Hi๐Ÿ‘‹๐Ÿผ Iโ€™m HAHWUL.

Offensive Security Engineer, Rubyist/Crystalist/Gopher and H4cker

Posts - Page 6 of 86

Ruby Concurrency

  • 2 min read

๋งค๋ฒˆ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์„ ๋งŒ๋“ค ๋•Œ๋ฉด ๋™์‹œ์„ฑ์— ๋Œ€ํ•œ ๊ณ ๋ฏผ์„ ํ•˜์ง€ ์•Š์„ ์ˆ˜๊ฐ€ ์—†์Šต๋‹ˆ๋‹ค. ๊ธฐ๋Šฅ์ ์ธ ๊ตฌํ˜„์— ์ง์ ‘ ํ•„์š”ํ•œ ๊ฒฝ์šฐ๋„ ์žˆ๊ณ  ํผํฌ๋จผ์Šค๋ฅผ ๊ฒฐ์ • ์ง€์„ ์ˆ˜ ์žˆ๋Š” ์š”์†Œ์ด๊ธฐ ๋•Œ๋ฌธ์— ์ค‘์š”ํ•˜๋‹ค๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

Read More

[Cullinan #41] GraphQL, Rails and Jekyll

  • ~1 min read

Cullinan ๋กœ๊ทธ #41์ž…๋‹ˆ๋‹ค. ์•ฝ ๋‘๋‹ฌ๋งŒ์— ์˜ฌ๋ฆฌ๋Š” ๋‚ด์šฉ ์น˜๊ณ ๋Š” ๋ณ€๊ฒฝ ์‚ฌํ•ญ์ด ๋งŽ์ง€๋Š” ์•Š์•˜์Šต๋‹ˆ๋‹ค. 4๊ฐœ์˜ ์‹ ๊ทœ ํ•ญ๋ชฉ ์ถ”๊ฐ€๊ฐ€ ์žˆ์—ˆ๊ณ , smuggling ๋“ฑ ์ผ๋ถ€ ๋‚ด์šฉ์„ ์ถ”๊ฐ€ ๋ณด๊ฐ•ํ–ˆ์Šต๋‹ˆ๋‹ค.

Read More

Param Digger! Easy param mining via ZAP

  • 1 min read

์˜ฌํ•ด ZAP์˜ GSoC ํ”„๋กœ์ ํŠธ๋Š” Param Mining์„ ํ•˜๋Š” AddOn์ด ์„ ์ • ๋˜์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค. BurpSuite์˜ Param Miner๋ฅผ ๋ชจํ‹ฐ๋ธŒ๋กœ ์‰ฝ๊ฒŒ Miningํ•˜๋Š” ๊ฒƒ์ด ๋ชฉํ‘œ๊ฐ€ ๋˜์—ˆ๊ธฐ์—, Scripting๊ณผ Fuzzing์œผ๋กœ๋งŒ Param Mining์„ ์ œ ์ž…์žฅ์—์„  ๋งค์šฐ ๋ฐ˜๊ฐ€์šด ์†Œ์‹์ด์˜€์—ˆ์ฃ .

Read More

Jekyll Collection ๋‹ค๋ฃจ๊ธฐ

  • 1 min read

์ตœ๊ทผ์— Jekyll๋กœ ๋‹ค์‹œ ์ด์‚ฌ ํ›„ ๋ช‡๊ฐ€์ง€ ๊ธฐ๋Šฅ๋“ค์„ ๊ฐœ๋ฐœํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ํ•˜๋‚˜๋ฅผ ํ•ด๊ฒฐํ•˜๊ธฐ ์œ„ํ•ด์„  ํŠน์ • type์˜ ํŽ˜์ด์ง€๋“ค์„ ๋ชจ์•„์„œ json์œผ๋กœ ๋งŒ๋“ค์–ด์ฃผ๋Š” ๊ณผ์ •์ด ํ•„์š”ํ•œ๋ฐ, Jekyll์˜ Collection ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด์„œ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐํ–ˆ์Šต๋‹ˆ๋‹ค.

Read More

Hugo to Jekyll

  • 1 min read

์ •๋ง ์„ค๋งˆ์„ค๋งˆ ํ–ˆ์Šต๋‹ˆ๋‹ค. ์•„๋‹ˆ ์ด๋Ÿฐ ์ผ์€ ์—†์„๊ฑฐ๋ผ๊ณ  ์žฅ๋‹ดํ–ˆ์Šต๋‹ˆ๋‹ค. ์ž‘๋…„์— Jekyll์—์„œ Hugo๋กœ ์ „ํ™˜ํ•œ์ง€ ๋”ฑ 1๋…„๋งŒ์— ๋งˆ์Œ์ด ๋ฐ”๋€Œ์—ˆ์Šต๋‹ˆ๋‹ค. ๋‹ค์‹œ Jekyll๋กœ ๋Œ์•„๊ฐ‘๋‹ˆ๋‹ค.

Read More

Hex? Imhex and Hexyl

  • 1 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ์–ด๋–ค Hex editor/viewer๋ฅผ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” Linux๋ฅผ ๋ฉ”์ธ์œผ๋กœ ์‚ฌ์šฉํ•  ๋–ˆ Ghex์™€ hexdump, macOS์—์„  hexyl์™€ vim(+plug)์„ ์ฃผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ํฌ๋กœ์Šค ํ”Œ๋žซํผ์„ ์ง€์›ํ•˜๋Š” ์—„์ฒญ๋‚œ Hex Editor์ธ ImHex์— ๋Œ€ํ•ด ์†Œ๊ฐœํ•ด๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ์ €๋„ ์ด์ œ๋Š” ImHex์™€ hexyl ์กฐํ•ฉ์œผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค :D

Read More

Docker์™€ Dumb-Init

  • 2 min read

์˜ค๋Š˜์€ ๋„์ปค์—์„œ ์•ˆ์ •์ ์ธ ๊ตฌ๋™์„ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๋Š” dumb-init๊ณผ pid1 ๊ทธ๋ฆฌ๊ณ  init ์‹œ์Šคํ…œ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Read More

ZAPโšก๏ธ Replacer VS Sender Script

  • 2 min read

ZAP์—์„œ ๋ชจ๋“  ์š”์ฒญ์— ์ƒˆ๋กœ์šด ํ—ค๋”๋‚˜ ๋ฐ์ดํ„ฐ๋ฅผ ์ถ”๊ฐ€ํ•˜๋ ค๋ฉด ์–ด๋–ป๊ฒŒ ํ•ด์•ผํ• ๊นŒ์š”? ๋ณดํ†ต์€ Replacer ๋ผ๋Š” ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด์„œ ๊ฐ’์„ ๋ณ€๊ฒฝํ•˜๊ฑฐ๋‚˜ ์ƒˆ๋กœ ์ถ”๊ฐ€ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Read More

๊ฐ„๋‹จํ•˜๊ฒŒ ZAP Scripting ๋ฐฐ์›Œ๋ณด๊ธฐ

  • 1 min read

์˜ค๋Š˜์€ ZAP Scripting์„ ์ฒ˜์Œ ์ ‘ํ•  ๋•Œ ์ต์ˆ™ํ•ด์ง€๊ธฐ ์ข‹์€ ์˜ˆ์ œ ๋‘๊ฐ€์ง€๋ฅผ ์†Œ๊ฐœํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ด ๊ธ€์„ ์ฝ์–ด์ฃผ์‹œ๋ฉด, ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ ์ž‘์„ฑ์œผ๋กœ ZAP์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ์กฐํšŒํ•˜๊ฑฐ๋‚˜, 3rd party ์Šค์บ”์„ ์š”์ฒญํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ์–ป์–ด๊ฐ€์‹ค ์ˆ˜ ์žˆ์„๊ฑฐ์—์š” ๐Ÿ˜Š

Read More