Hi๐Ÿ‘‹๐Ÿผ Iโ€™m HAHWUL.

Offensive Security Engineer, Rubyist/Crystalist/Gopher and H4cker

Posts - Page 39 of 86

Run other application in ZAP ๐ŸŽฏ

  • 2 min read

ZAP has one interesting feature. It is a function that can use external applications. This makes it easier and more powerful for security testing to work with external tools. Todayโ€™s post is how to use the Apply bridge(?) in ZAP.

Read More

OAuth ๊ณผ์ •์—์„œ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ๋Š” ์žฌ๋ฏธ์žˆ๋Š” ์ธ์ฆํ† ํฐ ํƒˆ์ทจ ์ทจ์•ฝ์ (Chained Bugs to Leak Oauth Token) Review

  • 1 min read

์˜ค๋Š˜ OAuth ๊ด€๋ จ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ์žฌ๋ฏธ์žˆ๋Š”๊ฑด์„ ๋ด์„œ ํฌ์ŠคํŒ…์œผ๋กœ ํ’€์–ด๋ด…๋‹ˆ๋‹ค. ๊ฐ„๋‹จํžˆ ์š”์•ฝํ•˜๋ฉด ์šฐ๋ฒ„์™€ ํŽ˜๋ถ OAuth ๊ณผ์ • ์ค‘ ๋ฌธ์ œ๊ฐ€ ์žˆ์–ด์„œ ์‚ฌ์šฉ์ž ์ธ์ฆ์ •๋ณด๋ฅผ ๊ณต๊ฒฉ์ž์—๊ฒŒ ํƒˆ์ทจํ•  ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์ด์˜€๊ณ  ๋ฆฌํฌํŒ…ํ•œ @ngalog ๋Š” $7,500๋‚˜ ๋ฐ›์•˜๋‹ค๊ณ  ํ•˜์ฃ .

Read More

XSS Payload without Anything

  • 1 min read

What is XSS Payload without Anything?

When I work for a company or bug bounty, the unexpected hurdle is a protection(xss filter) of special char in the JS(Javascript) area. So I am devising a way to easily solve these problems, and one of the processes is this document.

Read More

GraphQLmap - testing graphql endpoint for pentesting & bugbounty

  • 3 min read

๋ฐค์— ํŠธ์œ—๋ณด๋‹ค๋ณด๋‹ˆ swissky๊ฐ€ ํˆด ํ•˜๋‚˜๋ฅผ ๋งŒ๋“ค์–ด์„œ ๋ฐฐํฌํ–ˆ๋”๊ตฐ์š”. ์‹ฌ์ง€์–ด GraphQL ๊ด€๋ จ ์ž๋™ํ™”๋„๊ตฌ๋ผ ๋ฐ”๋กœ ๋Œ€์ถฉ ์ •๋ฆฌํ•ด์„œ ํฌ์ŠคํŒ…ํ•ด๋ด…๋‹ˆ๋‹ค. GraphQLmap ์ž…๋‹ˆ๋‹ค.

Read More

Ruby on Rails Double-Tap ์ทจ์•ฝ์ (CVE-2019-5418, CVE-2019-5420)

  • 4 min read

๊ฐ„๋งŒ์— ์ทจ์•ฝ์  ๋ฆฌ๋ทฐํ•ด๋ด…๋‹ˆ๋‹ค. ์˜ฌ ๋ด„์— ์ •๋ฆฌํ•œ๋ฒˆํ•˜๊ณ  ์ตœ๊ทผ์— ์ถ”๊ฐ€๋กœ ์ •๋ฆฌํ–ˆ๋˜๊ฑฐ๋ผ ๋จธ๋ฆฌ์†์—์„œ ๋‚ ์•„๊ฐ€๊ธฐ ์ „์— ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๋‚จ๊ฒจ๋ณด์•„์š”. ์šฐ์„  ์˜ฌ ํ•ด 3์›” ์ •๋„์— ๋ ˆ์ผ์ฆˆ ๊ด€๋ จ ์ทจ์•ฝ์ ์ด 3๊ฐœ์ •๋„ ์˜ฌ๋ผ์™”์—ˆ์Šต๋‹ˆ๋‹ค. CVE-2019-5418 ~ 5420 ์ด์Šˆ์ธ๋ฐ, ๊ฒฐ๊ณผ์ ์œผ๋ก  Rails์—์„œ ์‹œ์Šคํ…œ ํŒŒ์ผ์„ ์ฝ๊ณ , ๋ช…๋ น ์‹คํ–‰๊นŒ์ง€ ๊ฐ€๋Šฅํ•œ 3๊ฐ€์ง€์˜€์Šต๋‹ˆ๋‹ค.

Read More

Finding in-page scripts & map files with javascript (very simple..)

  • ~1 min read

๋ณ„ ์ฝ”๋“œ๋Š” ์•„๋‹ˆ์ง€๋งŒ ๋งŒ๋“ค์–ด ๋†“๊ณ  ์“ฐ๋ฉด ํŽธํ•˜๋‹ˆ.. ํŽ˜์ด์ง€์— ์žˆ๋Š” ์™ธ๋ถ€ ์Šคํฌ๋ฆฝํŠธ ๋งํฌ์™€ map ํŒŒ์ผ ๋งํฌ ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. (map์€ ๊ทธ๋ƒฅ ๋ฌด์กฐ๊ฑด ๋‚˜ํƒ€๋‚˜๊ฒŒ..)

Read More

Tap n Ghost Attack(ํƒญ ์•ค ๊ณ ์ŠคํŠธ) - ์ƒˆ๋กœ์šด ๋ฌผ๋ฆฌ์ (?) ํ•ดํ‚น ๊ณต๊ฒฉ ๋ฒกํ„ฐ

  • 1 min read

์ง€๋‚œ์ฃผ์ธ๊ฐ€ ์ง€์ง€๋‚œ์ฃผ์ธ๊ฐ€ ์ด ๋‚ด์šฉ์„ ๋ณด๊ณ  ์•„์ฃผ์•„์ฃผ์•„์ฃผ์•„์ฃผ ๋Œ€์ถฉ ์ดˆ์•ˆ์„ ์จ๋†จ์—ˆ๋Š”๋ฐ, ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ํฌ์ŠคํŒ…ํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ๋ฌผ๋ฆฌ์ ์ธ ํ•ดํ‚น ๊ธฐ๋ฒ•์˜ ์ƒˆ๋กœ์šด ๊ณต๊ฒฉ ๋ฒกํ„ฐ์ธ ํƒญ ์•ค ๊ณ ์ŠคํŠธ(Tap n Ghost) ๊ณต๊ฒฉ์— ๋Œ€ํ•ด ์•Œ์•„๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Read More

ZAP 2.8 Review โšก๏ธ

  • 1 min read

๋“œ๋””์–ด, ์ •๋ง ๋“œ๋””์–ด ZAP 2.8์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Read More