.hatenablog.jp%2Fentry%2F2014%2F06%2F23%2F140659\" title=\"SecurityCamp 2014 Web security Write-up - \u30d0\u30e9\u30f3\u30b9\u3092\u53d6\u308a\u305f\u3044\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","author_name":"xrekkusu","provider_url":"https://hatena.blog","published":"2014-06-23 14:06:59","title":"SecurityCamp 2014 Web security Write-up","blog_title":"\u30d0\u30e9\u30f3\u30b9\u3092\u53d6\u308a\u305f\u3044","image_url":null,"version":"1.0","provider_name":"Hatena Blog","width":"100%","description":"\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u554f\u984c\u306f\u304b\u306a\u308aWrite-up\u304c\u4e0a\u304c\u3063\u3066\u3044\u308b\u306e\u306bWeb\u306f\u305d\u3093\u306a\u306b\u898b\u306a\u3044\u306a\u3068\u601d\u3063\u305f\u306e\u3067\u89e3\u3044\u3066\u307f\u307e\u3057\u305f\u3002 \u307e\u305a\u306f\u5fdc\u52df\u7528\u7d19\u3092\u898b\u3066\u307f\u307e\u3057\u3087\u3046\u3002 http://www.ipa.go.jp/files/000038877.txt 5. \u4ee5\u4e0b\u306eJavaScript\u306e\u30b3\u30fc\u30c9\u65ad\u7247\u306f\u3001\u3068\u3042\u308bWeb\u30b5\u30a4\u30c8\u3067\u5229\u7528\u3055\u308c\u3066\u3044\u305f\u3082\u306e\u3067\u3059\u3002 \u3053\u308c\u3092\u898b\u3066\u6c17\u4ed8\u3044\u305f\u70b9\u306b\u3064\u3044\u3066\u3001\u81ea\u7531\u306b\u66f8\u3044\u3066\u304f\u3060\u3055\u3044\u3002 function getRedirectPageUrl(){ var url = location.hash.substring(1); try{ if( url.length === 0 ) return \"\u2026"}