Hi๐Ÿ‘‹๐Ÿผ Iโ€™m HAHWUL.

Offensive Security Engineer, Rubyist/Crystalist/Gopher and H4cker

Posts - Page 24 of 86

[Learn ML #1] ์ด์ œ๋ถ€ํ„ฐ ๋จธ์‹ ๋Ÿฌ๋‹(Machine Learning)๋„ ๊ณต๋ถ€ํ•ฉ๋‹ˆ๋‹ค ๐Ÿ˜

  • 1 min read

์ตœ๊ทผ์— ๋จธ์‹ ๋Ÿฌ๋‹ ๊ณต๋ถ€๋ฅผ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ๋ญ ๊นŠ๊ฒŒ ๊ณต๋ถ€ํ•˜๊ธฐ์—๋Š” ์ œ ์ฃผ๋ ฅ์ธ ๋ณด์•ˆ๊ณผ ๋„๋ฉ”์ธ๋„ ์›Œ๋‚™ ๋‹ค๋ฅด๊ณ , ๊ฐœ๋ฐœ์ ์ธ ํ…Œํฌ๋‹‰ ์ด์™ธ์—๋„ ์ˆ˜ํ•™/ํ†ต๊ณ„ํ•™์ ์ธ ๋ถ€๋ถ„์ด ๋งŽ์ด ํ•„์š”ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์ž˜ ํ•  ์ˆ˜ ์žˆ์„๊ฑฐ๋ž€ ํ™•์‹ ์€ ๋“ค์ง€ ์•Š๋„ค์š”.

Read More

RCE with exposed k8s api

  • 1 min read

ํœด๊ฐ€์ค‘์ด๋ผ ํ”ผ๋“œ๋‚˜ ํŠธ์œ—๋“ฑ์„ ์ž์ฃผ ๋ณด์ง„ ๋ชปํ•˜์ง€๋งŒ k8s RCE ๊ด€๋ จํ•˜์—ฌ ๊ธ€์ด ์žˆ์–ด์„œ ๊ฐ€๋ณ๊ฒŒ ์‚ดํŽด๋ณด๊ณ  ํฌ์ŠคํŒ…ํ•ด๋ด…๋‹ˆ๋‹ค.

Read More

[Cullinan #6] Add reverse tabnabbing

  • ~1 min read

Reverse Tabnabbing ๊ด€๋ จํ•ด์„œ ๊ธฐ์กด์—๋Š” phoenix์— ํ…Œ์ŠคํŠธ์šฉ ํŽ˜์ด์ง€๋งŒ ๋งŒ๋“ค์–ด๋‘๊ณ  ์ผ์—ˆ๋Š”๋ฐ ๋‚ด์šฉ ์ •๋ฆฌ์ข€ ํ• ๊ฒธ cullinan์— ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

Read More

OpenData for bug-bounty

  • ~1 min read

์ตœ๊ทผ์— ๊ฐœ์ธ resources ํŽ˜์ด์ง€๋ฅผ ๋ฆฌ๋‰ด์–ผ ํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด์—๋Š” ๊ทธ๋ƒฅ ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” ์˜จ๋ผ์ธ ๋„๊ตฌ๋“ค์˜ ๋งํฌ ์ •๋„๋งŒ ์žˆ์—ˆ๋Š”๋ฐ, ํ…Œ์ŠคํŒ… / ์›Œ๋“œ๋ฆฌ์ŠคํŠธ / ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ๋„๋ฉ”์ธ ๋“ฑ ๊ด€๋ จํ•ด์„œ ์ฃผ๊ธฐ์ ์œผ๋กœ ํŒŒ์ผ์„ ์ƒ์„ฑํ•˜์—ฌ ๊ณต๊ฐœํ•˜๋ ค๊ณ (์–ด์ฐจํ”ผ ๊ฑฐ์˜ ์ €๋งŒ ์“ฐ๊ธด ํ•˜๊ฒ ์ง€๋งŒ..) ๊ฐ„๋‹จํ•˜๊ฒŒ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

Read More

ZAP context based scanning

  • 1 min read

ZAP์—์„œ์˜ quickscan์ด๋‚˜ spider, active scan ๋“ฑ์„ ๊ธฐ๋ณธ์ ์œผ๋กœ ๋‹ค์ค‘ URL์„ ์ง€์›ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์˜ˆ์ „์— ์•„๋ž˜ ํฌ์ŠคํŠธ์™€ ๊ฐ™์€ ๋ฐฉ๋ฒ•์œผ๋กœ API๋ฅผ ์ด์šฉํ•œ ๋ฐฉ๋ฒ•, ๊ทธ๋ฆฌ๊ณ  ๋ณ„๋„์˜ ๋„๊ตฌ๋ฅผ ๋งŒ๋“ค์–ด์„œ ์Šค์บ”ํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ์‚ฌ์šฉํ•˜๊ณค ํ–ˆ์Šต๋‹ˆ๋‹ค.

Read More

[Phoenix #4] Fixed bug in session entropy page

  • ~1 min read

Problem

Session entropy ๊ณ„์‚ฐ ์‹œ ํŠน์ˆ˜๋ฌธ์ž๊ฐ€ ๋ฐ˜์˜๋˜์ง€ ์•Š๋Š” ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ƒฅ ์ž๋™์œผ๋กœ ๊ณ„์‚ฐํ•˜๊ธฐ ๊ท€์ฐฎ์•„์„œ Session type ๋“œ๋กญ๋ฐ•์Šค์— Ascii๋กœ ์„ ํƒ ์‹œ ๋ฐ˜์˜๋˜๋„๋ก ์ถ”๊ฐ€ํ–ˆ์—ˆ๋Š”๋ฐ, ํฌ๊ฒŒ ํšจ์šฉ์„ฑ์ด ์—†๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”..

Read More

well-known ๋””๋ ‰ํ† ๋ฆฌ์™€ securty.txt ๊ทธ๋ฆฌ๊ณ  humans.txt

  • 1 min read

๊ฐ„ํ˜น ์›น ํŽ˜์ด์ง€๋ฅผ ๋“ค์—ฌ๋‹ค๋ณด๋ฉด .well-known ๋””๋ ‰ํ† ๋ฆฌ๋ฅผ ๋งŒ๋‚˜๊ฒŒ๋ฉ๋‹ˆ๋‹ค. ์ œ ์‚ฌ์ดํŠธ๋„ ์˜ฌ 1์›”์— security.txt๋ฅผ ์ถ”๊ฐ€ํ–ˆ์—ˆ๋Š”๋ฐ, ๊ทธ ๋• ๋‹จ์ˆœํžˆ ๋ณด์•ˆ ์ทจ์•ฝ์ ์ด๋‚˜ ์ด์Šˆ์— ๋Œ€ํ•œ ์ œ๋ณด๋ฅผ ์œ„ํ•ด์„œ ๋งŒ๋“ค์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ด .well-known ๋””๋ ‰ํ† ๋ฆฌ์˜ ์˜๋ฏธ์™€ ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉ๋˜๋Š”์ง€ ์กฐ๊ธˆ๋” ์‚ดํŽด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Read More

How to set ZAP active scan input vector in daemon mode

  • 1 min read

What is ZAP Active Scan Input Vector?

Active Scan Input Vector๋Š” ZAP์—์„œ Active Scan ์‹œ Injection ์˜์—ญ์„ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ํŠน์ • Injection ์ทจ์•ฝ์ ์„ ์˜๋ฏธํ•˜๋Š” ๊ฑด ์•„๋‹ˆ๊ณ  ์ ๊ฒ€ํ•  ๋ถ€๋ถ„์ด๋ผ๊ณ  ๋ณด์‹œ๋Š”๊ฒŒ ๋” ์ ํ•ฉํ•ฉ๋‹ˆ๋‹ค. ZAP์˜ ๊ธฐ๋ณธ๊ฐ’์€ URL + POST๋กœ ๊ธฐ๋ณธ์ ์œผ๋กœ URI/Param ๋“ฑ์— ๋Œ€ํ•ด์„œ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜์ง€๋งŒ ์ฟ ํ‚ค๋‚˜ ํ—ค๋”๋“ฑ์—๋Š” ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค. (์‹œ๊ฐ„์ด ์˜ค๋ž˜๊ฑธ๋ ค์„œ, ์ด๋Š” ZAP์ด CICD์— ๋งŽ์ด ๋“ค์–ด๊ฐ€๊ธฐ ๋•Œ๋ฌธ)

Read More

[Phoenix #3] Update session entropy page

  • ~1 min read

Change note

  • ์†Œ์ˆซ์  3์ž๋ฆฌ ๊นŒ์ง€ ์ž˜๋ ค์„œ Entropy ํ‘œํ˜„ํ•˜๋„๋ก ์ˆ˜์ •
  • ์ผ๋ถ€ ๋ฌธ๊ตฌ ์ˆ˜์ • ๋ฐ table ๋“ฑ ๊ฐ„๊ฒฉ ์ˆ˜์ •
  • Case , Length ๋“ฑ์„ ์‰ฝ๊ฒŒ ์ˆ˜์ •ํ•  ์ˆ˜ ์žˆ๋„๋ก ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ ๋ณ€๊ฒฝ(๋‹จ์ผ Element์—๋งŒ ์ ์šฉ๋˜๋„๋ก)

Read More

Make and change default scan policy in ZAP cli interface

  • 1 min read

ZAP Scan Policy

ZAP์€ Passive/Active Scan์— ๋Œ€ํ•œ ์ •์ฑ…์„ ์ปค์Šคํ…€ํ•˜๊ฒŒ ๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ๋„๋ก ์ œ๊ณตํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” ๋‹จ์ˆœํžˆ ํ•ด๋‹น ์Šค์บ” ๋ชจ๋“ˆ์˜ ์‚ฌ์šฉ ์—ฌ๋ถ€ ๋ฟ๋งŒ ์•„๋‹ˆ๋ผ Risk level๋„ ์กฐ์ •ํ•  ์ˆ˜ ์žˆ์–ด ์Šค์บ๋„ˆ๋กœ ํ™œ์šฉํ•˜๊ธฐ์—๋„ ์ข‹์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ์ธ์ง€ DevSecOps๋ฅผ ๊ตฌ์ถ•ํ•  ๋•Œ ZAP์€ ์ž์ฃผ ๊ฑฐ๋ก ๋˜๋Š” DAST ์Šค์บ๋„ˆ์ด๊ธฐ๋„ ํ•˜์ฃ .

Read More