Tags

security

Malicious code in xz/liblzma ๐Ÿ˜ฑ

1 min read

๋ฐ”๋กœ ์–ด์ œ ์••์ถ• ์ฒ˜๋ฆฌ๋ฅผ xz ํŒจํ‚ค์ง€์˜ upstream tarballs์—์„œ ์•…์˜์ ์ธ ๋™์ž‘์ด ํ™•์ธ๋˜์–ด ์ด์Šˆ์ž…๋‹ˆ๋‹ค. ๊ฒฐ๋ก ์€ xz ๋‚ด Malicious code๊ฐ€ ์‚ฝ์ž…๋˜์—ˆ๊ณ  ์ด๋กœ ์ธํ•ด ๋งŽ์€ ์‹œ์Šคํ…œ์ด ์˜ํ–ฅ๋ฐ›์„ ๊ฒƒ์œผ๋กœ ๋ณด์ž…๋‹ˆ๋‹ค. CVE-2024-3093๋ฅผ ํ• ๋‹น๋ฐ›์€ ์ด ์ด์Šˆ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Smuggling with JSON

2 min read

JSON์€ YAML๊ณผ ํ•จ๊ป˜ ์ž์ฃผ ์‚ฌ์šฉ๋˜๋Š” ํฌ๋งท ์ค‘ ํ•˜๋‚˜์ž…๋‹ˆ๋‹ค. K:V ํ˜•ํƒœ์˜ ๋‹จ์ˆœํ•œ ๊ตฌ์„ฑ์ด์ง€๋งŒ, JSON์˜ ํŠน์„ฑ์„ ์ด์šฉํ•˜๋ฉด ๋ฐ์ดํ„ฐ๋ฅผ ์ˆจ๊ธฐ๊ณ  Application์˜ ์ž˜๋ชป๋œ ๋™์ž‘์„ ์œ ๋„ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Preventing LLM Prompt Leak

1 min read

ChatGPT๋Š” ์‚ฌ์šฉ์ž ๊ฐœ๊ฐœ์ธ์ด Bot์„ ๋งŒ๋“ค๊ณ  ์„œ๋น„์Šคํ•  ์ˆ˜ ์žˆ๋„๋ก ์ œ๊ณต๋˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ €๋„ ์ œ ํŽธ์˜๋ฅผ ์œ„ํ•ด ๋ช‡๊ฐ€์ง€ ๋งŒ๋“ค์–ด์„œ ์‚ฌ์šฉํ•˜๋Š”๋ฐ ๋„ˆ๋ฌด๋‚˜๋„ ์‰ฌ์šด ๋ฐฉ๋ฒ•์œผ๋กœ Prompt๋ฅผ ์ฝ์–ด๋‚ผ ์ˆ˜ ์žˆ์—ˆ๋„ค์š”.

Prompt Injection via Ascii Art

1 min read

LLM ๋ชจ๋ธ์„ ์‚ฌ์šฉํ•˜๋Š” ์„œ๋น„์Šค์—์„  Prompt Injection๊ณผ ๊ฐ™์€ LLM Attack์„ ๋ฐฉ์–ด, ์™„ํ™”ํ•˜๊ธฐ ์œ„ํ•ด ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋ณดํ˜ธ ๋กœ์ง์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ด๋ฅผ ๊นจ๊ธฐ ์œ„ํ•ด์„œ ๋…์ฐฝ์ ์ธ ๋ฐฉ์‹์˜ Prompt๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.

PQ3 and PQC ๐Ÿ—๏ธ

2 min read

Apple์—์„œ ์กฐ๋งŒ๊ฐ„ iMessage์— PQ3๋ผ๋Š” ์•”ํ˜ธํ™” ํ”„๋กœํ† ์ฝœ์„ ์ ์šฉํ•  ์˜ˆ์ •์ด๋ผ๊ณ  ๋ฐœํ‘œํ–ˆ์Šต๋‹ˆ๋‹ค.

DOM Handling with MutationObserver

3 min read

์ตœ๊ทผ ZAP์€ SPA ๊ธฐ๋ฐ˜์˜ ์•ฑ์„ ์‰ฝ๊ฒŒ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•ด Client Side Integration ์ด๋ž€ ๊ธฐ๋Šฅ์„ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค. ์ด ์ด ๋•Œ DOM์˜ ๋ณ€ํ™”๋ฅผ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•œ ์žฅ์น˜๋กœ MutationObserver๊ฐ€ ์‚ฌ์šฉ๋˜์—ˆ๋Š”๋ฐ์š”. ์˜ค๋Š˜์€ MutationObserver๊ฐ€ ๋ญ”์ง€ ๊ทธ๋ฆฌ๊ณ  ๋ณด์•ˆ ํ…Œ์ŠคํŒ… ์‹œ ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„์ง€ ์ด์•ผ๊ธฐํ•ด๋ด…๋‹ˆ๋‹ค.

Lazy-loading iframe in Firefox

~1 min read

์ตœ๊ทผ์— Firefox์ชฝ์—์„œ ํ•˜๋‚˜ ์—…๋ฐ์ดํŠธ๋ฅผ ์˜ˆ๊ณ  ํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ณง img ํƒœ๊ทธ์—๋งŒ ์กด์žฌํ•˜๋˜ lazy-loading์ด iframe์—๋„ ์ ์šฉ๋˜๋Š”๋ฐ์š”. ์„ฑ๋Šฅ์ ์ธ ์žฅ์ ์€ ๋ถ„๋ช…ํžˆ ์žˆ๊ฒ ์ง€๋งŒ, img์™€ ๋‹ฌ๋ฆฌ XSS์˜ ๋ฆฌ์Šคํฌ๊ฐ€ ๋†’์€ iframe์˜ ๋กœ๋“œ ์‹œ์ ์„ ํ†ต์ œํ•  ์ˆ˜ ์žˆ๋Š” ํ˜•ํƒœ๋ผ ์žฌ๋ฏธ์žˆ๋Š” ์ด์Šˆ๊ฐ€ ๋‚˜์˜ฌ์ง€ ๊ธฐ๋Œ€๋˜๊ธฐ๋„, ๋ฐ˜๋Œ€๋กœ ๋˜ ๊ฑฑ์ •๋˜๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค.

WebAuthn๊ณผ Passkey

4 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ํŒจ์Šค์›Œ๋“œ ๋งค๋‹ˆ์ €๋ฅผ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ๊ฐœ์ธ์ ์œผ๋กœ Apple์˜ ์•”ํ˜ธ ๊ธฐ๋Šฅ์„ ์ฃผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋˜ํ•œ icloud+๋„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์–ด ์ด๋ฉ”์ผ ๊ฐ€๋ฆฌ๊ธฐ + ์•”ํ˜ธ ์กฐํ•ฉ์œผ๋กœ ๊ฐ€๊ธ‰์  ์„œ๋น„์Šค๋ณ„๋กœ ๊ณ„์ •๊ณผ ํŒจ์Šค์›Œ๋“œ๊ฐ€ ๊ฒน์น˜์ง€ ์•Š๋Š” ์ƒํƒœ๋กœ ์œ ์ง€ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ตฌ๊ธ€์˜ ๊ฒฝ์šฐ Google password manager๋ฅผ ํ†ตํ•ด ๋น„์Šทํ•˜๊ฒŒ ์‚ฌ์šฉํ•˜์‹œ๋Š” ๋ถ„๋“ค๋„ ์žˆ์„๊ฑฐ๋ผ๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค. Apple์ด๋‚˜ Google์˜ ์ด๋Ÿฌํ•œ ๊ธฐ๋Šฅ๋“ค๊ณผ FIDO ๊ด€๋ จ ์ธ์ฆ ๋ฐฉ์‹๋“ค์€ Passwordless์˜ ๋Œ€์ค‘ํ™”๋ฅผ ์•ž๋‹น๊ฒผ๊ณ  ์ด์ œ๋Š” Password๋ฅผ ์ž…๋ ฅํ•˜๋Š” ๊ฒƒ์ด ์ ์  ์–ด์ƒ‰ํ•ด์ง€๋Š” ์‹œ๊ธฐ๊ฐ€ ์˜จ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

ZAP 2.14 Review โšก๏ธ

3 min read

์ƒ๊ฐ๋ณด๋‹ค ์—„์ฒญ ๋น ๋ฅธ ์ฃผ๊ธฐ๋กœ ZAP 2.14 ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ๋ฐœํ‘œ๋˜์—ˆ์Šต๋‹ˆ๋‹ค ๐ŸŽ‰โšก๏ธ

XSS via reportError

1 min read

reportError๋ž€ ํ•จ์ˆ˜๋ฅผ ์•„์‹œ๋‚˜์š”? Chrome 95, Firefox 93 ๋ฒ„์ „์— ์ถ”๊ฐ€๋œ ๊ธ€๋กœ๋ฒŒ ๋ฉ”์†Œ๋“œ๋กœ JS์˜ uncaught exception์„ ์ฝ˜์†”์ด๋‚˜ ๊ธ€๋กœ๋ฒŒ ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ๋กœ ๋„˜๊ฒจ์ฃผ๋Š” ๊ธฐ๋Šฅ์„ ์ˆ˜ํ–‰ํ•ฉ๋‹ˆ๋‹ค. PortSwigger ์ธก์—์„œ reportError ํ•จ์ˆ˜๋ฅผ ์ด์šฉํ•œ ํŠธ๋ฆญ์„ ๊ณต๊ฐœํ–ˆ๊ณ  ์ž ๊น ์‹œ๊ฐ„๋‚ด์–ด ์‚ดํŽด๋ณธ ๋‚ด์šฉ ๊ณต์œ ๋“œ๋ ค๋ด…๋‹ˆ๋‹ค.

ZAP Map Local๋กœ ์‰ฝ๊ฒŒ Fake Response ๋งŒ๋“ค๊ธฐ

2 min read

๋ณด์•ˆ ํ…Œ์ŠคํŒ…์—์„  HTTP Response๋ฅผ ์ž์ฃผ ๋ณ€๊ฒฝํ•ด์•ผํ•  ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค. ์ด๋Ÿด ๋•Œ ์ €๋Š” ๋ณดํ†ต ZAP์—์„  breakpoint์™€ replace ๊ธฐ๋Šฅ, ๊ทธ๋ฆฌ๊ณ  ์Šคํฌ๋ฆฝํŒ…์„ ์ฃผ๋กœ ์‚ฌ์šฉํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. (+Proxify์˜ DSL)

Zest + YAML = โค๏ธ

1 min read

์ตœ๊ทผ์— Zest ์ชฝ์˜ Commit (zaproxy/zest/6d67925) ํ•˜๋‚˜๋ฅผ ์ฃผ์‹œํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Zest์—์„œ YAML ํฌ๋งท ์ง€์›์— ๋Œ€ํ•œ ๋‚ด์šฉ์ด์˜€๋Š”๋ฐ์š”. ๋“œ๋””์–ด ๊ณต์‹ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ด๋ฃจ์–ด์กŒ๊ณ  ์ด์ œ Zest์—์„œ YAML ํฌ๋งท์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

ZAPโ€™s Client Side Integration

2 min read

์ตœ๊ทผ์— ZAP์— ์žฌ๋ฏธ์žˆ๋Š” Addon์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค. GSoC(Google Summer of Code) 2023์˜ ๊ฒฐ๊ณผ๋ฌผ๋กœ BurpSuite์˜ Navigation Recorder์™€ ๋น„์Šทํ•ด๋ณด์ด๋Š” ๊ธฐ๋Šฅ์œผ๋กœ ๋ฆด๋ฆฌ์ฆˆ ์งํ›„๋ถ€ํ„ฐ ํ‹ˆํ‹ˆํžˆ ๊ฐ€์ง€๊ณ  ๋†€์•„๋ณธ ๊ฒฐ๊ณผ ๋‹ค๋ฅธ ์˜๋ฏธ๋กœ ๊ฐ€๋Šฅ์„ฑ์ด ๋ณด์ด๋Š” Addon์ด๋ž€ ์ƒ๊ฐ์ด ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

XSpear Reborn: Big Changes Coming

2 min read

์ œ๊ฐ€ Dalfox ๋ฅผ ๊ฐœ๋ฐœํ•˜๊ธฐ ์ „์— Ruby๋กœ ์ž‘์„ฑํ–ˆ์—ˆ๋˜ XSpear๋ž€ ๋„๊ตฌ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋™์ผํ•˜๊ฒŒ XSS๋ฅผ ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ ์œ„ํ•œ ๋„๊ตฌ์˜€๊ณ , ํ˜„์žฌ ์„ฑ๋Šฅ์€ ๋‹น์—ฐํžˆ Dalfox์ชฝ์ด ์••๋„์ ์œผ๋กœ ์ข‹์€ ์ƒํƒœ์ž…๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ž‘๋…„๋ถ€ํ„ฐ XSpear์— ๋Œ€ํ•œ Reborn ๊ณ„ํš์„ ์ƒ๊ฐํ•ด ๋‘์—ˆ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ ๋งŒ๋“ค๋˜ ๋„๊ตฌ๋„ ์–ด๋Š ์ •๋„ ์œค๊ณฝ์ด ์žกํ˜€์„œ ์ด์ œ ๋ณธ๊ฒฉ์ ์œผ๋กœ XSpear์— ๋Œ€ํ•ด ๋Œ€๊ทœ๋ชจ ๊ฐœํŽธ์„ ์ง„ํ–‰ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Customize ZAP HUD ๐ŸŽฎ

1 min read

Today, I write a post about how to use ZAP HUD in an engaging manner. While ZAP HUD may not have incredibly useful features at the moment, experimenting with it could be worthwhile since it has the potential to bring about changes in the analytical approach.

90-Day Certificate Validity

2 min read

์˜ค๋Š˜์€ ๊ตฌ๊ธ€์—์„œ ์ถ”์นœํ•˜๋Š” 90์ผ์˜ ์ธ์ฆ์„œ ์œ ํšจ๊ธฐ๊ฐ„์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๊ตฌ๊ธ€์ด ์˜ฌํ•ด 3์›”(2023)์— Chromium Security ๋ฅผ ํ†ตํ•ด ๊ณต์ง€(๋ฐฉํ–ฅ์„ฑ์— ๋Œ€ํ•œ ๊ณต์ง€)ํ•œ ์ดํ›„์— ์•„์ง ๋ณ„๋‹ค๋ฅธ ์•ก์…˜์ด ์—†๊ธด ํ•˜์ง€๋งŒ, ํ•œ๋ฒˆ์ฏค์€ ์ •๋ฆฌํ•˜๊ณ  ๋ฏธ๋ฆฌ ์ค€๋น„ํ•  ์ˆ˜ ์žˆ๋Š” ๊ฒƒ์€ ์ค€๋น„ํ•˜๋Š” ๊ฒƒ์ด ์ข‹์œผ๋‹ˆ ๊ธ€๋กœ ์ •๋ฆฌํ•˜์—ฌ ๋‚จ๊ฒจ๋ด…๋‹ˆ๋‹ค.

Hello Noir ๐Ÿ‘‹๐Ÿผ

2 min read

Hi all! I am excited to announce the release of my toy project called โ€˜Noirโ€™ ๐ŸŽ‰๐Ÿš€

Optimizing ZAP and Burp with JVM

1 min read

๋ˆ„๊ตฐ๊ฐ€๊ฐ€ ์ €์—๊ฒŒ Application Security, Pentest ๋“ฑ์—์„œ ๊ฐ€์žฅ ํ™œ๋ฐœํ•˜๊ฒŒ ์‚ฌ์šฉ๋˜๋Š” ๋„๊ตฌ๋ฅผ ์„ ํƒํ•˜๋ผ๊ณ  ํ•˜๋ฉด ๋‹น์—ฐํžˆ Burpsuite์™€ ZAP ๊ฐ™์€ Proxy ๋„๊ตฌ๋ฅผ ์„ ํƒํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์ตœ๊ทผ Caido๊ฐ€ ๋งŽ์ด ์˜ฌ๋ผ์˜ค๋Š” ์ถ”์„ธ์ด๊ธด ํ•˜๋‚˜, ์žฅ๊ธฐ๊ฐ„ ๋ฆฌ๋“œ ์—ญํ• ์„ ์ˆ˜ํ–‰ํ•ด ์˜จ ๋‘ ๋„๊ตฌ๋ฅผ ๋”ฐ๋ผ๊ฐ€๊ธฐ์—” ์•„์ง ์ถฉ๋ถ„ํ•œ ์‹œ๊ฐ„์ด ๋” ํ•„์š”ํ•  ๊ฒƒ์œผ๋กœ ๋ณด์ž…๋‹ˆ๋‹ค.

ZAP 2.13 Review โšก๏ธ

1 min read

์˜ˆ์ƒ๋ณด๋‹ค ํ›จ์”ฌ ๋น ๋ฅธ ์‹œ๊ธฐ์— ZAP 2.13์ด ๋ฆด๋ฆฌ์ฆˆ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต ๋งค๋…„ ๊ฐ€์„, ๊ฒจ์šธ์ค‘์— ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ, ์ด๋ฒˆ์—๋Š” ์—ฌ๋ฆ„์— ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ƒ๊ฒผ๋„ค์š”. ๋ณ€ํ™”๋œ ๋ถ€๋ถ„์ด ํฌ์ง„ ์•Š์•„์„œ ๋ฆด๋ฆฌ์ฆˆ ๋…ธํŠธ๋ฅผ ๋ณด๋ฉด ๋Œ€๋ถ€๋ถ„ ์•Œ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. 2.13 ๋ฆด๋ฆฌ์ฆˆ ์งํ›„๋ถ€ํ„ฐ ๋ช‡์ผ ๋™์•ˆ ์‚ดํŽด๋ณด๊ณ  ๋Š๊ผˆ๋˜ ์  ์œ„์ฃผ๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

SSL Version์„ ์ฒดํฌํ•˜๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋ฐฉ๋ฒ•๋“ค

3 min read

์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋ช…๋ น์„ ํ†ตํ•ด ssl version ์ฒดํฌํ•˜๋Š” ๋ฐฉ๋ฒ•๋“ค ๊ฐ„๋žตํ•˜๊ฒŒ ๋ฉ”๋ชจํ•ด๋‘ก๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ ์ฃผ๋กœ testssl.sh๋ฅผ ์ž์ฃผ ์‚ฌ์šฉํ–ˆ์—ˆ๋Š”๋ฐ, ์“ฐ๋‹ค๋ณด๋‹ˆ ์ข…์ข… ๋‹ค๋ฅธ ๋„๊ตฌ์™€ ํฌ๋กœ์Šค ์ฒดํฌ๊ฐ€ ํ•„์š”ํ•œ ์ผ์ด ์žˆ๋„ค์š”. ์—ฌ๋Ÿฌ ๋„๊ตฌ๋“ค์ด ssl version ๊ด€๋ จ ์˜ต์…˜์€ ์ง€์›ํ•˜๊ณ  ์žˆ์œผ๋‹ˆ ์ˆ™์ง€ํ•ด๋‘๋ฉด ์ข…์ข… ์‚ฌ์šฉํ•  ์ผ์ด ์žˆ์„๋“ฏ ํ•ฉ๋‹ˆ๋‹ค :D

MSF Pivoting X SocksProxy

2 min read

์ตœ๊ทผ์— MSF๋กœ Pivoting ํ™˜๊ฒฝ์—์„œ ํ…Œ์ŠคํŒ…์ด ํ•„์š”ํ•œ ๊ฒฝ์šฐ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐฉ๋ฒ• ์ž์ฒด๋Š” ์–ด๋ ค์šด๊ฒŒ ์•„๋‹ˆ๋ผ ๊ทธ๋ƒฅ ๋ชธ์— ์žˆ๋Š”๋Œ€๋กœ ์ง„ํ–‰ํ•˜๊ธด ํ–ˆ๋Š”๋ฐ, ์ƒ๊ฐํ•ด๋ณด๋‹ˆ ๋ธ”๋กœ๊ทธ์— ์ •๋ฆฌํ–ˆ๋˜ ์ ์€ ์—†๋Š” ๊ฒƒ ๊ฐ™์•„ ๊ฐ„๋‹จํ•˜๊ฒŒ ๋‚จ๊ฒจ๋ด…๋‹ˆ๋‹ค.

CVSS 4.0 Preview ์‚ดํŽด๋ณด๊ธฐ

3 min read

CVSS(Common Vulnerability Scoring System)๋Š” ์‹œ์Šคํ…œ, ์†Œํ”„ํŠธ์›จ์–ด์˜ ์ทจ์•ฝ์„ฑ์„ ํ‰๊ฐ€ํ•˜๊ธฐ ์œ„ํ•ด ์‚ฌ์šฉ๋˜๋Š” ์ทจ์•ฝ์„ฑ์— ๋Œ€ํ•œ ์Šค์ฝ”์–ด๋ง ์‹œ์Šคํ…œ์ž…๋‹ˆ๋‹ค. Offensive Security ๊ด€๋ จํ•˜์—ฌ ํ˜„์—…์— ์žˆ๋‹ค๋ฉด ์ต์ˆ™ํ•˜์ง€๋งŒ ๋ฐ˜๋Œ€๋กœ ๋ฌธ์ œ์ ๋„ ๋งŽ๋‹ค๊ณ  ๋Š๊ปด์ง€๋Š” ๊ทธ๋Ÿฐ ์นœ๊ตฌ์ฃ . ๋ณดํ†ต CVSS2 ๋˜๋Š” CVSS3๋ฅผ ๋งŽ์ด ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋Š” ์ƒํƒœ์ธ๋ฐ, ์Šฌ์Šฌ CVSS4์˜ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ ์  ๋‹ค๊ฐ€์˜ค๊ณ  ์žˆ์–ด ์‚ดํŽด๋ณผ ํ•„์š”๊ฐ€ ์žˆ๊ธด ํ•ฉ๋‹ˆ๋‹ค.

Attack Types in Web Fuzzing

2 min read

Fuzzing์€ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์„ ํ…Œ์ŠคํŠธํ•˜๊ณ  ๋ณด์•ˆ ์ทจ์•ฝ์ ์„ ์ฐพ์•„๋‚ด๊ธฐ ์œ„ํ•ด์„œ ๊ฐ€์žฅ ์ผ๋ฐ˜์ ์œผ๋กœ ์‚ฌ์šฉํ•˜๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ๋ณดํ†ต Burpsuite์˜ Intruder, Turbo Intruder ๋˜๋Š” ZAP์˜ Fuzz, Caido์˜ Automate์™€ ๊ฐ™์ด Proxy ๋„๊ตฌ์—์„œ ์ œ๊ณตํ•˜๋Š” ๊ธฐ๋Šฅ์„ ์‚ฌ์šฉํ•˜๊ฑฐ๋‚˜ ffuf ๊ฐ™์€ cli fuzzer๋ฅผ ์‚ฌ์šฉํ•ด์„œ ํ…Œ์ŠคํŠธํ•˜๊ณค ํ•ฉ๋‹ˆ๋‹ค.

Hack the AI Prompt ๐Ÿค–

3 min read

chatGPT๋Š” ์ถœ์‹œ ์ดํ›„ ์ •๋ง ๋งŽ์€ ๊ฒƒ๋“ค์„ ๋ฐ”๊ฟจ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์‹ค์ œ ์ผ์— ํฐ ์˜ํ–ฅ์„ ์ค€๋‹ค๊ธฐ ๋ณด๋‹จ ์—ฌ๋Ÿฌ AI๊ฐ€ ์‚ฌ๋žŒ๋“ค์˜ ๋งŽ์€ ๊ด€์‹ฌ์„ ๋ฐ›๊ฒŒ๋˜๋ฉด์„œ ๋ณด์•ˆ์ ์ธ ๊ด€์ ์—์„œ๋„ ์ถฉ๋ถ„ํ•œ ๊ณ ๋ฏผ๊ณผ ๊ธฐ์ˆ ์˜ ๋ฐœ์ „์ด ์˜ค๋Š” ์‹œ๊ธฐ๋ผ๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค. ์ด์ „์— AI์— ๋Œ€ํ•œ ๊ณต๊ฒฉ์€ ํ•™์Šต ์ชฝ์— ๊ด€์—ฌํ•˜๋Š” ํ˜•ํƒœ๋กœ ์น˜์šฐ์ณค๋‹ค๋ฉด ํ˜„์žฌ๋Š” Prompt์— ๋Œ€ํ•œ ํ…Œ์ŠคํŒ…๊ณผ ๊ด€์‹ฌ๋„ ๋งŽ์€ ์ƒํƒœ์ž…๋‹ˆ๋‹ค.

ZAP Site Tree์—์„œ 404 ํŽ˜์ด์ง€ ํ•œ๋ฒˆ์— ์ง€์šฐ๊ธฐ

~1 min read

ZAP์˜ Site tree๋Š” Burp์™€๋Š” ๋‹ค๋ฅด๊ฒŒ 404 Not found๋„ ๋ณด์—ฌ์ฃผ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ข…์ข… ์“ธ๋งŒํ•œ ์ •๋ณด๊ฐ€ ๋˜๊ธฐ ํ•˜์ง€๋งŒ ๋Œ€์ฒด๋กœ ๋ณด๊ธฐ ๋ถˆํŽธํ•œ ์กด์žฌ์ž…๋‹ˆ๋‹ค. ZAP์—์„œ๋Š” ๊ณต์‹์ ์œผ๋กœ ๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•ด์ฃผ๊ณ  ์žˆ์ง€ ์•Š๊ธฐ ๋•Œ๋ฌธ์— ๊ฐ„๋‹จํ•˜๊ฒŒ ์Šคํฌ๋ฆฝํŒ…ํ•˜์—ฌ ์ œ๊ฑฐํ•˜๋Š” ๊ฒƒ์ด ํŽธ๋ฆฌํ•ฉ๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค.

Encoding Only Your Choices, EOYC

2 min read

์š”์ฆ˜ ์žฅ๋‚œ๊ฐ ์‚ผ์•„ Crystal๊ณผ Elixir๋กœ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ฝ”๋“œ๋ฅผ ์ž‘์„ฑํ•ด๋ณด๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํŠนํžˆ Crystal์€ Ruby์™€ ์ œ๊ฐ€ ์˜ˆ์ „์— ํ•œ๋ฒˆ ์†Œ๊ฐœํ•˜๊ธฐ๋„ ํ—€๊ณ  Ruby์™€ ๊ฑฐ์˜ ์œ ์‚ฌํ•œ ๋ฌธ๋ฒ•์— ์†๋„๊นŒ์ง€ ๊ฐ–์ถ”๊ณ  ์žˆ์–ด ๊ฐœ์ธ์ ์œผ๋กœ ๊ด€์‹ฌ์ด ๋งŽ์•˜๋˜ ์–ธ์–ด์ž…๋‹ˆ๋‹ค. ์ตœ๊ทผ์— ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ด์œ ๋กœ Crystal์€ ์ฃผ๋ ฅ ์–ธ์–ด๋กœ ๋งŒ๋“ค์–ด๊ฐ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ Crystal๋กœ ์ž‘์„ฑํ•œ ๊ฐ„๋‹จํ•œ ๋„๊ตฌ ํ•˜๋‚˜ ๊ณต์œ ํ•˜๋ ค๊ณ  ๊ธ€์„ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Cross handling Cookies in Zest

3 min read

์˜ค๋Š˜์€ Zest ์Šคํฌ๋ฆฝํŠธ์—์„œ Headless Browser์™€ ์ผ๋ฐ˜ ZAP ์š”์ฒญ๊ฐ„ Cookie๋ฅผ ์ฒ˜๋ฆฌํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. Headless Browser์™€ ZAP ๋‚ด๋ถ€์˜ Req/Res ๊ฐ„์— ์ฟ ํ‚ค ๊ตํ™˜์œผ๋กœ ์—ฌ๋Ÿฌ ์ƒํ™ฉ์—์„œ ์›น ์š”์ฒญ์„ ์‰ฝ๊ฒŒ ์ฒ˜๋ฆฌํ•˜์—ฌ ์›ํ•˜๋Š” ๋ณด์•ˆ ํ…Œ์ŠคํŒ…, ์ž๋™ํ™” ๋ฃจํ‹ด์„ ์ด์–ด๊ฐˆ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP์—์„œ ์šฐ์•„ํ•˜๊ฒŒ Cookie ๊ธฐ๋ฐ˜ Auth ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ

3 min read

Web์˜ Authorization, Permission, Access Control ํ…Œ์ŠคํŒ… ์‹œ ์–ด๋–ค ๋ฐฉ๋ฒ•์„ ํ™œ์šฉํ•˜์‹œ๋‚˜์š”? ๋ณดํ†ต ๋ณด์•ˆ ํ…Œ์ŠคํŒ… ๋‹จ๊ณ„์—์„  ๊ถŒํ•œ์„ ๋ฐ”๊ฟ”๊ฐ€๋ฉฐ ์ˆ˜๋™์œผ๋กœ ํ…Œ์ŠคํŠธํ•˜๊ฑฐ๋‚˜ ์ž๋™ํ™”๋œ ๋„๊ตฌ๋ฅผ ํ†ตํ•œ ํ…Œ์ŠคํŒ…, ๋˜๋Š” ๋‘๊ฐœ๋ฅผ ๋ณ‘ํ–‰ํ•˜์—ฌ ํ…Œ์ŠคํŠธํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ž๋™ํ™”๋œ ํ…Œ์ŠคํŒ…์„ ์œ„ํ•ด์„  Burpsuite, ZAP, CLI Tools ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋„๊ตฌ๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค.

Hello Caido ๐Ÿ‘‹๐Ÿผ

2 min read

์ตœ๊ทผ Rust ๊ธฐ๋ฐ˜์˜ ๋ถ„์„๋„๊ตฌ์ธ Caido๊ฐ€ ๋“œ๋””์–ด Public Beta๋กœ ์ „ํ™˜๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด Private Beta ๋‹น์‹œ ์ˆ˜๋ คํ•œ UI์™€ ๋น ๋ฅด๋‹ค๊ณ  ์•Œ๋ ค์ง„ ์†๋„ ๋•๋ถ„์— ์ผ๋ถ€ BugBountyHunter ๋“ค์—๊ฒŒ ์„ ํƒ๋˜์–ด ์‚ฌ์šฉ๋˜์—ˆ๊ณ  ๋งŽ์€ ๊ด€์‹ฌ์„ ๋ฐ›๊ณ  ์žˆ๋˜ ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

CORS Bypass via dot

1 min read

Origin ํ—ค๋”์™€ ACAO(Access-Control-Allow-Origin) ํ—ค๋”๋Š” Cross-Origin ๊ด€๊ณ„์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ์ „๋‹ฌํ•˜๊ณ  ์ˆ˜์‹ ํ•˜๊ธฐ ์œ„ํ•œ ํ—ค๋”๋กœ SOP(Same-Origin Policy)๋ฅผ ๊ณต์‹์ ์œผ๋กœ ์šฐํšŒํ•˜๊ธฐ ์œ„ํ•œ ํ—ค๋”์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ CORS๋ผ๊ณ  ํ†ต์šฉ๋˜์–ด ๋ถ€๋ฅด๋ฉฐ, ์ด๋Š” JSON Hijacking๊ณผ CSRF ์ทจ์•ฝ์ ์— ํฐ ์ ‘์ ์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP Custom En/Decoder ๋งŒ๋“ค๊ธฐ

2 min read

ZAP์˜ ํ™•์žฅ์„ฑ์€ Scripting Engine์˜ ํŒŒ์›Œ์—์„œ ๋‚˜์˜ต๋‹ˆ๋‹ค. URL, HTML, Base64 ๋“ฑ ํ…Œ์ŠคํŒ… ๋‹จ๊ณ„์—์„  ์ธ/๋””์ฝ”๋”ฉ์„ ํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๊ต‰์žฅํžˆ ๋งŽ์€๋ฐ์š”. ์ด ๋•Œ ์‚ฌ์šฉํ•˜๋Š” Encode/Decode/Hash ๊ธฐ๋Šฅ ๋˜ํ•œ Scripting์œผ๋กœ ํ™•์žฅํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Firefox + Container + Proxy = Hack Env

2 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ๋ถ„์„ํ•˜์‹ค ๋•Œ ์–ด๋–ค ๋ธŒ๋ผ์šฐ์ €๋ฅผ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ๋ณดํ†ต ๊ฐ ๋„๊ตฌ์˜ Embedded Browser(ZAP-Firefox/Burp-Chrome)์„ ์ฃผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ข…์ข… ์ผ๋‹จ Firefox๋กœ๋„ ํ…Œ์ŠคํŠธ๋ฅผ ์ฆ๊ฒจํ•ฉ๋‹ˆ๋‹ค.

Front-End Tracker๋กœ DOM/Storage ๋ถ„์„ํ•˜๊ธฐ

2 min read

ZAP ํŒ€์—์„œ ๊ด€๋ฆฌํ•˜๋Š” ๋„๊ตฌ๋“ค ์ค‘์— ์œ ๋… ๊ด€์‹ฌ์ด ๊ฐ€๋˜ ๋„๊ตฌ๊ฐ€ ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๋“œ๋””์–ด ์ •๋ฆฌ๋ฅผ ๋งˆ๋ฌด๋ฆฌํ•ด์„œ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๊ณต์œ ๋“œ๋ฆฌ๋ฉด์„œ ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”์ง€, ์ด๊ฑธ ํ†ตํ•ด ๋ฌด์—‡์„ ํ•  ์ˆ˜ ์žˆ๋Š”์ง€ ์ด์•ผ๊ธฐ๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Katana์™€ Web Crawler

1 min read

ProjectDiscovery์˜ ๋„๊ตฌ๋“ค์€ ํ•ญ์ƒ ์ปค๋ฎค๋‹ˆํ‹ฐ์— ํฐ ํŒŒ์žฅ์„ ์ผ์œผํ‚ต๋‹ˆ๋‹ค. ์‹ค์ œ๋กœ ProjectDiscovery๋กœ ์ธํ•ด CLI ๊ธฐ๋ฐ˜์˜ ํ…Œ์ŠคํŒ…์ด ํ›จ์”ฌ ๋Œ€์ค‘ํ™”๋˜๊ณ , ์ด๋“ค์˜ ๋„๊ตฌ๋Š” ๊ฐ์ข… Pipeline์—์„œ์˜ ํ•ต์‹ฌ ๋„๊ตฌ๊ฐ€ ๋˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ตœ๊ทผ์— Katana๋ž€ ๋„๊ตฌ๋ฅผ ์ถœ์‹œํ•˜๊ณ  Nuclei ๋งŒํผ ํฐ ํŒŒ์žฅ์„ ์ผ์œผํ‚ค๊ณ  ์žˆ๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”.

XSSHunter๊ฐ€ ์ข…๋ฃŒ๋ฉ๋‹ˆ๋‹ค

1 min read

Blind XSS ๋„๊ตฌ ์ค‘ ๊ฐ€์žฅ ์œ ๋ช…ํ•˜๊ณ  ๋งŽ์€ ๊ธฐ๋Šฅ์„ ๋‹ด์•˜๋˜ XSSHunter๊ฐ€ ์˜ฌํ•ด๊นŒ์ง€๋งŒ ์šด์˜๋˜๊ณ  ๋‚ด๋…„๋ถ€ํ„ฐ ์„œ๋น„์Šค๊ฐ€ ์ข…๋ฃŒ๋ฉ๋‹ˆ๋‹ค. ๊ธฐ์—… ๋‚ด๋ถ€์—์„œ๋Š” ๋ณดํ†ต ๋ณ„๋„์˜ BXSS Callback ์„œ๋น„์Šค๋ฅผ ๊ตฌ์ถ•ํ•˜๊ฑฐ๋‚˜ OAST๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ์ฒดํฌํ–ˆ๊ฒ ์ง€๋งŒ, ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ์œ ์ €๋‚˜ ์™ธ๋ถ€์—์„œ ํ…Œ์ŠคํŒ…ํ•˜๋Š” ๊ฒฝ์šฐ XSSHunter ์‚ฌ์šฉ ๋นˆ๋„๊ฐ€ ๋†’์•˜๋˜๊ฑธ๋กœ ์•Œ๊ณ  ์žˆ์–ด ์•„์‰ฌ์›€์ด ๋งŽ์ด ๋‚จ์Šต๋‹ˆ๋‹ค. (์ € ๋˜ํ•œ ๊ต‰์žฅํžˆ ์• ์šฉํ–ˆ๊ตฌ์š”.)

๋น ๋ฅธ ํ…Œ์ŠคํŒ…์„ ์œ„ํ•œ ZAP ๋‹จ์ถ•ํ‚ค๋“ค

1 min read

ZAP์—์„œ ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” ๋‹จ์ถ•ํ‚ค๋“ค ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ Tab ๊ณ„ํ†ต(History, Fuzz, Sites, Scripts ๋“ฑ)์€ 3ํ‚ค ์ด์ƒ ๋ˆŒ๋Ÿฌ์•ผ ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๋Œ€๋‹ค์ˆ˜๊ฐ€ 1-2 ํ‚ค ๊ตฌ์„ฑ์ž…๋‹ˆ๋‹ค. (๋ฌผ๋ก  ํƒญ๋“ค๋„ ์‰ฝ๊ฒŒ ์ ์šฉํ•˜๋Š” ๋ฒ•์ด ์žˆ์–ด์š”)

ZAP 2.12 Review โšก๏ธ

2 min read

๋“œ๋””์–ด ZAP 2.12 ๋ฒ„์ „์ด ๋ฆด๋ฆฌ์ฆˆ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๐ŸŽ‰๐Ÿ‘๐Ÿผ๐Ÿพ 10์›” ์ค‘์ˆœ์ฏค์— ๋ฆด๋ฆฌ์ฆˆ ์˜ˆ์ •์ด์˜€์ง€๋งŒ, ์ด์Šˆ๋กœ ์•ฝ๊ฐ„ ๋Šฆ์–ด์กŒ๋‹ค๊ณ  ํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ZAP 2.12 ๋ฒ„์ „์—์„œ ๋ฐ”๋€ ๋‚ด์šฉ๋“ค์„ ๋ฆฌ๋ทฐํ•ด๋ณด๋„๋ก ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿผ ์‹œ์ž‘ํ•˜์ฃ .

localStorage + getter = Prototype Pollution

1 min read

์˜ค๋Š˜์€ Prototype Pollution์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ž ๊น ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋ฆ„์ด ์•„๋‹ˆ๋ผ @garethheyes๊ฐ€ ์•„๋ž˜์™€ ๊ฐ™์€ ๋‚ด์šฉ์˜ ํŠธ์œ—์„ ์˜ฌ๋ ธ์—ˆ์Šต๋‹ˆ๋‹ค.

CSRF is dying

3 min read

CSRF๋Š” XSS, SQL Injection๊ณผ ํ•จ๊ป˜ ์›น์—์„œ ๊ฐ€์žฅ ๋Œ€ํ‘œ์ ์ด ์ทจ์•ฝ์  ์ค‘ ํ•˜๋‚˜์ž…๋‹ˆ๋‹ค. ํ˜„์žฌ๊นŒ์ง€๋„ ์ข…์ข… ๋ฐœ๊ฒฌ๋˜๋Š” ์ทจ์•ฝ์ ์ด์ง€๋งŒ, ์—…๊ณ„์—์„œ๋Š” ์˜ค๋ž˜์ „๋ถ€ํ„ฐ ์„œ์„œํžˆ ์ฃฝ์–ด๊ฐ„๋‹ค๋Š” ํ‘œํ˜„์„ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

Metasploit์—์„œ HTTP Debug ํ•˜๊ธฐ

1 min read

MSF๋ฅผ ์‚ฌ์šฉํ•˜๋‹ค ๋ณด๋ฉด ์‹ค์ œ๋กœ ๊ณต๊ฒฉ ํŽ˜์ด๋กœ๋“œ๊ฐ€ ์ž˜ ์ „์†ก๋˜์—ˆ๋Š”์ง€ ํ™•์ธํ•˜๊ณ  ์‹ถ์„ ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋˜ ๋ชจ๋“ˆ์„ ์ด์šฉํ•ด์„œ ํ…Œ์ŠคํŠธํ–ˆ์ง€๋งŒ ๊ฐœ๋ฐœ์ž ๋“ฑ์ด ์ดํ•ดํ•˜๊ธฐ ์‰ฝ๊ฒŒ HTTP ์š”์ฒญ์œผ๋กœ ๋ณด์—ฌ์ค˜์•ผํ•  ๋•Œ๋„ ์ข…์ข… ์ƒ๊น๋‹ˆ๋‹ค.

Broken link๋ฅผ ์ฐพ์ž! DeadFinder

1 min read

์ตœ๊ทผ์— Broken Link(Dead Link)๋ฅผ ์‰ฝ๊ฒŒ ์ฐพ๊ธฐ ์œ„ํ•œ ๋„๊ตฌ๋ฅผ ํ•˜๋‚˜ ๋งŒ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. ์ œ ๋ธ”๋กœ๊ทธ์˜ Broken Link๋ฅผ ์ฐพ๊ธฐ ์œ„ํ•œ ๋ชฉ์ ์ด์˜€์ง€๋งŒ, ๊ฐ€๋ณ๊ฒŒ๋ผ๋„ ํ•œ๋ฒˆ ๊ณต์œ ํ•˜๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„์„œ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

OAST์— Hint๋ฅผ ๋”ํ•˜๋‹ค

2 min read

OAST(OOB)๋ฅผ ํ†ตํ•œ ํ…Œ์ŠคํŒ… ๋ฐฉ๋ฒ•์€ ๋ช‡๋…„ ์‚ฌ์ด ์ •๋ง ๋งŽ์€ ๋ฐœ์ „์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Param Digger! Easy param mining via ZAP

1 min read

์˜ฌํ•ด ZAP์˜ GSoC ํ”„๋กœ์ ํŠธ๋Š” Param Mining์„ ํ•˜๋Š” AddOn์ด ์„ ์ • ๋˜์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค. BurpSuite์˜ Param Miner๋ฅผ ๋ชจํ‹ฐ๋ธŒ๋กœ ์‰ฝ๊ฒŒ Miningํ•˜๋Š” ๊ฒƒ์ด ๋ชฉํ‘œ๊ฐ€ ๋˜์—ˆ๊ธฐ์—, Scripting๊ณผ Fuzzing์œผ๋กœ๋งŒ Param Mining์„ ์ œ ์ž…์žฅ์—์„  ๋งค์šฐ ๋ฐ˜๊ฐ€์šด ์†Œ์‹์ด์˜€์—ˆ์ฃ .

Hex? Imhex and Hexyl

1 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ์–ด๋–ค Hex editor/viewer๋ฅผ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” Linux๋ฅผ ๋ฉ”์ธ์œผ๋กœ ์‚ฌ์šฉํ•  ๋–ˆ Ghex์™€ hexdump, macOS์—์„  hexyl์™€ vim(+plug)์„ ์ฃผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ํฌ๋กœ์Šค ํ”Œ๋žซํผ์„ ์ง€์›ํ•˜๋Š” ์—„์ฒญ๋‚œ Hex Editor์ธ ImHex์— ๋Œ€ํ•ด ์†Œ๊ฐœํ•ด๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ์ €๋„ ์ด์ œ๋Š” ImHex์™€ hexyl ์กฐํ•ฉ์œผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค :D

ZAPโšก๏ธ Replacer VS Sender Script

2 min read

ZAP์—์„œ ๋ชจ๋“  ์š”์ฒญ์— ์ƒˆ๋กœ์šด ํ—ค๋”๋‚˜ ๋ฐ์ดํ„ฐ๋ฅผ ์ถ”๊ฐ€ํ•˜๋ ค๋ฉด ์–ด๋–ป๊ฒŒ ํ•ด์•ผํ• ๊นŒ์š”? ๋ณดํ†ต์€ Replacer ๋ผ๋Š” ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด์„œ ๊ฐ’์„ ๋ณ€๊ฒฝํ•˜๊ฑฐ๋‚˜ ์ƒˆ๋กœ ์ถ”๊ฐ€ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๊ฐ„๋‹จํ•˜๊ฒŒ ZAP Scripting ๋ฐฐ์›Œ๋ณด๊ธฐ

1 min read

์˜ค๋Š˜์€ ZAP Scripting์„ ์ฒ˜์Œ ์ ‘ํ•  ๋•Œ ์ต์ˆ™ํ•ด์ง€๊ธฐ ์ข‹์€ ์˜ˆ์ œ ๋‘๊ฐ€์ง€๋ฅผ ์†Œ๊ฐœํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ด ๊ธ€์„ ์ฝ์–ด์ฃผ์‹œ๋ฉด, ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ ์ž‘์„ฑ์œผ๋กœ ZAP์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ์กฐํšŒํ•˜๊ฑฐ๋‚˜, 3rd party ์Šค์บ”์„ ์š”์ฒญํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ์–ป์–ด๊ฐ€์‹ค ์ˆ˜ ์žˆ์„๊ฑฐ์—์š” ๐Ÿ˜Š

ZAP Forced User Mode!!

1 min read

์ œ๊ฐ€ ์ž‘๋…„๋ถ€ํ„ฐ ZAP์˜ Authentication / Authorization ๊ธฐ๋Šฅ๋“ค์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ๋งŽ์ด ํ–ˆ์—ˆ๋˜ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์‹ค์ œ๋กœ ํ…Œ์ŠคํŒ…์—๋„ ๋งŽ์€ ๋ถ€๋ถ„๋“ค์„ ์ ์šฉํ•˜๊ณ  ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Input/Custom Vectors๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ZAP์—์„œ ์ •๋ฐ€ํ•˜๊ฒŒ ์ทจ์•ฝ์  ์Šค์บ”ํ•˜๊ธฐ ๐ŸŽฏ

1 min read

Active Scan

๋จผ์ € Active Scan์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ๊ฐ€๋ณ๊ฒŒํ•˜๊ณ  ์‹œ์ž‘ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค. ZAP์˜ Active Scan์€ ์ˆ˜์ง‘๋œ URL์„ ๊ธฐ๋ฐ˜์œผ๋กœ ์ง€์ •๋œ ํŒจํ„ด, ๋กœ์ง์œผ๋กœ ์ž๋™ํ™”๋œ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์„ ํ•˜๋Š” ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ๋ณดํŽธ์ ์œผ๋ก  ์‚ฌ์ดํŠธ ์ „์ฒด์— ๋Œ€ํ•œ ์Šค์บ”์ด ๋งŽ์ด ์–ธ๊ธ‰๋˜์ง€๋งŒ, ZAP์˜ ๊ฐ•์  ์ค‘ ํ•˜๋‚˜๋Š” ์›ํ•˜๋Š” HTTP Request๋ฅผ ๋Œ€์ƒ์œผ๋กœ ๋‹จ๊ฑด์˜ ์Šค์บ๋‹์„ ์‰ฝ๊ฒŒ ํ•  ์ˆ˜ ์žˆ๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.

Zest script in CLI

2 min read

ZAP์˜ ๊ฐ•๋ ฅํ•œ ๊ธฐ๋Šฅ์ธ Scripting์—์„œ ํ•œ๋ฒˆ ๋” ๊ฐ•๋ ฅํ•˜๊ฒŒ ๋งŒ๋“ค์–ด ์ฃผ๋Š” ๊ฒƒ์ด ๋ฐ”๋กœ Zest script์ž…๋‹ˆ๋‹ค. JSON ๊ธฐ๋ฐ˜์˜ ์Šคํฌ๋ฆฝํŠธ๋กœ ์›น Req/Res ๊ทธ๋ฆฌ๊ณ  Headless browser์— ๋Œ€ํ•œ ์ปจํŠธ๋กค, ๋งˆ์ง€๋ง‰์œผ๋กœ Assertion ๋“ฑ ํ…Œ์ŠคํŒ… ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ๋กœ ๋ณต์žกํ•œ ํ…Œ์ŠคํŒ…์„ ํ•  ์ˆ˜ ์žˆ๋Š” ์Šคํฌ๋ฆฝํŠธ์ž…๋‹ˆ๋‹ค. ์ž์„ธํ•œ ๋‚ด์šฉ์€ ์ œ๊ฐ€ ์ „์— ์ž‘์„ฑํ–ˆ๋˜ ๊ธ€๋“ค์„ ์ฐธ๊ณ ํ•ด์ฃผ์„ธ์š”.

ZAP์—์„œ Zest Script๋กœ Headless ๊ธฐ๋ฐ˜์˜ ์ธ์ฆ ์ž๋™ํ™” ์ฒ˜๋ฆฌํ•˜๊ธฐ

3 min read

์ตœ๊ทผ์— Headless ๊ธฐ๋ฐ˜์˜ Authentication script๋ฅผ ๋งŒ๋“ค๊ณ  ์žˆ์—ˆ๋Š”๋ฐ ์•ฝ๊ฐ„์˜ ์–ด๋ ค์›€์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์‹ค์ œ๋กœ headless browser๋ฅผ ํ†ตํ•ด ์ธ์ฆ ์ฒ˜๋ฆฌ๋Š” ์‰ฌ์šฐ๋‚˜ ๊ทธ ๋’ค์— ZAP์ด ์ด๋ฅผ ์ธ์ง€ํ•˜๊ฒŒ ํ•˜๋Š” ๊ฒƒ์ด ์‰ฝ์ง€๊ฐ€ ์•Š์•˜์—ˆ๋Š”๋ฐ์š”. ๋ฌธ๋œฉ ์ œ๊ฐ€ ์˜ˆ์ „์— Zest script๋ฅผ ์ž‘์„ฑํ•  ๋•Œ Client ๊ด€๋ จ ํ•ญ๋ชฉ์„ ๋ดค๋˜๊ฒŒ ๊ฐ‘์ž๊ธฐ ๊ธฐ์–ต์ด ๋‚˜์„œ GUI๋กœ ์ž‘์„ฑํ•ด๋ณด๋‹ˆ ์—ญ์‹œ๋‚˜ Client(Headless browser)๋ฅผ ์ง€์›ํ•˜๋Š”๊ฒŒ ๋งž์•˜๋„ค์š”.

ZAP Active Scan ์‹œ Progress์™€ Response chart ํ™œ์šฉํ•˜๊ธฐ

2 min read

์˜ค๋Š˜์€ ZAP์˜ ActiveScan์—์„œ ๋ณผ ์ˆ˜ ์žˆ๋Š” Progress์™€ Response chart์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ž ๊น ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๋ญ”๊ฐ€ ํฌ๊ฒŒ ๋„์›€๋˜๋Š”๊ฑด ์•„๋‹ˆ์ง€๋งŒ ์Šต๊ด€์ ์œผ๋กœ ์ œ๊ฐ€ ์ฐฝ์— ๋„์–ด๋‘๊ณ  ์žˆ๋Š”๊ฒŒ ๋ฐ”๋กœ Scan์— ๋Œ€ํ•œ Progress์ธ๋ฐ์š”. ์™œ ๋„์šฐ๊ณ , ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”์ง€ ์ด์•ผ๊ธฐํ•ด๋ณด์ฃ .

ZAP Bookmarklet for Speed up

1 min read

Bookmarklet

Bookmarklet์€ Javascript ํ•จ์ˆ˜๋ฅผ Bookmark์— ์ถ”๊ฐ€ํ•˜์—ฌ ๋งˆ์น˜ ๋ธŒ๋ผ์šฐ์ € ํ™•์žฅ ๊ธฐ๋Šฅ๊ณผ ์œ ์‚ฌํ•˜๊ฒŒ ์‚ฌ์šฉํ•˜๋Š” ๊ธฐ๋ฒ•์œผ๋กœ ๊ฐ„๋‹จํ•œ ์ƒ์„ฑ ๋ฐฉ๋ฒ•์— ๋น„ํ•ด ์›น์—์„œ์˜ ๋ถˆํŽธํ–ˆ๋˜ ์ž‘์—…๋“ค์„ ๋‹จ์ถ•์‹œํ‚ฌ ์ˆ˜ ์žˆ์–ด์„œ ๋งŽ์€ ์‚ฌ๋žŒ๋“ค์ด ์• ์šฉํ•˜๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค.

PyScript์™€ Security ๐Ÿ๐Ÿ—ก

2 min read

์ตœ๊ทผ PyCon US 2022์˜ ๋ฐœํ‘œ ์ค‘ PyScript๊ฐ€ ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. PyScript๋Š” HTML์—์„œ Python ์ฝ”๋“œ๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋„๋ก ์ œ๊ณตํ•˜๋Š” ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋กœ ์ตœ๊ทผ ์—„์ฒญ๋‚œ ๋ฒ”์šฉ์„ฑ๊ณผ ๋‚ฎ์€ ๋Ÿฌ๋‹ ์ปค๋ธŒ๋ฅผ ๊ฐ€์ง„ Python์ด ์›น์œผ๋กœ ํ™•์žฅํ•˜๋Š” ๋ถ€๋ถ„์ด๋ผ ๊ด€์‹ฌ๋„ ๋งŽ๊ณ  ๋ง๋„ ๋งŽ์Šต๋‹ˆ๋‹ค.

ZAP HTTP Sessions๋ฅผ ํ†ตํ•ด ๊ฐ„ํŽธํ•˜๊ฒŒ ์„ธ์…˜ ๊ธฐ๋ฐ˜ ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ

2 min read

ZAP์—๋Š” HTTP Sessions๋ผ๋Š” ๊ธฐ๋Šฅ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋ฆ„๊ณผ ์˜ต์…˜์— ์žˆ๋Š” ๋‚ด์šฉ์„ ๋ณด๊ณ  ์„ธ์…˜ ์ฒ˜๋ฆฌ ๊ด€๋ จ๋œ ๊ธฐ๋Šฅ์ด๊ตฌ๋‚˜ ์ƒ๊ฐ๋งŒ ํ–ˆ์ง€ ์‹ค์ œ๋กœ ํ•œ๋ฒˆ๋„ ์‚ฌ์šฉํ•ด๋ณด์ง€ ์•Š์•˜๋˜ ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ์˜ค๋Š˜ ๋†“์นœ ๊ธฐ๋Šฅ์ด ์žˆ์„๊นŒ ์‹ถ์–ด์„œ ๋ฉ”๋‰ด๋ฅผ ๋Œ์•„๋‹ค๋‹ˆ๋˜ ์ค‘ ๋ฐœ๊ฒฌํ•˜์—ฌ ํ…Œ์ŠคํŠธํ•ด๋ดค๋Š”๋ฐ ์ƒ๊ฐ๋ณด๋‹ค ํ…Œ์ŠคํŒ…์˜ ๋ถˆํŽธํ•จ์„ ์ค„์—ฌ์ค„ ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์œผ๋กœ ๋ณด์—ฌ์„œ ๊ธ€๋กœ ์†Œ๊ฐœํ•ด๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค :D

CSS Transition ๊ธฐ๋ฐ˜์˜ ontransitionend XSS

~1 min read

@garethheyes๊ฐ€ ๋˜ ์ƒˆ๋กœ์šด XSS ๋ฒกํ„ฐ๋ฅผ ๋งŒ๋“ค์–ด ์™”์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ontransitionend ๋ž€ ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ์ธ๋ฐ์š”. ์ด ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ๋Š” transition, ์ฆ‰ CSS์˜ ์• ๋‹ˆ๋ฉ”์ด์…˜์ด ๋๋‚  ๋•Œ ๋™์ž‘ํ•˜๋ฉฐ ๋™์ž‘์„ ์œ„ํ•ด์„  ํ•ด๋‹น Element์— ํฌ์ปค์Šค ์ƒํƒœ๊ฐ€ ๋˜์–ด์•ผํ•ฉ๋‹ˆ๋‹ค.

Metasploit ๋ฐ์ดํ„ฐ๋ฅผ Httpx๋กœ?

3 min read

์˜ค๋žœ๋งŒ์— Metasploit ๊ด€๋ จ ๊ธ€์„ ์“ฐ๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๋‹ค๋ฆ„์ด ์•„๋‹ˆ๋ผ netpen์ด๋ผ๋Š” plugin์„ ํ•˜๋‚˜ ์ฐพ์•˜๋Š”๋ฐ, ์ด๋ฅผ ์ด์šฉํ•˜๋ฉด Metasploit์œผ๋กœ ์ˆ˜์ง‘ํ•œ ์ •๋ณด๋ฅผ ๊ฐ€์ง€๊ณ  nuclei๋‚˜ zap/burp ๋“ฑ ๋‹ค๋ฅธ ๋„๊ตฌ์™€ ํŒŒ์ดํ”„ ๋ผ์ธ์œผ๋กœ ๊ตฌ์„ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๊ธฐ ์ข‹์•„๋ณด์˜€์Šต๋‹ˆ๋‹ค.

ZAP HUNT Remix

1 min read

์ œ๊ฐ€ ์˜ค๋žฌ๋™์•ˆ ์ž˜ ์จ์˜ค๋˜ ๋„๊ตฌ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ HUNT์ธ๋ฐ์š”! ์ € ๋˜ํ•œ ๋ถ„์„ํ•˜๋Š” ๋ฐฉ๋ฒ• ์ค‘ Data Driven Testing์„ ์„ ํ˜ธํ•˜๋Š” ํŽธ์ด๋ผ HUNT ์Šคํฌ๋ฆฝํŠธ๋ฅผ ์ •๋ง ์ž˜ ์“ฐ๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Context Technology๋กœ ZAP ์Šค์บ” ์†๋„ ์˜ฌ๋ฆฌ๊ธฐ

~1 min read

ZAP์˜ Context(Scope)์—๋Š” Technology ๋ผ๋Š” ํ•ญ๋ชฉ์ด ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ์ด๋Š” Context > Technology ๊ฒฝ๋กœ์— ์กด์žฌํ•˜๋ฉฐ ์ž์„ธํžˆ ์‚ดํŽด๋ณด๋ฉด DB, Language, OS ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ Technology ๋ฆฌ์ŠคํŠธ์™€ ์ฒดํฌ๋ฐ•์Šค๊ฐ€ ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ๊ธฐ๋ณธ์ ์œผ๋กœ ์ „๋ถ€ ์ฒดํฌ๋˜์–ด ์žˆ์Šต๋‹ˆ๋‹ค.

Spring4Shell RCE ์ทจ์•ฝ์  (CVE-2022-22965)

2 min read

์ง€๋‚œ ์ฃผ Spring4Shell ์ทจ์•ฝ์ ์œผ๋กœ ์ธํ•ด ์ธํ„ฐ๋„ท์ด ๋˜ ๋ถˆํƒˆ ๋ป” ํ–ˆ์Šต๋‹ˆ๋‹ค. ๋‹คํ–‰ํžˆ Log4Shell ๋ณด๋‹จ ์žฌํ˜„ํ•˜๊ธฐ ์–ด๋ ต๋‹ค๋Š” ๋ฌธ์ œ๋กœ ๋ฌด๋‚œํ•˜๊ฒŒ ์ง€๋‚˜๊ฐ”๋Š”๋ฐ์š”. ๊ฒธ์‚ฌ๊ฒธ์‚ฌ ์ข€ ๋Šฆ์—ˆ์ง€๋งŒ ์ด์Šˆ ์ •๋ฆฌํ•ด์„œ ๊ธ€๋กœ ์˜ฌ๋ ค๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

ZAP Structural Modifier

2 min read

์ €๋Š” ์ทจ์•ฝ์ ์„ ์ฐพ์„ ๋•Œ ์ค‘์š”ํ•œ 3๊ฐ€์ง€๋ฅผ ๋ฝ‘์œผ๋ผ๊ณ  ํ•œ๋‹ค๋ฉด ์•„๋งˆ๋„ ๊ธฐ์ˆ ์— ๋Œ€ํ•œ ์ดํ•ด, ๋Œ€์ƒ์— ๋Œ€ํ•œ ์ดํ•ด, ๊ทธ๋ฆฌ๊ณ  ์„ผ์Šค๋ฅผ ํƒํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ด์™ธ์—๋„ ์ค‘์š”ํ•œ ์š”์†Œ๋“ค์€ ์ •๋ง ๋งŽ๊ฒ ์ง€๋งŒ ์ด 3๊ฐ€์ง€๋Š” ์ผํ•  ๋•Œ ๊ฐ€์žฅ ๋งŽ์ด ๋Š๋ผ๋Š” ๋ถ€๋ถ„์ด์˜€์–ด์š”.

Ajax Spidering ์‹œ ๋ธŒ๋ผ์šฐ์ € ์—”์ง„ ๋ณ„ ์„ฑ๋Šฅ ๋น„๊ต ๐Ÿ

3 min read

ZAP์˜ AjaxSpider๋Š” headless browser๋ฅผ ํ†ตํ•ด์„œ ์ง์ ‘ ๋ธŒ๋ผ์šฐ์ง•ํ•˜๋ฉฐ Spidering ํ•˜๋Š” ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ๊ธฐ๋ณธ์ ์œผ๋กœ๋Š” Firefox๊ฐ€ ์„ค์ •๋˜์–ด ์žˆ์ง€๋งŒ, ๊ฐœ์ธ์˜ ์ทจํ–ฅ์— ๋”ฐ๋ผ Chrome, PhantomJS ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ browser(headless or common)๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

MyEnv := ZAP+Proxify+Burp

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…ํ•˜์‹ค ๋–„ ์–ด๋–ค ๋„๊ตฌ๋“ค์„ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ZAP์„ ๋ฉ”์ธ์œผ๋กœ ๊ทธ๋ฆฌ๊ณ  Burpsuite๋ฅผ ๋ณด์กฐ ์Šค์บ๋„ˆ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์ œ๊ฐ€ 2021๋…„ ๋งˆ์ง€๋ง‰๊ธ€(โ€œ๋‚˜์˜ ๋ฉ”์ธ Weapon ์ด์•ผ๊ธฐโ€œ)์— Proxify์— ๋Œ€ํ•ด ์–ธ๊ธ‰์„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ด Proxify๋ฅผ ์ด์šฉํ•˜์—ฌ ์ œ๊ฐ€ ์ƒˆ๋กœ ๊ตฌ์„ฑํ•˜๋ ค๋Š” ๋ถ„์„ ํ™˜๊ฒฝ๊ณผ ์ด์œ , ๊ทธ๋ฆฌ๊ณ  ์ด๋ฅผ ํ†ตํ•ด ๋” ์–ป๊ณ ์ž ํ•˜๋Š” ๊ฒƒ๋“ค์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

XSS Weakness(JSON XSS) to Valid XSS

3 min read

์˜ค๋Š˜์€ XSS Weakness๋ฅผ ํŠธ๋ฆฌ๊ฑฐ ๊ฐ€๋Šฅํ•œ XSS๋กœ ๋ฐ”๊พธ๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ์ƒˆ๋กœ์šด ๊ธฐ์ˆ ์€ ์•„๋‹ˆ๊ณ  ์˜ค๋ž˜์ „๋ถ€ํ„ฐ ๋‹ค๋“ค ์‚ฌ์šฉํ•˜์‹œ๋˜ ํŠธ๋ฆญ์ผํ…๋ฐ, ์ƒ๊ฐํ•ด๋ณด๋‹ˆ ์ œ๊ฐ€ ๋”ฐ๋กœ ์ •๋ฆฌํ–ˆ๋˜ ์ ์€ ์—†์–ด์„œ ์ด์ฐธ์— ๊ธ€๋กœ ๋‚จ๊ฒจ๋‘˜๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

System Hardening์„ ํ”ผํ•ด RCE๋ฅผ ํƒ์ง€ํ•˜๊ธฐ ์œ„ํ•œ OOB ๋ฐฉ๋ฒ•๋“ค

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ RCE(Remote Code Execution)๋ฅผ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•ด ์–ด๋–ค ๋ฐฉ๋ฒ•์„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋‚˜์š”? ์ €๋Š” ๊ฐœ์ธ์ ์œผ๋กœ OOB(Out-of-band)๋ฅผ ์ฆ๊ฒจ์„œ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. Sleep ๋“ฑ time ๊ธฐ๋ฐ˜๋„ ์ •ํ™• ํ•˜์ง€๋งŒ, ๋น„๋™๊ธฐ ๋กœ์ง์ด ๋งŽ์€ ์š”์ฆ˜ time ๋ณด๋‹จ oob๊ฐ€ ๋” ์ •ํ™•ํ•˜๋‹ค๊ณ  ์ƒ๊ฐ์ด ๋“œ๋„ค์š”. (๋ฌผ๋ก  ๋‘˜ ๋‹ค ์ฒดํฌํ•˜์ง€๋งŒ์š” ๐Ÿ˜Š)

Data URI(data:) XSS v2

1 min read

์ œ๊ฐ€ ์˜ค๋ž˜์ „์— Data URI XSS๋ฅผ ๋‹ค๋ฃจ๋Š” โ€œForm action + data:๋ฅผ ์ด์šฉํ•œ XSS Filtering ์šฐํšŒ ๊ธฐ๋ฒ•โ€œ๋ž€ ๊ธ€์„ ์“ด ์ ์ด ์žˆ์—ˆ๋Š”๋ฐ์š”, ์˜ค๋Š˜์€ ์กฐ๊ธˆ ๋” ๊ฐœ์„ ๋œ ๋ฒ„์ „์œผ๋กœ ๊ธ€์„ ์ž‘์„ฑํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

URL: prefix๋ฅผ ์ด์šฉํ•˜์—ฌ Deny-list ๊ธฐ๋ฐ˜ Protocol ๊ฒ€์ฆ ์šฐํšŒํ•˜๊ธฐ

2 min read

phithon_xg๊ฐ€ ์žฌ๋ฏธ์žˆ๋Š” ํŠธ๋ฆญ์„ ํŠธ์œ—์— ๊ณต๊ฐœํ–ˆ๋Š”๋ฐ, ์‹ค์ œ๋กœ ๋ถ„์„์• ์„œ ์œ ์šฉํ•˜๊ฒŒ ์“ฐ์ผ ์ˆ˜ ์žˆ์–ด ๊ฐ„๋‹จํ•˜๊ฒŒ ์ •๋ฆฌํ•ด์„œ ๊ธ€๋กœ ๊ณต์œ ๋“œ๋ ค๋ด…๋‹ˆ๋‹ค.

Sequential Import Chaining์„ ์ด์šฉํ•œ CSS ๊ธฐ๋ฐ˜ ๋ฐ์ดํ„ฐ ํƒˆ์ทจ

2 min read

์˜ค๋Š˜์€ CSS ๊ธฐ๋ฐ˜์˜ ๊ณต๊ฒฉ ๊ธฐ๋ฒ•์ธ Sequential Import Chaining์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ์ž์ฒด์ ์œผ๋กœ ๋ญ”๊ฐ€ ์˜ํ–ฅ๋ ฅ์ด ์žˆ๋Š”๊ฑด ์•„๋‹ˆ์ง€๋งŒ, CSS๋ฅผ ์ œ์–ดํ•  ์ˆ˜ ์žˆ์„ ๋•Œ ์˜ํ–ฅ๋ ฅ์„ ์ฆํญ์‹œ์ผœ์ค„ ์ˆ˜ ์žˆ๋Š” ๋ฐฉ๋ฒ•์ด๋‹ˆ ๊ผญ ์•Œ์•„๋‘๊ณ , ์œ ์šฉํ•˜๊ฒŒ ์‚ฌ์šฉํ•˜์‹œ๊ธธ ๋ฐ”๋ž˜์š” ๐Ÿ˜Š

Attack Surface Detector๋ฅผ ์ด์šฉํ•ด ์†Œ์Šค์ฝ”๋“œ์—์„œ Endpoint ์ฐพ๊ธฐ

1 min read

์ œ๊ฐ€ ์ผํ•  ๋•Œ ์ข…์ข… ์‚ฌ์šฉํ•˜๋Š” ZAP/Burp Addon์ด ์žˆ๋Š”๋ฐ, ์ตœ๊ทผ ์—๋Ÿฌ๊ฐ€ ์žˆ์–ด์„œ ์ฐพ๋‹ค๋ณด๋‹ˆ ์ œ๊ฐ€ ํ•œ๋ฒˆ๋„ ๋ธ”๋กœ๊ทธ์—์„œ ์–ธ๊ธ‰ํ•œ์ ์ด ์—†์—ˆ๋”๊ตฐ์š”. ๊ทธ๋ž˜์„œ ์˜ค๋Š˜์€ ๊ทธ ๋„๊ตฌ์ธ Attack surface detector์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

ZAP์˜ ์ƒˆ๋กœ์šด Networking Stack

2 min read

์ง€๋‚œ ๋ชฉ์š”์ผ ๋ฐค ZAP Developers Groups์— simon์ด ํ•œ๊ฐ€์ง€ ๋‚ด์šฉ์„ ๊ณต์œ ํ–ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ZAP์˜ Networking Layer์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๊ณ , ์ €๋Š” ์ œ๋ชฉ์„ ๋ณด์ž๋งˆ์ž ์–ด๋–ค ๋‚ด์šฉ์ธ์ง€ ์ง๊ฐํ–ˆ์Šต๋‹ˆ๋‹ค. (์ œ๊ฐ€ ์ •๋ง ๊ธฐ๋‹ค๋ ธ๋˜ ๋‚ด์šฉ์ด๊ฑฐ๋“ ์š” ๐Ÿคฉ)

Custom Payloads๋กœ ZAP ์Šค์บ๋‹ ๊ฐ•ํ™” ๐Ÿš€

3 min read

์˜ค๋Š˜์€ ์ œ๊ฐ€ ์ตœ๊ทผ์— ZAP์—์„œ ์•ฝ๊ฐ„ ๊ด€์‹ฌ์žˆ๊ฒŒ ๋ณด๊ณ ์žˆ๋˜ ๊ธฐ๋Šฅ ํ•˜๋‚˜๋ฅผ ์†Œ๊ฐœํ•ด๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ฐ”๋กœ Custom Payloads์ธ๋ฐ์š”. Fuzzer๋‚˜ ZAP์˜ Scripting engine์„ ์‚ฌ์šฉํ•˜์ง€ ์•Š๊ณ  ์กฐ๊ธˆ ๋” ์‰ฝ๊ฒŒ ์ง€์ •๋œ ํŽ˜์ด๋กœ๋“œ ๊ธฐ๋ฐ˜์œผ๋กœ ํ…Œ์ŠคํŠธ๋ฅผ ํ•  ์ˆ˜ ์žˆ์–ด์„œ ์•Œ์•„๋‘์‹œ๋ฉด ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์ด๋‚˜ ์ž๋™ํ™” ๊ตฌํ˜„์—์„œ ์ž˜ ์‚ฌ์šฉํ•˜์‹ค ์ˆ˜ ์žˆ์„๊ฑฐ๋ž€ ์ƒ๊ฐ์ด ๋“ญ๋‹ˆ๋‹ค.

Paragraph Separator(U+2029) XSS

1 min read

Gareth Heyes๊ฐ€ ์žฌ๋ฏธ์žˆ๋Š” XSS ํŠธ๋ฆญ์„ ํ•˜๋‚˜ ๊ณต์œ ํ–ˆ๋Š”๋ฐ์š”. Browser๊ฐ€ ์ด๋ฅผ ์ฒ˜๋ฆฌํ•˜๋Š” ๋ฐฉ์‹์„ ์ž˜ ์ƒ๊ฐํ•ด๋ณด๋ฉด, ์—ฌ๋Ÿฌ ํ˜•ํƒœ๋กœ ์šฐํšŒํ•˜๋Š”๋ฐ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„ ๊ฒƒ ๊ฐ™๋‹จ ๋Š๋‚Œ์ด ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

๊ฐœ๋ฐœ์ž๋งŒ? ์•„๋‹ˆ ์šฐ๋ฆฌ๋„ ์Šคํฌ๋ž˜์น˜ ํŒจ๋“œ ํ•„์š”ํ•ด! Boop!

1 min read

์ €๋Š” ์ข…์ข… ์žฌ๋ฏธ์žˆ๋Š” ์•ฑ์ด ์žˆ์„์ง€ ์•ฑ์Šคํ† ์–ด๋ฅผ ๋‘˜๋Ÿฌ๋ณด๊ณค ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋˜ ์ค‘ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์—์„œ ์“ธ๋งŒํ•  ๊ฒƒ ๊ฐ™์€ ๋„๊ตฌ๋ฅผ ์ฐพ์•„ ์ด๋ฒˆ ์—ฐํœด๋™์•ˆ ์‚ฌ์šฉํ•ด๋ณด๊ณ , ๊ดœ์ฐฎ๋‹ค๊ณ  ๋Š๊ปด์„œ ๋ธ”๋กœ๊ทธ๋ฅผ ํ†ตํ•ด ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค. ๋ฐ”๋กœ Boop ์ž…๋‹ˆ๋‹ค.

[Cullinan #26] Add XXE (XML External Entity)

~1 min read

์ปฌ๋ฆฌ๋„Œ ๋กœ๊ทธ #26์ž…๋‹ˆ๋‹ค. XXE ํ•ญ๋ชฉ ์ถ”๊ฐ€ํ•˜์˜€์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต ์ปฌ๋ฆฌ๋„Œ์— ์—ฌ๋Ÿฌ๊ฐœ ์ด๋ ฅ์ด ๋ˆ„์ ๋˜๋ฉด ์˜ฌ๋ฆฌ๋ ค๊ณค ํ•˜๋Š”๋ฐ, ์ด๋ฒˆ์—๋Š” ํ…€์ด ์ข€ ๊ธธ์–ด์ ธ์„œ ๋กœ๊ทธ๋กœ ์˜ฌ๋ ค๋ด…๋‹ˆ๋‹ค.

Authz0 v1.1 Released ๐ŸŽ‰

1 min read

Hi security engineers and hackers! Authz0 v1.1.0 has been released ๐ŸŽ‰ First of all, I would like to thank many of you for your good feedback.

Chrome์—์„  ์ด์ œ open ์†์„ฑ์—†์ด XSS๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

~1 min read

XSS ๋ฒกํ„ฐ ์ค‘ details ํƒœ๊ทธ์— ontoggle ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ์™€ open ์†์„ฑ์„ ์ด์šฉํ•œ ๋ฐฉ๋ฒ•์ด ์žˆ์Šต๋‹ˆ๋‹ค. Chrome, Safari, Firefox, IE ๋ชจ๋‘ ์‚ฌ์šฉ ๊ฐ€๋Šฅํ•˜๊ณ  on* ๊ธฐ๋ฐ˜์˜ XSS ์ค‘ ๋น„๊ต์  ์‰ฝ๊ฒŒ ์‚ฌ์šฉ์ž interaction์„ ์ค„์ผ ์ˆ˜ ์žˆ์–ด์„œ ์ž์ฃผ ์‚ฌ์šฉ๋˜๋Š”๋ฐ์š”.

[Cullinan #25] ์•ž์œผ๋กœ์˜ ๊ณ„ํš

1 min read

์ปฌ๋ฆฌ๋„Œ ๋กœ๊ทธ #25์ž…๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ด๋ฒˆ์—๋Š” ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ๋ผ๊ธฐ ๋ณด๋‹จ ์•ž์œผ๋กœ์˜ ๊ณ„ํš์„ ์ข€ ๋” ๊ณต์œ ๋“œ๋ฆด๊นŒ ํ•ด์„œ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

๋‚˜์˜ ๋ฉ”์ธ Weapon ์ด์•ผ๊ธฐ โš”๏ธ (ZAP and Proxify)

2 min read

ํ•œ๊ตญ ๊ธฐ์ค€์œผ๋กœ ์ƒˆํ•ด๊นŒ์ง€ ์•ฝ 30๋ถ„์ด ๋‚จ์•˜๊ณ , ์˜ฌํ•ด์˜ ๊ธ€์€ ์ด ๊ธ€์ด ๋งˆ์ง€๋ง‰ ๊ธ€์ด ๋  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๋ถ„๋ช… 2020 ํšŒ๊ณ ํ•œ์ง€๊ฐ€ ์–ผ๋งˆ ์•ˆ๋œ ๊ฒƒ ๊ฐ™์€๋ฐ, ๋ฒŒ์จ 2021๋„ ํšŒ๊ณ ๋„ ์ด๋ฏธ ์ง€๋‚˜๋ฒ„๋ ธ๋„ค์š” ๐Ÿ˜ฑ

Log4 2.17 JDBCAppender RCE(CVE-2021-44832)

~1 min read

๋˜โ€ฆ ๋˜๋‚˜์™”๋„ค์š”. ์ด์ „ ๊ธ€์—์„œ ํ•œ๋ฒˆ์— ์“ฐ๊ธฐ์— ๋„ˆ๋ฌด ๊ธด ๋‚ด์šฉ์ด๋ผ ์ถ”๊ฐ€ CVE๋Š” ํ•˜๋‚˜์”ฉ ๋ถ„๋ฆฌํ•ด๋‘˜ ์ƒ๊ฐ์ž…๋‹ˆ๋‹ค.

ZAP์˜ ์ƒˆ๋กœ์šด Import/Export Addon, ๊ทธ๋ฆฌ๊ณ  ๋ฏธ๋ž˜์— ๋Œ€ํ•œ ๋‡Œํ”ผ์…œ

1 min read

์ตœ๊ทผ์— ZAP ๋‚ด ์—ฌ๋Ÿฌ๊ฐ€์ง€ Import, Save ๊ด€๋ จ ๊ธฐ๋Šฅ๋“ค์ด โ€œImport/Exportโ€๋ž€ ์ด๋ฆ„์˜ ์ƒˆ๋กœ์šด Addon์œผ๋กœ ํ†ตํ•ฉ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์‚ฌ์šฉ์ž Interface ์ƒ์—์„  ๋ณ€ํ™”๊ฐ€ ์—†์–ด์„œ ํฌ๊ฒŒ ๋‹ฌ๋ผ์ง„ ๊ฑด ์—†์ง€๋งŒ ์ด๋ฅผ ํ†ตํ•ด ์•ž์œผ๋กœ์˜ ZAP์—์„œ Import/Export ๊ธฐ๋Šฅ์— ๋Œ€ํ•œ ๋ฐฉํ–ฅ์„ฑ์„ ์—ฟ๋ณผ ์ˆ˜ ์žˆ์–ด์„œ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค ๐Ÿ˜Ž

Web Cache ์ทจ์•ฝ์ ๋“ค์„ ์Šค์บ๋‹ํ•˜์ž ๐Ÿ”ญ

2 min read

Web Cache Poisoning, Web Cache Deception ๋“ฑ Web Cache ๊ด€๋ จ ์ทจ์•ฝ์ ์€ ๋‚˜๋ฆ„ ์˜ค๋ž˜๋œ ๊ธฐ๋ฒ•์ด์ง€๋งŒ ์š” ๋ช‡ ๋…„ ์‚ฌ์ด ์•Œ๋น„๋…ธ์™์Šค(@albinowax) ๋“ฑ Portswigger์˜ ์—ฐ๊ตฌ์›๋“ค์— ์˜ํ•ด ๋น ๋ฅด๊ฒŒ ๋ฐœ์ „ํ•œ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์ด๋Ÿฌํ•œ ์ทจ์•ฝ์ ๋“ค์€ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ…Œ์ŠคํŒ… ๋ฐฉ๋ฒ•์„ ํ†ตํ•ด์„œ ์‹๋ณ„ํ•˜๊ณ  Exploit ํ•˜์ง€๋งŒ ์ด์ „๊นŒ์ง„ ํฌ๊ฒŒ ๊ฐ•๋ ฅํ•˜๋‹ค๊ณ  ์ƒ๊ฐํ•˜๋˜ ๋„๊ตฌ๊ฐ€ ์—†์—ˆ๋˜ ์ƒํƒœ์ž…๋‹ˆ๋‹ค. (๊ทธ๋‚˜๋งˆ burpsuite์˜ ๋‚ด์žฅ ์Šค์บ๋„ˆ๊ฐ€ ์žˆ๊ฒ ๋„ค์š”โ€ฆ)

ZAP๊ณผ Burpsuite์—์„œ feedback ์ •๋ณด๋ฅผ ์ˆ˜์ง‘ํ•˜์ง€ ๋ชปํ•˜๋„๋ก ์ œํ•œํ•˜๊ธฐ

1 min read

์ตœ๊ทผ์— ZAP์˜ Core addon ์ค‘ ํ•˜๋‚˜์ธ Callhome์ด ์—…๋ฐ์ดํŠธ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด์— Callhome์€ ๋‹จ์ˆœํžˆ ๋ฉ”์ธ์— News ์ •๋ณด๋ฅผ ๋ณด์—ฌ์ฃผ๊ธฐ ์œ„ํ•ด ๋งŒ๋“ค์–ด์ง„ ๊ธฐ๋Šฅ์ธ๋ฐ, ์ด๋ฒˆ์— Telemetry ๊ด€๋ จ ๋ถ€๋ถ„์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค.

[Cullinan #24] Add ESI Injection and Update Others

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธย #24์ž…๋‹ˆ๋‹ค. ESI Injection์„ ์ถ”๊ฐ€ํ–ˆ๊ณ , SSTI์— RCE ๊ด€๋ จ ๋‚ด์šฉ ์ถ”๊ฐ€, ๊ทธ๋ฆฌ๊ณ  ๋„๊ตฌ ์—…๋ฐ์ดํŠธ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋งˆ์ง€๋ง‰์œผ๋กœ Cullinan์˜ ๋ฉ”์ธ ํŽ˜์ด์ง€ ๋””์ž์ธ์˜ ์ผ๋ถ€๋ฅผ ์ˆ˜์ •(max-width ์ œ๊ฑฐ)ํ–ˆ์Šต๋‹ˆ๋‹ค.

Private OOB ํ…Œ์ŠคํŒ…์„ ์œ„ํ•œ Self Hosted Interactsh

4 min read

์ด๋ฒˆ ์ฃผ๋ง์€ log4shell๋กœ ์ธํ•ด ์ •๋ง ์ธํ„ฐ๋„ท์ด ๋ถˆํƒ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ž ์ด์ œ ๋ณด์•ˆ๋‹ด๋‹น์ž๋“ค์€ ์ด๋ฅผ ๋Œ€์‘ํ•˜๊ณ  ์ž์‚ฐ์— ๋Œ€ํ•ด ์Šค์บ๋‹์„ ์ง„ํ–‰ํ•˜๊ฒŒ ๋ ํ…๋ฐ, ์—ฌ๊ธฐ์„œ ์‹๋ณ„์— ์‚ฌ์šฉํ•˜๋Š” ๋Œ€ํ‘œ์ ์ธ ๋ฐฉ๋ฒ•์ธ OOB(Out-Of-Band)๋ฅผ ์•Œ๋ ค์ง„ ์„œ๋น„์Šค๋“ค(ZAP OAST, Burpsuite collaborator, Interactsh ๋“ฑ)์„ ์ด์šฉํ•˜์—ฌ ํŽธํ•˜๊ฒŒ ํ…Œ์ŠคํŒ…ํ•  ์ˆ˜ ์žˆ๊ฒ ์ง€๋งŒ, ์ด๋Š” ๊ฒฐ๊ตญ ์™ธ๋ถ€์— callback์ด ๋ฐœ์ƒํ•œ ์„œ๋ฒ„์˜ IP๊ฐ€ ๋‚จ๊ฒŒ๋˜๊ณ , ์ด๋ฅผ ํ†ตํ•ด์„œ ํ•ด๋‹น ์„œ๋น„์Šค๋ฅผ ์šด์˜ํ•˜๋Š” ์šด์˜ํ•˜๋Š” ํšŒ์‚ฌ ๋˜๋Š” ๊ทธ๋ฃน ๋“ฑ ์ •๋ณด๋ฅผ ์–ป์–ด๊ฐˆ ์ˆ˜ ์žˆ๋Š” ๊ตฌ๊ฐ„์ด ์กด์žฌํ•˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค. (์ฉ ์ข‹์€ ๊ทธ๋ฆผ์€ ์•„๋‹ˆ์ฃ )

Log4shell ์ „ ์„ธ๊ณ„์˜ ์ธํ„ฐ๋„ท์ด ๋ถˆํƒ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค ๐Ÿ”ฅ (CVE-2021-44228/CVE-2021-45046/CVE-2021-45105)

4 min read

๋„ค ๋ฐ”๋กœ ์–ด์ œ(2021-12-10) Java์˜ logging package์ธ log4j2 ์—์„œ RCE 0-day ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. Service, Application์— ๋กœ๊ทธ๋ฅผ ์Œ“์„์ˆ˜๋งŒ ์žˆ๋‹ค๋ฉด ์–ด๋–ค ํ™˜๊ฒฝ์—์„œ๋„ ๊ณต๊ฒฉ ๊ฐ€๋Šฅ์„ฑ์ด ์กด์žฌํ•˜๊ณ , ๋ฆฌ์Šคํฌ๊ฐ€ RCE์ธ ๋งŒํผ ์ •๋ง ์ „ ์„ธ๊ณ„๊ฐ€ ๋ถˆํƒ€์˜ค๋ฅด๊ณ  ์žˆ๋„ค์š”. (ํ•˜ํ•˜ DM๋„ ํ„ฐ์ ธ๋‚˜๊ฐ‘๋‹ˆ๋‹ค. ์•ˆ๋ณผ๊ฑฐ์—์š”โ€ฆโ€ฆ)

์›น ํ•ด์ปค๋ฅผ ์œ„ํ•œ Browser Addons

2 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ๋ณด์•ˆ ํ…Œ์ŠคํŒ… ์‹œ ์›น ๋ธŒ๋ผ์šฐ์ € Addon ๋งŽ์ด ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ํ•œ ๋–„ ์—„์ฒญ๋‚˜๊ฒŒ ๋งŽ์ด ์„ค์น˜ํ•ด์„œ ์‚ฌ์šฉํ–ˆ์ง€๋งŒ, ์ง€๊ธˆ์€ 5๊ฐœ ๋ฏธ๋งŒ์„ ์œ ์ง€ํ•˜๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”.

ZAP RootCA๋ฅผ API์™€ Cli-Arguments๋กœ ์ œ์–ดํ•˜๊ธฐ

2 min read

ZAP์— ์ƒˆ๋กœ์šด Addon์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค. ์ด Addon์„ ์ด์šฉํ•˜๋ฉด ZAP์˜ ์ธ์ฆ์„œ, ์ฆ‰ Root CA๋ฅผ API๋‚˜ Cli๋“ฑ์œผ๋กœ ์ปจํŠธ๋กคํ•  ์ˆ˜ ์žˆ๋„๋ก ๊ธฐ๋Šฅ์ด ์ง€์›๋ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ํ™œ์šฉํ•˜๋ฉด Daemon ๋ชจ๋“œ๋กœ ๋™์ž‘ํ•˜๊ฑฐ๋‚˜ CI/CD Pipeline ๋“ฑ์—์„œ ์‚ฌ์šฉ ์‹œ ์กฐ๊ธˆ ๋” ์‰ฝ๊ฒŒ ์ธ์ฆ์„œ ์ฒ˜๋ฆฌ๋ฅผ ํ•  ์ˆ˜ ์žˆ๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

DOM XSS? ๊ทธ๋ ‡๋‹ค๋ฉด Eval Villain

2 min read

์˜ฌํ•ด ์ดˆ Burpsuite์—์„  DOM Invador๋ผ๋Š” ๋„๊ตฌ๋ฅผ ๊ณต๊ฐœํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์ œ๊ฐ€ ๊ฐ€๋ณ๊ฒŒ ๋ฆฌ๋ทฐํ•  ๋•Œ์—๋„ ์ด์•ผ๊ธฐ๋“œ๋ ธ์ง€๋งŒ DOM ๊ธฐ๋ฐ˜ ํ…Œ์ŠคํŒ…์—์„  ๊ต‰์žฅํžˆ ์œ ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— Burpsuite ์‚ฌ์šฉ์ž๋Š” ๋ฌผ๋ก  ZAP ๋“ฑ ๋‹ค๋ฅธ ๋„๊ตฌ ์‚ฌ์šฉ์ž๋„ ์ถฉ๋ถ„ํžˆ ๊ด€์‹ฌ๊ฐ€์ง€๊ณ  ํ…Œ์ŠคํŠธ ๋•Œ ์—ด์–ด์„œ ์จ๋ด์•ผํ•  ์ •๋„์˜ ๋„๊ตฌ์˜€์—ˆ์ฃ .

ZAP Browser์—์„œ Extension ์˜๊ตฌ ์ ์šฉํ•˜๊ธฐ

1 min read

์ตœ๊ทผ ZAP์˜ Extension ์ค‘ selenium ๊ด€๋ จ ์—…๋ฐ์ดํŠธ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฌด์‹ฌํžˆ Change ๋‚ด์šฉ์„ ๋ดค๋‹ค๊ฐ€ โ€œSupport for browser extensionโ€ ๋ฌธ๊ตฌ๋ฅผ ๋ณด์ž๋งˆ์ž ๋ฐ˜๊ฐ€์šด ๋งˆ์Œ์— ๋ฐ”๋กœ ๊ธ€ ์ž‘์„ฑ์„ ์‹œ์ž‘ํ—€์ฃ  ๐Ÿ˜Ž

ZAP ์Šคํฌ๋ฆฝํŒ…์œผ๋กœ ๋น ๋ฅด๊ฒŒ Fake Response ๋งŒ๋“ค๊ธฐ

~1 min read

Response ๋ณ€์กฐ๋Š” ์ธ์ฆ ์ ˆ์ฐจ๋‚˜ ๋น„์ฆˆ๋‹ˆ์Šค ๋กœ์ง์„ ์šฐํšŒํ•  ๋•Œ ์ž์ฃผ ์‚ฌ์šฉ๋˜๋Š” ๊ณต๊ฒฉ ๋ฐฉ๋ฒ• ์ค‘ ํ•˜๋‚˜์ž…๋‹ˆ๋‹ค. ๋ณดํ†ต์€ proxy๋กœ ์š”์ฒญ์„ ์žก์•„ ์ง์ ‘ response๋ฅผ ์ˆ˜์ •ํ•˜์—ฌ continue ํ•˜๋Š” ํ˜•ํƒœ๋กœ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค.

[Cullinan #22] Add Cache Deception and Dependency Confusion

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #22์ž…๋‹ˆ๋‹ค. Web Cache Deception๊ณผ Dependency Confusion Attack์ด ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Dalfox 2.6 Released ๐ŸŽ‰

2 min read

Wow! Dalfox 2.6.0 has finally been released! This time, I improved the focus on Result and PoC object. and a new global flag called โ€“poc-type was added. Letโ€™s play it quickly ๐Ÿ˜Ž

Solving issue the POST scan in zap-cli not work

1 min read

During the test, I found that POST-based scanning(active-scan / quick-scan) was not working in zap-cli ๐Ÿ˜ฑ This problem is zap-cli issue, and it has already been reported as an issue below.

[Cullinan #21] Add RFD(Remote File Download)

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธย #21์ž…๋‹ˆ๋‹ค. RFD(Remote File Download)๋ฅผ ์ถ”๊ฐ€ํ•˜๊ณ  Cache Poisoning์—์„œ wordlist ๋ถ€๋ถ„ ์ˆ˜์ •ํ–ˆ์Šต๋‹ˆ๋‹ค.

[Cullinan #20] LDAP Injection, ClickJacking, Cache Poisoning ๊ทธ๋ฆฌ๊ณ  ๊ฐœ์„ ์‚ฌํ•ญ

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธย #20์ž…๋‹ˆ๋‹ค. ์˜ˆ์ „ Jekyll ๋ธ”๋กœ๊ทธ์—์„œ ์‚ฌ์šฉํ•˜๋˜ ๊ฒƒ๊ณผ ๋™์ผํ•˜๊ฒŒ Cullinan์˜ ๋ฉ”์ธ ํŽ˜์ด์ง€๋ฅผ ๊ตฌ์„ฑํ–ˆ๊ณ  Slug ๋ถ€๋ถ„์— ๊ฐœ์„ ์„ ํ•ด์„œ, ์ œ๋ชฉ์— ์•ฝ์ž ๋“ฑ ์ผ๋ถ€ ๋‚ด์šฉ๋“ค์ด ๋” ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  LDAP Injection, ClickJacking, Web Cache Poisoning ํ•ญ๋ชฉ์„ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค :D

New technic of HTTP Request Smuggling (chunked extension)

2 min read

์˜ค๋žœ๋งŒ์— HRS(HTTP Request Smugglin) ๊ด€๋ จ ํ…Œํฌ๋‹‰์ด ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์•„์ง ์‹ค์ œ๋กœ ๊ณต๊ฒฉ ๊ฐ€๋Šฅํ–ˆ๋˜ ์‚ฌ๋ก€๊ฐ€ ์žˆ๋Š”๊ฑด ์•„๋‹ˆ๋ผ ์˜คํ”ผ์…œ์€ ์•„๋‹ˆ์ง€๋งŒ, ์–ด๋Š์ •๋„ ์‹ ๋น™์„ฑ์ด ์žˆ์–ด์„œ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

[Cullinan #19] Add SQLi and Cookie Bomb

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #19์ž…๋‹ˆ๋‹ค. SQL Injection๊ณผ Cookie Bomb Attack์ด ์ถ”๊ฐ€๋ฌ๊ณ , Amass ๋ถ€๋ถ„์— ์ˆ˜์ •์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ด๋ฒˆ์— chunked extension ๊ธฐ๋ฐ˜์˜ HTTP Request Smuggling ๊ด€๋ จ ๊ธ€์„ ์ž‘์„ฑํ•˜๋ฉด์„œ Cullinan - HTTP Requset Smuggling ๋ถ€๋ถ„์—๋„ ํ•ด๋‹น ๋‚ด์šฉ์„ ์ถ”๊ฐ€ํ•˜์˜€์Šต๋‹ˆ๋‹ค.

Amass + Scripting = ์ตœ๊ณ ์˜ ์„œ๋ธŒ๋„๋ฉ”์ธ ํƒ์ƒ‰

4 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค Amass ๋งŽ์ด ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? Amass๋Š” subdomain์„ ํƒ์ƒ‰ํ•˜๊ธฐ ์œ„ํ•œ ๋„๊ตฌ๋“ค ์ค‘ ํ•˜๋‚˜๋กœ ZAP๊ณผ ๋งˆ์ฐฌ๊ฐ€์ง€๋กœ OWASP์— ํ”Œ๋ž˜๊ทธ์‰ฝ ํ”„๋กœ์ ํŠธ์ž…๋‹ˆ๋‹ค. ๋˜ํ•œ ๋น„์Šทํ•œ ๋„๊ตฌ์ธ subfinder, assetfinder, findomain ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€์™€ ๋น„๊ตํ•ด๋ด๋„ ๊ฑฐ์˜ ์ตœ๊ณ ๋กœ ์†๊ผฝ์„ ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

403 forbidden์„ ์šฐํšŒํ•˜๋Š” 4๊ฐ€์ง€ ๋ฐฉ๋ฒ•๋“ค

2 min read

๋•Œ๋•Œ๋กœ ๋ณด์•ˆ ํ…Œ์ŠคํŒ… ์‹œ WAF๋‚˜ Application์˜ ๋กœ์ง์— ๋”ฐ๋ผ 403 Forbidden ์œผ๋กœ ์ ‘๊ทผ์ด ์ œํ•œ๋˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต์€ ๋ฐฑ์—”๋“œ์˜ ์ฒ˜๋ฆฌ ๋กœ์ง์„ ๋ด์•ผ ์ •ํ™•ํ•˜๊ฒŒ ์šฐํšŒํ•  ์ˆ˜ ์žˆ๋Š” ํฌ์ธํŠธ๋ฅผ ์žก๊ฒ ์ง€๋งŒ, ๋ช‡๊ฐ€์ง€ ํŠธ๋ฆญ์„ ํ†ตํ•ด Black Box Testing ์ƒํƒœ์—์„œ๋„ ์ด๋ฅผ ์šฐํšŒํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Cullinan 18 XST and DOM Clobbering

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #18์ž…๋‹ˆ๋‹ค. XST(Cross-Site Tracing)๊ณผ DOM Clobbering ํ•ญ๋ชฉ์„ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

์ด์ œ Interact.sh ๊ฐ€ ZAP OAST์—์„œ ์ง€์›๋ฉ๋‹ˆ๋‹ค

1 min read

์ตœ๊ทผ์— ZAP OAST(Callback ๊ธฐ๋Šฅ)์— projectdiscovery์˜ Interactsh ์ง€์›์ด ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์•ฝ 2์ฃผ์ „์— commit ๋ฌ๊ณ  ์ €๋„ ์ธ์ง€ํ•œ์ง€ ์ข€ ๋ฌ์—ˆ๋Š”๋ฐ, ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ์ž‘์„ฑํ•˜๋„ค์š” ๐Ÿ˜

ZAP update domains (core and addon)

~1 min read

์ตœ๊ทผ์— ZAP์˜ ์—…๋ฐ์ดํŠธ ์„œ๋ฒ„ ์ฃผ์†Œ ๊ด€๋ จํ•ด์„œ ํ™•์ธํ• ๊ฒŒ ์žˆ์–ด์„œ user-groups์— ๋ฌธ์˜๋ฅผ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋•๋ถ„์— ์‰ฝ๊ฒŒ ์—…๋ฐ์ดํŠธ ์ฃผ์†Œ๋ฅผ ํ™•์ธ ํ–ˆ์ง€๋งŒ ๋ฉ”๋ชจํ•ด๋‘๋ฉด ์ข‹์„ ๋‚ด์šฉ๋“ค์ด ์žˆ์–ด์„œ ์ •๋ฆฌํ•ด์„œ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

[Cullinan #17] JWT ์ถ”๊ฐ€ ๋ฐ CSRF ๋‚ด Bypass Method ์ถ”๊ฐ€

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #17์ž…๋‹ˆ๋‹ค. JWT์™€ ๊ด€๋ จ ๊ณต๊ฒฉ ๊ธฐ๋ฒ•๋“ค์— ๋Œ€ํ•œ ํ•ญ๋ชฉ ์ถ”๊ฐ€๋˜์—ˆ๊ณ , CSRF ๋‚ด bypass ๋ถ€๋ถ„์— Method bypass ๋ถ€๋ถ„ ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

ZAP 2.11 Review โšก๏ธ

1 min read

์ตœ๊ทผ์— Simon, ZAP ๊ณต์‹ ํŠธ์œ„ํ„ฐ ๊ณ„์ •์—์„œ 2.11์— ๋Œ€ํ•œ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ž„๋ฐ•ํ–ˆ์Œ์„ ์•Œ๋ ธ์Šต๋‹ˆ๋‹ค.

Dalfox 2.5 Released ๐Ÿš€

~1 min read

There was a released minor version of Dalfox after a long time. Mainly performance improvement, it detects much better than before :D

[Cullinan #16] ZIP-Slip and HPP

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #16์ž…๋‹ˆ๋‹ค. ZIP Slip๊ณผ HTTP Parameter Pollution์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  HTTP2 H2C Smuggling์˜ Tools ๋ถ€๋ถ„์— ๋„๊ตฌ ์ถ”๊ฐ€๋กœ ์ˆ˜์ •์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

ZAP Script-base Authentication

3 min read

์ตœ๊ทผ์— ZAP์˜ 2๊ฐ€์ง€ ๊ธฐ๋Šฅ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ๋ฅผ ๋“œ๋ ธ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Authentication Spidering๊ณผ Access Control ํ…Œ์ŠคํŠธ์ธ๋ฐ์š”. ์ด 2๊ฐ€์ง€ ๊ธฐ๋Šฅ์˜ ํ•ต์‹ฌ์ ์ธ ๋ถ€๋ถ„์€ ZAP์—์„œ ์ œ๊ณตํ•˜๋Š” Authentication๊ณผ User๋ฅผ ํ™œ์šฉํ•ด์„œ ๋กœ๊ทธ์ธ/๋กœ๊ทธ์•„์›ƒ ํ”Œ๋กœ์šฐ๋ฅผ ๊ตฌํ˜„ํ•˜๋Š” ๊ฒƒ์ธ๋ฐ์š”.

ZAP์˜ fuzz-script๋ฅผ ์ด์šฉํ•ด Fuzzing ์Šคํ‚ฌ ์˜ฌ๋ฆฌ๊ธฐ

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ Fuzzing ๋งŽ์ด ํ•˜์‹œ๋‚˜์š”? ์›นํ•ดํ‚น.. ์•„๋‹ˆ ๋Œ€๋‹ค์ˆ˜ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์—์„œ Fuzzing์€ ๋งŽ์€ ์‹œ๊ฐ„์„ ์ฐจ์ง€ ํ•˜๊ธฐ๋„ ํ•˜๊ณ , ๋ฐ˜๋Œ€๋กœ ์‹œ๊ฐ„์„ ์ค„์—ฌ์ฃผ๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์›น ํ…Œ์ŠคํŒ…์—์„œ ZAP์„ ์ด์šฉํ•ด Fuzzingํ•  ๋•Œ Script๋ฅผ ์ด์šฉํ•ด์„œ ์กฐ๊ธˆ ๋” ๋‚˜์€ ํ…Œ์ŠคํŒ…์„ ํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

[Cullinan #15] Add Open Redirect and Command Injection

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #15์ž…๋‹ˆ๋‹ค. Open Redirect์™€ Command Injection ๋‚ด์šฉ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

OWASP TOP 10 2021 ๋ฆฌ๋ทฐ

3 min read

์™€์šฐ ๋“œ๋””์–ด OWASP TOP 10 2021์ด ๊ณต๊ฐœ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค!!! ๐Ÿคฉ

[Cullinan #14] Path Traversal and OWASP TOP 10 2021

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #14์ž…๋‹ˆ๋‹ค. Path traversal์ด ์ถ”๊ฐ€๋˜๊ณ  CSRF์— ์ˆ˜์ •์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค(๋„๊ตฌ ์ถ”๊ฐ€).

Authentication Spidering in ZAP

3 min read

์ตœ๊ทผ ZAP์˜ Auth(Authentication, Authorization) ๊ด€๋ จ ๊ธฐ๋Šฅ๊ณผ ์„ธ์…˜์— ๋Œ€ํ•œ ๋ถ€๋ถ„์„ ํŒŒํ—ค์น˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ œ๊ฐ€ ์ž˜ ๋ชจ๋ฅด๊ณ  ์‚ฌ์šฉํ•˜์ง€ ์•Š์•˜๋˜ ๊ธฐ๋Šฅ๋“ค์ธ๋ฐ, ์•Œ๊ณ ๋‚˜๋‹ˆ ์ง€๊ธˆ๊นŒ์ง€ ์•ฝ๊ฐ„ ๋‹ต๋‹ตํ•˜๊ฒŒ ์ผํ–ˆ๋˜ ์ œ๊ฐ€ ๋ถ€๋„๋Ÿฌ์›Œ์ง€๋„ค์š”.

[Cullinan #13] Add CSV Injection and CRLF Injection

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #13์ž…๋‹ˆ๋‹ค. CSV Injection๊ณผ CRLF Injection์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

Testing Access-Control with ZAP

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ์„ธ์…˜์— ๋Œ€ํ•œ ์ ‘๊ทผ ๊ถŒํ•œ, Authorization์— ๋Œ€ํ•œ ๋ถ€๋ถ„๋“ค์„ ์ ๊ฒ€ํ•˜์‹ค ๋•Œ ์–ด๋–ค ํ˜•ํƒœ๋กœ ํ…Œ์ŠคํŠธํ•˜์‹œ๋‚˜์š”?

[Cullinan #12] Add JSON/JSONP Hijacking

~1 min read

์ปฌ๋ฆฌ๋„Œ ์—…๋ฐ์ดํŠธ ๋กœ๊ทธ #12์ž…๋‹ˆ๋‹ค. ์ด๋ฒˆ์—๋Š” JSON Hijacking, JSONP Hijacking์— ๋Œ€ํ•œ ๋‚ด์šฉ ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  XSS ๋‚ด์šฉ์ด ์—†๋˜ ๋ถ€๋ถ„์ด ์ข€ ์žˆ์—ˆ๋Š”๋ฐ, ๋‚ด์šฉ ์ถ”๊ฐ€ํ•˜์˜€์Šต๋‹ˆ๋‹ค :D

ZAP์— ๊ณง ์ถ”๊ฐ€๋  FileUpload AddOn ์‚ดํŽด๋ณด๊ธฐ

1 min read

์ตœ๊ทผ์— ZAP Weekly ๋ฒ„์ „์— ์ƒˆ๋กœ์šด ๊ธฐ๋Šฅ์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ FileUpload ๋ผ๋Š” AddOn ํ˜•ํƒœ๋กœ ์ถ”๊ฐ€๋œ ๊ธฐ๋Šฅ์ธ๋ฐ์š”, ์ด ๊ธฐ๋Šฅ์€ File upload ๊ด€๋ จ ์ทจ์•ฝ์ ์„ ์‹๋ณ„ํ•˜๊ณ  ์Šค์บ๋‹ํ•  ์ˆ˜ ์žˆ๋„๋ก ๋„์™€์ฃผ๋Š” ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

Macos์—์„œ LISTEN ์ค‘์ธ ํฌํŠธ์™€ ํ”„๋กœ์„ธ์Šค ์‰ฝ๊ฒŒ ํ™•์ธํ•˜๊ธฐ

~1 min read

์ €๋Š” ๊ฐ„ํ˜น Macos์˜ native application์— ๋Œ€ํ•œ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์„ ์ง„ํ–‰ํ•  ๋•Œ๊ฐ€ ์žˆ๋Š”๋ฐ์š”. ์ด ๋•Œ Application์—์„œ binding, listening ํ•˜๊ณ  ์žˆ๋Š” ํฌํŠธ๋ฅผ ํ™•์ธํ•˜๊ณ  Endpoint๋ฅผ ์ฐพ์•„์•ผํ•  ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค.

[Cullinan #11] Add CSRF and SSRF

~1 min read

์˜ค๋žœ๋งŒ์— cullinan ์ปจํ…์ธ  ์—…๋ฐ์ดํŠธ๋ฅผ ์ง„ํ–‰ํ–ˆ์Šต๋‹ˆ๋‹ค. Draft ์ƒํƒœ์˜€๋˜ CSRF์™€ SSRF ๋‚ด์šฉ ์ถ”๊ฐ€ํ–ˆ๊ณ , ๋‹ค๋ฅธ ํ•ญ๋ชฉ(์Šค๋จธ๊ธ€๋ง ๋“ฑ)๋“ค ์ค‘ ์ผ๋ถ€ ์ปจํ…์ธ  ์ˆ˜์ •์„ ์ง„ํ–‰ํ–ˆ์Šต๋‹ˆ๋‹ค.

ZAP Automation GUI

1 min read

์ตœ๊ทผ์— ZAP Automation framework๊ฐ€ 0.4 ๋ฒ„์ „์œผ๋กœ ์—…๋ฐ์ดํŠธ ๋ฌ์Šต๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ œ๊ฐ€ 0.4 ๋ฒ„์ „์„ ๊ธฐ๋‹ค๋ฆฐ ๊ฒƒ์€ ์•„๋ž˜ ๋‚ด์šฉ ๋•Œ๋ฌธ์ธ๋ฐ์š”, StackHawk์—์„œ ์ŠคํŠธ๋ฆฌ๋ฐ์œผ๋กœ ์ง„ํ–‰ํ•œ Automation Framework์— ๋Œ€ํ•œ ์†Œ๊ฐœ ๋‚ด์šฉ ์ค‘ ZAP์—์„œ UI๋กœ Automation Framework๋ฅผ ์ปจํŠธ๋กคํ•˜๋Š” ์žฅ๋ฉด์ด ์žกํ˜”์—ˆ๊ณ , Simon์—๊ฒŒ ๋ฌผ์–ด๋ณด๋‹ˆ 0.4 ๋ฒ„์ „๋Œ€ ๊ธฐ๋Šฅ์ด๋ผ๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

ZAP OAST ๋ฆด๋ฆฌ์ฆˆ! ์ด์ œ ZAP์—์„œ Out-Of-Band๊ฐ€ ๋” ์‰ฌ์›Œ์ง‘๋‹ˆ๋‹ค ๐Ÿš€

4 min read

์˜ค๋Š˜ ZAP OAST๊ฐ€ Alpha ๋ฒ„์ „์œผ๋กœ release ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ง€๋‚œ๋ฒˆ์— ์ด์•ผ๊ธฐ๋“œ๋ฆฐ๋Œ€๋กœ OAST๋Š” callback ๊ณผ ๋น„์Šทํ•˜๊ฒŒ Out-Of-Band๋ฅผ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•œ ๋„๊ตฌ๋กœ SSRF, RCE ๋“ฑ์—์„œ ๊ต‰์žฅํžˆ ์œ ์šฉํ•˜๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

[Faraday#2] Dispatcher๋ฅผ ์ด์šฉํ•œ Scanning CI

2 min read

์ด๋ฒˆ ์ฃผ๋ง์—๋Š” ํ‹ˆํ‹ˆํžˆ Faraday ๊ด€๋ จํ•ด์„œ ๊ณ„์† ํ…Œ์ŠคํŠธํ•ด๋ณด๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ faraday_agent_dispatcher ๋ผ๋Š” ๊ธฐ๋Šฅ์ด ๋ˆˆ์— ๋“ค์–ด์™”๋Š”๋ฐ์š”, ์ด ๊ธฐ๋Šฅ์€ faraday ์„œ๋ฒ„์— ์—ฌ๋Ÿฌ agent ๋ถ™์—ฌ์„œ ๋ฏธ๋ฆฌ ์ง€์ • ํ•ด๋‘” ํฌ๋งท ๊ทธ๋ฆฌ๊ณ  ์‚ฌ์šฉ์ž๊ฐ€ ์ „๋‹ฌํ•ด์ค€ ๋ฐ์ดํ„ฐ ๋”ฐ๋ผ ์Šค์บ๋‹์„ ์ง„ํ–‰ํ•˜๊ณ  ๊ฒฐ๊ณผ๋ฅผ faraday์— ๋ฐ˜์˜ํ•˜๋Š” ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค.

[Faraday#1] Penetration testing IDE!

4 min read

ํ˜น์‹œ faraday๋ผ๊ณ  ๋“ค์–ด๋ณด์…จ๋‚˜์š”? pentesting ๊ด€๋ จํ•ด์„œ ์กฐ๊ธˆ ์ฐพ์•„๋ณด๋‹ค ๋ณด๋ฉด ํ•œ๋ฒˆ ์ฏค์€ ๋“ค์–ด๋ณผ ์ˆ˜ ์žˆ๋Š” framework๋กœ ์ € ๋˜ํ•œ ์˜ˆ์ „๋ถ€ํ„ฐ ๊ด€์‹ฌ์ด ์žˆ๊ธด ํ–ˆ์ง€๋งŒ, ์‹ค์ œ๋กœ ์‚ฌ์šฉํ•ด๋ณผ ์ผ์ด ์—†์–ด์„œ ๋ธ”๋กœ๊ทธ์—๋„ ์†Œ๊ฐœํ•ด๋“œ๋ฆฐ ์ ์ด ์—†์—ˆ๋„ค์š”. (๋ณดํ†ต ์ „ pentest ์‹œ msf + documents ๋„๊ตฌ๋ฉด ์ถฉ๋ถ„ํ•˜๋‹ค ๋Š๊ผˆ์–ด์„œโ€ฆ )

ZAP OAST ๋ฏธ๋ฆฌ ๊ตฌ๊ฒฝํ•˜๊ธฐ (for OOB)

2 min read

ZAP developers์— ์ปจํ…์ธ  ํ•˜๋‚˜๊ฐ€ ๊ณต์œ ๋˜์—ˆ๋Š”๋ฐ์š” ๋ฐ”๋กœ OAST์— ๋Œ€ํ•œ ๋‚ด์šฉ์ด์˜€์Šต๋‹ˆ๋‹ค. OAST๋Š” ์ด๋ฒˆ์— ZAP core team(akshath)์—์„œ ์‹ ๊ทœ๋กœ ๊ฐœ๋ฐœ์ค‘์ธ AddOn์ž…๋‹ˆ๋‹ค. ๊ธฐ์กด zap callback ๊ธฐ๋Šฅ์— burp suite์˜ collaborator ์™€ ๊ฐ™์ด out-of-band๋ฅผ ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŠธํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•ด์ฃผ๋Š” AddOn์ž…๋‹ˆ๋‹ค.

[Cullinan #9] Added history of owasp top 10

~1 min read

Change Note

cullinan์— History Of OWASP TOP 10 ์ด๋ž€ ์ด๋ฆ„์˜ ํŽ˜์ด์ง€๋ฅผ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” OWASP TOP 10์˜ ๋ณ€ํ™”๋ฅผ ํ•œ๋ˆˆ์— ๋ณด๊ธฐ ์œ„ํ•ด ๋งŒ๋“  ํŽ˜์ด์ง€๋กœ ์ƒˆ๋กœ์šด ๋…„๋„์˜ ๋ฒ„์ „์ด ๋‚˜์˜ฌ ๋•Œ ๋งˆ๋‹ค ๊ฐฑ์‹ ํ•ด ๋‚˜๊ฐˆ ์˜ˆ์ •์ž…๋‹ˆ๋‹ค.

ZAP Plug-n-Hack์„ ์ด์šฉํ•œ DOM/PostMessage ๋ถ„์„

2 min read

Plug-n-Hack(PnH)

Plug-n-hack, ์ฆ‰ PnH๋Š” Mozilla ๋ณด์•ˆํŒ€์ด ์ œ์•ˆํ•œ ํ‘œ์ค€์œผ๋กœ ๋ณด์•ˆ ๋„๊ตฌ์™€ ๋ธŒ๋ผ์šฐ์ €๊ฐ„์˜ ์ƒํ˜ธ ์ž‘์šฉ์„ ์‰ฝ๊ณ  ์œ ์šฉํ•˜๊ฒŒ ํ•  ์ˆ˜ ์žˆ๋„๋ก ๋งŒ๋“ค์–ด์ง„ ๋ฐฉ๋ฒ•์„ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค.

ZAP Scanning to Swagger Documents

~1 min read

OpenAPI in ZAP

ZAP์€ ๋‹จ์ˆœํžˆ url ๋ฆฌ์ŠคํŠธ๋ฅผ import ํ•˜๋Š” ๊ธฐ๋Šฅ ์ด์™ธ์—๋„ GraphQL endpoint๋‚˜ OpenAPI๋ฅผ import ํ•˜๋Š” ๊ธฐ๋Šฅ์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์—ฌ๊ธฐ์„œ OpenAPI Import๋ฅผ ํ™œ์šฉํ•˜๋ฉด ๋ณดํ†ต API Spec์— ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” SwaggerUI์˜ doc ๋ฐ์ดํ„ฐ๋ฅผ ๊ฐ€์ง€๊ณ  Example ์ฝ”๋“œ์— ๋งž๊ฒŒ API ๋ฐ์ดํ„ฐ๋ฅผ ๋กœ๋“œํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Customize request/response panel in ZAP

1 min read

์˜ค๋Š˜์€ ZAP์˜ ์†Œ์†Œํ•œ ํŒ ํ•˜๋‚˜๋ฅผ ๊ณต์œ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ณดํ†ต Request/Response ํƒญ์€ Layout ์ •๋„๋งŒ ๋ณ€๊ฒฝํ•˜๊ณ  ๊ธฐ๋ณธ ๊ฐ’์„ ์‚ฌ์šฉํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์€๋ฐ์š” ์‚ฌ์‹ค ZAP์˜ Request/Response ํƒญ์€ ์ƒ๊ฐ๋ณด๋‹ค ๋””ํ…Œ์ผํ•˜๊ฒŒ ์„ค์ •์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

DOM Invader, BurpSuite์˜ DOM-XSS Testing ๋„๊ตฌ

2 min read

์•„.. PortSwigger์—์„œ ๋˜ ๋ฌผ๊ฑด ํ•˜๋‚˜ ๋งŒ๋“  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. PortSwigger์˜ BurpSuite ์Šค์บ” ์„ฑ๋Šฅ ์ค‘ ์†์— ๊ผฝ๋Š” ๋ถ€๋ถ„์ด ๋ฐ”๋กœ DOM Testing ๋ถ€๋ถ„์ž…๋‹ˆ๋‹ค. ๋ณดํ†ต์˜ ๋„๊ตฌ๋“ค์€ DOM XSS๋ฅผ ์ฐพ๊ธฐ ์œ„ํ•ด ์ •ํ•ด์ง„ ํŒจํ„ด์„ headless browser๋กœ ๋ Œ๋”๋งํ•˜์—ฌ ํ…Œ์ŠคํŠธํ•˜๊ฑฐ๋‚˜ js ์ฝ”๋“œ ๋‚ด ๊ณต๊ฒฉ์— ์ฃผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ํŒจํ„ด(eval, innerHTML, document.write ๋“ฑ)์„ ๊ฐ์ง€ํ•˜๊ณ  ์‚ฌ์šฉ์ž์—๊ฒŒ ์ „๋‹ฌํ•ด์ฃผ๋Š” ํ˜•ํƒœ๋กœ ๋™์ž‘ํ•ฉ๋‹ˆ๋‹ค.

ZAP Passive Scan Tags์™€ Neonmarker ๊ทธ๋ฆฌ๊ณ  Highlighter

2 min read

๋งŽ์€ ์–‘์˜ Web URL์„ ๋ถ„์„ํ•˜๊ฒŒ ๋˜๋ฉด ๋ˆˆ์— ์ž˜ ์•ˆ๋“ค์–ด์˜ค๊ณ , ์ค‘์š”ํ•œ ๋ถ€๋ถ„๋“ค์„ ๋†“์น˜๊ธฐ ๋งˆ๋ จ์ธ๋ฐ highlight ๊ด€๋ จ ๊ธฐ๋Šฅ๋“ค์€ ์กฐ๊ธˆ ๋” ์ค‘์š”ํ•œ ํฌ์ธํŠธ์— ์ง‘์ค‘์„ ํ•  ์ˆ˜ ์žˆ๋„๋ก ํฌ์ธํŠธ๋ฅผ ์žก์•„์ฃผ๊ธฐ ๋•Œ๋ฌธ์— ๊ฐœ์ธ์ ์œผ๋กœ๋Š” ์ž˜ ํ™œ์šฉํ•˜๋Š”๊ฒŒ ๋ถ„์„ํ•จ์— ์žˆ์–ด์„œ ํฐ ๋„์›€์ด ๋œ๋‹ค๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

PDF ์•”ํ˜ธํ™”์™€ User-password ๊ทธ๋ฆฌ๊ณ  Owner-password

2 min read

์ œ๊ฐ€ ์ตœ๊ทผ์— pdfcrack์„ ํ†ตํ•ด pdf ํŒŒ์ผ์— ๊ฑธ๋ฆฐ ํŒจ์Šค์›Œ๋“œ๋ฅผ ํฌ๋ž™ํ•˜๋Š” ๋‚ด์šฉ์œผ๋กœ ๊ธ€์„ ์ผ์—ˆ๋Š”๋ฐ์š”. ์ด๋Š” pdf ํŒŒ์ผ ํฌ๋ž™๋–„๋ฌธ์— ๋ฉ”๋ชจ ์ฐจ ์ž‘์„ฑํ•œ ๊ธ€์ด์˜€๊ณ , ์˜ค๋Š˜์€ pdf ํŒŒ์ผ์˜ ์•”ํ˜ธํ™” ์ž์ฒด์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿผ pdf์˜ ์•”ํ˜ธํ™”์™€ user-password, owner-password ์— ๋Œ€ํ•ด ์•Œ์•„๋ณด๋„๋ก ํ•˜์ฃ . (๊ฐ„๋‹จํ•œ ๋‚ด์šฉ์ด์—์š”)

PDF ํŒŒ์ผ Password Crack

1 min read

pdf ํŒจ์Šค์›Œ๋“œ ํฌ๋ž™ํ•  ์ผ์ด ์žˆ์–ด์„œ ๋„๊ตฌ๋ž‘ ๊ฐ„๋‹จํ•˜๊ฒŒ ์‚ฌ์šฉ๋ฐฉ๋ฒ• ๋ฉ”๋ชจํ•ด ๋‘ก๋‹ˆ๋‹ค ๐Ÿ˜

ZAP Automation

2 min read

์˜ฌ ์ดˆ์— ์ฒ˜์Œ ์—ด๋ฆฐ ZAPCon 2021์—์„œ ZAP Automation at Scale์ด๋ž€ ์„ธ์…˜์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ๋•Œ ๋‹น์‹œ์—๋Š” ๊ทธ๋ƒฅ ZAP Automation Addon์„ ํ†ตํ•ด ๊ธฐ์กด ์ž๋™ํ™” ์ž‘์—…์„ ์ข€ ๋” ์‰ฝ๊ฒŒ ๊ตฌ์„ฑํ•  ์ˆ˜ ์žˆ๋‹ค ์ •๋„๋กœ ๋ฐ›์•„๋“œ๋ ธ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ์— Scan Policy ๊ด€๋ จํ•ด์„œ ๋น„์Šทํ•œ ๊ณ ๋ฏผ์„ ํ•˜๋‹ค๋ณด๋‹ˆ ZAP Automation์˜ ์žฅ์ ์ด ๋ˆˆ์— ๋ณด์˜€์Šต๋‹ˆ๋‹ค.

ZAP Token Generation and Analysis ์‚ดํŽด๋ณด๊ธฐ

1 min read

ZAP์—๋Š” Token Generation and Analysis๋ž€ Addon์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ด๋ฆ„๋งŒ ๋ณด๊ณ  ์˜ˆ์ „๋ถ€ํ„ฐ ์„ค์น˜๋Š” ํ•ด๋‘์—ˆ๋Š”๋ฐ ํ•œ๋ฒˆ๋„ ์‚ฌ์šฉํ•˜์ง€ ์•Š์•˜๋˜ ๊ฒƒ ๊ฐ™๋„ค์š”.. ๊ทธ๋ž˜์„œ ์˜ค๋Š˜ ํ•œ๋ฒˆ ์‚ฌ์šฉํ•ด๋ณด๊ณ  ์ •ํ™•ํžˆ ์–ด๋–ค ๋„๊ตฌ์ธ์ง€, ์–ด๋–ค ์šฉ๋„๋กœ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„์ง€ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Bypass host validation with Parameter Pollution

1 min read

์˜ค๋Š˜์€ host validation ๋กœ์ง ์šฐํšŒ ๋•Œ ์‚ฌ์šฉํ–ˆ๋˜ ๊ฐ„๋‹จํ•œ ํŒ ํ•˜๋‚˜ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค. ๋ญ ๋ˆ„๊ตฌ๋‚˜ ์•„๋Š” ๋‚ด์šฉ์ด๋ผ ๋ณ„๊ฑฐ ์—†๊ธด ํ•˜์ง€๋งŒ, ๊ธฐ๋ก์œผ๋กœ ๋‚จ๊ฒจ๋‘์–ด์•ผ ๋‚˜์ค‘์— ํ•œ๋ฒˆ์— ๊ด€๋ จ ๋‚ด์šฉ๋“ค์„ ์ •๋ฆฌํ•  ๋•Œ ์‰ฝ๊ฒŒ ์ฐพ๊ณ  ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์–ด์„œ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

Options rule configuration in ZAP

1 min read

ZAP์—์„œ ์˜ต์…˜์ชฝ ์ข€ ๋ณด๋‹ค๊ฐ€ Rule configuration ์ด๋ž€ ๋ถ€๋ถ„์ด ์žˆ๋Š”๋ฐ, ์ œ๊ฐ€ ์•„๋Š” ์ผ๋ฐ˜์ ์ธ ์Šค์บ” ๋ฃฐ ์„ค์ •์ด๋ผ๋Š” ๋‹ฌ๋ผ์„œ ๊ธด๊ฐ€๋ฏผ๊ฐ€ํ•œ ๋ถ€๋ถ„์ด ์žˆ์–ด ๋‚ด์šฉ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

CSS Injection Bypassing Trick (with dashdash and var)

1 min read

CSS(Style) Injection

CSS Injection์€ XSS๋‚˜ HTML Injection๊ณผ ๊ฐ™์ด ์›น ์ƒ์—์„œ CSS, ์ฆ‰ ์Šคํƒ€์ผ ์‹œํŠธ์— Injetion์ด ๊ฐ€๋Šฅํ•œ ๊ฒฝ์šฐ๋ฅผ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค. ๋ณดํ†ต ์‚ฌ์šฉ์ž์—๊ฒŒ ์ง์ ‘์ ์ธ ์˜ํ–ฅ๋ ฅ์ด ์žˆ๋Š”๊ฑด ์•„๋‹ˆ์ง€๋งŒ, ์Šคํƒ€์ผ ์‹œํŠธ ์ œ์–ด๋ฅผ ํ†ตํ•ด์„œ ๋งคํ•‘๋œ ์ด๋ฒคํŠธ ํ•ธ๋“œ๋Ÿฌ๋ฅผ ํ†ตํ•ด XSS๋‚˜ ๋‹ค๋ฅธ ๊ธฐ๋Šฅ์„ ์ˆ˜ํ–‰์‹œํ‚ค๊ฑฐ๋‚˜ ๊ต๋ชจํ•œ ํ”ผ์‹ฑ ํŽ˜์ด์ง€๋ฅผ ๊ตฌ์„ฑํ•˜๋Š”๋ฐ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

[Cullinan #8] Update reverse tabnabbing (browserโ€™s patched)

~1 min read

Change note

reverse tabnabbing ๊ด€๋ จํ•˜์—ฌ ๋ธŒ๋ผ์šฐ์ €์‚ฌ๋“ค์˜ ํŒจ์น˜๊ฐ€ ์žˆ์–ด ๊ณต๊ฒฉ๋ฐฉ๋ฒ•, ๋Œ€์‘๋ฐฉ๋ฒ• ๋“ฑ์— ๋ณ€๊ฒฝ์‚ฌํ•ญ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

The reverse tabnabbing has weakened more

1 min read

Reverse tabnabbing์€ ๋ฆฌ์Šคํฌ๊ฐ€ ๋†’์€ ๊ณต๊ฒฉ์€ ์•„๋‹ˆ์ง€๋งŒ ํ”ผ์‹ฑ์—์„œ ์ถฉ๋ถ„ํžˆ ์‚ฌ์šฉ๋  ์ˆ˜ ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๋ณด์•ˆ์„ ์กฐ๊ธˆ ๋” ์‹ ๊ฒฝ์“ด๋‹ค๋ฉด ๋ถ„๋ช…์ด ์ฒดํฌํ•˜๊ณ  ๊ฐ€์•ผํ•  ๋ถ€๋ถ„์ž…๋‹ˆ๋‹ค. ํ•ด๋‹น ๊ณต๊ฒฉ์— ๋Œ€ํ•œ ์„ค๋ช…์€ ์•„๋ž˜ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ•ด์ฃผ์„ธ์š”.

Import remote JS in IMG tag. for bypass XSS

1 min read

๋ฐค์— ํŠธ์œ—์„ ๋ณด๋‹ค๊ฐ€ ๊ฐ„๋‹จํ•œ XSS ํŠธ๋ฆญ์„ ๋ดค๋Š”๋ฐ ํŠน๋ณ„ํžˆ ๋ญ”๊ฐ€๊ฐ€ ์žˆ๋Š”๊ฑด ์•„๋‹ˆ์ง€๋งŒ ๊ฐ€๋”์”ฉ CSP ์šฐํšŒ์—๋„ ์‚ฌ์šฉ๋  ์ˆ˜ ์žˆ์„ ๊ฒƒ ๊ฐ™์•„ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

Secure JWT and Slinding Sessions

3 min read

Sessions ์ด๋ž€?

Sessions์€ ์ปดํ“จํŒ…์—์„œ ๋น„์Šทํ•˜์ง€๋งŒ ์—ฌ๋Ÿฌ ์˜๋ฏธ๋กœ ์‚ฌ์šฉ๋˜๋Š” ์šฉ์–ด์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ ์ƒํƒœ๋ฅผ ์˜๋ฏธํ•œ๋‹ค๊ณ  ๋ณด๋ฉด ๋  ๊ฒƒ ๊ฐ™๊ณ , ์›น์—์„œ๋Š” HTTP๊ฐ€ ๋น„ ์—ฐ๊ฒฐํ˜• ํ”„๋กœํ† ์ฝœ์ด๊ธฐ ๋•Œ๋ฌธ์— ์„œ๋ฒ„๊ฐ€ ๊ธฐ์กด์— ์ ‘์†ํ–ˆ๋˜ ํด๋ผ์ด์–ธํŠธ์ธ์ง€ ํ™•์ธํ•  ์ˆ˜ ์žˆ๋Š” ์ˆ˜๋‹จ์œผ๋กœ ์‚ฌ์šฉ๋ฉ๋‹ˆ๋‹ค. (ํŒŒ์ผ ์ฟ ํ‚ค๋ž‘ ๋น„์Šทํ•˜์ฃ . ๋‹ค๋งŒ ์ฒ˜๋ฆฌ์—์„  ์•ฝ๊ฐ„ ๋‹ค๋ฅด๊ธดํ•ฉ๋‹ˆ๋‹ค.)

OOB Testing with interactsh!

2 min read

OOB(Out-Of-Band)์™€ Callback ์„œ๋ฒ„

SSRF, RCE ๋“ฑ์—์„œ ๊ณต๊ฒฉ ํŽ˜์ด๋กœ๋“œ์˜ ์„ฑ๊ณต ์—ฌ๋ถ€๋ฅผ ์–ด๋– ํ•œ ๋ฐฉ์‹์œผ๋กœ ์ฒดํฌํ•˜์‹œ๋‚˜์š”? ๋ณดํ†ต์€ ์›๊ฒฉ์ง€์˜ ์„œ๋ฒ„๋ฅผ ๋‘๊ณ  HTTP๋‚˜ DNS ์š”์ฒญ์ด ๋ฐœ์ƒํ•˜๋Š”๊ฑธ ๊ฐ์ง€ํ•ด์„œ ์ฒดํฌํ•˜๊ณค ํ•ฉ๋‹ˆ๋‹ค. BurpSuite์—” ์ด๋Ÿฌํ•œ ์ž‘์—…์„ ์œ„ํ•ด collaborator๋ผ๋Š” ์•„์ฃผ ์œ ์šฉํ•œ ๋„๊ตฌ(์‚ฌ์šฉ์ž๋ณ„๋กœ ๋ณ„๋„์˜ ๋„๋ฉ”์ธ๊ณผ callback-notify๋ฅผ ์ œ๊ณต)๊ฐ€ ์žˆ๊ณ  ์ด๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ™•์žฅ๊ธฐ๋Šฅ(taborator, activescan, collaborator everywhere)์ด ์žˆ์Šต๋‹ˆ๋‹ค.

Get webpage screenshot with gowitness for CICD

~1 min read

What is gowitness

gowitness๋Š” ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ์ปค๋ฎค๋‹ˆํ‹ฐ์—์„œ ์ž˜ ์•Œ๋ ค์ง„ ๋„๊ตฌ๋กœ ๋Œ€๋Ÿ‰์˜ URL์„ ๋Œ€์ƒ์œผ๋กœ ์›น ์Šคํฌ๋ฆฐ์ƒท์„ ๋น ๋ฅด๊ฒŒ ์ฐ์„ ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

RCE with exposed k8s api

1 min read

ํœด๊ฐ€์ค‘์ด๋ผ ํ”ผ๋“œ๋‚˜ ํŠธ์œ—๋“ฑ์„ ์ž์ฃผ ๋ณด์ง„ ๋ชปํ•˜์ง€๋งŒ k8s RCE ๊ด€๋ จํ•˜์—ฌ ๊ธ€์ด ์žˆ์–ด์„œ ๊ฐ€๋ณ๊ฒŒ ์‚ดํŽด๋ณด๊ณ  ํฌ์ŠคํŒ…ํ•ด๋ด…๋‹ˆ๋‹ค.

[Cullinan #6] Add reverse tabnabbing

~1 min read

Reverse Tabnabbing ๊ด€๋ จํ•ด์„œ ๊ธฐ์กด์—๋Š” phoenix์— ํ…Œ์ŠคํŠธ์šฉ ํŽ˜์ด์ง€๋งŒ ๋งŒ๋“ค์–ด๋‘๊ณ  ์ผ์—ˆ๋Š”๋ฐ ๋‚ด์šฉ ์ •๋ฆฌ์ข€ ํ• ๊ฒธ cullinan์— ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

OpenData for bug-bounty

~1 min read

์ตœ๊ทผ์— ๊ฐœ์ธ resources ํŽ˜์ด์ง€๋ฅผ ๋ฆฌ๋‰ด์–ผ ํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด์—๋Š” ๊ทธ๋ƒฅ ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” ์˜จ๋ผ์ธ ๋„๊ตฌ๋“ค์˜ ๋งํฌ ์ •๋„๋งŒ ์žˆ์—ˆ๋Š”๋ฐ, ํ…Œ์ŠคํŒ… / ์›Œ๋“œ๋ฆฌ์ŠคํŠธ / ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ๋„๋ฉ”์ธ ๋“ฑ ๊ด€๋ จํ•ด์„œ ์ฃผ๊ธฐ์ ์œผ๋กœ ํŒŒ์ผ์„ ์ƒ์„ฑํ•˜์—ฌ ๊ณต๊ฐœํ•˜๋ ค๊ณ (์–ด์ฐจํ”ผ ๊ฑฐ์˜ ์ €๋งŒ ์“ฐ๊ธด ํ•˜๊ฒ ์ง€๋งŒ..) ๊ฐ„๋‹จํ•˜๊ฒŒ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค.

ZAP context based scanning

1 min read

ZAP์—์„œ์˜ quickscan์ด๋‚˜ spider, active scan ๋“ฑ์„ ๊ธฐ๋ณธ์ ์œผ๋กœ ๋‹ค์ค‘ URL์„ ์ง€์›ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์˜ˆ์ „์— ์•„๋ž˜ ํฌ์ŠคํŠธ์™€ ๊ฐ™์€ ๋ฐฉ๋ฒ•์œผ๋กœ API๋ฅผ ์ด์šฉํ•œ ๋ฐฉ๋ฒ•, ๊ทธ๋ฆฌ๊ณ  ๋ณ„๋„์˜ ๋„๊ตฌ๋ฅผ ๋งŒ๋“ค์–ด์„œ ์Šค์บ”ํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ์‚ฌ์šฉํ•˜๊ณค ํ–ˆ์Šต๋‹ˆ๋‹ค.

well-known ๋””๋ ‰ํ† ๋ฆฌ์™€ securty.txt ๊ทธ๋ฆฌ๊ณ  humans.txt

1 min read

๊ฐ„ํ˜น ์›น ํŽ˜์ด์ง€๋ฅผ ๋“ค์—ฌ๋‹ค๋ณด๋ฉด .well-known ๋””๋ ‰ํ† ๋ฆฌ๋ฅผ ๋งŒ๋‚˜๊ฒŒ๋ฉ๋‹ˆ๋‹ค. ์ œ ์‚ฌ์ดํŠธ๋„ ์˜ฌ 1์›”์— security.txt๋ฅผ ์ถ”๊ฐ€ํ–ˆ์—ˆ๋Š”๋ฐ, ๊ทธ ๋• ๋‹จ์ˆœํžˆ ๋ณด์•ˆ ์ทจ์•ฝ์ ์ด๋‚˜ ์ด์Šˆ์— ๋Œ€ํ•œ ์ œ๋ณด๋ฅผ ์œ„ํ•ด์„œ ๋งŒ๋“ค์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ด .well-known ๋””๋ ‰ํ† ๋ฆฌ์˜ ์˜๋ฏธ์™€ ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉ๋˜๋Š”์ง€ ์กฐ๊ธˆ๋” ์‚ดํŽด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

How to set ZAP active scan input vector in daemon mode

1 min read

What is ZAP Active Scan Input Vector?

Active Scan Input Vector๋Š” ZAP์—์„œ Active Scan ์‹œ Injection ์˜์—ญ์„ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ํŠน์ • Injection ์ทจ์•ฝ์ ์„ ์˜๋ฏธํ•˜๋Š” ๊ฑด ์•„๋‹ˆ๊ณ  ์ ๊ฒ€ํ•  ๋ถ€๋ถ„์ด๋ผ๊ณ  ๋ณด์‹œ๋Š”๊ฒŒ ๋” ์ ํ•ฉํ•ฉ๋‹ˆ๋‹ค. ZAP์˜ ๊ธฐ๋ณธ๊ฐ’์€ URL + POST๋กœ ๊ธฐ๋ณธ์ ์œผ๋กœ URI/Param ๋“ฑ์— ๋Œ€ํ•ด์„œ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜์ง€๋งŒ ์ฟ ํ‚ค๋‚˜ ํ—ค๋”๋“ฑ์—๋Š” ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค. (์‹œ๊ฐ„์ด ์˜ค๋ž˜๊ฑธ๋ ค์„œ, ์ด๋Š” ZAP์ด CICD์— ๋งŽ์ด ๋“ค์–ด๊ฐ€๊ธฐ ๋•Œ๋ฌธ)

Make and change default scan policy in ZAP cli interface

1 min read

ZAP Scan Policy

ZAP์€ Passive/Active Scan์— ๋Œ€ํ•œ ์ •์ฑ…์„ ์ปค์Šคํ…€ํ•˜๊ฒŒ ๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ๋„๋ก ์ œ๊ณตํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” ๋‹จ์ˆœํžˆ ํ•ด๋‹น ์Šค์บ” ๋ชจ๋“ˆ์˜ ์‚ฌ์šฉ ์—ฌ๋ถ€ ๋ฟ๋งŒ ์•„๋‹ˆ๋ผ Risk level๋„ ์กฐ์ •ํ•  ์ˆ˜ ์žˆ์–ด ์Šค์บ๋„ˆ๋กœ ํ™œ์šฉํ•˜๊ธฐ์—๋„ ์ข‹์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ์ธ์ง€ DevSecOps๋ฅผ ๊ตฌ์ถ•ํ•  ๋•Œ ZAP์€ ์ž์ฃผ ๊ฑฐ๋ก ๋˜๋Š” DAST ์Šค์บ๋„ˆ์ด๊ธฐ๋„ ํ•˜์ฃ .

ZAP Forced browse ์™€ Fuzz์—์„œ Sync wordlist ์‚ฌ์šฉํ•˜๊ธฐ

3 min read

Forced Browse๋Š” ๋”•์…”๋„ˆ๋ฆฌ ๊ธฐ๋ฐ˜ ๋˜๋Š” ๋‹จ์ˆœ ๋ธŒ๋ฃจํŠธํฌ์Šค๋ฆ ํ†ตํ•ด์„œ ์„œ๋น„์Šค์—์„œ ๊ฒฝ๋กœ์™€ ํŽ˜์ด์ง€๋ฅผ ์‹๋ณ„ํ•˜๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. ์•„์ฃผ ์ „ํ†ต์ ์ด์ง€๋งŒ Recon ์ธก๋ฉด์—์„  ์•„์ง๋„ ๊ต‰์žฅํžˆ ์ค‘์š”ํ•œ ๋ถ€๋ถ„์ด๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์ด๋Ÿฌํ•œ ์ž‘์—…๋“ค์„ ์œ„ํ•ด์„œ ๊ธฐ์กด์˜ dirsearch, dirbuster ๋“ฑ์˜ ๋„๊ตฌ๋ถ€ํ„ฐ ์ตœ๊ทผ feroxbuster, gobuster ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ธฐ๋Šฅ๊ณผ ๊ฐœ์„ ์„ ์ ์šฉํ•œ ์ƒˆ๋กœ์šด ๋„๊ตฌ๋“ค๋„ ๋Š์ž„์—†์ด ๋‚˜์˜ค๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

Openssl๋งŒ ์‚ฌ์šฉํ•˜์—ฌ ์›น ์‚ฌ์ดํŠธ์—์„œ ์ง€์›ํ•˜๋Š” SSL cipher suite ํŒŒ์•…ํ•˜๊ธฐ

2 min read

๋ณดํ†ต ์›น ์‚ฌ์ดํŠธ์˜ SSL์— ๋Œ€ํ•œ ๋ณด์•ˆ์ ์ธ ์ฒดํฌ๋Š” ์ž˜ ๋‚˜์™€์žˆ๋Š” ์—ฌ๋Ÿฌ ๋„๊ตฌ๋“ค์ด ์žˆ์–ด์„œ ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŠธํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Zest์™€ ZAP์„ ์ด์šฉํ•œ Semi-Automated Security Testing

3 min read

What is Zest script

Zest script๋Š” ZAP์—์„œ ์ œ๊ณตํ•˜๋Š” ์Šคํฌ๋ฆฝํŒ… ์–ธ์–ด๋กœ ZAP ๋‚ด๋ถ€์—์„œ์˜ ์š”์ฒญ๊ณผ ์ฒ˜๋ฆฌ ๋“ฑ ๋งŽ์€ ๊ธฐ๋Šฅ์„ JSON ๊ธฐ๋ฐ˜์˜ ์Šคํฌ๋ฆฝํŠธํ™” ํ•˜๊ณ  ์‚ฌ์šฉ/๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ๋Š” ์–ธ์–ด์ž…๋‹ˆ๋‹ค. BurpSuite ๋“ฑ ๋‹ค๋ฅธ ๋ฉ”๋‰ด์–ผ ํ…Œ์ŠคํŒ… ๋„๊ตฌ์—์„œ๋Š” ์—†๋Š” ZAP๋งŒ์˜ ๊ฐ•์ ์ธ ๊ธฐ๋Šฅ์ด์ฃ .

How to share other device settings in Axiom

1 min read

์ œ Axiom ์„ธํŒ…์€ ์ฃผ๋กœ ์‚ฌ์šฉํ•˜๋Š” ๋งฅ๋ถ์— ๋˜์–ด์žˆ์Šต๋‹ˆ๋‹ค. ์ตœ๊ทผ์— ์ง‘์— ์žˆ๋Š” ์„œ๋ฒ„์—๋„ ๋™์ผํ•˜๊ฒŒ ์„ธํŒ…ํ•˜๊ธฐ ์œ„ํ•ด์„œ axiom-install์„ ์ง„ํ–‰ํ–ˆ๋Š”๋ฐ์š”, instance ์ •๋ณด๋ฅผ ์ƒˆ๋กœ ๋งŒ๋“œ๋Š” ์ž‘์—…์ด ์ง„ํ–‰๋˜์—ˆ์Šต๋‹ˆ๋‹ค. (์ด๋ฏธ ๋‚œ ์žˆ๋Š”๋ฐ?)

Autochrome - ๋น ๋ฅด๊ฒŒ ๋ณด์•ˆ ํ…Œ์ŠคํŠธ์šฉ ์›น ๋ธŒ๋ผ์šฐ์ € ํ™˜๊ฒฝ์„ ๊ตฌ์„ฑํ•˜์ž!

1 min read

ํŠธ์œ— ๋ณด๋˜ ์ค‘ ์ฒ˜์Œ๋ณด๋Š” ๋„๊ตฌ๊ฐ€ ์žˆ์–ด์„œ ํ…Œ์ŠคํŠธํ•ด๋ดค๊ณ , ์“ธ๋งŒํ•œ ๊ฒƒ ๊ฐ™์•„ ๊ธ€๋กœ ๊ณต์œ ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜ ์†Œ๊ฐœํ•ด๋“œ๋ฆด ๋„๊ตฌ๋Š” ๋น ๋ฅด๊ฒŒ ํ…Œ์ŠคํŒ…์šฉ ๋ธŒ๋ผ์šฐ์ €๋ฅผ ๊ตฌ์„ฑํ•  ์ˆ˜ ์žˆ๋Š” autochrome์ž…๋‹ˆ๋‹ค.

[Cullinan #2] Added change log

~1 min read

Cullinan์—์„œ change log๋ฅผ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•œ ๋ฐฉ์‹์œผ๋กœ ๊ตฌํ˜„ํ–ˆ๊ณ , ์ด๋ ฅ ๊ด€๋ฆฌ์ฐจ ๊ธ€๋กœ ๋‚จ๊ฒจ๋‘ก๋‹ˆ๋‹ค.

How to applying IntelliJ theme in ZAP

1 min read

์–ด์ œ BurpSuite์˜ Customizer์— ๋Œ€ํ•œ ๊ธ€์„ ์ผ์—ˆ์Šต๋‹ˆ๋‹ค. BurpSuite์—์„œ FlatLaf์˜ IntelliJ Theme๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•ด์ฃผ๋Š” ํ™•์žฅ ๊ธฐ๋Šฅ์ด์˜€๊ณ , ๊ธ€ ๋ง๋ฏธ์™€ ๋Œ“๊ธ€์—๋„ ์ž‘์„ฑํ–ˆ๋“ฏ์ด ZAP ๋˜ํ•œ 2.10 ๋ฒ„์ „๋ถ€ํ„ฐ FlatLaf๋ฅผ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๊ตฌํ˜„์ด ๊ฐ€๋Šฅํ• ๊ฑฐ๋ž€ ์ƒ๊ฐ์ด ๋“ค์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Burp Customizer! Change your burpsuite theme

2 min read

There has been a significant change in UI since version 2020.12 of Burp site. (Personally, Iโ€™m unsure) The most important part is the change of LAF(Look and Feel)โ€™s class to PlateLaf. This class can also support other themes developed for IntelliJ Platform, enabling it to apply different themes to the BuffSuite.

[Cullinan #1] ์ปฌ๋ฆฌ๋„Œ ํ”„๋กœ์ ํŠธ ์†Œ๊ฐœ

1 min read

์ œ๊ฐ€ ๋ธ”๋กœ๊ทธ๋ฅผ ์šด์˜ํ•˜๋Š” ๊ฐ€์žฅ ํฐ ์ด์œ  ์ค‘ ํ•˜๋‚˜๋Š” ๊ฐœ์ธ์ ์ธ ์ •๋ฆฌ๊ฐ€ ๋ชฉ์ ์ž…๋‹ˆ๋‹ค. ๋ฌผ๋ก  ๋…ธ์…˜์ด๋‚˜ ๋‹ค๋ฅธ ๋„๊ตฌ๋“ค๋กœ ๋”ฐ๋กœ ์ •๋ฆฌํ•˜์ง€๋งŒ, ๊ธฐ์ˆ ์— ๊ด€๋ จ๋œ ๋‚ด์šฉ๋“ค์€ ์•„๋ฌด๋ž˜๋„ ๋ธ”๋กœ๊น…์„ ํ†ตํ•ด ์ •๋ฆฌํ•˜๋Š”๊ฒŒ ์ต์ˆ™ํ•˜๋‹ค ๋ณด๋‹ˆ ๊ธด ์‹œ๊ฐ„๋™์•ˆ ๊ณ„์† ์ด๋ ‡๊ฒŒ ์ž‘์„ฑํ•˜๊ฒŒ ๋˜๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Hack the browser extension ๐Ÿš€ (์›น ๋ธŒ๋ผ์šฐ์ € ํ™•์žฅ ๊ธฐ๋Šฅ ์ทจ์•ฝ์  ์ ๊ฒ€ํ•˜๊ธฐ)

5 min read

์ƒˆํ•ด ์ฒซ๊ธ€์ž…๋‹ˆ๋‹ค. ์‚ฌ์‹ค 12์›” ๋งˆ์ง€๋ง‰ ๊ธ€๋กœ ์ž‘์„ฑํ•˜๋ ค๊ณ  ํ–ˆ๋Š”๋ฐ, ๋งˆ๋ฌด๋ฆฌ๋ฅผ ๋ชปํ•ด์„œ ์ƒˆํ•ด ์ฒซ๊ธ€์ด ๋˜์–ด๋ฒ„๋ ธ๋„ค์š”. ์ตœ๊ทผ์— ๋ธŒ๋ผ์šฐ์ € ํ™•์žฅ ๊ด€๋ จํ•ด์„œ ๊ธฐ์กด์— ์•Œ๋˜ ๊ฒƒ ๋ณด๋‹ค ์กฐ๊ธˆ ๋” ๋ฆฌ์„œ์น˜ํ•  ์ผ์ด ์žˆ์—ˆ๋Š”๋ฐ, ๊ฒธ์‚ฌ๊ฒธ์‚ฌ ์ •๋ฆฌํ• ๊ฒธ ๋ถ„์„ ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ๊ธ€๋กœ ์ •๋ฆฌํ•ด๋ด…๋‹ˆ๋‹ค.

ToCToU๋ฅผ ์ด์šฉํ•œ ๊ฒ€์ฆ ๋กœ์ง ์šฐํšŒํ•˜๊ธฐ(SSRF/OOB/XXE/ETC)

1 min read

โš ๏ธ SSRF์— ๊ด€๋ จ๋œ ๋‚ด์šฉ์€ Cullinan > SSRF์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ToCToU๋ฅผ ํฌํ•จํ•˜์—ฌ ์ตœ์‹  ๋ฐ์ดํ„ฐ๋กœ ์œ ์ง€๋˜๊ณ  ์žˆ์œผ๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š”!

Security considerations for browser extensions

5 min read

๋ธŒ๋ผ์šฐ์ € ํ™•์žฅ ๊ธฐ๋Šฅ์˜ ๋ณด์•ˆ ๊ด€๋ จํ•˜์—ฌ ํ…Œ์ŠคํŠธํ• ๊ฒŒ ํ•„์š”ํ•˜์—ฌ ์ œ๊ฐ€ ์•Œ๋˜ ๋‚ด์šฉ์— ์กฐ๊ธˆ ๋” ๋ฆฌ์„œ์น˜ํ•˜์—ฌ ๊ธ€๋กœ ์ž‘์„ฑํ•ด ๋ด…๋‹ˆ๋‹ค. ์šฐ์„  ๋ธŒ๋ผ์šฐ์ € ํ™•์žฅ ๊ธฐ๋Šฅ์€ ์›น ๋ธŒ๋ผ์šฐ์ €์— ์ถ”๊ฐ€๋˜๋Š” ์ž‘์€ ๋‹จ์œ„์˜ ์•ฑ์œผ๋กœ Chrome / Safari / Firefox ๋“ฑ๋“ฑ ๋‹ค์ˆ˜ ๋ธŒ๋ผ์šฐ์ €์—์„œ ์›น ๋ธŒ๋ผ์šฐ์ง•, ๊ด‘๊ณ ์ฐจ๋‹จ, ๊ฐ์ข… ํ…Œ์ŠคํŠธ ๊ธฐ๋Šฅ ๋“ฑ ์—ฌ๋Ÿฌ ์‚ฌ์šฉ์ž๋“ค์—๊ฒŒ ์„œ๋น„์Šค๋˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” ์•ฑ ์ƒํƒœ๊ณ„์™€ ๋™์ผํ•˜๊ฒŒ ๊ฐœ์ธ/๊ธฐ์—… ๋“ฑ๋“ฑ์˜ ๊ฐœ๋ฐœ์ž๊ฐ€ ๊ทœ๊ฒฉ์— ๋”ฐ๋ผ ๋งŒ๋“ค๊ณ  ์Šคํ† ์–ด์— ์—…๋กœ๋“œ ํ›„ ์Šน์ธ ์ ˆ์ฐจ๋ฅผ ํ†ตํ•ด ๋“ฑ๋ก๋˜๋Š” ๊ฒƒ์œผ๋กœ ์•Œ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP 2.10 Review โšก๏ธ

3 min read

2020 ๋งˆ์ง€๋ง‰์ด ์–ผ๋งˆ ๋‚จ์ง€ ์•Š์€ ์˜ค๋Š˜ ๋“œ๋””์–ด ZAP 2.10.0์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋™์•ˆ dark mode ๋“ฑ์„ ์ด์œ ๋กœ weekly ๋ฒ„์ „์„ ์‚ฌ์šฉํ–ˆ์—ˆ๋Š”๋ฐ, ์ด์ œ๋Š” ๊ณต์‹ ๋ฒ„์ „์œผ๋กœ ๋„˜์–ด๊ฐ€๋„ ์ข‹์„ ๊ฒƒ ๊ฐ™๋„ค์š”.

Why I Use ZAP

5 min read

Army-Knife for AppSec

Application Security ๋˜๋Š” Pentest, Bugbounty ๋“ฑ ์ „๋ฐ˜์ ์ธ Offensive security ๊ด€๋ จ ์ผ์—์„œ ๊ฐ€์žฅ ํ•ต์‹ฌ์ ์ธ ๋„๊ตฌ๋Š” Burp/ZAP ๊ณผ ๊ฐ™์€ Proxy ๋„๊ตฌ์ž…๋‹ˆ๋‹ค. ์ดˆ๊ธฐ์—๋Š” Proxy ๋„๊ตฌ๋ผ๋Š” ์„ฑํ–ฅ์ด ๊ฐ•ํ–ˆ์ง€๋งŒ, ์ด์ œ๋Š” Proxy ๋„๊ตฌ๋ผ๊ธฐ ๋ณด๋‹จ Army-Knife ๋ผ๊ณ  ๋ณด๋Š”๊ฒŒ ๋” ์ ํ•ฉํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Make cloud base ZAP Scanning Environment Using github-action

1 min read

Hi hackers and bugbounty hunters :D Today, I talk about building a github-action-based ZAP scanning environment. As you know, there is no time limit for public repo, so you can configure a cloud-based vulnerability scanner for free ๐Ÿ˜‰

Setup a Pentest environment with Axiom

3 min read

What is Axiom

Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud enviornments, build and deploy repeatable infrastructure focussed on offensive and defensive security.

Docker scratch image from a Security perspective

2 min read

์ตœ๊ทผ ๋„์ปค ๊ด€๋ จํ•ด์„œ ํ…Œ์ŠคํŠธํ•˜๋˜ ์ค‘ Scratch ๋ผ๋Š” ์ด๋ฏธ์ง€๋ฅผ ๋ณด๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋ก  ์ฒ˜์Œ๋ณด๋Š” ์ด๋ฏธ์ง€์ธ๋ฐ, ํŠน์ดํ•˜๊ฒŒ๋„ ๋ณดํŽธ์ ์ธ OS์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋ช…๋ น์–ด๋ถ€ํ„ฐ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ค‘์š”ํ•œ ๋ฐ”์ด๋„ˆ๋ฆฌ๋‚˜ ์„ค์ •๊นŒ์ง€ ์—†๋Š” ๋…ํŠนํ•œ ์ด๋ฏธ์ง€์˜€์ฃ . ์ฐพ๋‹ค๋ณด๋‹ˆ ์ƒ๊ฐ๋ณด๋‹ค ์žฌ๋ฏธ์žˆ๋Š” ์ด๋ฏธ์ง€์—ฌ์„œ ๊ด€๋ จ ๋‚ด์šฉ๊ณผ ์ €์˜ ์ƒ๊ฐ์„ ์•ฝ๊ฐ„ ๋”ํ•ด์„œ ๊ธ€์„ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Forcing HTTP Redirect XSS

1 min read

TL;DR

If you are in English, I hope you read this! Iโ€™ve tested more, but thereโ€™s no unusual pattern. If youโ€™re curious about my story, try using a translator! not writing in two languages because I am little tired today.

Amass, go deep in the sea with free APIs

5 min read

There are several types of Subdomains scanning tools. Amass, Subfinder, findomain, etcโ€ฆ In my opinion, the tool at its peak is Amass, and many Bugbounty hunters have automated systems through Amass. Today Iโ€™m going to talk about ways to expand Amassโ€™ datasources and get more results.

์•จ๋ฆฌ์Šค(Alice)์™€ ๋ฐฅ(Bob) ๊ทธ๋ฆฌ๊ณ  ์บ๋กค(Carol), ์ด๋ฆ„์˜ ์˜๋ฏธ๋Š”?

1 min read

๋ณด์•ˆ์ชฝ์—์„œ ์ž์ฃผ ๋‚˜์˜ค๋Š” ์‚ฌ๋žŒ ์ด๋ฆ„์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ์•จ๋ฆฌ์Šค(Alice)์™€ ๋ฐฅ(Bob), ๊ทธ๋ฆฌ๊ณ  ์บ๋กค(Carol)์ธ๋ฐ์š”. 02๋ž‘ ์ด์•ผ๊ธฐํ•˜๋˜ ์ค‘ A/B/C ์ด์•ผ๊ธฐ๊ฐ€ ๋‚˜์™€ ์ฐพ๋‹ค๋ณด๋‹ˆ ์ œ๊ฐ€ ์•„๋Š” ๊ฒƒ ๋ณด๋‹ค ์ข…๋ฅ˜๊ฐ€ ํ›จ์”ฌ ๋งŽ๊ณ  ๊ฐ๊ฐ ์˜๋ฏธ๋„ ๋‹ค ๋ถ€์—ฌ๋˜์–ด ์žˆ๋”๊ตฐ์š”. (์ „ ๊ทธ๋ƒฅ ์•ŒํŒŒ๋ฒณ ์ˆœ์„œ์— ๋”ฐ๋ผ์„œ 1~n๋ฒˆ์งธ ๋‹น์‚ฌ์ž๋ผ๊ณ  ์ƒ๊ฐํ–ˆ๋Š”๋ฐ..) โ€‹ ์•Œ์•„์„œ ๋‚˜์ ๊ป€ ์—†์œผ๋‹ˆ ๊ฐ€๋ณ๊ฒŒ ์ •๋ฆฌํ•ด์„œ ๊ธ€๋กœ ์˜ฌ๋ ค๋‘ก๋‹ˆ๋‹ค :D โ€‹

Names

Future of the WebHackersWaepons

1 min read

Concept feature in future

So far I have been github repoing tools simply to enumerate them, but weโ€™re thinking about how weโ€™ll be able to easily install/uninstall/update the tools that are included in the future.

Scanning multiple targets in ZAP

1 min read

์ €๋Š” ZAP๊ณผ Burp pro ๋ชจ๋‘๋ฅผ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ๊ฐ ๋„๊ตฌ๊ฐ€ ๊ฐ€์ง„ ํŠน์„ฑ๊ณผ ๋ผ์ด์„ ์Šค์ ์ธ ๋ฌธ์ œ๋กœ ์ธํ•ด์„œ ๊ฐ™์ด ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋Š”๋ฐ, ์‚ฌ์‹ค ๋ˆ„๊ฐ€ ์ข‹๋‹ค๊ณ  ์šฐ์œ„๋ฅผ ๊ฐ€๋ฆฌ๊ธฐ๋Š” ์–ด๋ ต์Šต๋‹ˆ๋‹ค. (์›Œ๋‚™ ํŠน์„ฑ๋„ ๋‹ค๋ฅด๊ณ , ๊ฐ ๋„๊ตฌ๊ฐ€ ๋ฐ”๋ผ๋ณด๋Š” ๋ชฉํ‘œ๋„ ๋ถ„๋ช…ํžˆ ๋‹ฌ๋ผ์š”)

Transient events for XSS(sendBeacon?!)

1 min read

I saw a new post in portswigger research today. Itโ€™s about how to successfully prove XSS when the attack phrase is blocked by WAF, but itโ€™s short but interesting, so Iโ€™m writing it.

How to add custom header in ZAP and zap-cli

3 min read

The zap-cli is a tool that helps make ZAP easy to use on the command line. From simple scanning to CI/CD Pipeline, itโ€™s a tool thatโ€™s used everywhere. Unlike other scanners, it does not support custom headers.

NMAP CheatSheet

2 min read

Cullinan(Wiki) ํ”„๋กœ์ ํŠธ๋ฅผ ์ง„ํ–‰ํ•˜๋ฉด์„œ Cullinan - Nmap์— ๋‹ค์‹œ ์ •๋ฆฌํ•ด๋‘์—ˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€๊ฐ€ ์ตœ์‹ ์ด๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” ๐Ÿ˜Ž

One custom certificate, Using all tools and your devices (for bug bounty/pentesting)

5 min read

์ €๋Š” Burp pro / ZAP / Cli base proxy 3๊ฐ€์ง€ ๋ชจ๋‘๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋‹จ์ˆœํžˆ ์›น๋งŒ ํ…Œ์ŠคํŒ…ํ•  ๋• ํฌ๊ฒŒ ์™€๋‹ฟ์ง€ ์•Š์ง€๋งŒ, ๋ชจ๋ฐ”์ผ์„ ํ…Œ์ŠคํŠธํ•  ๋• ์ธ์ฆ์„œ๊ฐ€ ์ƒ๋‹นํžˆ ๊ท€์ฐฎ์Šต๋‹ˆ๋‹ค. (ํŠนํžˆ ์ž„์‹œ๋กœ ์‚ฌ์šฉํ•˜๋Š” ํฐ๋“ค์€..)

E-mail ํฌ๋งท์„ ์ด์šฉํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ Exploiting ๊ธฐ๋ฒ•๋“ค

2 min read

Recently, the nahamcon2020 was in over. I difficult to watching it in my time zone, so I just looked at the documents after itโ€™s over. They were all very interesting and I learned a lot of new things. Today Iโ€™m going to talk about the email attack that I saw the most interesting among them. Of course, if you using english, best document is original material, so refer to the link below, and I will write only in Korean today!

Find reflected parameter on ZAP for XSS!

1 min read

์˜ฌํ•ด๋ถ€ํ„ฐ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ์‹œ ์‚ฌ์šฉํ•˜๊ธฐ ์ข‹์€ ์›น ํ•ดํ‚น ๋„๊ตฌ๋“ค์„ ์ •๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ์ค‘์—” BurpSuite์™€ ZAP์˜ ํ™•์žฅ ๊ธฐ๋Šฅ ์ปฌ๋ ‰์…˜๋„ ์žˆ๊ณ  ํŠธ์œ—ํ†ตํ•ด ์ถ”์ฒœ์„ ๋ฐ›๋˜ ์ค‘ ์“ธ๋งŒํ•œ ZAP ํ™•์žฅ ๊ธฐ๋Šฅ์„ ์ฐพ์•„ ๊ธ€๋กœ ๊ฐ„๋žตํ•˜๊ฒŒ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

How to use DalFoxโ€™s Fun Options (if found notify , custom grepping)

7 min read

As you can see from my blog and tweet, I recently full-change(new projectโ€ฆ) my XSpear and created an XSS Scanning tool called DalFox. Today, Iโ€™m going to share some tips for using DalFox. ์ œ ๋ธ”๋กœ๊ทธ๋‚˜ ํŠธ์œ—์„ ๋ณธ๋‹ค๋ฉด ์•Œ๊ฒ ์ง€๋งŒ, ์ตœ๊ทผ XSpear๋ฅผ ๊ฐˆ์•„์—Ž๊ณ  DalFox๋ผ๋Š” XSS Scanning ๋„๊ตฌ๋ฅผ ๋งŒ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

New my XSS scanning tool โ€œDalFoxโ€ :D

3 min read

Hi, hackers and bugbounty hunters. Today Iโ€™m going to talk about my new XSS tool, DalFox. Iโ€™m sure there are a lot of bugs because itโ€™s still under development, but Iโ€™m going to talk it lightly now because itโ€™s somewhat functional and has a critical bug fixed!

How to import external spidering output to Burpsuite or ZAP

1 min read

Normally, BurpSuite or ZAP is the main tool of testing during bugbounty or security testing. Itโ€™s good to navigate directly with the spider function in there, but sometimes you need help from an external crawler. (especially when using a waybackmachine) ํ‰์†Œ์— ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ๋‚˜ ํ…Œ์ŠคํŒ… ์‹œ BurpSuite์—์„œ ์ฃผ๋กœ ํ…Œ์ŠคํŒ…์„ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค. Burp์—์„œ์˜ spider ๊ธฐ๋Šฅ๊ณผ ์ง์ ‘ ๋Œ์•„๋‹ค๋‹ˆ๋Š”๊ฒŒ ์ข‹๊ธดํ•˜์ง€๋งŒ, ๋•Œ๋ก  ์™ธ๋ถ€ ํฌ๋กค๋Ÿฌ์˜ ๋„์›€์ด ํ•„์š”ํ• ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. (ํŠนํžˆ waybackmachine์„ ์‚ฌ์šฉํ• ๋•์š”)

Recon using fzf and other tools. for bugbounty

4 min read

๋•Œ๋•Œ๋กœ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ๋ฅผ ํ•˜๋‹ค๋ณด๋ฉด, ๊ต‰์žฅํžˆ ๋งŽ์€ ํŒŒ์ผ์„ ๋งŒ๋‚˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค. ํŠนํžˆ meg, gospider ๋“ฑ recon ๋„๊ตฌ๋ฅผ ์‚ฌ์šฉํ•œ ๊ฒฐ๊ณผ์˜ ์–‘์€ ์ƒ์ƒ์„ ์ดˆ์›”ํ•ฉ๋‹ˆ๋‹ค.

Ways to XSS without parentheses

1 min read

Introduction

๊ฐ„๋งŒ์— @garethheyes ๊ฐ€ ๊ต‰์žฅํžˆ ์“ธ๋งŒํ•œ ํ…Œํฌ๋‹‰์„ ํ•˜๋‚˜ ๊ณต์œ ํ–ˆ์Šต๋‹ˆ๋‹ค. DOMMatrix ๋ฅผ ์ด์šฉํ•ด์„œ ๊ด„ํ˜ธ ๊ฒ€์ฆ์„ ๋‚˜๊ฐ€๋Š” ๋ฐฉ๋ฒ•์ด๊ณ , ๊ธฐ์กด์— ์‚ฌ์šฉํ•˜๋˜ ๋ฐฉ๋ฒ•๋“ค์— ์–ด๋ ค์›€์ด ์žˆ์„ ๋•Œ ์ฐธ๊ณ ํ•ด๋ณผ๋งŒํ•œ ๊ธฐ๋ฒ•์ž…๋‹ˆ๋‹ค. ๊ผญ ํ•œ๋ฒˆ ์ฝ์–ด๋ณด์„ธ์š”.!

Find S3 bucket takeover , S3 Misconfiguration using pipelining(s3reverse/meg/gf/s3scanner)

1 min read

Hi hackers! Today, iโ€™m going to talk about easy-to-find methods using S3 Bucket takeover and Misconfiguration (Write/Readโ€ฆ). ์˜ค๋žœ๋งŒ์— ๊ธ€์„ ์“ฐ๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”. ์š”์ฆ˜ ์ฝ”๋กœ๋‚˜19๋กœ ์ธํ•ด ์žฌํƒ๊ทผ๋ฌด๋ฅผ ํ•œ๋‹ฌ๋„˜์ง“ ํ•œ ๊ฒƒ ๊ฐ™์€๋ฐ, ํ‰์†Œ๋ณด๋‹ค ์ผ์„ ๋” ๋งŽ์ดํ•˜๊ฒŒ ๋˜๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๋•๋ถ„์— ๋ธ”๋กœ๊ทธ์— ์•ฝ๊ฐ„ ์†Œํ˜ํ–ˆ๋˜ ๊ฒƒ ๊ฐ™์€๋ฐ์š”, ๋‹ค์‹œ ๊ฐ€๋‹ค์žก๊ณ  ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ S3 Bucket takeover์™€ Misconfiguration(Write/Read, etc..) pipelining์„ ์ด์šฉํ•˜์—ฌ ์‰ฝ๊ฒŒ ์ฐพ๋Š” ๋ฐฉ๋ฒ•๋“ค์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Recon with waybackmachine. For BugBounty!

2 min read

Iโ€™m busy with work these days, so I think Iโ€™m writing in two weeks. (Actually, I couldnโ€™t write it because I was tired. LOL) Today Iโ€™m going to share a tip that I used a lot on bugbounty. ์š”์ฆ˜ ์ผ๋กœ ์ธํ•ด ๋ฐ”๋น ์„œ ๊ฑฐ์˜ 2์ฃผ๋งŒ์— ๊ธ€์„ ์“ฐ๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. (์‚ฌ์‹ค ํ”ผ๊ณคํ•ด์„œ ๋ชป์ผ์–ด์š”..ใ…‹ใ…‹) ์˜ค๋Š˜์€ ๋‚ด๊ฐ€ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ์—์„œ ์ž์ฃผ ์‚ฌ์šฉํ•˜๋˜ ํŒ ํ•˜๋‚˜๋ฅผ ๊ณต์œ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Using the Flat Darcula theme(dark mode) in ZAP!!

~1 min read

ํŠธ์œ„ํ„ฐ๋ฅผ ๋ณด๋˜ ์ค‘ ์‚ฌ์ด๋จผ์˜ ์–ด๋งˆ์–ด๋งˆํ•œ ํŠธ์œ—์„ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ZAP์˜ Dark ๋ชจ๋“œ ์ง€์›์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์˜€๋Š”๋ฐ์š”. ๊ฐ€๋ณ๊ฒŒ ๋ฆฌํŠธ์œ—ํ–ˆ๋”๋‹ˆ ์ด๋ฏธ commit ๋œ ๋‚ด์šฉ์ด๊ณ  ๋ฐ”๋กœ ์‚ฌ์šฉํ•ด ๋ณผ ์ˆ˜ ์žˆ๋‹ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์•„์ง Weekly ๋ฒ„์ „์—๋„ ๋ฐ˜์˜๋˜์ง€ ์•Š์•˜์ง€๋งŒ, ๋ฏธ๋ฆฌ ์ฒดํ—˜ํ•ด๋ณด๊ธฐ๋กœ ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค.

Find testing point using tomnomnomโ€™s tool, for bugbounty!

3 min read

I recently watched a video that looked for inspection points in a unique way from Stokโ€™s video(interviewed tomnomnom) So, today, Iโ€™m going to introduce you to some of the tools and techniques introduced in that video. ์ตœ๊ทผ์— Stok ์˜์ƒ ์ค‘ tomnomnom ๋ฅผ ์ธํ„ฐ๋ทฐํ•œ๊ฒŒ ์žˆ์–ด์„œ ๋ณด๋˜ ์ค‘ ํŠน์ดํ•œ ๋ฐฉ์‹์œผ๋กœ ์ ๊ฒ€ ํฌ์ธํŠธ๋ฅผ ์ฐพ๋Š” ์˜์ƒ์„ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ, ์˜ค๋Š˜์€ ํ•ด๋‹น ์˜์ƒ์—์„œ ์†Œ๊ฐœ๋œ ํˆด๊ณผ ๊ธฐ๋ฒ•๋“ค ์ค‘ ์ผ๋ถ€๋ฅผ ๊ฐ€๋ณ๊ฒŒ ์†Œ๊ฐœํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. (์ €๋„ ์ •๋ฆฌ๊ฐ€ ํ•„์š”ํ•ด์„œ๋ฆฌ..)

First new XSS Payload of 2020(svg animate, onpointerrawupdate)

~1 min read

Hi hackers and bugbounty hunter! Recently, two previously unknown XSS Payloads were disclosure one after another. Itโ€™s not a payload thatโ€™s very difficult to understand, so Iโ€™ll share it briefly! ์ตœ๊ทผ ๊ธฐ์กด์— ์•Œ๋ ค์ง€์ง€ ์•Š์€ XSS Payload 2๊ฐœ๊ฐ€ ์—ฐ๋‹ฌ์•„ ๊ณต๊ฐœ๋ฌ์Šต๋‹ˆ๋‹ค. ์ดํ•ด์— ํฐ ์–ด๋ ค์›€์ด ์žˆ๋Š” ํŽ˜์ด๋กœ๋“œ๋Š” ์•„๋‹ˆ๋‹ˆ, ๊ฐ„๋žตํ•˜๊ฒŒ๋งŒ ๋‚ด์šฉ ๊ณต์œ ํ• ๊ฒŒ์š”!

BurpSuite 2020.01 Release Review, Change HTTP Message Editor!

1 min read

The first release of Burp 2020.01 was released recently. I think end of last year, the Navigation Embedded Browser in the 2.1.05 release may not be a big change because of its impact, but it has improved a lot in usability because this update. ์ตœ๊ทผ์— Burp 2020.01 ์ฒซ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ๋‚˜์™”์Šต๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ž‘๋…„ ๋ง์ฏค์— 2.1.05 ๋ฆด๋ฆฌ์ฆˆ์—์„œ์˜ Navigation Embedded Browser๊ฐ€ ์›Œ๋‚™ ์ž„ํŒฉํŠธ๊ฐ€ ์žˆ์–ด์„œ ํฐ ๋ณ€ํ™”๋ผ๊ณ ๋Š” ๋ชป๋Š๋ผ๊ฒ ์ง€๋งŒ, ๊ทธ๋ž˜๋„ ์‚ฌ์šฉ์„ฑ์— ์žˆ์–ด์„œ ๊ต‰์žฅํžˆ ๋งŽ์€ ๋ถ€๋ถ„๋“ค์ด ๊ฐœ์„ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Metasploit์—์„œ Database connection์ด ์ž์ฃผ ๋Š๊ธด๋‹ค๋ฉด?

1 min read

๊ฐ„ํ˜น Metasploit์„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์œผ๋ฉด ๊ฐ‘์ž๊ธฐ DB Connection์ด ์‚ฌ๋ผ์ง€๊ณคํ•ฉ๋‹ˆ๋‹ค. ์ œ ํ™˜๊ฒฝ์—์„œ๋„ ํŠน์ • PC์—์„œ ์œ ๋… ์ž˜ ๋Š์–ด์ง€๋Š”๋ฐ์š”, ๊ฐ„๋‹จํ•œ ํŠธ๋ฆญ์œผ๋กœ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐ์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Write Metasploit Module in Golang

2 min read

Metaploit์—์„œ 2018๋…„ 12์›”๋ถ€ํ„ฐ golang module ์ง€์›์ด ์‹œ์ž‘๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ €๋„ ์ž˜ ๋ชจ๋ฅด๊ณ  ์žˆ๋‹ค๊ฐ€ ์ตœ๊ทผ์—์„œ์•ผ ์•Œ๊ฒŒ ๋˜์—ˆ๋„ค์š”.

Cookie and SameSite

5 min read

์˜ฌ 2์›”๋ถ€ํ„ฐ Chrome ๋ธŒ๋ผ์šฐ์ €์—์„œ SameSite=Lax๊ฐ€ ๊ธฐ๋ณธ๊ฐ’์œผ๋กœ ๋ณ€๊ฒฝ๋ฉ๋‹ˆ๋‹ค.

JSON Hijacking, SOP Bypass Technic with Cache-Control

3 min read

Today, I write post at technique that bypasses SOP using cache during JSON Hijacking. Itโ€™s not always available because conditions are necessary, but if the conditions are right, you can get an unexpected good result. (์˜ค๋Š˜์€ JSON Hijacking ์ค‘ cache๋ฅผ ์ด์šฉํ•˜์—ฌ SOP๋ฅผ ์šฐํšŒํ•˜๋Š” ๊ธฐ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ด ๋ฐฉ๋ฒ•์€ ์กฐ๊ฑด์ด ํ•„์š”ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ํ•ญ์ƒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์ง„ ์•Š์ง€๋งŒ, ์กฐ๊ฑด๋งŒ ๋งž๋Š”๋‹ค๋ฉด ๋œป๋ฐ–์˜ ์ข‹์€ ๊ฒฐ๊ณผ๋ฅผ ์–ป์„์ˆ˜๋„ ์žˆ์Šต๋‹ˆ๋‹ค)

Stepper! Evolution repeater on Burp suite

1 min read

์˜ค๋Š˜์€ Burp suite์˜ ํ™•์žฅ ๊ธฐ๋Šฅ ํ•˜๋‚˜๋ฅผ ์†Œ๊ฐœํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ ์ตœ๊ทผ์— ์ฐพ์€ ๊ฒƒ ์ค‘์— ์ •๋ง ์“ธ๋งŒํ•˜๋‹ค๊ณ  ๋Š๋ผ๋Š” ํ™•์žฅ ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค.

XSpear 1.3 version released!

~1 min read

Hi hackers! I worked hard to finish the XSpear 1.3 version with this yearโ€™s last release. and, 1.3 version released!

BurpSuite์—์„œ Request ์ •๋ณด๋ฅผ ํฌํ•จํ•˜์—ฌ CLI ์•ฑ ์‹คํ–‰ํ•˜๊ธฐ)

2 min read

์˜ค๋Š˜์€ Burp suite์—์„œ ์™ธ๋ถ€ ์•ฑ์„ ์‹คํ–‰ํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ๋น„์Šทํ•œ ๋‚ด์šฉ(ZAP)์œผ๋กœ ์˜ˆ์ „์— ๊ธ€์„ ์“ด์ ์ด ์žˆ์—ˆ๋Š”๋ฐ์š”, ๋“œ๋””์–ด ๊ด€๋ จ ํ™•์žฅ ๊ธฐ๋Šฅ์ด ์—…๋ฐ์ดํŠธ๋˜์–ด์„œ Burp suite์—์„œ๋„ ๋™์ผํ•œ ์ง“์„ ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Test with GoBuster! (Powerful bruteforcing tool of golang)

2 min read

directory ์Šค์บ” ๋„๊ตฌ์˜ dirbuster๊ฐ€ ์•„์ฃผ ๊ฐ•์„ธ์˜€์Šต๋‹ˆ๋‹ค๋งŒ, ์˜ฌํ•ด๋ถ€ํ„ฐ gobuster๊ฐ€ ๋” ๋งŽ์ด์“ฐ์ด๋Š” ๊ฒƒ ๊ฐ™์€ ๋Š๋‚Œ์ด ๋“ญ๋‹ˆ๋‹ค. ๋‹น์—ฐํžˆ ์Šค์บ” ๋„๊ตฌ๋Š” ์ด์   golang์ด ์••๋„์ ์ผ๊ฒ๋‹ˆ๋‹ค. (๊ณ ๋ฃจํ‹ด๊ณผ ๊ณ ์ฑ„๋„์˜ ํž˜์ด๋ž€..) The directory scan toolโ€™s dirbuster has been very strong, but it feels like gobuster going to be more popular this year. Of course, now the scanners are going to be dominated by golang.

Arachni scanner์—์„œ Webhook์œผ๋กœ Slack ์—ฐ๋™ํ•˜๊ธฐ(Send msg to slack when arachni scan is complete)

2 min read

Arachni๋Š” ์„ฑ๋Šฅ ์ข‹์€ ์›น ์ทจ์•ฝ์  ์Šค์บ๋„ˆ์ž„๊ณผ ๋™์‹œ์— CI/CD ๋ฐ ํ™•์žฅ์„ฑ์ด ๊ต‰์žฅํžˆ ์ข‹์Šต๋‹ˆ๋‹ค. Web-UI, REST Server , RPCd, Cli, Interactive Shell ์ง€์›ํ•˜๋Š” ๊ฒƒ๋งŒ ๋ด๋„ ๊ฐœ๋ฐœ์ž๊ฐ€ ์—„์ฒญ ์‹ ๊ฒฝ์ผ๋‹ค๋Š”๊ฒŒ ๋Š๊ปด์ง€์ง€์š”. Arachni is powerful scanner of universe.

Two easy ways to get a list of scopes from a hackerone

1 min read

Hi hackers, I write post for easy get bugbounty target scope. simple 2 way. ํ•ด์ปค์› ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ํ”„๋กœ๊ทธ๋žจ๋“ค์„ ๋ณด๋ฉด ํƒ€๊ฒŸ ๋„๋ฉ”์ธ์ด ๊ต‰์žฅํžˆ ๋งŽ์€ ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋งค๋ฒˆ Scope ์ฒ˜๋ฆฌํ•˜๊ฑฐ๋‚˜, ํ…Œ์ŠคํŠธ ํ•  ๋•Œ ํ™•์ธํ•˜๊ธฐ ๋ถˆํŽธํ•œ๊ฐ์ด ์žˆ๋Š”๋ฐ, ์ด๋ฅผ ์‰ฝ๊ฒŒ ์ฒ˜๋ฆฌํ•  ์ˆ˜ ์žˆ๋Š” 2๊ฐ€์ง€ ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Check logic vulnerability point using GET/HEAD in Ruby on Rails

3 min read

์ตœ๊ทผ์— Github OAuth flow bypass ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ด ์ทจ์•ฝ์ ์€ Rails ์•ฑ์˜ ํŠน์„ฑ์„ ์ด์šฉํ•œ ์ทจ์•ฝ์ ์ด๊ณ , Github๋งŒ์˜ ๋ฌธ์ œ๊ฐ€ ์•„๋‹ˆ๊ณ  ํŒจ์น˜๋กœ ๋ชจ๋“  Rails ์•ฑ์„ ๋ณดํ˜ธํ•  ์ˆ˜๋„ ์—†์Šต๋‹ˆ๋‹ค. Today, I going to review one vulnerability that needs to be checked in the Rails App environment through the Github OAuth flow bypass vulnerability. (B recently shared something interesting to me.)

How to diable detectportal.firefox.com in firefox(enemy of burpsuite)

~1 min read

When i hack the web with proxy tools like Firefox + Burp suite or ZAP, thereโ€™s a very annoying request. ํŒŒ์ด์–ดํญ์Šค์™€ Burp suite, ZAP ๋“ฑ์˜ ํ”„๋ก์‹œ ๋„๊ตฌ๋กœ ํ…Œ์ŠคํŠธ๋ฅผ ํ•˜๋‹ค๋ณด๋ฉด, ๊ต‰์žฅํžˆ ๊ฑฐ์Šฌ๋ฆฌ๋Š” ์š”์ฒญ์ด ์žˆ์Šต๋‹ˆ๋‹ค.

Burp suite using Tor network

1 min read

๋ฒ„๊ทธ ๋ฐ”์šดํ‹ฐ๋ฅผ ํ•˜๋‹ค๋ณด๋ฉด, ๊ฐ„ํ˜น ์ฐจ๋‹จ๋˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋‹ค์‹œ ์ฐจ๋‹จ์„ ์šฐํšŒํ•˜๊ณ  ์ ‘์†ํ•  ์ˆ˜ ์žˆ๋Š” ๋ฐฉ๋ฒ•์—๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์œผ๋‚˜ tor๋ฅผ ์ด์šฉํ•˜๋ฉด ๊ฐ„๋‹จํ•˜๊ฒŒ ์ฒ˜๋ฆฌํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Upgrade self XSS to Exploitable XSS an 3 Ways Technic

3 min read

์˜ค๋Š˜์€ Self-XSS๋ฅผ ์œ ํšจํ•œ XSS๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•˜๋Š” ๋ฐฉ๋ฒ• 3๊ฐ€์ง€์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

์›น ์†Œ์ผ“์˜ ์ƒˆ๋กœ์šด ๊ณต๊ฒฉ ๊ธฐ๋ฒ•! WebSocket Connection Smuggling ๐Ÿ˜ˆ

3 min read

์˜ค๋Š˜์€ WebSocket Connection Smuggling์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. Hacktivity 2019 ์ปจํผ๋Ÿฐ์Šค์—์„œ ๋ฐœํ‘œ๋œ ๋‚ด์šฉ์ด๊ณ , ์‹ ๊ธฐํ•œ๊ฑฐ ๊ฐ™์•„์„œ ๋ช‡๋ฒˆ ํ…Œ์ŠคํŠธํ•ด๋ณด๋‹ˆ ์‹ค์ œ ์ผ€์ด์Šค์—์„œ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ๋Š” ๋ฌธ์ œ๋กœ ๋ณด์ด๋„ค์š”.. (์ € ๋ฉ€๋ฆฌ ํ—๊ฐ€๋ฆฌ์—์„œ ํ•˜๋Š” ์ปจํผ๋Ÿฐ์Šค๋ผ ๊ฐ€๋ณธ์ ๋„ ์—†๊ณ ํ•œ๋ฐ, ๋ณผ๋งŒํ•œ ๋‚ด์šฉ๋“ค์ด ์ข€ ์žˆ๋„ค์š”!)

PHP7 UnderFlow RCE Vulnerabliity(CVE-2019-11043) ๊ฐ„๋‹จ ๋ถ„์„

5 min read

์ผ์ฃผ์ผ์ „์— PHP FPM ์ทจ์•ฝ์  ๊ด€๋ จ ๋‚ด์šฉ ๋ฐ PoC๊ฐ€ ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. RCE๊ฐ€ ๊ฐ€๋Šฅํ•˜๊ณ , PoC๊ฐ€ ์›Œ๋‚™ ์ž˜ ๋‚˜์˜จ ์ผ€์ด์Šค๋ผ ์•„๋งˆ ๋Œ€๋‹ค์ˆ˜๊ฐ€ ๊ธด๊ธ‰์œผ๋กœ ๋Œ€์‘ํ•˜์ง€ ์•Š์•˜์„๊นŒ ์‹ถ์Šต๋‹ˆ๋‹ค.

CPDoS(Cache Poisoned Denial of Service) Attack for Korean

4 min read

์ตœ๊ทผ์— CPDos์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๊ฐ€ ํ•ซํ•ฉ๋‹ˆ๋‹ค. HTTP Desync Attack ๋•Œ ์ด๋ฏธ ๊ฒฝํ—˜ํ–ˆ๋˜ ๋ถ€๋ถ„์ด์ง€๋งŒ, ์—ฌ๋Ÿฌ๋ชจ๋กœ ์ด์Šˆํ™” ๋˜๋‹ค๋ณด๋‹ˆ ์ผ์ ์œผ๋กœ๋‚˜ ๊ฐœ์ธ์ ์œผ๋กœ๋‚˜ ํ…Œ์ŠคํŠธ๋ฅผ ์ข€(๊ฐ•์ œ๋กœ..) ํ•ด๋ณด๊ฒŒ ๋˜์—ˆ๋„ค์š”.

Find Subdomain Takeover with Amass + SubJack

1 min read

Subdomain takeover was once a very popular vulnerability. Itโ€™s still constantly being discovered. Of course, there are so many hackers running automated code that itโ€™s hard to actually find it. but youโ€™ll find it with lucky. and from the corporate security point of view, you have to check it out. so i share it.

jwt-cracker๋ฅผ ์ด์šฉํ•œ secret key crack

~1 min read

JWT๋Š” ๋‚ด์šฉ์— ๋Œ€ํ•œ ์„œ๋ช…์„ ๋‚ด์šฉ ๋’ค์— ๋ถ™์—ฌ์ฃผ์–ด ์œ„๋ณ€์กฐ๋ฅผ ๊ฐ์ง€ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„ํ˜น secret์ด ๊ฐ„๋‹จํ•˜๊ฒŒ ์„ค์ •๋œ ๊ฒฝ์šฐ์—๋Š” secret์„ ์ฐพ๊ณ  ๋ณ€์กฐ๋œ JWT๋ฅผ ๋งŒ๋“ค ์ˆ˜ ์žˆ๋Š”๋ฐ, ์ด๋ฅผ ์ธ์ฆ์— ์‚ฌ์šฉํ•˜๊ฑฐ๋‚˜ ์ค‘์š” ๋กœ์ง์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ์ฝ์–ด ์‚ฌ์šฉํ•˜๋Š” ๊ฒฝ์šฐ ํฐ ๋ณด์•ˆ์ ์ธ ๋ฆฌ์Šคํฌ๋ฅผ ๊ฐ€์ง€๊ฒŒ๋ฉ๋‹ˆ๋‹ค.

Bypass referer check logic for CSRF

2 min read

Referer header check is probably the most frequently used CSRF countermeasure. Itโ€™s easier to implement and less performance issues than the token approach, so itโ€™s the preferred approach, and thatโ€™s the some risk for bypass.

New Technic of HTTP Desync Attack

~1 min read

After the HTTP Desync Attack announcement, the bugbounty hunters and corporate security personnel seem to be very busy. Albino recently announced that he would be writing additional articles, and new post were posted on the portswigger blog.

If you find powerful OXML XXE tool? itโ€™s โ€œDOCEMโ€

3 min read

XXE ํ…Œ์ŠคํŠธ ์‹œ ์“ธ๋งŒํ•œ ๋„๊ตฌ ํ•˜๋‚˜ ์ฐพ์•„์„œ ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค. ์ง์ ‘ ๋…ธ๊ฐ€๋‹คํ•˜๊ฑฐ๋‚˜ ๊ธฐ์กด์— ๊ณต๊ฐœ๋ฌ๋˜ ํˆด๋ณด๋‹จ ํ›จ์”ฌ ํŽธ๋ฆฌํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Normalized Stored XSS (\xef\xbc\x9c => \x3c)

~1 min read

ํ•ด์ปค์› ๋ณด๊ณ ์„œ๋ฅผ ์ฝ๋˜ ์ค‘ ์žฌ๋ฏธ์žˆ๋Š” XSS ์ทจ์•ฝ์ ์ด ์žˆ์–ด ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค.

Path Traversal pattern of ../

~1 min read

Path traversal ํŽ˜์ด๋กœ๋“œ ๊ด€๋ จํ•ด์„œ ํˆด ์‚ฌ์šฉ์ด ์–ด๋ ค์šธ ๋•Œ ๋งค๋ฒˆ ํƒ€์ดํ•‘ํ•˜๊ธฐ ๊ท€์ฐฎ์•„์„œ ํ•˜๋‚˜ ๋งŒ๋“ค์–ด๋‘๊ณ  ์“ฐ๊ณ  ์ด์—ˆ์Šต๋‹ˆ๋‹ค. cheatsheet์ชฝ์— ์ •๋ฆฌํ•˜๋ ค๋‹ค๊ฐ€, ์•„์ง ๊ฐœํŽธ(์ง„ํ–‰์ค‘์ด๋ž๋‹ˆ๋‹ค..)์ค‘์ด๊ณ  ์ดํ›„์— ์–ด๋–ค ํ˜•ํƒœ๋กœ ๋‚˜ํƒ€๋‚ผ์ง€ ์ž๋ฆฌ์žกํžˆ์ง€ ์•Š์•„์„œ ๊ธ€๋กœ ๋ฏธ๋ฆฌ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

Bypass host validation Technique in Android (Common+Golden+MyThink)

2 min read

SSRF, CSRF, Open Redirect ๋“ฑ ์‚ฌ์šฉ์ž๋กœ๋ถ€ํ„ฐ ์ž…๋ ฅ๋ฐ›์€ URL์„ ๊ฒ€์ฆํ•ด์•ผํ•  ์ผ์€ ๋งŽ์Šต๋‹ˆ๋‹ค. ์ง์ ‘ ๊ฒ€์ฆ ๋กœ์ง์„ ํ•˜๋‚˜ํ•˜๋‚˜ ๊ตฌํ˜„ํ•˜๋Š” ๋ฐฉ๋ฒ•๋„ ์žˆ์ง€๋งŒ, ๋ณดํ†ต์€ ๊ฐ ์–ธ์–ด์—์„œ ์ œ๊ณตํ•˜๋Š” ๋ฉ”์†Œ๋“œ๋ฅผ ํ†ตํ•ด host, scheme๋ฅผ ๋ถ„๋ฆฌํ•œ ํ›„ ๊ฒ€์ฆํ•˜๋Š” ๊ฒƒ์ด ์ข‹์€ ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค.

OWASP Amass - DNS Enum/Network Mapping

1 min read

OWASP Amass๋Š” OWASP์—์„œ go๋กœ ๋งŒ๋“  DNS Enum, Network Mapping ๋„๊ตฌ์ด์ž Project์ž…๋‹ˆ๋‹ค. Recon, OSINT ๋„๊ตฌ๋กœ ๋ณด์‹œ๋ฉด ๋ ๋“ฏํ•˜๊ณ  ์„ฑ๋Šฅ์€ ์•„์ง ์ฒด๊ฐ์ƒ ๋Š๊ปด์ง€์ง„ ์•Š์œผ๋‚˜ ์ง€์›ํ•˜๋Š” ๊ธฐ๋Šฅ์˜ ๋ฒ”์œ„๊ฐ€ ๋„“์–ด์„œ ํ™œ์šฉ๋„๊ฐ€ ๋†’์€ ํ”„๋กœ๊ทธ๋žจ์œผ๋กœ ์ƒ๊ฐ๋ฉ๋‹ˆ๋‹ค.

Bypass blank,slash filter for XSS

1 min read

โš ๏ธ XSS์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > XSS ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

JSONP Hijacking

3 min read

Hi hackers. Itโ€™s a long time I didnโ€™t write blog post. I found JSONP Hijacking a not SOP case. Iโ€™m going to briefly explain it. ์˜ค๋žœ๋งŒ์— SOP์šฐํšŒ๊ฐ€ ์•„๋‹Œ JSONP Hijacking ๋ฐœ๊ฒฌํ•ด์„œ ๊ฐ„๋žตํ•˜๊ฒŒ ๋‚ด์šฉ ํ’€์–ด๋ด…๋‹ˆ๋‹ค.

Event handler for mobile used in XSS (ontouch*)

~1 min read

Some event handlers do not appear in the OWASP list. It is a touch event like ontouch*. It is a limited item on mobile devices, so it has a less effective effect than general purpose, but it is a good item to trigger XSS.

HTTP Request(ZAP, Burp) Parsing on Ruby code

1 min read

XSpear ๊ด€๋ จํ•ด์„œ ์ด๋Ÿฐ ๊ฑด์˜์‚ฌํ•ญ์ด ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. Burp, ZAP ๋“ฑ์—์„œ ์‚ฌ์šฉํ•˜๋Š” ํŒจํ‚ท ๋ฐ์ดํ„ฐ๋ฅผ ํŒŒ์ผ๋กœ ์ €์žฅํ•œ ํ›„ ์˜ต์…˜์„ ์ฃผ์–ด ์ฝ์œผ๋ฉด ์ž๋™์œผ๋กœ URL, Header ๋“ฑ์„ ํŒŒ์‹ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๋Š” ํ˜•ํƒœ๋ฅผ ๋ง์”€ํ•˜์‹  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.(๋งˆ์น˜ sqlmap์˜ ๊ทธ๊ฒƒ ์ฒ˜๋Ÿผ)

XSS payload for escaping the string in JavaScript

~1 min read

์˜ค๋Š˜ ์˜คํ›„์ฏค ์‹ ๊ธฐํ•œ ํŽ˜์ด๋กœ๋“œ๋ฅผ ํ•˜๋‚˜ ์ฐพ์•„์„œ ๋ฉ”๋ชจํ•ด๋’€๋‹ค๊ฐ€ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค. ์•„๋งˆ๋„ ์ž๋ฐ”์Šคํฌ๋ฆฝํŠธ ๋‚ด๋ถ€์— ์ฝ”๋“œ๊ฐ€ ์‚ฝ์ž…๋˜์—ˆ์ง€๋งŒ ๋ฌธ์ž์—ด์„ ํƒˆ์ถœํ•  ์ˆ˜ ์—†์„ ๋•Œ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์œผ๋ฉฐ ์ด๋Ÿฐ ํ˜•ํƒœ์˜ ํŒจํ„ด์ด ๋“ค์–ด๊ฐ€๋Š” ๊ณณ๋„ ์€๊ทผํžˆ ์žˆ์„ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Run other application in ZAP ๐ŸŽฏ

2 min read

ZAP has one interesting feature. It is a function that can use external applications. This makes it easier and more powerful for security testing to work with external tools. Todayโ€™s post is how to use the Apply bridge(?) in ZAP.

OAuth ๊ณผ์ •์—์„œ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ๋Š” ์žฌ๋ฏธ์žˆ๋Š” ์ธ์ฆํ† ํฐ ํƒˆ์ทจ ์ทจ์•ฝ์ (Chained Bugs to Leak Oauth Token) Review

1 min read

์˜ค๋Š˜ OAuth ๊ด€๋ จ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ์žฌ๋ฏธ์žˆ๋Š”๊ฑด์„ ๋ด์„œ ํฌ์ŠคํŒ…์œผ๋กœ ํ’€์–ด๋ด…๋‹ˆ๋‹ค. ๊ฐ„๋‹จํžˆ ์š”์•ฝํ•˜๋ฉด ์šฐ๋ฒ„์™€ ํŽ˜๋ถ OAuth ๊ณผ์ • ์ค‘ ๋ฌธ์ œ๊ฐ€ ์žˆ์–ด์„œ ์‚ฌ์šฉ์ž ์ธ์ฆ์ •๋ณด๋ฅผ ๊ณต๊ฒฉ์ž์—๊ฒŒ ํƒˆ์ทจํ•  ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์ด์˜€๊ณ  ๋ฆฌํฌํŒ…ํ•œ @ngalog ๋Š” $7,500๋‚˜ ๋ฐ›์•˜๋‹ค๊ณ  ํ•˜์ฃ .

XSS Payload without Anything

1 min read

What is XSS Payload without Anything?

When I work for a company or bug bounty, the unexpected hurdle is a protection(xss filter) of special char in the JS(Javascript) area. So I am devising a way to easily solve these problems, and one of the processes is this document.

GraphQLmap - testing graphql endpoint for pentesting & bugbounty

3 min read

๋ฐค์— ํŠธ์œ—๋ณด๋‹ค๋ณด๋‹ˆ swissky๊ฐ€ ํˆด ํ•˜๋‚˜๋ฅผ ๋งŒ๋“ค์–ด์„œ ๋ฐฐํฌํ–ˆ๋”๊ตฐ์š”. ์‹ฌ์ง€์–ด GraphQL ๊ด€๋ จ ์ž๋™ํ™”๋„๊ตฌ๋ผ ๋ฐ”๋กœ ๋Œ€์ถฉ ์ •๋ฆฌํ•ด์„œ ํฌ์ŠคํŒ…ํ•ด๋ด…๋‹ˆ๋‹ค. GraphQLmap ์ž…๋‹ˆ๋‹ค.

Ruby on Rails Double-Tap ์ทจ์•ฝ์ (CVE-2019-5418, CVE-2019-5420)

4 min read

๊ฐ„๋งŒ์— ์ทจ์•ฝ์  ๋ฆฌ๋ทฐํ•ด๋ด…๋‹ˆ๋‹ค. ์˜ฌ ๋ด„์— ์ •๋ฆฌํ•œ๋ฒˆํ•˜๊ณ  ์ตœ๊ทผ์— ์ถ”๊ฐ€๋กœ ์ •๋ฆฌํ–ˆ๋˜๊ฑฐ๋ผ ๋จธ๋ฆฌ์†์—์„œ ๋‚ ์•„๊ฐ€๊ธฐ ์ „์— ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๋‚จ๊ฒจ๋ณด์•„์š”. ์šฐ์„  ์˜ฌ ํ•ด 3์›” ์ •๋„์— ๋ ˆ์ผ์ฆˆ ๊ด€๋ จ ์ทจ์•ฝ์ ์ด 3๊ฐœ์ •๋„ ์˜ฌ๋ผ์™”์—ˆ์Šต๋‹ˆ๋‹ค. CVE-2019-5418 ~ 5420 ์ด์Šˆ์ธ๋ฐ, ๊ฒฐ๊ณผ์ ์œผ๋ก  Rails์—์„œ ์‹œ์Šคํ…œ ํŒŒ์ผ์„ ์ฝ๊ณ , ๋ช…๋ น ์‹คํ–‰๊นŒ์ง€ ๊ฐ€๋Šฅํ•œ 3๊ฐ€์ง€์˜€์Šต๋‹ˆ๋‹ค.

ZAP์—์„œ Request/Respsponse ๊น”๋”ํ•˜๊ฒŒ ๋ณด๊ธฐ

~1 min read

Problem

ZAP์—์„œ Burp์˜ Repeater์™€ ๋น„์Šทํ•œ ์—ญํ• ์„ ํ•˜๋Š” ๋„๊ตฌ๊ฐ€ Requester๋ผ๋Š” ํ™•์žฅ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. (๋‚ด์žฅ ๊ธฐ๋Šฅ๋„ ์žˆ์ง€๋งŒ ์—ฌ๋Ÿฌ๋ชจ๋กœ ๋ถ€์กฑํ•˜์ฃ .)

Finding in-page scripts & map files with javascript (very simple..)

~1 min read

๋ณ„ ์ฝ”๋“œ๋Š” ์•„๋‹ˆ์ง€๋งŒ ๋งŒ๋“ค์–ด ๋†“๊ณ  ์“ฐ๋ฉด ํŽธํ•˜๋‹ˆ.. ํŽ˜์ด์ง€์— ์žˆ๋Š” ์™ธ๋ถ€ ์Šคํฌ๋ฆฝํŠธ ๋งํฌ์™€ map ํŒŒ์ผ ๋งํฌ ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. (map์€ ๊ทธ๋ƒฅ ๋ฌด์กฐ๊ฑด ๋‚˜ํƒ€๋‚˜๊ฒŒ..)

Tap n Ghost Attack(ํƒญ ์•ค ๊ณ ์ŠคํŠธ) - ์ƒˆ๋กœ์šด ๋ฌผ๋ฆฌ์ (?) ํ•ดํ‚น ๊ณต๊ฒฉ ๋ฒกํ„ฐ

1 min read

์ง€๋‚œ์ฃผ์ธ๊ฐ€ ์ง€์ง€๋‚œ์ฃผ์ธ๊ฐ€ ์ด ๋‚ด์šฉ์„ ๋ณด๊ณ  ์•„์ฃผ์•„์ฃผ์•„์ฃผ์•„์ฃผ ๋Œ€์ถฉ ์ดˆ์•ˆ์„ ์จ๋†จ์—ˆ๋Š”๋ฐ, ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ํฌ์ŠคํŒ…ํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ๋ฌผ๋ฆฌ์ ์ธ ํ•ดํ‚น ๊ธฐ๋ฒ•์˜ ์ƒˆ๋กœ์šด ๊ณต๊ฒฉ ๋ฒกํ„ฐ์ธ ํƒญ ์•ค ๊ณ ์ŠคํŠธ(Tap n Ghost) ๊ณต๊ฒฉ์— ๋Œ€ํ•ด ์•Œ์•„๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

ZAP 2.8 Review โšก๏ธ

1 min read

๋“œ๋””์–ด, ์ •๋ง ๋“œ๋””์–ด ZAP 2.8์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

How to fuzzing with regex on ZAP Fuzzer

1 min read

ZAP Fuzzer is a very useful tool for reply attack, brute force, and multiple entropy calculations. Personally, I think itโ€™s better than the burp suite intruder (itโ€™s more flexible).

ZAP์—์„œ ์ •๊ทœํ‘œํ˜„์‹์„ ์ด์šฉํ•˜์—ฌ ์›น ํผ์ง•ํ•˜๊ธฐ

1 min read

ZAP์˜ Fuzzer๋Š” reply attack, brute force ๋ฐ ์—ฌ๋Ÿฌ ์—”ํŠธ๋กœํ”ผ ๊ณ„์‚ฐ์— ์žˆ์–ด ๊ต‰์žฅํžˆ ์œ ์šฉํ•œ ๋„๊ตฌ์ž…๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ๋Š” Burp suite์˜ intruder๋ณด๋‹ค ๋” ์œ ์—ฐํ•˜๋‹ค๊ณ  ์ƒ๊ฐ๋˜๋„ค์š”. ZAP Fuzzer์—์„œ Regex์„ ์ด์šฉํ•ด์„œ ํŽ˜์ด๋กœ๋“œ ๋ฆฌ์ŠคํŠธ๋ฅผ ๋งŒ๋“ค๊ณ  ํ…Œ์ŠคํŠธํ•  ์ˆ˜ ์žˆ๋Š”๋ฐ, ์˜ค๋Š˜์€ ๊ทธ ์ด์•ผ๊ธฐ๋ฅผ ์ข€ ํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์‹œ์ž‘ํ•˜์ฃ .

์นจํˆฌํ…Œ์ŠคํŠธ ์•ฝ๊ฐ„ ์œ ์šฉํ•œ nmap NSE ์Šคํฌ๋ฆฝํŠธ 4๊ฐ€์ง€

3 min read

์˜ค๋Š˜์€ nmap NSE ์Šคํฌ๋ฆฝํŠธ 4๊ฐœ์— ๋Œ€ํ•ด ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค. ์Œ, ์ดˆ์•ˆ?์€ ์ข€ ์จ๋†“์€์ง€ ๋˜์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ์— ์—ฌ๋Ÿฌ๋ชจ๋กœ ์‹ ๊ฒฝ์“ธ์ผ์ด ๋งŽ์•„์„œ ์ด์ œ์„œ์•ผ ๊ธ€ ์˜ฌ๋ฆฌ๊ฒŒ๋˜๋„ค์š”. ์šฐ์„ , ์‹ ๋ฐ•ํ•œ ๋‚ด์šฉ์€ ์•„๋‹ˆ๊ณ  ๊ทธ๋ƒฅ ๋ณดํŽธ์ ์œผ๋กœ ๋งŽ์ด๋“ค ์“ฐ์‹œ๋Š” ์Šคํฌ๋ฆฝํŠธ 4๊ฐœ์ •๋„ ์ถ”๋ ค๋ดค์Šต๋‹ˆ๋‹ค. ํ˜น์‹œ๋‚˜ ์ข‹์€ ์Šคํฌ๋ฆฝํŠธ๋ฅผ ์•„์‹ ๋‹ค๋ฉด ๋Œ“๊ธ€๋กœ ๊ณต์œ ํ•ด์ฃผ์‹œ๋ฉด ์ •๋ง ๊ฐ์‚ฌํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค :)

How to protect iframe XSS&XFS using sandbox attribute(+CSP)

1 min read

iframe์—๋Š” sandbox๋ผ๋Š” ์†์„ฑ์ด ํ•˜๋‚˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” iframe ์‚ฌ์šฉ์— ์žˆ์–ด์„œ ์ข€ ๋” ์•ˆ์ „ํ•˜๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋„๋ก ๋ณด์กฐํ•ด์ฃผ๋Š” ์ •์ฑ…์ธ๋ฐ์š”, CSP์™€ ํ•จ๊ป˜ ์ž˜ ์‚ฌ์šฉ๋œ๋‹ค๋ฉด ๊ต‰์žฅํžˆ ํŠผํŠผํ•œ iframe ์ •์ฑ…์„ ์œ ์ง€ํ•  ์ˆ˜ ์žˆ์–ด์ง‘๋‹ˆ๋‹ค.

ZAP(Zed Attack Proxy)์˜ 4๊ฐ€์ง€ ๋ชจ๋“œ(Four modes of ZAP)

~1 min read

ZAP์„ ์ฒ˜์Œ ์ผ์„ ๋•Œ ๋”ฑ ๋ฐ”๋กœ ๊ถ๊ธˆํ–ˆ๋˜๊ฒŒ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ์ขŒ์ธก ์ƒ๋‹จ์˜ Mode๋“ค์ธ๋ฐ์š”, ์ฐพ์•„๋ณผ๊นŒ ํ•˜๋‹ค๊ฐ€ ๊ทธ๋ƒฅ ๋„˜์–ด๊ฐ”์—ˆ๋Š”๋ฐ, ๋“œ๋””์–ดโ€ฆ ๋Œ€์ถฉ ์–ด๋–ค๊ฑด์ง€ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Jailbreak iOS Cydia ๋‚ด ์„ค์น˜/์—…๋ฐ์ดํŠธ ์‹œ gzip:iphoneos-arm ์—๋Ÿฌ ํ•ด๊ฒฐ๋ฐฉ๋ฒ•

1 min read

iPad ํ•˜๋‚˜๋ฅผ ๊ฑฐ์˜ ํ…Œ์ŠคํŠธ ๊ธฐ๊ธฐ์ฒ˜๋Ÿผ ์“ฐ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋ฅผ ์œ„ํ•ด์„œ ์ด์ „์— ํƒˆ์˜ฅ์„ ์‹œ์ผœ๋‘์—ˆ๋Š”๋ฐ ํ•˜๋‚˜ ๊ณ ์งˆ์ ์ธ ๋ฌธ์ œ๊ฐ€ ์žˆ์—ˆ์ฃ . ๋ฐ”๋กœ Cydia์—์„œ ์•ฑ ์„ค์น˜๋ฅผ ํ•˜๊ฑฐ๋‚˜ ์—…๋ฐ์ดํŠธ๋ฅผ ํ•˜๋ ค๊ณ  ํ•˜๋ฉด ์•„๋ž˜์™€ ๊ฐ™์€ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ–ˆ์Šต๋‹ˆ๋‹ค.

Access-Control-Allow-Origin๊ฐ€ wildcard(*)์ผ ๋•Œ ์™œ ์ธ์ฆ ์ •๋ณด๋ฅผ ํฌํ•จํ•œ ์š”์ฒญ์€ ์‹คํŒจํ•˜๋Š”๊ฐ€ ๐Ÿ˜ซ

1 min read

TL;DR

CORS ์ •์ฑ… ์ƒ Access-Control-Allow-Origin: * ์ธ ๊ฒฝ์šฐ Origin์˜ ์ œํ•œ์—†์ด ์š”์ฒญํ•˜๊ณ  ๊ฒฐ๊ณผ๋ฅผ ์ฝ์„ ์ˆ˜ ์žˆ์ง€๋งŒ, ์ด๋Ÿฌํ•œ ๊ฒฝ์šฐ ์ฟ ํ‚ค๋ฅผ ์ œ๊ฑฐํ•˜๊ณ  ์š”์ฒญํ•˜๋„๋ก ์ •์ฑ…์ด ๊ตฌ์„ฑ๋˜์–ด ์žˆ์–ด์„œ ์ธ์ฆ ์ •๋ณด๋ฅผ ํฌํ•จํ•œ ์š”์ฒญ์—์„œ๋Š” ๋ถˆ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

MacOS์—์„œ Proxy ์„ค์ •ํ•˜๊ธฐ(for ZAP, BurpSuite)

~1 min read

MacOS์—์„œ ํ”„๋ก์‹œ ์„ค์ •ํ•˜๋Š” ๋ฐฉ๋ฒ• ๋ฉ”๋ชจํ•ด๋‘˜๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ๋ญ ๋ณ„๋‹ค๋ฅธ๊ฑด ์•„๋‹ˆ๊ณ .. ๋‹ค๋ฅธ OS์—์„œ ์ง์ ‘ ์„ค์ •ํ•˜๋Š” ๊ฒƒ๊ณผ ๋™์ผํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ MacOS์˜ ๊ฒฝ์šฐ ์ข€ ๋” On/Off๊ฐ€ ์‰ฌ์šด ํŽธ์ด๋ผ ๋ณ„๋„์˜ ํ”„๋กœ๊ทธ๋žจ์ด ํ•„์š”ํ•˜๋‹จ ๋Š๋‚Œ์„ ๋ฐ›์ง„ ์•Š์•˜๋„ค์š”.

๐Ÿฆ Brave Browser = ๋ณด์•ˆ + ์†๋„ + ์ƒˆ๋กœ์šด ์‹œ๋„

2 min read

์ตœ๊ทผ์— ๋ธŒ๋ผ์šฐ์ € ํ•˜๋‚˜๋ฅผ ์ ‘ํ–ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Brave๋ผ๋Š” ์›น ๋ธŒ๋ผ์šฐ์ €์ธ๋ฐ์š”, ์ง€๊ธˆ๊นŒ์ง€ ์“ฐ๋˜ ์˜คํŽ˜๋ผ๋ฅผ ํ•œ๋ฒˆ์— ๋ฐ€์–ด๋‚ด๊ณ  Safari, Firefox์™€ ํ•จ๊ป˜ ์ €์˜ ์ฃผ๋ ฅ ๋ธŒ๋ผ์šฐ์ €๋กœ ์„ ํƒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

๋Š๋ฆฐ ZAP์„ ๋น ๋ฅด๊ฒŒ ๋งŒ๋“ค์ž! Zed Attack Proxy ์ตœ์ ํ™”ํ•˜๊ธฐ

~1 min read

์ทจ์•ฝ์  ๋ถ„์„์—์„œ ํ•„์ˆ˜์ ์œผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ๋„๊ตฌ ์ค‘ ํ•˜๋‚˜์ธ ZAP(or Burp ์ด์ง€๋งŒ, ์ด๋ฒˆ ํฌ์ŠคํŒ…์—์„  ZAP๋งŒ ๋‹ค๋ฃน๋‹ˆ๋‹ค)์€ ๋งŽ์€ ๊ธฐ๋Šฅ์„ ๊ฐ€์ง€๊ณ  ์žˆ์ง€๋งŒ, ๋ชจ๋“  ๊ธฐ๋Šฅ์„ ํ•œ๋ฒˆ์— ์‚ฌ์šฉํ•˜๊ธฐ์—๋Š” ํ™•์‹คํžˆ ์†๋„๋ฅผ ๊ฑฑ์ •ํ•˜์ง€ ์•Š์„ ์ˆ˜๊ฐ€ ์—†์Šต๋‹ˆ๋‹ค.

Metasploit-framework install & Setting on MacOS

~1 min read

macos์—์„œ Metasploit-framework ์„ค์น˜ํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ๋ฉ”๋ชจํ•ฉ๋‹ˆ๋‹ค. ์Œ ์†”์งํžˆ ๋ฆฌ๋ˆ…์Šค ๋ฒ„์ „์ด๋ž‘ ๊ฑฐ์˜ ๋™์ผํ•œ ๊ฒƒ ๊ฐ™์€๋ฐ, ์ตœ๊ทผ ๋ฒ„์ „์ด๋ผ ๊ทธ๋Ÿฐ๊ฐ€ path๋‚˜ db ์„ค์ •๋„ ์ž๋™์œผ๋กœ ํ•ด์ฃผ๋„ค์š”.. (์˜ค.. ์†Œ์Šค์ฝ”๋“œ ๋ฐ›์•„์„œ ํ•˜๋‹ค๊ฐ€ ํŒจํ‚ค์ง€๋กœ ๋ฐ”๊พธ๋‹ˆ๊น ์‹ ์„ธ๊ณ„)

Bypass domain check protection with data: for XSS

~1 min read

์˜ค๋Š˜์€.. ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ํ•˜๋‹ค๊ฐ€ ์ด๋Ÿฐ ํ˜•ํƒœ์˜ XSS ์ฝ”๋“œ๋„ ๊ฐ€๋Šฅํ•˜๊ธธ๋ž˜ ๊ณต์œ ๋“œ๋ ค๋ด…๋‹ˆ๋‹ค.

XSStrike geckodriver no such file error ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

XSStrike๋ฅผ ๋งฅ์—์„œ ์“ฐ๋ ค๊ณ  ํ•˜๋‹ˆ ์ด๋Ÿฐ ์—๋Ÿฌ๊ฐ€ ๋‚˜ํƒ€๋‚ฌ์—ˆ์Šต๋‹ˆ๋‹ค. (๋ณดํ†ต์€ ๋ฆฌ๋ˆ…์Šค์—์„œ ์ž‘์—…์„ ๋งŽ์ด ํ–ˆ์–ด๊ฐ€์ง€๊ณ .. )

Kage(GUI Base Metasploit Session Handler) Review

1 min read

์ด๋ฒˆ์ฃผ์ค‘์ด์˜€๋‚˜์š”, kitploit์— ๋ˆˆ๊ธธ์ด ๊ฐ€๋Š” ํˆด ํ•˜๋‚˜๊ฐ€ ์˜ฌ๋ผ์™”์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Metasploit์˜ shell sessions์„ ๊ด€๋ฆฌํ•˜๋Š” ์›น ๋„๊ตฌ์ธ Kage ์ž…๋‹ˆ๋‹ค.

Javascript Entity XSS์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ(oldโ€ฆstyleโ€ฆnot working)

1 min read

์ด๋Ÿฐ ํ˜•ํƒœ์˜ xss ์ฝ”๋“œ๋ฅผ ๋ณด์‹ ์ ์ด ์žˆ๋‚˜์š”? ์ตœ๊ทผ์— ์ด XSS ํŽ˜์ด๋กœ๋“œ๋กœ ํŠธ์œ—์—์„œ ์˜๊ฒฌ์„ ์ข€ ๋‚˜๋ˆด์—ˆ๋Š”๋ฐ, ๊ทธ ๋‚ด์šฉ ์ •๋ฆฌํ•ด์„œ ํฌ์ŠคํŒ…ํ•ด๋ด…๋‹ˆ๋‹ค.

XSS with style tag and onload event handler

~1 min read

์ง€์ง€๋‚œ์ฃผ์ธ๊ฐ€.. ํŠธ์œ„ํ„ฐ ๋ณด๋‹ค๊ฐ€ ๋ˆˆ์— ๋“ค์–ด์˜จ XSS Payload๊ฐ€ ์žˆ์–ด ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค. (ํฌ์ŠคํŒ…ํ•ด์•ผํžˆ๊ณ  ๋”ฐ๋กœ ์จ๋†“๊ณ , ์ด์ œ์•ผ ๊ธ€๋กœ ์“ฐ๋„ค์š”..)

postMessage XSS on HackerOne(by adac95) Review

1 min read

์ฃผ์ค‘์— HackerOne ๋ฆฌํฌํŠธ ๋’ค์ ๋’ค์  ์ฐพ์•„๋ณด๋‹ค๊ฐ€ postMessage๋ฅผ ์ด์šฉํ•œ DOM Base XSS๊ฐ€ ์žˆ์–ด ๊ณต์œ ์ฐจ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Bypass SSRF Protection using HTTP Redirect

1 min read

์˜ค๋Š˜๋„ SSRF ์šฐํšŒ ํŒจํ„ด ์ •๋ฆฌํ•ด๋ด…๋‹ˆ๋‹ค. ์ž์ฃผ ์“ฐ๋˜ ๋ฐฉ๋ฒ• ์ค‘ ํ•˜๋‚˜์ธ๋ฐ ์ตœ๊ทผ์— ์ œ๋Œ€๋กœ ๋จนํ˜€์„œ ๊ธฐ๋ถ„์ด ์ข‹๋„ค์š”. ๋ณ„๋‹ค๋ฅธ๊ฑด ์•„๋‹ˆ๊ณ  HTTP Redirect๋ฅผ ์ด์šฉํ•œ ์šฐํšŒ ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค.

Compiler Bomb!

1 min read

Compiler Bomb๋ผ๊ณ  ๋“ค์–ด๋ณด์…จ๋‚˜์š”? ์ทจ์•ฝ์  ๋ถ„์„ ํ•˜๋‹ค๊ฐ€ ์•Œ๊ฒŒ๋œ ๋ถ€๋ถ„์ธ๋ฐ, ์ข…์ข… ์ƒํ™ฉ์— ๋”ฐ๋ผ ํ…Œ์ŠคํŒ…์ด ํ•„์š”ํ•  ์ˆ˜๋„ ์žˆ์–ด์„œ ๊ฐ„๋žตํ•˜๊ฒŒ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

DOMAIN CNAME๊ณผ A Record๋ฅผ ์ด์šฉํ•˜์—ฌ SSRF ์šฐํšŒํ•˜๊ธฐ

1 min read

โš ๏ธ SSRF์— ๋Œ€ํ•œ ๊ณต๊ฒฉ/์šฐํšŒ๋ฐฉ์•ˆ/๋Œ€์‘๋ฐฉ์•ˆ ๋“ฑ์€ Cullinan ํŽ˜์ด์ง€๋ฅผ ํ†ตํ•ด ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋” ์ž์„ธํ•œ ์ •๋ณด๋ฅผ ์–ป๊ณ  ์‹ถ์œผ์‹œ๋‹ค๋ฉด Cullinan > SSRF ํŽ˜์ด์ง€๋กœ ์ ‘๊ทผ ๋ถ€ํƒ๋“œ๋ ค์š”. ์ฐธ๊ณ ๋กœ Cullinan > SSRF ๊ฐ€ ํ›จ์”ฌ ๋งŽ์€ ๋ฐ์ดํ„ฐ์™€ ์ตœ์‹ ํ™”๋œ ์ •๋ณด๋ฅผ ๋‹ค๋ฃน๋‹ˆ๋‹ค.

Custom Scheme API Path Manipulation๊ณผ ํŠธ๋ฆญ์„ ์ด์šฉํ•œ API Method ๋ณ€์กฐ

2 min read

์•ฑ์„ ํ…Œ์ŠคํŠธ ํ•˜๋‹ค๋ณด๋ฉด Custom Scheme์—์„œ ๋ฐœ์ƒํ•œ API ์š”์ฒญ ์ค‘ ์ผ๋ถ€์— ๋Œ€ํ•ด ์ฃผ์†Œ ๋ณ€์กฐ๋‚˜ API ๋กœ์ง์„ ๋ฐ”๊ฟ€ ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์ด ์žˆ์„ ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋‹ค๋งŒ ์‹ค์ œ๋กœ ์ค‘์š”ํ•œ ์š”์ฒญ๋“ค์€ RESTful ํ•˜๋‹ค๋ฉด POST/PUT/DELETE ๋“ฑ์œผ๋กœ ๊ตฌํ˜„๋˜๋Š”๋ฐ์š”. ์›น์„ ์ปจํŠธ๋กคํ•  ์ˆ˜ ์žˆ๋Š” ์•ฑ ์Šคํ‚ด๋“ค์€ ๋ณดํ†ต GET ์š”์ฒญ์œผ๋กœ ๊ฐ•์ œ๋˜๊ธฐ ๋•Œ๋ฌธ์— ์šฐ๋ฆฌ๋ฅผ ๋ถˆํŽธํ•˜๊ฒŒ ํ•˜๊ณค ํ•ฉ๋‹ˆ๋‹ค.

Jenkins RCE Vulnerability via NodeJS(using metasploit module)

3 min read

์ตœ๊ทผ์— ๋”ฐ๋กœ ๋ดค์—ˆ๋˜ ๋‚ด์šฉ์ธ๋ฐ, ํ†ก๋ฐฉ์œผ๋กœ ๊ด€๋ จ ๋‚ด์šฉ ๊ณต์œ (https://pentest.com.tr/exploits/Jenkins-Remote-Command-Execution-via-Node-JS-Metasploit.html )๋ฐ›์•„ ์ด์ฐธ์— ๋ธ”๋กœ๊ทธ ํฌ์ŠคํŒ…์œผ๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

MIME Types of script tag (for XSS)

1 min read

XSS ํ…Œ์ŠคํŠธ ๋„์ค‘์— ์ด๋Ÿฐ ์ผ€์ด์Šค๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ, ์‹คํ–‰์ด ์•ˆ๋ฌ์—ˆ์Šต๋‹ˆ๋‹ค..

ClusterFuzz - scalable fuzzing infrastructure(On Google)

2 min read

ํŠธ์œ— ๋ณด๋‹ค๊ฐ€ kitploit์— ๋ˆˆ๊ธธ๊ฐ€๋Š” ํˆดํ•˜๋‚˜ ์˜ฌ๋ผ์™€์„œ ๊ฐ„๋žตํ•˜๊ฒŒ ์ •๋ฆฌํ•ด๋ด…๋‹ˆ๋‹ค. ClusterFuzz๋ผ๋Š” ๋„๊ตฌ๋กœ Google์—์„œ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋Š” ํผ์ง• ์ธํ”„๋ผ(?) ๋ผ๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

CSP(Content-Security-Policy) Bypass technique

6 min read

โš ๏ธ CSP Bypassing์— ๋Œ€ํ•œ ๊ธฐ์ˆ ์€ Cullinan > XSS > Bypass CSP์— ํ•œ๋ฒˆ์— ์ •๋ฆฌํ•˜๊ณ  ๊ด€๋ฆฌํ•ฉ๋‹ˆ๋‹ค. ํ•ด๋‹น ๊ธ€์ด ํ›จ์”ฌ ์ตœ์‹ ์ด๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š”!

APT package manager RCE(Bypass file signatures via CRLF Injection / CVE-2019-3462)

3 min read

์ตœ๊ทผ์— apt ํŒจํ‚ค์ง€ ๋งค๋‹ˆ์ € ๊ด€๋ จํ•ด์„œ RCE ์ทจ์•ฝ์ ์ด ๋‚˜์™”์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์‰ฝ๊ฒŒ ๊ณต๊ฒฉ ๊ฐ€๋Šฅํ•œ ์กฐ๊ฑด์€ ์•„๋‹ˆ๋ผ ์•„์ฃผ์•„์ฃผ์•„์ฃผ์•„์ฃผ ํฌ๋ฆฌํ‹ฐ์ปฌํ•˜์ง„ ์•Š์ง€๋งŒ, ๊ทธ๋ž˜๋„ ๋ฐ๋น„์•ˆ ๊ณ„์—ด ๋ฐฐํฌํŒ์—์„  ๋ฌด์กฐ๊ฑด์ ์œผ๋กœ ์“ฐ์ด๋Š” ํŒจํ‚ค์ง€ ๊ด€๋ฆฌ ํˆด์ด๊ธฐ ๋–„๋ฌธ์— ์—ฌํŒŒ๊ฐ€ ์ข€ ์žˆ์—ˆ๋˜ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

PHP Hidden webshell with carriage return(\r, hack trick)

1 min read

์˜ค๋Š˜ ์•„์นจ์— ์ทจ์•ฝ์  ๋ช‡๊ฐœ ๋ถ„์„ํ•˜๊ณ  ๋ณด๋‹ค๊ฐ€ ํŠธ์œ„ํ„ฐ์—์„œ ์žฌ๋ฏธ์žˆ๋Š”๊ฑธ ๋ฐœ๊ฒฌํ–ˆ์Šต๋‹ˆ๋‹ค. PHP Hidden webshell ์ด๋ž€ ๋‚ด์šฉ์œผ๋กœ ์˜ฌ๋ผ์˜จ ๊ธ€์ธ๋ฐ, ๊ฐ„๋‹จํ•œ ํŠธ๋ฆญ์ด์ง€๋งŒ ์ €๋ ‡๊ฒŒ ๋ ๊ฑฐ๋ž€ ์ƒ๊ฐ ์กฐ์ฐจ ์•ˆํ•˜๊ณ  ์žˆ์—ˆ๋„ค์š”.. (๋‚ด๊ฐ€ ํ•œ์‹ฌ..) (์—ญ์‹œ ๋ธŒ๋ฃจํŠธ๋กœ์ง https://twitter.com/brutelogic/status/1087723868532469763 )

Metasploit-framework 5.0 Review

2 min read

์ง€๋‚œ ๋ชฉ์š”์ผ Rapid7 ๋ธ”๋กœ๊ทธ์— ๊ธ€์ด ํ•˜๋‚˜ ์˜ฌ๋ผ์™”์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ msf 5.0 ์ฆ‰ major ๋ฒ„์ „ ์—…๋ฐ์ดํŠธ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ํฐ ์—…๋ฐ์ดํŠธ์ธ๋งŒํผ ์–ด๋–ค์ ๋“ค์ด ๋ฐ”๋€Œ๋Š”์ง€ ์‚ดํŽด๋ณด๋„๋ก ํ•˜์ฃ .

Hashicorp Consul - RCE via Rexec (Metasploit modules)

1 min read

์•„์นจ์— ์ถœ๊ทผ๊ธธ์— edb ๋ณด๋˜ ์ค‘ hashicorp์—์„œ ์ œ๊ณตํ•˜๋Š” consul์— ๋Œ€ํ•œ metasploit rce ์ฝ”๋“œ๊ฐ€ ์˜ฌ๋ผ์™€์„œ ํ•ด๋‹น ๋‚ด์šฉ์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ด ๋ด…๋‹ˆ๋‹ค. ๋…ํŠนํ•œ ์ด์Šˆ๋‚˜ ์ž„ํŒฉํŠธ ์žˆ๋Š” ๊ฑด์€ ์•„๋‹ˆ์ง€๋งŒ, ๊ทธ๋ƒฅ ๊ด€์‹ฌ์žˆ๋Š” ํˆด์— ๋‚˜์˜จ ๋ถ€๋ถ„์ด๋ผ ๊ทธ๋ƒฅ..๊ทธ๋ƒฅ๊ทธ๋ƒฅ ์ •๋ฆฌํ•ด๋ด…๋‹ˆ๋‹ค.

PocSuite - PoC ์ฝ”๋“œ ํ…Œ์ŠคํŒ…์„ ์ฒด๊ณ„์ ์œผ๋กœ ์‰ฝ๊ฒŒ ํ•˜์ž!

6 min read

knownsec์—์„œ ๋งŒ๋“  Pocsuite๋ผ๋Š” ์žฌ๋ฏธ์žˆ๋Š” ํˆด(+๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ)์ด ์žˆ์Šต๋‹ˆ๋‹ค. ํ™œ์šฉํ•˜๊ธฐ์— ๋”ฐ๋ผ ํ…Œ์ŠคํŒ…์„ ๋งŽ์ด ํŽธ๋ฆฌํ•˜๊ฒŒ ํ•ด์ค„ ์ˆ˜ ์žˆ๋Š”๋ฐ์š”, ๊ฐ„๋žตํ•˜๊ฒŒ ์†Œ๊ฐœํ•ด๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Web Cache Poisoning Attack, ๋‹ค์‹œ ์žฌ์กฐ๋ช… ๋ฐ›๋‹ค(with Header base XSS)

3 min read

Cache Posoning Attack์€ ๊พ€๋‚˜ ์ „ํ†ต์ ์ธ? ๊ณต๊ฒฉ ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. Cache์— ๊ณต๊ฒฉ์ž๊ฐ€ ์˜๋„ํ•œ ๋ฐ์ดํ„ฐ๋ฅผ ๋‚จ๊ฒจ ๋‹ค๋ฅธ ์‚ฌ์šฉ์ž๋กœ ํ•˜์—ฌ๊ธˆ ๋น„์ •์ƒ์ ์ธ ์š”์ฒญ์„ ์ˆ˜ํ–‰ํ•˜๊ฒŒ ํ•˜์ฃ . (๋Œ€ํ‘œ์ ์œผ๋กœ DNS Cache Poisoning)

ZAP Add-on before/from-version ๋ณ€๊ฒฝํ•˜์—ฌ ์„ค์น˜ํ•˜๊ธฐ(์ตœ์†Œ ์ง€์›๋ฒ„์ „์œผ๋กœ ์„ค์น˜ ๋ถˆ๊ฐ€ํ•œ ๊ฒฝ์šฐ)

~1 min read

ZAP AddOn ์„ค์น˜ ์‹œ ZAP์˜ ์ตœ์†Œ ์ง€์› ๋ฒ„์ „์œผ๋กœ ์ธํ•ด ์„ค์น˜ ๋ชปํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ˆ๋ฅผ ๋“ค๋ฉด alpha ๋ฒ„์ „์šฉ์ธ๋ฐ, release์—” ํฌํ•จ์•ˆ๋˜๊ณ , market์—๋„ ๋“ฑ๋ก ์•ˆ๋œ ๊ฒฝ์šฐ ๊ฐ„๋‹จํ•˜๊ฒŒ Add-on์˜ ์„ค์ • ํŒŒ์ผ์„ ๋ฐ”๊ฟ”์ค˜์„œ ๊ฐ•์ œ๋กœ ๋กœ๋“œํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP Java ๋ฒ„์ „ ๋ฐ”๊ฟ”์น˜๊ธฐ(Change Java version for fixed ssl error on ZAP)

1 min read

ZAP HUD ํ…Œ์ŠคํŠธํ•œ๋‹ค๊ณ  alpha ๋ฒ„์ „ ์˜ฌ๋ ธ์—ˆ๋Š”๋ฐ, macOS ์—์„  ์ธ์•ฑ ๋ธŒ๋ผ์šฐ์ €๋กœ ํŠน์ • ์‚ฌ์ดํŠธ ์ ‘๊ทผ ์‹œ SSL ๊ด€๋ จ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•ด์„œ ์‚ฝ์งˆํ–ˆ๋˜๊ฑฐ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. Linux๋Š” ๋ณ„ ๋ฌธ์ œ ์—†๋˜ ๊ฑธ๋กœ ๋ณด์•„.. macOS์™€ ์—ฐ๊ด€๋œ ๋ฌธ์ œ์ธ๊ฐ€๋ณด๋„ค์š”.

OWASP ZAP์˜ New interface! ZAP HUD ๐Ÿฅฝ

1 min read

์˜ˆ์ „์— ZAP์ชฝ ํŠธ์œ—๋ณด๊ณ  ํŠธ์œ„ํ„ฐ๋กœ ๊ณต์œ ํ•ด๋‘์—ˆ๋˜๊ฒŒ ์žˆ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ @Dakkar Key์˜ ๋ฉ˜์…˜์œผ๋กœ ๊ธ‰ ์ƒ๊ฐ๋‚˜์„œ ๊ธ€๋กœ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. ๊ทธ๋• ์ •๋ง ๋งŽ์ด ๋Œ€์ถฉ ๋ด์„œ ํ™•ํ•˜๊ฒŒ ๋ญ”์ง€ ๋ชฐ๋ž์—ˆ๋Š”๋ฐ, ์ฐพ์•„๋ณด๋‹ˆ ์ƒ๊ฐ๋ณด๋‹ค ์ข‹์€ ๋„๊ตฌ์ธ ๊ฒƒ ๊ฐ™๋„ค์š”.

Wordpress Post Type์„ ์ด์šฉํ•œ Privilege Escalation ์ทจ์•ฝ์ (<= wordpress 5.0.0)

3 min read

์ด๋ฒˆ์ฃผ ์ดˆ์— RIPS ๋ธ”๋กœ๊ทธ์— wordpress ๊ด€๋ จ ์ทจ์•ฝ์  ๋‚ด์šฉ์ด ์˜ฌ๋ผ์™€ ๋น ๋ฅด๊ฒŒ ํ…Œ์ŠคํŠธ ์ข€ ํ–ˆ์—ˆ๊ณ  ๊ด€๋ จ ๋‚ด์šฉ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/

JSShell - interactive multi-user web based javascript shell

~1 min read

git ๋ณด๋‹ค๊ฐ€ ์žฌ๋ฏธ์žˆ๋Š” ํˆด ์žˆ์–ด ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค. JSSHELL์ด๋ผ ํˆด๋กœ XSS Post Exploit ํˆด ์ •๋„๋กœ ๋ณด์‹ฌ ๋˜๊ณ  ์š”์•ฝํ•˜๋ฉด beef์˜ Command line ๋ฒ„์ „์ด๋ผ๊ณ  ์ƒ๊ฐํ•˜์‹œ๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

MacOS, iOS(iPhone, iPad) Devices ์—์„œ์˜ ๋ฉ”๋ชจ๋ฆฌ ๋ณ€์กฐ

2 min read

๋ณดํ†ต ์•ˆ๋“œ๋กœ์ด๋“œ, iOS ๋ชจ๋‘ ๋ฉ”๋ชจ๋ฆฌ ๋ณ€์กฐ๋ฅผ ํ• ๋•Œ ์น˜ํŒ… ํˆด(๊ฒŒ์ž„ ํ•ดํ‚น ๊ด€๋ จํ•ด์„œ ๊ฒ€์ƒ‰ํ•˜๋ฉด ๋งŽ์ด ๋‚˜์˜ค๋Š” ๊ฒƒ๋“ค..)์„ ๋Œ€์ฒด๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. (์†”์งํžˆ ํŽธํ•˜๊ธดํ•ด์š”)

Needle - iOS Application and Device ํ•ดํ‚น/๋ณด์•ˆ ๋ถ„์„ ํ”„๋ ˆ์ž„์›Œํฌ

5 min read

Needle์€ Drozer๋กœ ์œ ๋ช…ํ•œ MWR Lab์—์„œ ๋งŒ๋“  iOS ๋ถ„์„์šฉ ํ”„๋ ˆ์ž„์›Œํฌ์ž…๋‹ˆ๋‹ค. Drozer์™€ ๋น„์Šทํ•˜๊ฒŒ ๋””๋ฐ”์ด์Šค์— Agent๋ฅผ ๋‚ด๋ฆฌ๊ณ  ์•ฑ๊ณผ ๋””๋ฐ”์ด์Šค์— ๋Œ€ํ•œ ๋ถ„์„์„ ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๋ณดํ†ต์€ Frida + Burp(ZAProxy)์˜ ์กฐํ•ฉ์œผ๋กœ ๋ถ„์„์„ ํ•˜๋Š”๋ฐ, ๋ณด๋‹ค๋ณด๋‹ˆ Needle์ด Frida ์‚ฌ์šฉ์— ์žˆ์–ด ์ข€ ํŽธ๋ฆฌํ•œ ๋ถ€๋ถ„์ด ์žˆ๋”๊ตฐ์š”.

Windcard(*) Attack on linux (์™€์ผ๋“œ ์นด๋“œ๋ฅผ ์ด์šฉํ•œ ๊ณต๊ฒฉ)

2 min read

์กฐ๊ธˆ ์ฒ  ์ง€๋‚œ ๊ธฐ๋ฒ•์ด์ง€๋งŒ ๊ด€์‹ฌ์ด ์ ์–ด ๋ชจ๋ฅด๊ณ  ์žˆ๋˜๊ฑฐ๋ผ.. ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค. wildcard๋Š” ๊ต‰์žฅํžˆ ๋งŽ์€ ์˜์—ญ์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋ฌธ์ž์ด๊ณ  ์ปดํ“จํŒ…, ํ”„๋กœ๊ทธ๋ž˜๋ฐ์—์„  ๋”๋”์šฑ ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” ๋ฌธ์ž๋“ค์ž…๋‹ˆ๋‹ค.

iOS 11.3(iPad mini2 ) Jailbraek with Electra(non-developer accouts)

~1 min read

11.3 ๋ฒ„์ „์— ๋Œ€ํ•œ ํƒˆ์˜ฅํˆด์ด ๋‚˜์˜จ์ง„ ์กฐ๊ธˆ ๋˜์—ˆ๋Š๋ฐ์š”, ์œ ๋… ์ œ ์•„์ดํŒจ๋“œ ๋ฏธ๋‹ˆ2์—์„œ ํƒˆ์˜ฅ์ด ์ž˜ ์•ˆ๋˜์—ˆ์—ˆ๋Š”๋ฐ, ์˜ค๋Š˜ ์˜ค์ „์— ์„ฑ๊ณตํ•˜์—ฌ ์‹œ๋„ํ–ˆ๋˜ ๋‚ด์šฉ๋“ค ๊ฐ™์ด ๊ธฐ๋กํ•ด๋‘ก๋‹ˆ๋‹ค.

iOS์—์„œ Proxy ์‚ฌ์šฉ ์ค‘ Burp/ZAProxy CA ๋„ฃ์–ด๋„ ์‹ ๋ขฐํ•  ์ˆ˜ ์—†๋Š” ์‚ฌ์ดํŠธ ๋ฐœ์ƒ ์‹œ ํ•ด๊ฒฐ๋ฐฉ๋ฒ•

~1 min read

iOS์—์„œ Burp/ZAProxy CA ์ธ์ฆ์„œ ๋“ฑ๋กํ•˜์—ฌ๋„ ํ”„๋ก์‹œ ์„ค์ • ์‹œ ๋ณด์•ˆ ๊ฒฝ๊ณ ๊ฐ€ ๋‚˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ๋งค๋ฒˆ ์˜ˆ์™ธ์ฒ˜๋ฆฌ ํ•˜๋ฉด์„œ ํ•  ์ˆœ ์žˆ์ง€๋งŒ ๋ชจ๋ฐ”์ผ ์•ฑ์—์„  ๋ถˆ๊ฐ€๋Šฅํ•˜๊ธฐ ๋•Œ๋ฌธ์— ํ†ต์‹ ์ด ์žกํžˆ์ง€ ์•Š์Šต๋‹ˆ๋‹ค.

WAF Bypass XSS Payload Only Hangul

~1 min read

์–ด์ œ ๋’ค์ ๋’ค์  ์›น ์„œํ•‘ํ•˜๋‹ค๊ฐ€ ๊ฐ€ํƒ€์นด๋‚˜๋กœ ๋œ ๊ณต๊ฒฉ์ฝ”๋“œ๋ฅผ ๋ณด๊ณ  ํ•œ๊ธ€๋กœ๋„ ํ•œ๋ฒˆ ๋งŒ๋“ค์–ด๋ด์•ผ์ง€ ์‹ถ์–ด ํ‡ด๊ทผ๊ธธ์— ํฐ์œผ๋กœ ๋งŒ๋“ค์–ด๋ดค์Šต๋‹ˆ๋‹ค ๐Ÿ˜Š

ZAP Scripting์œผ๋กœ Custom Header

~1 min read

ZAProxy์—์„œ replacer๋ฅผ ์ด์šฉํ•ด Request/Response ๋‚ด์šฉ ์ค‘ ์ผ๋ถ€๋ฅผ ์ž๋™์œผ๋กœ ๋ณ€๊ฒฝํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ถ”๊ฐ€๋„ ๊ฐ€๋Šฅํ•˜๊ตฌ์š”.๊ทธ์น˜๋งŒ ์šฐ๋ฆฌ๋Š” ๋•Œ๋•Œ๋กœ ์กฐ๊ธˆ ๋” ๋””ํ…Œ์ผํ•œ ๋ณ€๊ฒฝ์ด ์š”๊ตฌ๋˜๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ์ด๋•Œ๋Š” script๋กœ ๋„ฃ์–ด๋‘๊ณ  ์“ฐ๋ฉด ํŽธ๋ฆฌํ•˜๋‹ˆ ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค.

๋น„๋ฃจํŒ…/๋น„ํƒˆ์˜ฅ ๋‹จ๋ง์—์„œ ํ”„๋ฆฌ๋‹ค ์‚ฌ์šฉํ•˜๊ธฐ (Frida Inject DL for no-jail, no-root)

2 min read

์•ฑ ์ทจ์•ฝ์  ๋ถ„์„ ์‹œ ์—„์ฒญ๋‚˜๊ฒŒ ํ™œ์šฉ๋„ ๋†’์€ ํ”„๋ฆฌ๋‹ค. ์˜ˆ์ „๋ถ€ํ„ฐ ์•ฝ๊ฐ„ Jailbreak, rooting ๋‹จ๋ง์—์„œ๋งŒ ๋™์ž‘ํ•œ๋‹ค๋Š” ํŽธ๊ฒฌ์ด ์žˆ์—ˆ๋Š”๋ฐ์š”. ์žฌ๋ฏธ์žˆ๋Š” ํŠธ๋ฆญ์„ ์ด์šฉํ•˜๋ฉด ๋น„๋ฃจํŒ…/๋น„ํƒˆ์˜ฅ ๋‹จ๋ง์—์„œ๋„ ํ”„๋ฆฌ๋‹ค ์‚ฌ์šฉ์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ํ”„๋ฆฌ๋‹ค ๊ณต์‹ ํ™ˆ์—๋„ ์žˆ๋Š” ๋‚ด์šฉ์ด๋‹ˆ ์ฐธ๊ณ ํ•˜์‹œ๊ธธ ๋ฐ”๋ž๋‹ˆ๋‹ค :)

iOS App MinimumOSVersion ์šฐํšŒํ•˜๊ธฐ (๊ฐ•์ œ๋ณ€๊ฒฝ)

1 min read

์ตœ๊ทผ์— iOS ์•ฑ ์ค‘ ์ตœ์†Œ ์„ค์น˜๋ฒ„์ „ ์ œํ•œ ๋–„๋ฌธ์— ์•ฝ๊ฐ„ ์‚ฝ์งˆ์„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ฒฐ๋ก ๋ถ€ํ„ฐ ๋ง์”€๋“œ๋ฆฌ๋ฉด ํ•ด๋‹น ์•ฑ ๊ธฐ์ค€์œผ๋ก  ์„ฑ๊ณตํ•˜์ง€ ๋ชปํ–ˆ์Šต๋‹ˆ๋‹ค๋งŒ, ๊ฐ€๋Šฅ์„ฑ์ด ์—†๋Š” ๋ฐฉ๋ฒ•์€ ์•„๋‹ˆ๊ธฐ ๋•Œ๋ฌธ์— ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค.

Burp suite Daracula(dark) Theme Release!

~1 min read

์˜ค๋Š˜์ด ํ• ๋กœ์œˆ์ด๋ผ ๊ทธ๋Ÿฐ๊ฐ€์š”. Burp ํŒ€์—์„œ ์ข‹์€ ์†Œ์‹์„ ์ฃผ์—ˆ์Šต๋‹ˆ๋‹ค. (์–ด์ œ ๋ฐค์— ๊ธ€์จ๋†“๊ณ  ๋ป—์–ด์„œ ์ž๋ฒ„๋ ธ๋„ค์š”โ€ฆ.)

Review on recent xss tricks (๋ช‡๊ฐ€์ง€ XSS ํŠธ๋ฆญ๋“ค ์‚ดํŽด๋ณด๊ธฐ)

1 min read

XSS ํ…Œ์ŠคํŠธ ๋ฒกํ„ฐ๋“ค ์ž์ฃผ ์ฐพ์•„๋ณด๊ณค(๋˜๋Š” ๊ณต์œ ๋ฐ›๊ฑฐ๋‚˜ ๋ˆˆ์— ๊ฑธ๋ฆฌ๊ฑฐ๋‚˜..) ํ•˜๋Š”๋ฐ ์ตœ๊ทผ์— ํฌ์ŠคํŒ… ์“ธ๋งŒํผ ํŠน๋ณ„ํ•œ๊ฑด ์—†์—ˆ๊ณ  ๊ฐ„๋‹จํ•œ ํŠธ๋ฆญ์ •๋„ ๋ช‡๊ฐœ ์˜ฌ๋ผ์™€์„œ ์ •๋ฆฌํ•ด์„œ ํ•œ๋ฒˆ์— ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

iOS์—์„œ์˜ SSL Pinning Bypass(with frida)

2 min read

ํ”ผ๋‹ ์ ์šฉ์ด ๋œ ์•ฑ๋“ค์ด ์ข€ ์žˆ๋‹ค๋ณด๋‹ˆ ๋ชจ๋ฐ”์ผ ์•ฑ ๋ถ„์„์—์„  ์–ธํ”ผ๋‹์ด ๊ฑฐ์˜ ํ•„์ˆ˜ ์ฝ”์Šค๊ฐ€ ๋˜์–ด๊ฐ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต Frida ์ฝ”๋“œ(์งœ๊ฑฐ๋‚˜ codeshare์—์„œ ๊ฐ€์ ธ๋‹ค ์“ฐ๊ฑฐ๋‚˜)๋กœ ์šฐํšŒํ•ฉ๋‹ˆ๋‹ค.

LOKIDN! ์žฌ๋ฏธ์žˆ๋Š” IDN HomoGraph Attack ๋ฒกํ„ฐ

1 min read

ํ•œ 2์ฃผ์ „์ฏค์ธ๊ฐ€์š”? EDB์—์„œ ์žฌ๋ฏธ์žˆ๋Š” ๋ฌธ์„œ ํ•˜๋‚˜๋ฅผ ๋ณด์•˜์Šต๋‹ˆ๋‹ค. ์„œ๋กœ ๋‹ค๋ฅด์ง€๋งŒ ๋น„์Šทํ•˜๊ฒŒ ์ƒ๊ธด ๋ฌธ์ž๋“ค ์ด์šฉํ•œ ๊ณต๊ฒฉ ๊ธฐ๋ฒ•์ธ IDN Homograph attack์œผ๋กœ ์›น์„ ๊ณต๊ฒฉํ•˜๋Š” ์žฌ๋ฏธ์žˆ๋Š” ๋ฐฉ๋ฒ•์ด๋ผ ์ •๋ฆฌํ•ด์„œ ๊ธ€๋กœ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค.

DynoRoot Exploit (DHCP Client Command Injection / CVE-2018-1111)

2 min read

์ „์— ์ด ์ทจ์•ฝ์ ์ด ๋‚˜์™”์„ ๋•Œ ๊ทธ๋ƒฅ dhcp ๊ด€๋ จ ์ทจ์•ฝ์ ์ด ๋‚˜์™”๊ตฌ๋‚˜ ํ—€์—ˆ๋Š๋ฐ, ์ตœ๊ทผ์— ๋‹ค๋ฅธ ์ทจ์•ฝ์  ๋ณด๋‹ค๋ณด๋‹ˆ ์ด ์ทจ์•ฝ์ ์„ ๊ธฐ๋ฐ˜์œผ๋กœ ํ•œ ์ทจ์•ฝ์ ์ด ๋ช‡๋ช‡ ๋ณด์—ฌ ๊ธ€๋กœ ํ’€์–ด๋ด…๋‹ˆ๋‹ค. ์˜ค๋Š˜ ์ด์•ผ๊ธฐ๋“œ๋ฆด ๋‚ด์šฉ์€ DynoRoot Exploit์ž…๋‹ˆ๋‹ค.

์›น ์–ด์…ˆ๋ธ”๋ฆฌ(Web Assembly)๋Š” ์–ด๋–ป๊ฒŒ ๋ณด์•ˆ ์ทจ์•ฝ์  ๋ถ„์„์„ ํ• ๊นŒ์š”?

7 min read

์ฒœ์ฒœํžˆ ์ •๋ฆฌํ•˜๋˜ ๊ธ€์ด ํ•˜๋‚˜ ์žˆ์—ˆ๋Š”๋ฐ, ๋“œ๋””์–ด ๊ธ€๋กœ ์˜ฌ๋ฆฌ๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜ ์ด์•ผ๊ธฐ๋“œ๋ฆด ๊ฒƒ์€ ์›น ์–ด์…ˆ๋ธ”๋ฆฌ์™€ ๋ณด์•ˆ๋ถ„์„ ๋Œ€ํ•œ ๋‚ด์šฉ์ž…๋‹ˆ๋‹ค.

JSFuck XSS

2 min read

ํ˜น์‹œ ์ด๋Ÿฐ XSS ์ฝ”๋“œ ๋งŽ์ด๋“ค ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ๊ฐœ์ธ์ ์œผ๋กœ Js ์ฝ”๋“œ ํƒˆ์ถœ ์ดํ›„ ํŠน์ˆ˜๋ฌธ์ž~๋ฌธ์ž์—ด ๋“ฑ ์›ํ•˜๋Š” ๊ตฌ๋ฌธ ์‚ฝ์ž…์ด ์–ด๋ ค์šธ ๋–„ ์ข…์ข… ์‚ฌ์šฉํ•˜๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค.

XSS Polyglot Challenge(v2)์— ์ฐธ์—ฌํ•˜๋ฉฐ XSS์— ๋Œ€ํ•œ ๊ณ ๋ฏผ์„ ๋” ํ•ด๋ด…์‹œ๋‹ค!

1 min read

polyglot์ด๋ž€ ์—ฌ๋Ÿฌ ํ™˜๊ฒฝ? ์—์„œ๋„ ๋™์ž‘ํ•˜๋Š” ํ•œ์ค„์งœ๋ฆฌ ๊ฐ•๋ ฅํ•œ ํ…Œ์ŠคํŒ… ์ฝ”๋“œ๋ฅผ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค. ์ € ๋˜ํ•œ ๊ฐ€๋”์”ฉ ํ…Œ์ŠคํŠธํ•  ๋•Œ ์“ฐ๊ณคํ•˜๋Š”๋ฐ, ์•„๋ฌดํŠผ ๊ณ ๋ฏผํ•ด๋ณด์‹œ๊ณ  ๋งŒ๋“ค์–ด๋ณด์‹œ๋ฉด ๋ถ„๋ช… ์ข‹์€๊ฒ๋‹ˆ๋‹ค.

p0wn-box - ๊ฐ€๋ณ๊ฒŒ ์‚ฌ์šฉํ•˜๊ธฐ ์ข‹์€ ๋ชจ์˜ํ•ดํ‚น/์นจํˆฌํ…Œ์ŠคํŠธ ํˆด ๋„์ปค ์ด๋ฏธ์ง€

2 min read

์ตœ๊ทผ์— Docker image ํ•œ๋ฒˆ ์ œ๋Œ€๋กœ ๋‚ ๋ ค๋จน์€์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ํ…Œ์ŠคํŠธ์šฉ ์นผ๋ฆฌโ€ฆ.ใ…œใ…œ (๋งฅ์€ ๋ฆฌ๋ˆ…์Šค์™€ ๋‹ค๋ฅด๊ฒŒ ์„ธํŒ…์„ ๋‹ค ์•ˆํ•ด๋†“์€์ง€๋ผโ€ฆ ๋„์ปค์— ์—„์ฒญ ์˜์กดํ•˜๊ณ  ์žˆ์—ˆ์ฃ )

Burp Suite REST API(Burp 2.0 beta)

1 min read

์ตœ๊ทผ์— Burp suite 2.0 Beta ๋ฒ„์ „์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ํ˜น์—ฌ๋‚˜ ํฐ ๋ณ€ํ™”๊ฐ€ ์žˆ์„๊นŒ ๊ณต์‹ ๋ธ”๋กœ๊ทธ๋ž‘ ์ฃผ๋ณ€ ๋ฐ˜์‘?(๊ธฐ๊ปํ•ด์•ผ ํŠธ์œ„ํ„ฐ..) ์ข€ ์‚ดํŽด๋ณธ ์ดํ›„ burp pro 2.0 ์œผ๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•˜์˜€์ฃ .

Arachni optimizing for fast scanning (Arachni ์Šค์บ” ์†๋„ ํ–ฅ์ƒ ์‹œํ‚ค๊ธฐ)

13 min read

Arachni๋ฅผ ๊ฐ€์ง€๊ณ  ์žฌ๋ฏธ์žˆ๋Š” ๊ฒƒ๋“ค์„ ํ•˜๊ณ ์žˆ๋Š”๋ฐ, ์š”์ฆ˜ ์ฐธ ์Šค์บ” ์†๋„์— ๋Œ€ํ•ด ๊ณ ๋ฏผ์ด ๋˜๋„ค์š”. Arachni ๊ฐ€ ๋ฒค์น˜ ๋งˆํ‚น ๊ธฐ์ค€์œผ๋กœ ๊ต‰์žฅํžˆ ์ข‹์€ ์„ฑ๋Šฅ์„ ๊ฐ€์ง€๋ฉฐ ์˜คํ”ˆ์†Œ์Šค์ด์ง€๋งŒ ๊ฒฐ์ •์ ์œผ๋กœ ์–ด๋งˆ์–ด๋งˆํ•œ ์Šค์บ” ์‹œ๊ฐ„์ด ๋ฐœ๋ชฉ์„ ์žก๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

SpEL(Spring Expression Language) Injection & Spring boot RCE

2 min read

Spring boot์œผ๋กœ ๊ตฌ์„ฑ๋œ ์„œ๋น„์Šค๋“ค์„ ์ ๊ฒ€ํ•  ๋•Œ ๊ผญ ์ฒดํฌํ•ด์•ผํ•  ๋ถ€๋ถ„ ์ค‘ ํ•˜๋‚˜๊ฐ€ SpEL RCE ์ž…๋‹ˆ๋‹ค. ๊ฐ€๋”์‹ ์ฐธ๊ณ ์‚ผ์•„ ๋ฐ๋“œํ’€์ด ์ž‘์„ฑํ•œ ๊ธ€(Spring boot RCE) ๋ณด๋Š”๋ฐ์š”, ์˜ค๋Š˜์€ ์ œ ๋ธ”๋กœ๊ทธ์— ์ข€ ์ •๋ฆฌํ•ด๋‘˜๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

ESI(Edge Side Include) Injection์„ ์ด์šฉํ•œ Web Attack(XSS, Session hijacking, SSRF / blackhat 2018)

3 min read

์ฃผ๋ง๋™์•ˆ ์‹œ๊ฐ„๋‚˜๋ฉด ์ฒœ์ฒœํžˆ blackhat, defcon ์ž๋ฃŒ์ข€ ๋ณผ๊นŒํ•ด์„œ ๋ณด๋‹ค๋ณด๋‹ˆ ๊ธ€๋กœ ๊ณต์œ ๋“œ๋ฆฌ๋ฉด ๊ดœ์ฐฎ์„ ๊ฒƒ ๊ฐ™์€ ๋‚ด์šฉ์ด ์žˆ์–ด ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค. ๋ฐ”๋กœ ESIi(ESI Injection)์— ๋Œ€ํ•œ ๋‚ด์šฉ์ž…๋‹ˆ๋‹ค.

Defcon 2018 ๋ฐœํ‘œ ์ž๋ฃŒ ๋ฐ Briefings list

6 min read

์ตœ๊ทผ Blackhat 2018 USA / Defcon ํ–‰์‚ฌ๊ฐ€ ์ง„ํ–‰๋ฌ์—ˆ์Šต๋‹ˆ๋‹ค. ์ž๋ฃŒ๋„ ์Šฌ์Šฌ ์˜ฌ๋ผ์˜ค๊ณ  ์–ด๋–ค ๋‚ด์šฉ์˜ ๋ฐœํ‘œ๋“ค์ด ์žˆ์—ˆ๋Š”์ง€ Title๋งŒ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. (์ฒœ์ฒœํžˆ ์ฝ์–ด๋ด์•ผ๊ฒ ๋„ค์š”, ์žฌ๋ฏธ์žˆ๋Š”๊ฑด ํฌ์ŠคํŒ…ํ•˜๋„๋ก ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค)

Attack a JSON CSRF with SWF(ActionScript๋ฅผ ์ด์šฉํ•œ JSON CSRF ๊ณต๊ฒฉ์ฝ”๋“œ ๊ตฌํ˜„)

1 min read

์ข€ ์˜ค๋ž˜๋œ(?) ๊ธฐ๋ฒ•์ด์ง€๋งŒ ์˜ค๋Š˜ ํŽ˜๋ถ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ํฌ๋Ÿผ์ชฝ์— ๊ธ€ ์ค‘ JSON CSRF ๊ธ€ ๋ณด๋‹ค๋ณด๋‹ˆ ์˜ˆ์ „์— ์ •๋ฆฌํ•ด๋‘˜๊นŒ ํ–ˆ๋˜ ๋‚ด์šฉ ์ƒ๊ฐ๋‚˜์„œ ๊ธ€๋กœ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. (๊ทธ์™€์ค‘์— 300$๋ฐ›์•˜๋‹ค๊ณ  ๊บ ์•Œ ์ž๋ž‘โ€ฆ)

JRuby Burp suite ํ™•์žฅ ๊ธฐ๋Šฅ ๊ฐœ๋ฐœ ์ค‘ ๋ฐœ์ƒํ•œ ์—๋Ÿฌ(failed to coerce [Lburp.IHttpRequestResponse; to burp.IHttpRequestResponse)

~1 min read

๊ธ€ ์ข€ ์“ฐ๊ณ  ์ž๋ คํ–ˆ๋Š”๋ฐ, ์žก๋‹คํ•œ ์ผ์ด ๊ผฌ์—ฌ.. ๊ธ€์€ ํŒจ์Šคํ•˜๊ณ  ๊ฐ„๋‹จํ•˜๊ฒŒ ๋ฉ”๋ชจ ํ•˜๋‚˜๋งŒ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

Firefox Hackbar Addon ๋‹จ์ถ•ํ‚ค(Short cut)

~1 min read

๋‚ฎ์— Hackbar git์„ ์šฐ์—ฐํžˆ ๋“ค์–ด๊ฐ€๊ฒŒ ๋ฌ๋Š”๋ฐ(์‚ฌ์‹ค ๋ฐ์€์ƒ‰์ด๋ผ ๋ˆˆ์•„ํŒŒ์„œ ์–ด๋‘ก๊ฒŒ ์ƒ‰์ƒ์ข€ ๋ฐ”๊ฟ€๋ผ๊ณ ..) ๋‹จ์ถ•ํ‚ค๊ฐ€ ์žˆ๋”๋ผ๊ตฌ์š”. (์ด๋Ÿด์ˆ˜๊ฐ€โ€ฆ Hackbar๊ฐ€ firefox quantum ์ดํ›„๋กœ ๊ฐœ๋ฐœ์ž ๋„๊ตฌ๋กœ ๋“ค์–ด๊ฐ€์„œ ๊ฑ ์‹ ๊ฒฝ ์•ˆ์“ฐ๊ณ  ์‚ด์•˜๋Š๋ฐ, ๋‹จ์ถ•ํ‚ค๊ฐ€ ์ƒ๊ฒผ๋„ค์š”)

Insomnia๋กœ REST API๋ฅผ ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŠธํ•˜์ž ๐Ÿ˜Ž

1 min read

์˜ค๋Š˜ ์†Œ๊ฐœํ•ด๋“œ๋ฆด ํˆด์€ REST API ํ…Œ์ŠคํŒ… ํˆด์ธ Insomnia ์ž…๋‹ˆ๋‹ค. postman๊ณผ ๊ฐ™์ด API๋ฅผ ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ ์œ„ํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ธฐ๋Šฅ๋“ค์„ ์ œ๊ณตํ•˜๊ณ  ์žˆ๊ณ , ๊ฐœ๋ฐœ์ž๋ฟ๋งŒ ์•„๋‹ˆ๋ผ ๋ณด์•ˆ์ชฝ์—์„œ๋„ ์ถฉ๋ถ„ํžˆ ์ž์ฃผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ๋ผ์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ณต์œ ๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Security testing SAML SSO Vulnerability & Pentest(SAML SSO ์ทจ์•ฝ์  ๋ถ„์„ ๋ฐฉ๋ฒ•)

6 min read

ํ•œ๊ฐ€์ง€ ๊ณ„์ •์ •๋ณด๋ฅผ ๊ฐ€์ง€๊ณ  ์—ฌ๋Ÿฌ ์„œ๋น„์Šค๋ฅผ ๋กœ๊ทธ์˜จํ•˜์—ฌ ์‚ฌ์šฉํ•˜๋Š” ๊ฒฝ์šฐ๋ฅผ Single Sign On, ์ฆ‰ SSO ๋ผ๊ณ  ํ•˜๋Š”๋ฐ์š” ์˜ค๋Š˜์€ ์ด SSO ์ข…๋ฅ˜ ์ค‘ SAML์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์™€ ์ทจ์•ฝ์  ๋ถ„์„ ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ •๋ฆฌํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

๋ฆฌ๋ˆ…์Šค์—์„œ OWASP ZAP๊ณผ BurpSuite์˜ ์ƒ‰์ƒ ๋ฐ”๊พธ๊ธฐ

2 min read

์•„์ฃผ ์˜ˆ์ „๋ถ€ํ„ฐ Burp suite, ZAP์˜ ์ƒ‰์ƒ์„ ๋ฐ”๊ฟ€ ์ˆ˜ ์žˆ์œผ๋ฉด ์ข‹๊ฒ ๋‹ค๋Š” ์ƒ๊ฐ์„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ด€๋ จํ•ด์„œ ์–‘์ชฝ ๊ฐœ๋ฐœ์ž๋ถ„๊ผ ์—ฌ์ญค๋ดค์ง€๋งŒ ๋™์ผํ•˜๊ฒŒ ์ฝ”๋“œ ์ˆ˜์ •์„ ๋งค์šฐ ์–ด๋ ต๋‹ค๊ณ  ๋‹ต๋ณ€ ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. (๋‹น์—ฐํ•œ ์ด์•ผ๊ธฐโ€ฆ, ์—ญ์‹œ ์ž๋ฐ”๋ž€)

ZAP์—์„œ Passive Script ๋งŒ๋“ค๊ธฐ

1 min read

์š”์ฆ˜ ๋ช‡๊ฐ€์ง€ ๋งŒ๋“ค์–ด์“ฐ๊ณ  ์žˆ๋Š”๋ฐ, ๊ฐ„๋‹จํ•˜๊ฒŒ ํ‹€์ด๋˜๋Š” ์ฝ”๋“œ์™€ ๋Œ€๋žต์ ์ธ ์„ค๋ช…์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

Subdomain Takeover ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ

2 min read

์˜ค๋Š˜์€ Subdomain Takeover ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์–ด๋Š์ •๋„ ์ž๋™ํ™”๊ฐ€ ๊ฐ€๋Šฅํ•˜๋ฉด์„œ๋„ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ์—์„œ๋„ ๊ฒฐ๊ณผ๊ฐ€ ์ข‹์€ ๊ณต๊ฒฉ ๋ฐฉ๋ฒ•์ด๋ผ ์•Œ์•„๋‘์‹œ๋ฉด ๋‘๊ณ ๋‘๊ณ  ๋„์›€๋ ๊ฑฐ๋ผ๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

ZAP์— ํ•„์š”ํ•œ ๊ธฐ๋Šฅ๊ณผ Burp suite ๋“€์–ผ ์ฒด์ œ๋กœ ๋Š๋‚€์ 

2 min read

์ตœ๊ทผ์— ZAProxy ๊ด€๋ จ๊ธ€์„ ์ญ‰ ์ž‘์„ฑํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. Burp + ZAProxy ๊ตฌ์„ฑ์œผ๋กœ ์ง„๋‹จํ•˜๋Š” ๊ฒƒ์— ๋Œ€ํ•ด ํ…Œ์ŠคํŠธํ•ด๋ณด๊ณ  ์ ์‘ํ•˜๋Š” ๋‹จ๊ณ„์˜€๋Š”๋ฐ, ํ•œ 1~2์ฃผ ์ง€๋‚ฌ์„๊นŒ์š”? ์ „๋ณด๋‹ค ํ™•์‹คํžˆ ์ต์ˆ™ํ•ด์ง„ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์ด์   ๋‹จ๋…์œผ๋กœ ZAProxy ์จ๋„ ํฌ๊ฒŒ ๋ถˆํŽธํ•˜์ง„ ์•Š์„ ๊ฒƒ ๊ฐ™๋„ค์š”. ์˜ค๋Š˜์€ ๊ด€๋ จ ๊ธ€์˜ ๋งˆ์ง€๋ง‰ ๋ถ€๋ถ„์œผ๋กœ ์•ž์œผ๋กœ ์ ์šฉํ•ด์•ผํ•  ๊ฒƒ๋“ค์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค.

ZAP ๋‹จ์ถ•ํ‚ค ์‚ฌ์šฉ ํŒ

1 min read

์‹œ๊ฐ„๋„ ๋Šฆ๊ณ  ํ”ผ๊ณคํ•ด์„œ ์ž˜๊นŒํ•˜๋‹ค๊ฐ€, ์žฌ๋น ๋ฅด๊ฒŒ ๊ธ€ ํ•˜๋‚˜ ์“ฐ๊ณ  ์ž๋ คํ•ฉ๋‹ˆ๋‹ค.

ZAP Scripting์œผ๋กœ Code Generator ๊ตฌํ˜„ํ•˜๊ธฐ

2 min read

ZAProxy์™€ Burp๋ฅผ ํ˜ผ์šฉํ•ด ์“ฐ๋ฉด์„œ ๋ถˆํŽธํ•œ ์ ๋“ค์„ ์ฐพ๊ณ , ๊ณ ์ณ๊ฐ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๊ทธ ์ค‘ Code genertor์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Burp suite ์ค‘๋…์ž๊ฐ€ ๋ฐ”๋ผ๋ณธ OWASP ZAP(Zed Attack Proxy). ์ด์ œ๋ถ€ํ„ฐ ๋“€์–ผ์ด๋‹ค!

3 min read

์š”์ฆ˜ ๋ถ€์ฉ ํˆด์— ๋Œ€ํ•œ ๋งŽ์€ ๊นŠ์€ ๊ณ ๋ฏผ์ด ์ƒ๊ฒผ์Šต๋‹ˆ๋‹ค. ์–ด๋–ค ํˆด์„ ์“ฐ๋ฉด ์ข‹์„์ง€, ์ด์ฐธ์— ๊ฑ ํ•˜๋‚˜ ๋งŒ๋“ค์ง€โ€ฆ ํ•œโ€ฆ 3๋…„? ์ „์ฏค์—๋„ ๊ฐ™์€ ๊ณ ๋ฏผ์ด ์žˆ์—ˆ์ฃ . ๊ทธ๋•Œ๋Š” Burp suite์— ์˜ฌ์ธํ•˜๊ธฐ๋กœ ๋งˆ์Œ์„ ์žก์•˜์—ˆ์Šต๋‹ˆ๋‹ค. ์‹œ๊ฐ„์ด ์ง€๋‚œ ์š”์ฆ˜, ๋˜๋‹ค์‹œ Burp suite์— ๋Œ€ํ•œ ์ง€๊ฒจ์›€, ์ƒˆ๋กœ์›€์„ ๊ฐˆ๊ตฌํ•˜๋Š” ๋งˆ์Œ์— ์—ฌ๋Ÿฌ ๊ณ ๋ฏผ์ด ์‹œ์ž‘๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Firefox XSS with Context menu(+css payload)

1 min read

์ฃผ๋ง ๋ฐค ํŠธ์œ„ํ„ฐ๋ฅผ ํ†ตํ•ด ์žฌ๋ฏธ๋‚œ๊ฒŒ ์žˆ๋‚˜ ๊ตฌ๊ฒฝํ•˜๋˜ ๋„์ค‘ ์ต์ˆ™ํ•œ ๊ตฌ๋ฌธ์ด ๋ฆฌํŠธ์œ— ๋˜๋Š” ๊ด‘๊ฒฝ์„ ๋ชฉ๊ฒฉํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ด€๋ จํ•ด์„œ ๋งํฌ ์ฝ์–ด๋ณด๋‹ˆ ์žฌ๋ฏธ์žˆ๋Š” ์ƒํ™ฉ์ด๋”๊ตฐ์š”. ๋‚ด์šฉ์„ ์ด์•ผ๊ธฐํ•˜์ž๋ฉด ํ˜„์žฌ ๋™์ž‘ํ•˜์ง€ ์•Š๋˜ ์˜ค๋ž˜๋œ XSS ํ…Œ์ŠคํŒ… ์ฝ”๋“œ๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ, ์žฌ๋ฏธ์žˆ๋Š” ๋ฒ„๊ทธ ํ•˜๋‚˜์™€ ์ฝ”๋“œ๋ฅผ ์ด์šฉํ•ด์„œ XSS๊ฐ€ ๊ฐ€๋Šฅํ•œ ์‚ฌ๋ก€์ธ๋ฐ์š”. ์˜ค๋Š˜์€ ์ด ๋‚ด์šฉ ๊ด€๋ จํ•ด์„œ ๊ธ€์„ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Not-rooted android Kali linux with Termux!(๋น„ ๋ฃจํŒ…ํฐ์—์„œ ์นผ๋ฆฌ ๊ตฌ์„ฑํ•˜๊ธฐ)

1 min read

์ง€๋‚œ๋ฒˆ์— ใ‹ใ‚Šใพใซ@kali-mani๊ฐ€ ์•ˆ๋“œ๋กœ์ด๋“œ ๋””๋ฐ”์ด์Šค์— Kali linux๋ฅผ ์˜ฌ๋ ธ๊ธธ๋ž˜ ๋ฃจํŒ… ์ƒํƒœ์—์„œ Nethunter๋ฅผ ์‚ฌ์šฉํ•œ๊ฑด์ง€ ๋ฌผ์–ด๋ดค๋Š”๋ฐ ๋Œ€๋‹ต์€ โ€œNoโ€ ์˜€์Šต๋‹ˆ๋‹ค.

BurpKit - Awesome Burp suite Extender(Burp์—์„œ ๊ฐœ๋ฐœ์ž ๋„๊ตฌ๋ฅผ ์‚ฌ์šฉํ•˜์ž!)

2 min read

์˜ฌํ•ด ์ดˆ ์ฏค์ธ๊ฐ€์š”? Payload ๊ด€๋ จํ•ด์„œ ๊ณต์œ  ๋ฐ›์€ ๋‚ด์šฉ์ด ์žˆ์—ˆ๋Š”๋ฐ, ์•Œ๊ณ ๋ณด๋‹ˆ.. ์“ธ๋งŒํ•œ ํˆด์„ ํŒํŒ ์ฐ์–ด๋‚ด๊ณ  ๊ณ„์‹  CrowdShield์˜ 1N3์˜ Git์ด์˜€์Šต๋‹ˆ๋‹ค. ์ด์ค‘์—์„œ ํ•˜์œ„ ํ”Œ๋Ÿฌ๊ทธ์ธ ๋””๋ ‰ํ† ๋ฆฌ๋ฅผ ํ†ตํ•ด Burp suite ํ™•์žฅ๊ธฐ๋Šฅ์„ ์ถ”๊ฐ€๋กœ ๋ฐฐํฌํ•˜๊ณ  ์žˆ๋Š”๋ฐ์š”. ์˜ค๋Š˜์€ ๊ทธ ์ค‘ ํ•˜๋‚˜์ธ Burp Kit์— ๋Œ€ํ•œ ๋‚ด์šฉ์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Evasion technique using Wildcards, Quotation marks and backslash, $IFS(WAF, ๋ฐฉ์–ด๋กœ์ง ์šฐํšŒ)

2 min read

WildCards?

Wildcard๋Š” OS์—์„œ ํŒŒ์ผ์— ๋Œ€ํ•ด ๋‹ค์ค‘์ฒ˜๋ฆฌ๋ฅผ ์œ„ํ•ด ์‚ฌ์šฉ๋˜๋Š” ๊ธฐํ˜ธ์ž…๋‹ˆ๋‹ค. ๋ณดํŽธ์ ์œผ๋กœ ๋งŽ์ด ์‚ฌ์šฉํ•˜๋Š”๊ฑด * ? ๋“ฑ์ด ์žˆ๊ณ  ๋•๋ถ„์— ๋ฒˆ๊ฑฐ๋กœ์šด ์ž‘์—…์„ ํ•œ๋ฒˆ์— ์ฒ˜๋ฆฌํ•  ์ˆ˜ ์žˆ๊ฒŒ ๋˜์ฃ . ๋ญ ๋Œ€์ถฉ ์ด๋Ÿฐ ๊ฒฝ์šฐ์ด์ฃ .

Android Meterpreter shell ์—์„œ์˜ ์‹คํ–‰ ๊ถŒํ•œ ์ƒ์Šน ์‚ฝ์งˆ ์ด์•ผ๊ธฐ

2 min read

์ €๋Š” ๋Œ€์ฒด๋กœ ํ…Œ์ŠคํŠธํฐ์— ์ž‘์—…ํ•  ๋•Œ meterpreter shell์„ ์—ฐ๊ฒฐํ•ด๋†“๊ณ  ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋ญ๋ž„๊นŒ ssh๋Š” ๊ตณ์ด ์—ด์–ด๋‘๊ณ  ์‹ถ์ง„ ์•Š๊ณ  adb๋Š” ์ผ€์ด๋ธ” ๊ฑด๋“œ๋ ค์„œ ๋Š๊ธธ๋•Œ ๋งˆ๋‹ค ๋ถˆํŽธํ•ด์„œ ๊ทธ๋ƒฅ exploit app ํ•˜๋‚˜ ๋‚ด๋ ค๋†“๊ณ  ํ•„์š”ํ• ๋•Œ๋งˆ๋‹ค ์‹คํ–‰ํ•˜์ฃ .

Metasploit web delivery ๋ชจ๋“ˆ์„ ์ด์šฉํ•œ Command line์—์„œ meterpreter session ๋งŒ๋“ค๊ธฐ

2 min read

์–ด๋–ค ๋ฐฉ๋ฒ•์ด๋˜ metasploit์„ ์‚ฌ์šฉํ•˜์ง€ ์•Š๊ณ  ์‰˜ ๊ถŒํ•œ์„ ์–ป์—ˆ์„ ๋•Œ metasploit ๊ณผ ์—ฐ๊ฒฐํ•˜๋ ค๋ฉด ์–ด๋–ป๊ฒŒ ํ•ด์•ผํ• ๊นŒ์š”? venom์œผ๋กœ ๋งŒ๋“  ํŽ˜์ด๋กœ๋“œ๋ฅผ ์‹คํ–‰ํ•ด์„œ ์—ฐ๊ฒฐํ•  ์ˆ˜๋„ ์žˆ๊ณ , ๋‹ค๋ฅธ ์ทจ์•ฝ์ ์„ ๋ฐœ์ƒ์‹œํ‚ค๋“  ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋ฐฉ๋ฒ•์ด ์žˆ์„๊ฒ๋‹ˆ๋‹ค.

Android 4.4(KitKat)์—์„œ NetHunter ์„ค์น˜ํ•˜๊ธฐ

1 min read

๊ฐ„๋งŒ์— ํ…Œ์ŠคํŠธํฐ ํ•œ๋Œ€์— ๋„ทํ—Œํ„ฐ๋‚˜ ๊น”์•„์„œ ๋†€์•„๋ณผ๊นŒ ํ•˜๊ณ  ์„ค์น˜ํ•˜๋ ค๊ณ  ๋ณด๋‹ˆ.. ๋ฒ„์ „์ ์ธ ๋ฌธ์ œ๊ฐ€ ์ƒ๊ฒผ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ๋„ทํ—Œํ„ฐ๊ฐ€ ๊ณต์‹์ ์œผ๋กœ ๋กค๋ฆฌํŒ ์ด์ƒ๋ถ€ํ„ฐ ์ง€์›์„ํ•˜๋Š”๋ฐ.. ์ œ ๋Œ€๋‹ค์ˆ˜ ํ…Œ์ŠคํŠธ ๊ธฐ๊ธฐ๋“ค์ด ๊ทธ ์•„๋ž˜ ๋ฒ„์ „์ด ๋งŽ์•„ ๋ฌธ์ œ๊ฐ€ ๋  ๊ฐ€๋Šฅ์„ฑ์ด ๋ณด์˜€์Šต๋‹ˆ๋‹ค.

G3 ์‹œ๋ฆฌ์ฆˆ ๋ฃจํŒ… ์Šคํฌ๋ฆฝํŠธ ์‚ดํŽด๋ณด๊ธฐ(LG Root Script.bat )

2 min read

์ตœ๊ทผ์— ์˜ˆ์ „์— ์“ฐ๋˜ ํฐ ํ•˜๋‚˜๋ฅผ ๋ฃจํŒ…ํ–ˆ์Šต๋‹ˆ๋‹ค. xda ๋’ค์ ์ด๋‹ค๊ฐ€ ๊ฐ„๋‹จํ•œ ์Šคํฌ๋ฆฝํŠธ ๋ฐœ๊ฒฌํ–ˆ๊ณ , ๋ณด์•„ํ•˜๋‹ˆ ํ•ด๋‹น ์Šคํฌ๋ฆฝํŠธ๋กœ ๋ฃจํŒ…ํ•œ๋ถ„๋“ค์ด ์ข€ ๊ณ„์…”์„œ ์ œ G3 A๋ฅผ ๋ฃจํŒ…ํ–ˆ์ฃ .

HTTPS/HTTP Mixed Content (์„ž์ธ ๋™์  ์ฝ˜ํ…์ธ  [File] ๋ฅผ ์ฝ์–ด์˜ค๋Š” ๊ฒƒ์„ ์ฐจ๋‹จํ–ˆ์Šต๋‹ˆ๋‹ค.)

1 min read

์–ด์ œ ๋ธ”๋กœ๊ทธ๋ฅผ https๋กœ ๋ณ€๊ฒฝ ํ›„ ์†Œ์†Œํ•œ ๋ฌธ์ œ๊ฐ€ ์ฐพ์•„์™”์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ js, css ๋“ฑ ๋ฆฌ์†Œ์Šค๋“ค์˜ ์ฃผ์†Œ๊ฐ€ https๋กœ ๊ฐ•์ œ ์น˜ํ™˜๋˜๊ณ  ๋•๋ถ„์— https๊ฐ€ ์—†๋Š” ๊ณณ์—์„œ ๋ถˆ๋Ÿฌ์˜จ ํŒŒ์ผ๋“ค์€ ๋กœ๋“œ๋˜์ง€ ์•Š์•„ ์ผ๋ถ€ ๊ธฐ๋Šฅ์ด ๋™์ž‘ํ•˜์ง€ ์•Š์•˜์—ˆ์ฃ .

Bypass XSS Protection with fake tag and data: (๊ฐ€์งœ ํƒœ๊ทธ์™€ data ๊ตฌ๋ฌธ์„ ์ด์šฉํ•œ XSS ์šฐํšŒ๊ธฐ๋ฒ•)

~1 min read

ํ‡ด๊ทผ๊ธธ์— ํŠธ์œ„ํ„ฐ๋ณด๋‹ค๊ฐ€ ์žฌ๋ฏธ์žˆ๋Š” XSS ํŽ˜์ด๋กœ๋“œ ์ฐพ์•„์„œ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์š”์ฆ˜ ๋ฐ”์˜๊ณ  ๋‘ํ†ต๋„ ์‹ฌํ•˜๊ณ ํ•ด์„œ ์‹ ๊ฒฝ ๋ชป์“ฐ๋‚˜ ์‹ถ์—ˆ๋Š”๋ฐ, ๋˜ ์ด๋Ÿฐ๊ธ€ ๋ณด๊ณ  ์ด๋Ÿฌ๋ฉด ์•„ํ”ˆ๊ฒƒ๋„ ์‚ฌ๋ผ์ง€๋„ค์š”. ์ž ๋น ๋ฅด๊ฒŒ ์‹œ์ž‘ํ•˜์ฃ .

MITM Proxy server in Ruby (evil-proxy์™€ rails๋ฅผ ์ด์šฉํ•œ WASE ํŠธ๋ž˜ํ”ฝ ์ˆ˜์ง‘ ๊ตฌ๊ฐ„ ๋งŒ๋“ค๊ธฐ)

2 min read

WASE๋ฅผ ๋งŒ๋“ค๋ฉด์„œ MITM Proxy๋กœ ํŠธ๋ž˜ํ”ฝ์„ ์ˆ˜์ง‘ํ•˜๋Š” ์„œ๋ฒ„๋ฅผ ๋งŒ๋“ค์—ˆ๋Š”๋ฐ์š”, ์ด ๊ณผ์ •์—์„œ ์•Œ์•„๋ดค๋˜๊ฑฐ๋ž‘ ๊ธฐ๋ฐ˜(?)์ด ๋˜์—ˆ๋˜ ์‹ฌํ”Œํ•œ ์ €์˜ ์ฝ”๋“œ ๊ด€๋ จํ•ด์„œ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

URL Hash(#) ์„ ์ด์šฉํ•œ XSS ์šฐํšŒ๊ธฐ๋ฒ•

1 min read

์ตœ๊ทผ์— Facebook์˜ Stored XSS ์ทจ์•ฝ์  ๊ด€๋ จ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ๋ฆฌํฌํŠธ๊ฐ€ ์˜ฌ๋ผ์™”์Šต๋‹ˆ๋‹ค. og tag๋ฅผ ์ด์šฉํ•ด์„œ xss๊นŒ์ง€ ์ง„ํ–‰๋œ ์ผ€์ด์Šค์ธ๋ฐ, ์ƒ๊ฐ๋ณด๋‹ค ์กฐ๊ธˆ ์˜์™ธ์˜ ๋‚ด์šฉ์ด๋ผ ๊ธ€๋กœ ๊ณต์œ ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] Bug Bounty๋ฅผ ์œ„ํ•œ WASE(Web Audit Search Engine) ๋งŒ๋“ค๊ธฐ [1] - Elastic search์™€ ruby-rails

2 min read

์š”์ฆ˜๋“ค์–ด ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ์— ๋Œ€ํ•œ ์ƒ๊ฐ์ด ์กฐ๊ธˆ ๊นŠ์–ด์กŒ์Šต๋‹ˆ๋‹ค. ์ผ์„ ํ•˜๋Š” ๊ฒƒ ์ด์™ธ์—๋„ ๋ฌด์–ธ๊ฐ€ ๊ฐ€์น˜๋ฅผ ๋งŒ๋“ค ์ˆ˜ ์žˆ๊ฒ ๋‹ค๋ผ๋Š” ์ƒ๊ฐ ๋•Œ๋ฌธ์ด์ฃ . (๊ทธ๋ƒฅ ๋ˆ์„ ๋” ๋ฒŒ๊ณ ์‹ถ๋‹ค๊ณ  ๊ทธ๋ž˜ =_=)

[HACKING] Memcached reflection DOS attack ๋ถ„์„

6 min read

์š”์ฆ˜ memcached ์„œ๋ฒ„ DOS ์ทจ์•ฝ์ ์œผ๋กœ ์ž ๊น ์‹œ๋Œ๋ฒ…์ ํ–ˆ์Šต๋‹ˆ๋‹ค. ์–ด์ œ ์ƒˆ๋ฒฝ pastebin์— C๊ธฐ๋ฐ˜ PoC ์ฝ”๋“œ๋ž‘ shodan์—์„œ ์กฐํšŒํ•œ ์„œ๋ฒ„ ๋‚ด์—ญ์ด ์˜ฌ๋ผ์™”๋Š”๋ฐ์š”. ์˜ค๋Š˜์€ ๊ทธ ๋‚ด์šฉ ๊ฐ€์ง€๊ณ  ๊ธ€ ์ข€ ์จ๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] Adobe Flash Player NetConnection Type Confusion(CVE-2015-0336) ๋ถ„์„

3 min read

์˜ค๋žœ๋งŒ์— ์ทจ์•ฝ์  ๋ถ„์„๊ธ€์„ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ๋ณ„๋‹ค๋ฅธ๊ฑด ์•„๋‹ˆ๊ณ  x90c์™€ ๋ฉ”์ผ๋กœ ์ด์•ผ๊ธฐํ•˜๋˜ ๊ฑด์ด ์žˆ๋Š”๋ฐ, ํ‡ด๊ทผ๊ธธ์— ๋ณด๋‹ค๋ณด๋‹ˆ ํฌ์ŠคํŒ…๊ฑฐ๋ฆฌ๊ฐ€ ๋˜์–ด๋ฒ„๋ ธ๋„ค์š”. (์•„๊น์ž–์•„์š”..)

[HACKING] TCPโ€‘Starvation Attack (DOS Attack on TCP Sessions)

1 min read

์š”์ฆ˜์€ edb์ชฝ ๋ฌธ์„œ๋ฅผ ์ž์ฃผ ๋ณด์ง„ ๋ชปํ•˜์ง€๋งŒ.. ์ฃผ๋ง๋ถ€ํ„ฐ ํ‹ˆ๋‚ ๋•Œ๋งˆ๋‹ค ํ•˜๋‚˜ ๋ด๋‘”๊ฒŒ ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜ ์ •๋ฆฌํ•ด์„œ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

[HACKING] iOS App ์ •์  ๋ถ„์„๋„๊ตฌ IDB (Ruby gem package โ€œIDBโ€ for iOS Static Analysis)

3 min read

์ตœ๊ทผ์— ๋ฃจ๋น„ ํŒจํ‚ค์ง€ ์ค‘ ์žฌ๋ฏธ์žˆ๋Š” ํˆด์„ ํ•˜๋‚˜ ๋ฐœ๊ฒฌํ—€์Šต๋‹ˆ๋‹ค. iOS ๋ถ„์„์šฉ ํˆด์ธ๋ฐ, Cycript, pcviewer, dumpdcrypt ๋“ฑ ๋ถ„์„ ํˆด๋“ค์„ ํ™œ์šฉํ•ด์„œ ์ž๋™์œผ๋กœ ๋ถ„์„ํ•ด์ฃผ๊ณ , ์ด๋ฅผ ํ•œ๊ตฐ๋ฐ ๋ชจ์•„์„œ ๋ณผ ์ˆ˜ ์žˆ๋Š” ์ •์ ๋ถ„์„ ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

Shodan API์™€ Metasploit์„ ์ด์šฉํ•œ Exploiting script - AutoSploit

1 min read

์›๋ž˜ LanGhost ๋‚ด์šฉ์œผ๋กœ ๊ธ€ ์จ๋ณผ๊นŒ ํ—€๋‹ค๊ฐ€, ๊ธ‰ ์ฃผ์ œ๋ฅผ ๋ฐ”๊พธ์–ด ํˆด ํ•˜๋‚˜์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋„๋ก ํ•˜์ฃ . ์˜ค๋Š˜์€ ์ด๋ฒˆ์ฃผ์— ๋‚˜๋ฆ„ ํ•ซํ–ˆ๋˜ AutoSploit์ž…๋‹ˆ๋‹ค.

What is AutoSploit?

AutoSploit์€ ์›๊ฒฉ ํ˜ธ์ŠคํŠธ์— ๋Œ€ํ•œ ์ž๋™ ์„œ์นญ, Exploit ํˆด, ์Šคํฌ๋ฆฝํŠธ ์ •๋„๋กœ ์ƒ๊ฐํ•˜์‹œ๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ํŒŒ์ด์ฌ ๊ธฐ๋ฐ˜์˜ ์ฝ”๋“œ์ด๋ฉฐ Shodan์„ ์ด์šฉํ•ด์„œ ์ž„์˜์˜ ๋Œ€์ƒ์„ ์„ ์ •ํ•˜๊ณ , Metasploit ๋ชจ๋“ˆ๋กœ Exploiting ํ•ฉ๋‹ˆ๋‹ค. ์ž๋™์„ ๋Œ€์ƒ์„ ์„ ์ •ํ•˜๊ณ , ๊ณต๊ฒฉํ•˜๊ณ , ๊ถŒํ•œ์„ ํš๋“ํ•  ์ˆ˜ ์žˆ๋‹ค๋Š” ์ ์—์„œ ์กฐ๊ธˆ ๋ฆฌ์Šคํฌํ•œ ํˆด๋กœ ๋ณด์ž…๋‹ˆ๋‹ค๋งŒ, ์ด๋ฏธ 350๋ช…์ด ๋„˜๋Š” ์‚ฌ๋žŒ์ด fork ์ค‘์ด๋„ค์š”.

[HACKING] DocumentBuilderFactory XXE ์ทจ์•ฝ์  ๊ด€๋ จ ์—ฐ๊ตฌ(?) ์ค‘๊ฐ„ ์ •๋ฆฌ(feat apktool)

2 min read

์•„์ฃผ ์˜ค๋žœ๋งŒ์— ๊ธ€์„ ์”๋‹ˆ๋‹ค. ์ž‘๋…„ ๋ง๋ถ€ํ„ฐ ์ข€ ์ •์‹ ์—†๋Š” ์ผ์ด ์žˆ์—ˆ๊ณ , ๊ฒธ์‚ฌ๊ฒธ์‚ฌ VAHA ์„œ๋น„์Šค ์†๋ณด๊ณ  ์žˆ๋˜์ง€๋ผ ๋ธ”๋กœ๊ทธ์— ๊ด€์‹ฌ์„ ๋งŽ์ด ๋ชป๋’€์—ˆ๋„ค์š”. (http://vaha.hahwul.com ) / ํ•„์š”ํ•œ ๊ธฐ๋Šฅ ํ”ผ๋“œ๋ฐฑ์ฃผ์„ธ์š”

[EXPLOIT] macOS High Sierra root privilege escalation ์ทจ์•ฝ์ /๋ฒ„๊ทธ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ(code metasploit)

1 min read

์˜ค๋žœ๋งŒ์— ๊ธ€์„์”๋‹ˆ๋‹ค. ๊ธ€๊ฐ์€ ํ•ญ์ƒ ์ ์–ด๋‘์ง€๋งŒ, ๊ธ€ ์“ฐ๊ธฐ๊นŒ์ง€๊ฐ€ ์ฐธ ์–ด๋ ต๋„ค์š”. (๊ทธ๋ƒฅ ๋ฐ”์˜๋‹ค๋Š” ํ•‘๊ณ„์ž„)

[WEB HACKING] SQLite SQL Injection and Payload

3 min read

์ตœ๊ทผ ์˜ˆ์ „์— SSRF ์˜ฌ๋ ธ๋˜ ๋‚ด์šฉ์˜ ํ™•์žฅ๊ฒฉ์ธ ๋‚˜๋ฆ„ ๊ฐœ์ธ์˜ ์—ฐ๊ตฌ๊ณผ์ œ์™€ Blind XSS ํ…Œ์ŠคํŒ… ํˆด ๋งŒ๋“œ๋Š” ๊ฒƒ ๋•Œ๋ฌธ์— ์งง์€ ๊ธ€๋กœ ๊ฐ€๋” ํฌ์ŠคํŒ…ํ•˜๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. (์‹œ๊ฐ„์ด ์—†๋‹ค๋Š” ํ•‘๊ณ„, ์‚ฌ์‹ค ๋†€๊ฑฐ ๋‹ค ๋†€๊ณ  ์žˆ๋Š” ๋Š๋‚Œ..)

Blind XSS(Cross-Site Scripting)์™€ ๋ณด์•ˆํ…Œ์ŠคํŒ…

1 min read

์˜ค๋Š˜์€ Blind XSS์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ž ๊น ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๋ณดํŽธ์ ์ธ XSS์™€ ๋น„์Šทํ•˜๊ณ , ํ…Œ์ŠคํŠธ ๋ฐฉ๋ฒ• ๋˜ํ•œ ๋น„์Šทํ•˜์ง€๋งŒ, ์–ธ์ œ ์–ด๋””์„œ ์šฐ๋ฆฌ์—๊ฒŒ ์–ด๋–ค ๊ฒฐ๊ณผ๋ฅผ ์ค„์ง€ ์˜ˆ์ธกํ•  ์ˆ˜ ์—†๋Š” ๊ทธ๋Ÿฐ ์นœ๊ตฌ์ด์ง€์š”.

[EXPLOIT] JAVA SE Web start JNLP XXE ์ทจ์•ฝ์  ๋ถ„์„(CVE-2017-10309, feat Metasploit)

4 min read

์š”์ฆ˜ ์‹œ๊ฐ„๋‚ด๊ธฐ๊ฐ€ ์™œ์ด๋ฆฌ ์–ด๋ ค์šด๊ฑด์ง€.. ๋•๋ถ„์— ์˜ค๋žœ๋งŒ์— ์ทจ์•ฝ์  ๋ถ„์„๊ธ€์„ ์ž‘์„ฑํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ์ง€๋‚œ 10์›” ๋ง ๊ณต๊ฐœ๋œ JAVA SE ๊ด€๋ จ XXE ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

BadIntent - Android ์ทจ์•ฝ์  ๋ถ„์„์„ ์œ„ํ•œ Burp Suite Extension ๐Ÿ“ฑ

5 min read

BlackHat ์ž๋ฃŒ ๋ณด๋˜ ์ค‘ ๊ดœ์ฐฎ์€ Android ์ทจ์•ฝ์  ๋ถ„์„ ๋„๊ตฌ๊ฐ€ ์žˆ์–ด ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค. ์•„์ง ์ž๋ฃŒ๊ฐ€ ๋งŽ์ด ์—†์–ด ์‚ฝ์งˆ์ด ์ข€ ๋งŽ์Šต๋‹ˆ๋‹ค. ์–‘ํ•ด ๋ถ€ํƒ๋“œ๋ฆฝ๋‹ˆ๋‹ค. ์˜ค๋Š˜ ์ด์•ผ๊ธฐํ•  ํˆด์€ BadIntent์ž…๋‹ˆ๋‹ค.

OWASP Top 10 2017 RC2 Review

1 min read

์ง€๋‚œ๋‹ฌ OWASP Top 10 2017๋…„๋„ ๋ฒ„์ „ RC2๊ฐ€ ๋‚˜์™”์Šต๋‹ˆ๋‹ค. RC2 ๋ฒ„์ „์€ ๊ธฐ์กด RC1์—์„œ ๊ฐœ์„ ๋˜์–ด ๋ฐœํ‘œ๋˜๋Š” ๋ฒ„์ „์ด๊ณ  ๋ช‡๊ฐ€์ง€ ๋งŒ์กฑ์Šค๋Ÿฌ์šด ๋ณ€ํ™”๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ OWASP Top 10 2017 RC2์˜ ๋ณ€ํ™”๋œ ์‚ฌํ•ญ๊ณผ ๊ฐœ์ธ์ ์ธ ์ƒ๊ฐ์„ ์ „๋‹ฌ๋“œ๋ฆฌ๋ ค ํ•ฉ๋‹ˆ๋‹ค.

[LINUX] Install docker on kali linux(์นผ๋ฆฌ ๋ฆฌ๋ˆ…์Šค์—์„œ ๋„์ปค ์„ค์น˜ํ•˜๊ธฐ)

~1 min read

Kali Linux ์—์„  ๊ธฐ๋ณธ ํŒจํ‚ค์ง€ ๋งค๋‹ˆ์ €์— ์žˆ๋Š” docker ์‚ฌ์šฉ์ด ๋ถˆ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋‹ค ๋ณด๋‹ˆ ์ง์ ‘ source.list๋ฅผ ์ถ”๊ฐ€ํ•˜๊ณ  dockerproject์—์„œ docker ์„ค์น˜๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.

๊ฐ€์ƒ Pentest ํ™˜๊ฒฝ ๊ตฌ์„ฑ์„ ์œ„ํ•œ metasploitable2 ์„ค์น˜

4 min read

๊ฐ€์ƒ ํ™˜๊ฒฝ์—์„œ์˜ Pentest ์–ด๋–ป๊ฒŒ ์ƒ๊ฐํ•˜์‹œ๋‚˜์š”? ๋ถ„๋ช… ์‹ค์ œ ์ƒํ™ฉ๊ณผ ๋Š๋‚Œ๋„ ๋‹ค๋ฅด๊ณ  ๋ถˆ์•ˆํ•œ๊ฐ๋„ ์—†์–ด ์žฅ๋‚œ๊ฐ ๊ฐ™์€ ๋Š๋‚Œ์ด ๋“ค๊ฒ๋‹ˆ๋‹ค. ์‚ฌ๋žŒ์ด ๋ฏธ๋ฆฌ ์ทจ์•ฝํ•˜๊ฒŒ ๋งŒ๋“ค์–ด๋‘” ์‹œ์Šคํ…œ์„ ๊ณต๊ฒฉํ•˜๋Š”๊ฒŒ ๋ฌด์Šจ ์˜๋ฏธ๊ฐ€ ์žˆ๋Š”๊ฐ€ ๋ผ๋Š” ์งˆ๋ฌธ๋„ ๋ฐ›์Šต๋‹ˆ๋‹ค.

Bypass DOM XSS Filter/Mitigation via Script Gadgets

3 min read

์ตœ๊ทผ Blackhat2017 USA์—์„œ โ€œBreaking XSS mitigations via Script Gadgetsโ€ ๋ผ๋Š” ์ œ๋ชฉ์œผ๋กœ XSS ๊ด€๋ จ ๋ฐœํ‘œ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. XSS ์šฐํšŒํŒจํ„ด ๋งŒ๋“ค๋•Œ ๋„์›€๋  ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์ด๋‹ˆ ์ •๋ฆฌํ•ด์„œ ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[SYSTEM HACKING] lynis๋ฅผ ์ด์šฉํ•œ ์‹œ์Šคํ…œ ์ทจ์•ฝ์  ์Šค์บ”(System vulnerability Scanning with lynis)

1 min read

Install

์„ค์น˜๋Š” ๋‹ค๋ฅธ ํˆด๊ณผ ๋™์ผํ•˜๊ฒŒ ์•„์ฃผ ์‹ฌํ”Œํ•ฉ๋‹ˆ๋‹ค. CISOfy์˜ github๋ฅผ ์ด์šฉํ•ด๋„ ๋˜๊ณ  ํŒจํ‚ค์ง€ ๋งค๋‹ˆ์ €๋ฅผ ์ด์šฉํ•ด๋„ ๋ฉ๋‹ˆ๋‹ค.

XCode Simulator์— App(.ipa) ํŒŒ์ผ ์„ค์น˜ํ•˜๊ธฐ

~1 min read

์ทจ์•ฝ์  ํ…Œ์ŠคํŠธ ๊ธฐ๊ธฐ๋กœ ์“ฐ๋Š” iOS ๋””๋ฐ”์ด์Šค์— ๋ฌธ์ œ๊ฐ€ ์žˆ์–ด Simulator๋ฅผ ์•Œ์•„๋ณด๋˜ ์ค‘ ๊ฐ„๋‹จํ•œ ํŒ์ด ์žˆ์–ด ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ Simulator์— Xcode๋กœ ์ปดํŒŒ์ผํ•œ ์•ฑ์ด ์•„๋‹ˆ๋ฉด ์„ค์น˜๊ฐ€ ๋ถˆ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ ์•ฝ๊ฐ„์˜ ํŠธ๋ฆญ์„ ์“ฐ๋ฉด ์‰ฝ๊ฒŒ ๊ฐ€๋Šฅํ•˜์ง€๋งŒ์š”. ์˜ค๋Š˜์€ app ํŒŒ์ผ์ธ .ipa(app)์œผ๋กœ Xcode Simulator์— ์„ค์น˜ํ•ด ๋ด…์‹œ๋‹ค.

[LINUX] Make a Persistent Live OS USB(๋น„ ํœ˜๋ฐœ์„ฑ Live OS ๋งŒ๋“ค๊ธฐ)

~1 min read

ํŒŒํ‹ฐ์…˜์˜ Label์ด persistence๋กœ ์ง€์ •ํ•˜๊ณ  persistence.conf ๋ฅผ ์ž‘์„ฑํ•ด์ฃผ๋ฉด persistence ํŒŒํ‹ฐ์…˜์— ๋ณ€๊ฒฝ์‚ฌํ•ญ์„ ๊ธฐ๋กํ•˜๋ฉฐ LiveOS์ง€๋งŒ ๋ฐ์ดํ„ฐ ์ €์žฅ์ด ๊ฐ€๋Šฅํ•ด์ง‘๋‹ˆ๋‹ค.

Metasploit + OpenVAS ์—ฐ๋™ (using Docker)

1 min read

๋ฉ”๋ชจํ•ด๋‘˜๊ฒธ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์˜ˆ์ „์—” ์ง์ ‘ ํ•˜๋‚˜ํ•˜๋‚˜ ํ•ด์•ผํ•ด์„œ ๊ท€์ฐฎ์•˜์ง€๋งŒ ์ด์   Docker๋กœ ํŽธํ•˜๊ฒŒ ์„ค์น˜ํ•ฉ์‹œ๋‹ค.

[HACKING] Kali Live OS๋ฅผ ์ด์šฉํ•œ Windows, Linux ๋ฌผ๋ฆฌ ์ ‘๊ทผ ํ•ดํ‚น

2 min read

Live USB ๋ฅผ ์ด์šฉํ•œ ๋ฌผ๋ฆฌ์ ์ธ ํ•ดํ‚น ์‹œ ์‚ฌ์šฉํ• ๋งŒํ•œ ๊ฐ„๋‹จํ•œ ํˆดํ‚ท ํ•˜๋‚˜ ๋งŒ๋“œ๋ ค๊ณ  ํ•˜๋Š”๊น€์— ๋ฉ”๋ชจ์ฐจ์›์œผ๋กœ ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[WEB HACKING] Struts2 RCE(CVE-2017-5638, S2-045) ํ…Œ์ŠคํŠธ ๋ฐ docker file ๊ณต์œ 

2 min read

๋งค๋ฒˆ Struts2 ๊ด€๋ จ ์ทจ์•ฝ์ ์ด ๋‚˜์˜ฌ๋•Œ๋งˆ๋‹ค ํฌ์ŠคํŒ…์„ ํ–ˆ๋˜ ๊ฒƒ ๊ฐ™์€๋ฐ์š”. ์˜ค๋Š˜ ์ฒดํฌํ•˜๋‹ค๋ณด๋‹ˆ docker hub์— ์ทจ์•ฝ App ์„ค์ •์ด ์˜ฌ๋ผ์™€์žˆ์–ด ๊ณต์œ  ์ฐจ ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[LINUX] How to install xfce on blackarch linux

~1 min read

๊ฐœ์ธ์ ์œผ๋กœ gnome๊ณผ xfce๋ฅผ ์ข‹์•„ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ์ค‘์—์„œ๋„ xfce๋ฅผ ์ตœ๊ณ ๋กœ ์ƒ๊ฐํ•˜๋Š”๋ฐ, ๊ทธ ์ด์œ ๋Š” ํด๋ž˜์‹์˜ ์ต์ˆ™ํ•œ ๋Š๋‚Œ๊ณผ ๋น ๋ฅธ ์†๋„ ๋•Œ๋ฌธ์ด์ฃ .

[LINUX] BlackArch Linux install tip!

1 min read

์ตœ๊ทผ์— OS ๋ฐฐํฌํŒ ๋ณ€๊ฒฝ์„ ์‹œ๋„ํ–ˆ๋‹ค๊ฐ€.. ๋‹ค์‹œ Debian์œผ๋กœ ๋Œ์•„์™”๋Š”๋ฐ์š” (์ด์ œ๋Š” 5์ผ์”ฉ ๋ฐค์„์ƒ ์ˆ˜ ์—†๋„ค์š”.. / ์ธ๊ฐ„์€ ์‹ค์ˆ˜๋ฅผ ๋ฐ˜๋ณตํ•˜์ฃ )

[HACKING] KALI Linux 2017.2 Release Review (๋ฌด์—‡์ด ๋‹ฌ๋ผ์กŒ์„๊นŒ์š”?)

1 min read

์ง€๋‚œ ์ฃผ ์ˆ˜์š”์ผ Pentesting OS์ธ Kali Linux์˜ 2017.2 ๋ฒ„์ „์ด Release ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ค‘๊ตญ์— ์žˆ์—ˆ๋˜์ง€๋ผ ์ด์ œ์•ผ ์†Œ์‹์„ ์ ‘ํ•˜๊ฒŒ ๋˜์—ˆ๋„ค์š”. ๊ฐ„๋‹จํ•˜๊ฒŒ ๋ฆฌ๋ทฐ ๋“ค์–ด๊ฐ‘๋‹ˆ๋‹ค.

[WEB HACKING] New attack vectors in SSRF(Server-Side Request Forgery) with URL Parser

5 min read

Blackhat 2017 USA ์ž๋ฃŒ๋ฅผ ๋ณด๋˜ ์ค‘ ํ•˜๋‚˜ ํฅ๋ฏธ๋กœ์šด ๋ฐœํ‘œ ์ž๋ฃŒ๋ฅผ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ฝ๊ณ  ํ…Œ์ŠคํŠธํ•ด๋ณด๋‹ˆ.. ์‹ค๋ฌด์—์„œ ๋ฐ”๋กœ ์“ธ ์ˆ˜ ์žˆ์„์ •๋„์˜ ๊ธฐ๋ฒ•์ด๋”๊ตฐ์š”.

[HACKING] Android Cloak & Dagger Attack๊ณผ Toast Overlay Attack(CVE-2017-0752)

2 min read

์˜ค๋Š˜์€ ์ตœ๊ทผ ๋ง์ด ๋งŽ์•˜์—ˆ๋˜ Android ์ทจ์•ฝ์  2๊ฐ€์ง€์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ฐ”๋กœ Cloak & Dagger Attack ๊ณผ Toast Overlay Attack ์ž…๋‹ˆ๋‹ค.

Metasploit ipknock๋ฅผ ์ด์šฉํ•œ hidden meterpreter shell

6 min read

metasploit์—์„œ payload์— ๋Œ€ํ•ด ์ฐพ์•„๋ณด๋˜ ์ค‘ ipknock์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ฐพ์•„๋ณด๋‹ˆ ์˜ค๋ž˜์ „๋ถ€ํ„ฐ ์žˆ๋˜ ๊ธฐ๋Šฅ์ด์˜€๋Š”๋ฐ, ์ž˜ ํ™œ์šฉํ•˜๋ฉด ์žฌ๋ฏธ์žˆ๋Š” ๋†€๊ฑฐ๋ฆฌ๊ฐ€ ๋˜๊ฒ ๋”๊ตฐ์š”.

[EXPLOIT] Struts2 REST Plugin XStream RCE ์ทจ์•ฝ์  ๋ถ„์„(feat msf) CVE-2017-9805 / S2-052

2 min read

์ตœ๊ทผ Sturts2 RCE ์ทจ์•ฝ์ ์ด ๋˜ ๋‚˜์™€ ์ด์Šˆ๊ฐ€ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋งค๋ฒˆ RCE ์ทจ์•ฝ์ ์œผ๋กœ ๊ณ ์ƒํ•˜๋Š”๊ฑฐ๋ณด๋ฉด ์•ˆ์“ฐ๋Ÿฝ๊ธฐ๊นŒ์ง€ ํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ๋”ฐ๋ˆ๋”ฐ๋ˆํ•œ CVE-2017-9805(REST Plugin XStream RCE) ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๊ธฐ์กด ๋ถ„์„์— ๋น„ํ•ด ๋‚ด์šฉ์ด ๋œ ์ž์„ธํ•˜๊ธด ํ•˜์ง€๋งŒ.. ์กฐ๊ธˆ์ด๋‚˜๋งˆ ์ดํ•ด์— ๋„์›€์ด ๋˜๊ธธ ๋ฐ”๋ผ๋„ค์š”.

Metasploit ์˜ rhosts์—์„œ Column/Tagging ์ปค์Šคํ„ฐ๋งˆ์ด์ง• ํ•˜๊ธฐ

3 min read

Metasploit์—์„œ hosts ๋ช…๋ น์€ ์•„์ฃผ ์ค‘์š”ํ•œ ๋ช…๋ น์ž…๋‹ˆ๋‹ค. ํƒ€๊ฒŸ์— ๋Œ€ํ•œ ๊ด€๋ฆฌ๋ถ€ํ„ฐ, exploit ์‹œ ์ข€ ๋” ํŽธํ•˜๊ฒŒ ํƒ€๊ฒŸ์„ RHOSTS์— ๋„ฃ์„ ์ˆ˜ ์žˆ์–ด ๋งŽ์ด๋“ค ์‚ฌ์šฉํ•˜์‹œ๊ณ , ์•ž์œผ๋กœ๋„ ์ญ‰ ์‚ฌ์šฉํ•  ์ˆ˜ ๋ฐ–์— ์—†๋Š” ๊ธฐ๋Šฅ์ด์ฃ .

[WEB HACKING] Retire.js๋ฅผ ์ด์šฉํ•ด JS Library ์ทจ์•ฝ์  ์ฐพ๊ธฐ

1 min read

์˜ค๋Š˜์€ ์›น ํ•ดํ‚น์— ์œ ์šฉํ•œ Browser Extension์ด์ž ๋ถ„์„ํˆด์˜ plugin, ๋…์ž์ ์œผ๋กœ ๋™์ž‘ํ•˜๋Š” Node.js app์ธ Retire.js์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์จ์˜จ์ง€๋Š” ์กฐ๊ธˆ ๋ฌ์œผ๋‚˜ ์–ด๋Š์ˆœ๊ฐ„๋ถ€ํ„ฐ Extension๊ณผ ํˆด์— ๋Œ€ํ•œ ์†Œ๊ฐœ๋ฅผ ์ข€ ๋œํ•˜๊ฒŒ ๋˜๋‹ค๋ณด๋‹ˆ ์ข‹์€ ํˆด์ธ๋ฐ ์ด์ œ์„œ์•ผ ๊ณต์œ ๋“œ๋ฆฌ๊ฒŒ ๋˜๋„ค์š”.

[EXPLOIT] OpenSSL OOB(Out-Of-Bound) Read DOS Vulnerability. Analysis CVE-2017-3731

8 min read

์‚ฌ์‹ค a2sv์˜ ์ง„๋‹จ ๋ชจ๋“ˆ ์ถ”๊ฐ€๊ฑด์œผ๋กœ ์•Œ์•„๋ณด๋‹ค๊ฐ€ ์ด ํฌ์ŠคํŒ…์„ ์‹œ์ž‘ํ•˜๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ทจ์•ฝ์  ํŠน์„ฑ ์ƒ ํˆด์— ์ ์šฉ์€ ์–ด๋ ค์›Œ ์•„์‰ฌ์šด์ ์ด ์žˆ์ง€๋งŒ ๊ทธ๋ž˜๋„ ์ญ‰ ๋ถ„์„ํ•ด๋ณด๋Š” ์žฌ๋ฏธ์žˆ๋Š” ์‹œ๊ฐ„์ด ๋˜์—ˆ๋„ค์š”.

Frida๋ฅผ ์†Œ๊ฐœํ•ฉ๋‹ˆ๋‹ค! ๋ฉ€ํ‹ฐ ํ”Œ๋žซํผ ํ›„ํ‚น์„ ์œ„ํ•œ ๊ฐ€์žฅ ๊ฐ•๋ ฅํ•œ ๋„๊ตฌ ๐Ÿ˜Ž

8 min read

๊ฐ„๋งŒ์— ํˆด ์†Œ๊ฐœ๋ฅผ ์ข€ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜ ์ด์•ผ๊ธฐ๋“œ๋ฆด ํˆด์€ Frida ์ž…๋‹ˆ๋‹ค. ํŒŒ์ด์ฌ ๊ธฐ๋ฐ˜์˜ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์™€ Command๋กœ ๊ตฌ์„ฑ๋˜์–ด ์žˆ๊ณ  Native App์— ๋Œ€ํ•œ ํ›„ํ‚น์„ ํ†ตํ•ด ๋™์  ๋ถ„์„์„ ์ง„ํ–‰ํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ์ด์ฃ .

Metasploit API์™€ msfrpcd, ๊ทธ๋ฆฌ๊ณ  NodeJS

5 min read

์š”์ฆ˜ metasploit์˜ rpc์— ๋Œ€ํ•ด ๊ต‰์žฅํžˆ ๊ด€์‹ฌ์ด ๋งŽ์Šต๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋ก  msgrpc plugin ๋ถ€ํ„ฐ msfrpcd ๋ฐ๋ชฌ๊นŒ์ง€ metasploit์—์„œ rpc๋ฅผ ์ด์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋ฐฉ๋ฒ•๋“ค์„ ๋งŽ์ด ์ฐพ์•„๋ณด๊ณ  ์žˆ์ง€์š”.

Metasploit-Aggregator๋ฅผ ์ด์šฉํ•œ Meterpreter session ๊ด€๋ฆฌํ•˜๊ธฐ

4 min read

Metasploit๊ณผ Meterpreter๋Š” ๊ต‰์žฅํžˆ ์ข‹์€ ํˆด์ง€๋งŒ ๊ฐ„๊ฐ„ํžˆ ๋ถˆํŽธํ•œ์ ๋„ ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋ก  ์—ฌ๋Ÿฌ ์‚ฌ์šฉ์ž๊ฐ€ ์„ธ์…˜์— ๋Œ€ํ•ด ๊ณต์œ ํ•  ์ˆ˜ ์—†๋‹ค๋Š” ์ ๊ณผ ๊ณต๊ฒฉ์ž์˜ Metasploit์— ๋ชจ๋“  ์„ธ์…˜์„ ๋‹ด๊ธฐ์—๋Š” ๋„ˆ๋ฌด ๋งŽ์•„์ง€๋ฉด ๋ถˆํŽธํ•ด์ง€๊ฒ ์ฃ . ์˜ค๋Š˜์€ ์ด๋ฅผ ํ•ด๊ฒฐํ•  ์ˆ˜ ์žˆ๋Š” Aggregator์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

EXIF๋ฅผ ์ด์šฉํ•˜์—ฌ ์ด๋ฏธ์ง€ ํŒŒ์ผ ๋‚ด Payload ์‚ฝ์ž…ํ•˜๊ธฐ

6 min read

์ด๋ฏธ์ง€๋ฅผ ์ฒ˜๋ฆฌํ•˜๋Š” ์„œ๋น„์Šค๋“ค์„ ๋ณด๋ฉด ๋งŽ์€ ์„œ๋น„์Šค๋“ค์ด ์ด๋ฏธ์ง€์˜ metadata๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ํŒŒ์‹ฑํ•ด์„œ ํ™œ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์šฐ๋ฆฌ๋Š” ์ด๋ฅผ ํ†ตํ•ด XSS๋‚˜ XXE ๋“ฑ ์—ฌ๋Ÿฌ ์›น ํ•ดํ‚น ๊ธฐ๋ฒ•์— ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ€์žฅ ์‰ฌ์šด ๋ฐฉ๋ฒ•์œผ๋ก  ๊ฐ OS์˜ ํŒŒ์ผ ๋ทฐ์–ด์—์„œ ํŒŒ์ผ ์†์„ฑ์„ ์—ด๊ณ  ์ง์ ‘ ํŽธ์ง‘ํ•˜์—ฌ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์ง€๋งŒ ์ด๋Š” ์•ฝ๊ฐ„ ๊ท€์ฐฎ์€ ์ž‘์—…์ด๊ณ  ํˆด์ด๋‚˜ ์ž๋™ํ™” ์‹œ ๊ต‰์žฅํžˆ ๊ฑธ๋ฆฌ์ ๊ฑฐ๋ฆฝ๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ๋Ÿฌํ•œ ์ž‘์—…์„ ๋„์™€์ฃผ๋Š” exif(exiftool)๋ž€ ๋„๊ตฌ๋ฅผ ์‚ฌ์šฉํ•˜๋ฉด ์ข€ ๋” ์‰ฝ๊ฒŒ ๋ฐ์ดํ„ฐ๋ฅผ ์ถ”๊ฐ€ํ•˜๊ณ  ์ˆ˜์ •ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Automatic Exploit&Vulnerability Attack Using db_autopwn.rb

~1 min read

์˜ˆ์ „์— Metasploit์—๋Š” db_autopwn์ด๋ผ๋Š” plugin์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋‹ค์ˆ˜์˜ ์‹œ์Šคํ…œ์„ ํ…Œ์ŠคํŠธํ•˜๊ณ  ๊ณต๊ฒฉ์„ ์ˆ˜ํ–‰ํ•ด์•ผํ•˜๋Š” ์‚ฌ๋žŒ ์ž…์žฅ์—์„œ ์•„์ฃผ ์œ ์šฉํ•  ์ˆ˜ ์žˆ๋Š” plugin์ด์ง€๋งŒ ๋ฌธ์ œ๊ฐ€ ์žˆ์–ด ๊ณต์‹ ๋ฒ„์ „์—์„œ ์ œ์™ธ๋œ plugin์ด์ฃ . ์ „์„ค์ฒ˜๋Ÿผ ๋‚ด๋ ค์˜ค๋Š” db_autopwn ์ฝ”๋“œ๋ฅผ ํ†ตํ•ด ๋”ฐ๋กœ plugin์œผ๋กœ ๋„ฃ์–ด์ค€๋‹ค๋ฉด ์ง€๊ธˆ๋„ ์ถฉ๋ถ„ํžˆ ์‚ฌ์šฉ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Data Leak Scenario on Meterpreter using ADS

3 min read

Meterpreter๋ฅผ ๊ฐ€์ง€๊ณ  ๋†€๋˜ ์ค‘ ์žฌ๋ฏธ์žˆ๋Š” ์‚ฌ์‹ค์„ ํ•˜๋‚˜ ๋ฐœ๊ฒฌํ–ˆ์Šต๋‹ˆ๋‹ค. ๋ญ ํฌ๊ฒŒ ๋†€๋ผ์šด๊ฑด ์•„๋‹ˆ์ง€๋งŒ meterpreter ์—์„œ๋„ ์•„๋ž˜ ๋ช…๋ น์ด ๋จนํž์ค„์€ ๋ชฐ๋ž๋„ค์š”.

Privilege Escalation on Meterpreter

4 min read

Meterpreter shell์—์„œ ๊ถŒํ•œ์ƒ์Šน์€ ์–ด๋ ต์ง€ ์•Š์Šต๋‹ˆ๋‹ค. getsystem ๋ช…๋ น ํ•˜๋‚˜๋ฉด ์ถฉ๋ถ„ํ•˜์ฃ . ๊ทธ๋Ÿผ ์•ฝ๊ฐ„ ๊ถ๊ธˆ์ฆ์ด ์ƒ๊ธฐ๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

[WEB HACKING] Web hacking and vulnerability analysis with firefox!

4 min read

๋Œ€๋ถ€๋ถ„์˜ ์›น ํ•ดํ‚น/์ทจ์•ฝ์  ๋ถ„์„์€ Burp suite, Fiddler์™€ ๊ฐ™์€ ์›น ํ”„๋ก์‹œ, ๋””๋ฒ„๊ฑฐ์™€ ์›น ๋ธŒ๋ผ์šฐ์ €, ๊ทธ๋ฆฌ๊ณ  ํ™•์žฅ ๊ธฐ๋Šฅ๋“ค์„ ์ด์šฉํ•ด ์ด๋ฃจ์–ด์ง‘๋‹ˆ๋‹ค. ์ € ๋˜ํ•œ Burp+Firefox+Addon ์กฐํ•ฉ์œผ๋กœ ๋ถ„์„์„ ์ง„ํ–‰ํ•˜์ง€์š”.

[MAD-METASPLOIT] 0x30 - Meterpreter?

1 min read

What is Meterpreter shell?

Metasploit์—์„œ ์—ฌ๋Ÿฌ ๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•˜๋Š” ์‰˜์ด์ž Anti forensic์„ ์œ„ํ•œ shell์ด๋ผ๊ณ  ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ ๊ต‰์žฅํžˆ ์ข‹์•„ํ•˜๋Š” ์‰˜์ด๋ฉฐ Ruby script(IRB)์˜ ์—ฐ๋™์œผ๋กœ ํ˜„์žฌ ์ฃผ ์–ธ์–ด๋ฅผ Ruby๋กœ ์“ฐ๊ณ ์žˆ๋Š” ์ €์—๊ฒŒ๋Š” ์ตœ๊ณ ์˜ ์‰˜์ด ์•„๋‹๊นŒ ์‹ถ์Šต๋‹ˆ๋‹ค.

Meterpreter๋ฅผ ์ด์šฉํ•œ Windows7 UAC ์šฐํšŒํ•˜๊ธฐ

3 min read

Windows system์„ ์นจํˆฌํ…Œ์ŠคํŠธํ•˜๋‹ค ๋ณด๋ฉด UAC๋ผ๋Š” ๊ฒŒ์ • ์ปจํŠธ๋กค์„ ๋งŒ๋‚˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค. ์•„๋ž˜์—์„œ๋„ ์„ค๋ช…๋“œ๋ฆฌ๊ฒ ์ง€๋งŒ ์ด๋Š” Windows ์˜ ๋ณด์•ˆ ์ •์ฑ… ์ค‘ ํ•˜๋‚˜์ด๋ฉฐ ์šฐ๋ฆฌ๋Š” ์ด๊ฒƒ์„ ์šฐํšŒํ•ด์•ผ ๋” ๊นŠ์€ ๋‚ด์šฉ์œผ๋กœ ์ ‘๊ทผํ•˜๊ณ  ์‹คํ–‰ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ Metasploit์„ ํ†ตํ•ด UAC๋ฅผ ์šฐํšŒํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[MAD-METASPLOIT] 0x40 - Anti Forensic

2 min read

Remove event log meterpreter > clearev [] Wiping 766 records from Applicationโ€ฆ [] Wiping 1375 records from Systemโ€ฆ [*] Wiping 346 records from Securityโ€ฆ

[MAD-METASPLOIT] 0x34 - Persistence Backdoor

1 min read

Persistence backdoor

Meterpreter๋Š” Persistence ๋ฅผ ์ด์šฉํ•˜์—ฌ ์‹œ์Šคํ…œ์— ๋ฐฑ๋„์–ด๋ฅผ ๋‚จ๊ฒจ ์ง€์†์ ์œผ๋กœ ์ ‘๊ทผํ•  ์ˆ˜ ์žˆ๋Š” ํ†ต๋กœ๋ฅผ ๋งŒ๋“ค ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

[MAD-METASPLOIT] 0x20 - Remote Exploit

3 min read

HAHWUL auxiliary(vnc_login) > db_nmap -PN 192.168.56.101 [] Nmap: Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-07 15:17 KST [] Nmap: Nmap scan report for 192.168.56.101 [] Nmap: Host is up (0.00072s latency). [] Nmap: Not shown: 983 closed ports [] Nmap: PORT STATE SERVICE [] Nmap: 80/tcp open http [] Nmap: 135/tcp open msrpc [] Nmap: 139/tcp open netbios-ssn [] Nmap: 443/tcp open https [] Nmap: 445/tcp open microsoft-ds [] Nmap: 554/tcp open rtsp [] Nmap: 2869/tcp open icslap [] Nmap: 5357/tcp open wsdapi [] Nmap: 5500/tcp open hotline [] Nmap: 5800/tcp open vnc-http [] Nmap: 5900/tcp open vnc ..snip..

[MAD-METASPLOIT] 0x10 - Port scanning

3 min read

nmap scan

Metasploit Database ์‚ฌ์šฉ ํ•˜๋„๋ก ์„ค์ •ํ•˜์˜€๋‹ค๋ฉด Msf ๋‚ด๋ถ€์—์„œ DB์™€ ์—ฐ๊ฒฐ๋˜๋Š” nmap์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. nmap์— ๋Œ€ํ•œ ๊ฒฐ๊ณผ๊ฐ€ Metasploit DB๋กœ ๋“ค์–ด๊ฐ€ ์—ฐ๋™๋˜๊ธฐ ๋•Œ๋ฌธ์— ํ›„์— ์Šค์บ” ๋ฐ์ดํ„ฐ๋ฅผ ๊ฐ€๊ณตํ•˜๋Š”๋ฐ ์žˆ์–ด ๊ต‰์žฅํžˆ ํŽธ๋ฆฌํ•ฉ๋‹ˆ๋‹ค.

[MAD-METASPLOIT] 0x02 - Database setting and workspace

~1 min read

DB ์—ฐ๋™์„ ํ•˜๊ฒŒ๋˜๋ฉด ์ทจ์•ฝ์  ์ •๋ณด๋ฅผ DB์— ์ธ๋ฑ์‹ฑํ•˜์—ฌ ์กฐ๊ธˆ ๋” ๋น ๋ฅธ ๊ฒ€์ƒ‰์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๊ณ  DB๋ฅผ ํ†ตํ•ด taget์— ๋Œ€ํ•ด์„œ ํšจ์œจ์ ์œผ๋กœ ๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ์–ด Metasploit์„ ์‚ฌ์šฉํ•˜๋Š”๋ฐ ์žˆ์–ด ๊ต‰์žฅํžˆ ์ค‘์š”ํ•œ ์š”์†Œ์ž…๋‹ˆ๋‹ค.

[METASPLOIT] DB ์—ฐ๋™ ์ดํ›„ ๋ฐœ์ƒํ•˜๋Š” Module database cache not built yet(slow search) ํ•ด๊ฒฐํ•˜๊ธฐ

1 min read

Metaploit์„ ์‚ฌ์šฉํ•˜๋‹ค ๋ณด๋ฉด Module DB cache๋กœ ์ธํ•ด ๊ฒ€์ƒ‰์ด ๋Š๋ฆฐ ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋Œ€์ฒด๋กœ Metasploit์—์„œ DB ์—ฐ๊ฒฐ์„ ์•ˆํ• ๋•Œ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ์ง€๋งŒ DB ์—ฐ๊ฒฐ์ด ๋˜์–ด์žˆ์–ด๋„ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. DB๋ฅผ ์—ฐ๋™ํ•˜์ง€ ์•Š์€ ๋ถ„๋“ค์€ ์•„๋ž˜ ๋งํฌ ์ฐธ๊ณ ํ•˜์…” ์—ฐ๋™ํ•˜์‹œ๋ฉด ๋ง๋”ํ•˜๊ฒŒ ์‚ฌ๋ผ์ง‘๋‹ˆ๋‹ค.(์—ฐ๋™ํ•˜๋ฉด ์žฅ์ ์ด ํ›จ์”ฌ ๋งŽ์•„์š”)

[METASPLOIT] msgrpc ์„œ๋ฒ„๋ฅผ ์ด์šฉํ•˜์—ฌ msfconsole๊ณผ armitage ์—ฐ๋™ํ•˜๊ธฐ

1 min read

metasploit์˜ ์—ฌ๋Ÿฌ interface ์ค‘ ๋งŽ์ด๋“ค ์‚ฌ์šฉํ•˜์‹œ๋Š”๊ฒŒ msf(metasploit-framework)์™€ armitage์ž…๋‹ˆ๋‹ค. ๊ฐ๊ฐ cui, gui๋ผ๋Š” ์ปจ์…‰์„ ๊ฐ€์ง€๊ณ  ์žˆ๊ณ  ํ•œ์ชฝ์„ ์„ ํ˜ธํ•˜์‹œ๊ฑฐ๋‚˜ ์–‘์ชฝ ๋ชจ๋‘ ์„ ํ˜ธํ•˜์‹œ๋Š” ์ผ€์ด์Šค ๋ชจ๋‘ ๋ณด์•˜์Šต๋‹ˆ๋‹ค.

[HACKING] Closed network infection scenario and Detecting hidden networks (Using USB/Exploit)

4 min read

์–ด์ œ EDB๋ฅผ ๋‘˜๋Ÿฌ๋ณด๋˜ ์ค‘ ์žฌ๋ฏธ์žˆ๋Š” ๋ฌธ์„œ๋ฅผ ๋ณด์•˜๋Š”๋ฐ์š”. ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ƒ๊ฐ์„ ํ•ด๋ณด๋‹ค๋ณด๋‹ˆ ํฌ์ŠคํŒ…์œผ๋กœ ์ž‘์„ฑํ• ๋งŒํ•œ ๊ฒƒ ๊ฐ™์•„ ๊ธ€์„์จ๋ด…๋‹ˆ๋‹ค.

AngularJS Sandbox Escape XSS

3 min read

AngularJS๋Š” ์›น ์ƒ์—์„œ ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” ๊ฐœ๋ฐœ ํ”„๋ ˆ์ž„์›Œํฌ์ž…๋‹ˆ๋‹ค. ์ด๋Ÿฐ ํ”„๋ ˆ์ž„์›Œํฌ์—๋Š” ๋‹น์—ฐํžˆ ๋ณด์•ˆ ๋กœ์ง, ์ •์ฑ…์ด ๋“ค์–ด๊ฐ€๊ฒŒ๋˜์ฃ . ๊ทธ ์ค‘์— ๋Œ€ํ‘œ์ ์ธ ๊ฒƒ์€ ๋ฐ”๋กœ SandBox ์ž…๋‹ˆ๋‹ค. Sandbox ๋กœ ์ธํ•ด ์šฐ๋ฆฌ๋Š” ์„ฑ๊ณตํ•œ ๊ณต๊ฒฉ์ด ์˜ํ–ฅ๋ ฅ์ด ์—†์–ด์ง€๋Š” ์ง„๊ท€ํ•œ ๊ด‘๊ฒฝ์„ ๋ชฉ๊ฒฉํ•˜๊ฒŒ๋˜์ฃ .

[METASPLOIT] Writing Custom Plugin for metasploit

3 min read

์ตœ๊ทผ์— a2sv๋ฅผ metasploit plugin์œผ๋กœ ์ง€์›ํ•  ์ƒ๊ฐ์„ ํ•˜๊ณ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ชจ๋“ˆ ์ œ์ž‘์ด ์•„๋‹Œ plugin ์ œ์ž‘์œผ๋ก  ๊ฒฝํ—˜์ด ๊ฑฐ์˜ ์—†๊ธฐ์—.. ํ•˜๋‚˜ํ•˜๋‚˜ ์ฐพ์•„๋ณด๋ฉด์„œ ์ง„ํ–‰ํ•˜๊ธฐ๋กœ ํ–ˆ์ฃ .

Metasploit resource script์™€ ruby code๋กœ ์ปค์Šคํ„ฐ๋งˆ์ด์ง• ํ•˜๊ธฐ

4 min read

์˜ˆ์ „๋ถ€ํ„ฐ ์ €๋Š” Metasploit์„ Custom ํ•ด์„œ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์˜ฌ ์ดˆ msf์˜ ์—…๋ฐ์ดํŠธ๋กœ ํŒŒ์ผ ์‹œ์Šคํ…œ์˜ ๊ตฌ์กฐ๊ฐ€ ๋ฐ”๋€Œ๋ฉด์„œ Custom ์ฝ”๋“œ๊ฐ€ ์ข€ ๊ผฌ์ด๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ๋‹ค์‹œ Custom ๊ณผ์ •์„ ๊ฑฐ์น˜๋˜ ์ค‘ ์žฌ๋ฏธ์žˆ๋Š” ์•„์ด๋””์–ด๊ฐ€ ์ƒ๊ฐ๋‚˜์„œ ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

[WEB HACKING] Easily trigger event handler for XSS/ClickJackingโ€ using CSS(or stylesheet)

2 min read

Intro

XSS๋Š” ์˜ํ–ฅ๋ ฅ ๋Œ€๋น„ ๋ฐœ๊ฒฌ ๊ฐ€๋Šฅ์„ฑ์ด ๋†’์€ ์ทจ์•ฝ์ ์ž…๋‹ˆ๋‹ค. ๋˜ํ•œ ๋‹ค๋ฅธ Code base(Injection ๋“ฑ)์˜ ์ทจ์•ฝ์ ๊ณผ ๊ฐ™์ด ์—ฐ๊ตฌํ•˜๋Š” ์žฌ๋ฏธ๋„ ์ ์ ํ•˜๊ณ  ์‚ฌ๋žŒ์— ๋”ฐ๋ผ ๋šซ์„ ์ˆ˜ ์žˆ๋Š” ๋ฒ”์œ„๊ฐ€ ํ™•์‹คํžˆ ๋“œ๋Ÿฌ๋‚˜๋Š” ์ทจ์•ฝ์ ์ด๊ธฐ๋„ ํ•˜์ฃ .

[HACKING] Symbolic Execution(symbolic evaluation)์„ ์ด์šฉํ•œ ์ทจ์•ฝ์  ๋ถ„์„

3 min read

์ด๋ฒˆ ํฌ์ŠคํŒ…์€ Symbolic Execution ์ •๋ฆฌ์ฐจ์›์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค. Symbolic Execution์€ ํฌํ†ต ์ทจ์•ฝ์  ๋ถ„์„์— ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” ๋ฐฉ๋ฒ• ์ค‘ ํ•˜๋‚˜์ด๋จธ, ์ด ๊ธฐ๋ฒ•์œผ๋กœ ๊ต‰์žฅํžˆ ๋งŽ์€ ๋…ธ๊ฐ€๋‹ค๊ฐ€ ๋‹จ์ถ•๋˜์–ด ๊ฐ„๋‹จํ•œ ๋ถ„์„์—์„œ ์—„์ฒญ๋‚œ ํšจ์œจ์„ ์ž๋ž‘ํ•ฉ๋‹ˆ๋‹ค.

Bypass XSS filter with back-tick(JS Template Literal String)

1 min read

์˜ค๋žœ๋งŒ์—(?) XSS ์šฐํšŒ๊ธฐ๋ฒ• ์ •๋ฆฌ ์ฐจ ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ Template literal String์ธ back-tick๊ณผ ์ด๋ฅผ ์ด์šฉํ•œ XSS์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ž ๊ทธ๋Ÿผ ์‹œ์ž‘ํ•˜๋„๋ก ํ•˜์ฃ .

[WEB HACKING] SWF Debugging with ffdec(jpexs)

1 min read

์ €๋Š” swf ๋ถ„์„์—์„  ffdec๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ ์ตœ๊ทผ์— ์ฒ˜์Œ ์•ˆ ์‚ฌ์‹ค์ด.. jpexs๋ž‘ ffdec๋ฅผ ๊ฐ™์€๊ฑฐ๋”๊ตฐ์š”.(๊ด€์‹ฌ์ด ์—†์—ˆ..)

[WEB HACKING] SWF(Flash) Vulnerability Analysis Techniques

5 min read

์˜ค๋Š˜์€ SWF๋‚ด ์ทจ์•ฝ์  ๋ถ„์„์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. SWF๊ฐ€ ๋งŽ์ด ์ ์šฉ๋œ ํ™˜๊ฒฝ์€ ๊ฐ€๋”์‹ ๋ณด๋Š”์ง€๋ผ.. ์˜ค๋žœ๋งŒ์— ๋ถ„์„ํ•˜๋ คํ•˜๋ฉด ๊นŒ๋จน๊ณ  ๊ธฐ์–ต ์•ˆ๋‚˜๋Š” ๊ฒƒ๋“ค์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๋‘๊ณ ๋‘๊ณ  ๋ณผ ๊ฒธ ํฌ์ŠคํŒ…์œผ๋กœ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] msfconsole ๋‚ด Prompt ์„ค์ •ํ•˜๊ธฐ

~1 min read

msf ์‚ฌ์šฉ ์ค‘ ๊ฐ„๋‹จํ•œ ํŽธ์˜ ๊ธฐ๋Šฅ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๋ฐ”๋กœ Prompt ๋ถ€๋ถ„์— ๋Œ€ํ•ด ์„ค์ •ํ•˜๋Š” ๋ฐฉ๋ฒ•์ธ๋ฐ์š”. ์ดˆ๊ธฐ ์ €๋Š” ์ด ๋ฐฉ๋ฒ•์ด ์žˆ์„๊ฑฐ๋ž€ ์ƒ๊ฐ๋„ ์•ˆํ•˜๊ณ  ์ฝ”๋“œ์—์„œ ์ง์ ‘ ๋ฐ”๊ฟ”์„œ ์ผ์—ˆ๋˜ ๊ธฐ์–ต์ด ๋‚˜๋„ค์š”. (๋ฌผ๋ก  ๊ทธ๊ฒƒ๋„ ๋‚˜๋ฆ„์˜ ์žฅ์ ์ด!)

OOXML XXE Vulnerability (Exploiting XXE In file upload Function!)

3 min read

์˜ค๋Š˜์€ BlackHat USA 2015์—์„œ ๊ณต๊ฐœ๋œ OOXML XXE ๊ธฐ๋ฒ•์— ๋Œ€ํ•ด ์ •๋ฆฌํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋‚˜์˜จ์ง€ ์กฐ๊ธˆ๋ฌ์ง€๋งŒ.. ์•„์ง๋„ ์ž˜์“ฐ์ด๊ธฐ์— ํ•œ๋ฒˆ์ฏค ์ •๋ฆฌํ•˜๋ฉด ์ข‹์„๊ฑฐ๋ผ ์ƒ๊ฐํ–ˆ์—ˆ์ฃ .

[DEBIAN] Thunder Bird์—์„œ Anigmail, GnuPG(gpg)๋ฅผ ํ†ตํ•œ ์ด๋ฉ”์ผ ์•”ํ˜ธํ™”

3 min read

์˜ค๋Š˜์€ ์•”ํ˜ธํ™”๋œ ๋ฉ”์ผ ํ†ต์‹ ์„ ์œ„ํ•ด GPG๋ฅผ ์ด์šฉํ•œ ํ‚ค์ƒ์„ฑ๊ณผ Thunder Bird์— ์—ฐ๋™ํ•˜๋Š” ๊ณผ์ •์„ ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ ์“ฐ๋Š” ๋ฉ”์ผ ์„œ๋น„์Šค๋“ค์ด ์•”ํ˜ธํ™”๋˜์–ด ์•ˆ์ „ํ•˜๊ฒŒ ์ „์†ก๋œ๋‹ค๊ณ ๋Š” ํ•˜์ง€๋งŒ ์šฐ๋ฆฌ๋Š” ์‹ ๋ขฐํ•  ์ˆ˜ ์—†๊ธฐ ๋•Œ๋ฌธ์— ์ข…๋‹จ ๊ฐ„ ์•”ํ˜ธํ™”๋กœ ๋” ํŠผํŠผํ•œ ์ด๋ฉ”์ผ์„ ์‚ฌ์šฉํ•˜์ฃ .

Parameter Padding for Attack a JSON CSRF

1 min read

์ข€ ์˜ค๋ž˜๋œ ์šฐํšŒ๊ธฐ๋ฒ•(?)์ด๊ธด ํ•˜๋‚˜ ํ•œ๋ฒˆ ์ •๋ฆฌํ•ด๋‘๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์•„ ํฌ์ŠคํŒ…ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ CSRF ๊ทธ์ค‘์—์„œ๋„ JSON ํ˜•ํƒœ์˜ ์š”์ฒญ์„ ์ฒ˜๋ฆฌํ•˜๋Š”๋ฐ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋ฐฉ๋ฒ•์ด์ฃ .

[HACKING] Eternalblue vulnerability&exploit and msf code

5 min read

์ง€๋‚œ์ฃผ ์ฏค์ธ๊ฐ€์š”..? Shadow Brokers ๊ฐ€ ๊ณต๊ฐœํ•œ Eternal ์‹œ๋ฆฌ์ฆˆ์˜ ์ทจ์•ฝ์ ์„ ์ฃผ์ œ๋กœ ํฌ์ŠคํŒ…์„ ํ• ๊นŒ ํ–ˆ์Šต๋‹ˆ๋‹ค๋งŒ..

[EXPLOIT] Linux Kernel - Packet Socket Local root Privilege Escalation(CVE-2017-7308,out-of-bound) ๋ถ„์„

12 min read

์ •๋ง ์˜ค๋žœ๋งŒ์— ํฌ์ŠคํŒ…์„ ํ•˜๋„ค์š”. ์ตœ๊ทผ์— ๊ณต๊ฐœ๋œ Linux kenel ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ๋ถ„์„ ๋‚ด์šฉ์œผ๋กœ ์ค€๋น„ํ•˜์˜€์Šต๋‹ˆ๋‹ค. (์˜ˆ์ „์— Kernel OOB ์ทจ์•ฝ์  ์จ๋‘”๊ฑด ์–ด๋””๊ฐ”๋Š”์ง€ ๋ชจ๋ฅด๊ฒ ๋„ค์š”.. ์„ค๋งˆ ์ง€์šด๊ฑด๊ฐ€? =_=)

Form action + data:๋ฅผ ์ด์šฉํ•œ XSS Filtering ์šฐํšŒ ๊ธฐ๋ฒ•

~1 min read

XSS ํ…Œ์ŠคํŠธ ์‹œ ์žฌ๋ฏธ๋‚œ๊ฑธ ํ•˜๋‚˜ ์ฐพ์€๊ฒธ ๋ธ”๋กœ๊ทธ์— ์ •๋ฆฌํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋จผ์ € ํ…Œ์ŠคํŠธํ•˜๋˜ ๊ตฌ๊ฐ„์€ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ทœ์น™์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฌธ์ž์—ด ๊ธฐ๋ฒˆ์˜ ํ•„ํ„ฐ๋ง์œผ๋กœ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ํƒœ๊ทธ๊ฐ€ ํ•œ์ •๋˜์–ด์žˆ๊ณ , ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ ๋˜ํ•œ ๊ฑฐ์˜ ์ „๋ถ€ ํ•„ํ„ฐ๋ง๋˜์—ˆ์ฃ . ๊ทธ๋ฆฌ๊ณ .. ๊ฒฐ์ •์ ์œผ๋กœ base, java , script ๋“ฑ ๋ฌธ์ž์—ด ํ•„ํ„ฐ๋ง์œผ๋กœ ์šฐํšŒ ๊ตฌ๋ฌธ ์ž‘์„ฑํ•˜๋Š”๋ฐ ์ข€ ๊ท€์ฐฎ์•˜์Šต๋‹ˆ๋‹ค.

Apache Struts2 RCE Vulnerability(CVE-2017-5638/S2-045)

1 min read

์˜ฌํ•ด๋„ ์–ด๊น€์—†์ด Apache Struts2 ๊ด€๋ จ ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์š”์ฆ˜ DCCP Double free ์ทจ์•ฝ์ ์„ ์ฒœ์ฒœํžˆ ๋ณด๊ณ ์žˆ๋Š” ์ƒํ™ฉ์ธ๋ฐ ๊ธ‰ํžˆ Struts ์ •๋ฆฌํ•ด์„œ ํฌ์ŠคํŒ…ํ•˜๊ฒŒ ๋˜๋„ค์š”. ํ˜„์žฌ CVE-2017-5638, S2-045๋กœ ์˜ฌ๋ผ์™€ ์žˆ์Šต๋‹ˆ๋‹ค.

Bypass XSS Blank filtering with Forward Slash

1 min read

XSS ํ…Œ์ŠคํŒ… ์‹œ ๊ฐ€๋”์”ฉ ๋ฐœ๋ชฉ์„ ์žก๋Š” ์นœ๊ตฌ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Blank ํ•„ํ„ฐ๋ง์ธ๋ฐ์š”. ํƒœ๊ทธ ์‚ฌ์šฉ์ด ์ œํ•œ๋œ ์ƒํ™ฉ์—์„  ๊ต‰์žฅํžˆ ์งœ์ฆ๋‚˜๋Š” ์กด์žฌ์ฃ . (๋‹ค๋œ ๊ฒƒ ๊ฐ™์€๋ฐ..output์ด ์•ˆ๋‚˜์˜ค๋Š” ์ƒํ™ฉ)

[METASPLOIT] Hardware pentest using metasploit - Hardware-Bridge

3 min read

์ตœ๊ทผ Rapid7์‚ฌ์—์„œ ์žฌ๋ฏธ์žˆ๋Š” ๋‚ด์šฉ์„ ๋ฐœํ‘œํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Metasploit Framework์˜ Hardware-Bridge ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ์ด๋กœ์จ Metasploit์€ ์†Œํ”„ํŠธ์›จ์–ด์™€ ํ•˜๋“œ์›จ์–ด ๋ชจ๋‘ ๊ณต๊ฒฉ์ด ๊ฐ€๋Šฅํ•œ ํ”„๋ ˆ์ž„์›Œํฌ๊ฐ€ ๋˜์—ˆ๋„ค์š”.

[HACKING] Microsoft Windows Kernel Win32k.sys Local Privilege Escalation Vulnerability ๋ถ„์„(CVE-2016-7255/MS16-135)

19 min read

์˜ค๋žœ๋งŒ์— ์ทจ์•ฝ์  ๋ถ„์„์„ ํ•˜๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ž‘๋…„์— ๋ฐœํ‘œ๋˜๊ณ  ์˜ฌํ•ด ๊ณต๊ฒฉ์ฝ”๋“œ๊ฐ€ ๊ณต๊ฐœ๋œ Windows kenel Win32k.sys Local Privilege Escalation์— ๋Œ€ํ•ด ๋ณด๋„๋กํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค.

[WEB HACKING] PHP Comparison Operators Vulnerability for Password Cracking

2 min read

๊ฐœ์ธ์ ์œผ๋กœ ํ”„๋กœ๊ทธ๋ž˜๋ฐ์˜ ์žฌ๋ฏธ์žˆ๋Š” ์š”์†Œ๋Š” ์—ฐ์‚ฐ์ž๊ฐ€ ์•„๋‹๊นŒ ์‹ถ์Šต๋‹ˆ๋‹ค. ์ž‘์€ ์—ฐ์‚ฐ์ž๋“ค์ด ๋ชจ์—ฌ ํฐ ํ๋ฆ„์„ ๋งŒ๋“ค๊ณ , ์šฐ๋ฆฌ๊ฐ™์€ ํ•ด์ปค๋Š” ์ด ํ๋ฆ„์„ ํ‹€์–ด ์˜ˆ์ƒ์น˜๋„ ๋ชปํ•œ ํ–‰์œ„๋ฅผ ์ด๋Œ์–ด๋‚ด๋‹ˆ ๊ต‰์žฅํžˆ ์žฌ๋ฏธ์žˆ๋Š” ๋ถ€๋ถ„์ด์ฃ .

์ •๊ทœํ‘œํ˜„์‹์„ ์ด์šฉํ•œ XSS ์šฐํšŒ ๊ธฐ๋ฒ•

2 min read

โš ๏ธ XSS์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > XSS ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

HTML AccessKey and Hidden XSS (Trigger AccessKey and Hidden XSS)

2 min read

์˜ˆ์ „์— hidden xss ๊ด€๋ จํ•ด์„œ ํฌ์ŠคํŒ…ํ•œ์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค. input ๋‚ด hidden ์†์„ฑ์„ ๊ฐ€์งˆ ์‹œ ์ผ๋ฐ˜์ ์œผ๋กœ xss๊ฐ€ ์–ด๋ ต์ง€๋งŒ, ์กฐ๊ฑด์— ๋”ฐ๋ผ ๋™์ž‘์ด ๊ฐ€๋Šฅํ•œ XSS๋„ ์žˆ์ง€์š”. ์ด ๊ธฐ๋ฒ•์—์„œ ์‚ฌ์šฉ๋˜๋Š” accesskey ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

SOP(Same-Origin Policy)์™€ Web Security

1 min read

์˜ค๋Š˜์€ ์›น ํ•ดํ‚น ์‹œ ์šฐ๋ฆฌ์˜ ๋ฐœ๋ชฉ์„ ์žก๋Š” ์นœ๊ตฌ์ธ SOP(Same-Origin Policy)์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

[WEB HACKING] Web Vulnerability scanning with VEGA WVS(VAGA๋ฅผ ์ด์šฉํ•œ ์›น ์ทจ์•ฝ์  ์Šค์บ”)

2 min read

์˜ค๋žœ๋งŒ์— ํˆด ์†Œ๊ฐœ๋ฅผ ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋ž˜์ „๋ถ€ํ„ฐ ์จ์˜ค๋˜ WVS(Web Vulnerability Scanner)์ธ๋ฐ์š”.. ์ƒ๊ฐํ•ด๋ณด๋‹ˆ ํ•œ๋ฒˆ๋„ ๋ธ”๋กœ๊ทธ์—์„œ ๋‹ค๋ฃฌ์ ์ด ์—†์—ˆ๋„ค์š”.

[EXPLOIT] IE VBScript Engine Memory Corruption ๋ถ„์„(Analysis a CVE-2016-0189)

8 min read

์ตœ๊ทผ ๋ฉ”์ผ๋กœ ํฌ์ŠคํŒ… ์š”์ฒญ์ด ์žˆ์–ด CVE-2016-0189 ๋ถ„์„๊ธ€์„ ์ž‘์„ฑํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค. ๋ฉ”์ผ ๋ฐ›์€์ง€๋Š” ์ข€ ๋ฌ๋Š”๋ฐ.. ์—ฌ์ „ํžˆ ์•„์ง ์ €์˜ ๋ฐ”์จ์€ ๋์ด ์•ˆ๋‚˜๋”๊ตฐ์š”. ํ‹ˆํ‹ˆํžˆ ์ž‘์„ฑํ•˜๊ณ , ํผ์ฆ ์กฐ๊ฐ ๋งž์ถ”๊ธฐ์ฒ˜๋Ÿผ ์ž‘์„ฑํ•˜์—ฌ ํฌ์ŠคํŒ…์„ ์˜ฌ๋ฆฌ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

[EXPLOIT] MySQL(MariaDB/PerconaDB) Root Privilege Escalation(Symlink attack)

3 min read

์ •๋ง ์˜ค๋žœ๋งŒ์— ํฌ์ŠคํŒ…ํ•˜๋Š” ๊ธฐ๋ถ„์ด๋„ค์š”. ์š”์ฆ˜์€ ๋ง๋„์•ˆ๋˜๊ฒŒ ๊ณ„์† ๋ฐ”์˜๊ณ  ๊ทธ๋ž˜์„œ.. ํฌ์ŠคํŒ…์„ ์ž‘์„ฑํ•ด ๋†“์•˜์ง€๋งŒ ๋‹ค๋“ฌ์ง€ ๋ชปํ•ด ์˜ฌ๋ฆฌ์ง€ ๋ชปํ•œ ๊ธ€๋“ค์ด ๋งŽ์ด ์žˆ๋„ค์š”.

[EXPLOIT] MySQL(MariaDB/PerconaDB) Remote Code Execution and Privilege Escalation(CVE-2016-6662)

12 min read

๋ชจ๋‘ ์ฆ๊ฑฐ์šด ์—ฐํœด ๋˜์…จ๋‚˜์š”? ๋ญ”๊ฐ€ ์ •์‹ ์—†์ด ๋ณด๋‚ธ ๊ฒƒ ๊ฐ™๋„ค์š”. ๋Œ€๋žต ํ•œ๋‹ฌ๋งŒ์— ํฌ์ŠคํŒ…์„ ํ•˜๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”. ์‚ฌ์‹ค ํฌ์ŠคํŒ… ๊ฑฐ๋ฆฌ ๋ช‡๊ฐœ ์ž‘์„ฑํ•ด๋†“์€๊ฒŒ ์žˆ๋Š”๋ฐ.. ์ผ์ด ๋งŽ๋‹ค๋ณด๋‹ˆ ํ•˜๋‚˜ํ•˜๋‚˜ ์Œ“์—ฌ์žˆ๊ธฐ๋งŒ ํ•ฉ๋‹ˆ๋‹ค.

postMessage๋ฅผ ์ด์šฉํ•œ XSS์™€ Info Leak

4 min read

์ง€๋‚œ์ฃผ Exploit-db์—์„œ ๋’ค์ ๋’ค์  ํ•˜๋˜ ์ค‘ PostMessage ์žฌ๋ฏธ์žˆ๋Š” ๊ด€๋ จ ๋ฌธ์„œ๋ฅผ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ postmessage์—์„œ ๋ฐœ์ƒํ•˜๋Š” ์ทจ์•ฝ์ ์„ ์ฐพ๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค.

BurpSuite์˜ ๋‹จ์ถ•ํ‚ค(Hotkey) ์†Œ๊ฐœ ๋ฐ ๋ณ€๊ฒฝํ•˜๊ธฐ

1 min read

๊ฐœ์ธ์ ์œผ๋กœ ์›น ํ•ดํ‚น ์‹œ ์ฃผ๋ ฅ์œผ๋กœ ์‚ฌ์šฉํ•˜๋Š” ํˆด์€ Burpsuite ์ž…๋‹ˆ๋‹ค. ์•„ ๋ฌผ๋ก  ์ตœ๊ทผ ZAP(OWASP Zed Attack Proxy)๋ฅผ ์‚ฌ์šฉํ•ด๋ดค๋Š”๋ฐ ๊ต‰์žฅํžˆ ์ข‹๋”๊ตฐ์š”. ๊ทธ๋ž˜๋„ ์†์— ์ต์€ ๋‹จ์ถ•ํ‚ค์™€ ์ €์—๊ฒŒ ๋งž๋Š” UI๋กœ ์ €๋Š” Burp์˜ ์†์„ ๋“ค์–ด์ฃผ๊ณ  ์‹ถ๋„ค์š”.

[CODING] WebSocket - Overview , Protocol/API and Security

1 min read

WebSocket์ด๋ž€?

WebSocket์€ ์›น ํŽ˜์ด์ง€์—์„œ ์‹ค์‹œ๊ฐ„์œผ๋กœ ๋™์ž‘ํ•˜๋Š” ์›น ์„œ๋น„์Šค๋ฅผ ๋งŒ๋“ค์–ด ์ค„ ์ˆ˜ ์žˆ๋Š” ํ‘œ์ค€ ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ ์›น ํ”„๋กœํ† ์ฝœ์ธ HTTP๋Š” Request์™€ Response ๊ธฐ๋ฐ˜์œผ๋กœ ์ƒˆ๋กœ ์š”์ฒญ์ด ๋ฐœ์ƒํ•˜๋ฉด ํŽ˜์ด์ง€๋ฅผ ๋‹ค์‹œ ๊ทธ๋ ค์•ผํ•˜๋Š” ๊ตฌ์กฐ์ž…๋‹ˆ๋‹ค. ๋•๋ถ„์— ์ฟ ํ‚ค๋ผ๋Š” ๊ฐœ๋…๋„ ์‚ฌ์šฉ๋˜๊ฒŒ ๋˜์—ˆ์ง€์š”. (์ธ์ฆ ์ •๋ณด๋ฅผ ์œ ์ง€ํ•˜๊ธฐ ์œ„ํ•ด)

[HACKING] Mobile Application Vulnerability Research Guide(OWASP Mobile Security Project)

5 min read

์˜ค๋Š˜์€ ๊ฐ„๋งŒ์— ๋ชจ๋ฐ”์ผ ๋ณด์•ˆ, ์ฆ‰ ์Šค๋งˆํŠธํฐ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค. (์š”์ฆ˜ ๋ฐ”๋น ์„œ ๊ธ€ ์“ธ ์‹œ๊ฐ„์ด ์—†๋„ค์š”.. )

[HACKING] BlackArch Linux Install, Review (Arch linux for Pentest)

2 min read

์ด๋ฒˆ์— ๊ฐ€์ƒ๋จธ์‹  ์ •๋ฆฌ์ข€ ํ•  ๊ฒธ ์ตœ๊ทผ์— ์ด์•ผ๊ธฐ ๋‚˜์™”๋˜ BlackArch๋ฅผ ์„ค์น˜ํ•ด๋ดค์Šต๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ Arch Linux๋ฅผ ์จ๋ณธ์ ์ด ์—†๊ธฐ ๋•Œ๋ฌธ์—(๋”ฑ ํ•œ๋ฒˆ ์„ค์น˜๋งŒ ํ•ด๋ดค๋˜๊ฑฐ ๊ฐ™๋„ค์š”) ๊ธฐ๋Œ€๊ฐ์„ ์ง€๋‹Œ ์ฑ„ ๊ตฌ์„ฑ์„ ํ•˜์˜€์Šต๋‹ˆ๋‹ค.

Paranoid Mode! SSL Certified Meterpreter shell

3 min read

์ง€์†์ ์ธ ๋ชจ์˜ํ•ดํ‚น์€ ์ธํ”„๋ผ, ์„œ๋น„์Šค์˜ ๋ณด์•ˆ์„ฑ์„ ํ–ฅ์ƒ ์‹œํ‚ค๋Š”๋ฐ ํฐ ๋„์›€์ด ๋ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ ๋’ท์ฒ˜๋ฆฌ๊ฐ€ ๊น”๋”ํ•˜์ง€ ์•Š๋‹ค๋ฉด ๋” ์ทจ์•ฝํ•ด์งˆ ์ˆ˜๋„ ์žˆ๋‹ค๋Š” ๋ฌธ์ œ์ ์„ ๊ฐ€์ง€๊ณ  ์žˆ์ฃ .

[EXPLOIT] GNU Wget 1.18 Arbitrary File Upload/Remote Code Execution ๋ถ„์„(Analysis)

4 min read

์˜ค๋žœ๋งŒ์— Exploit ์ฝ”๋“œ ๋ถ„์„์„ ํ•ด๋ณผ๊นŒํ•ฉ๋‹ˆ๋‹ค. (ํ•œ์ฐธ๋œ๊ฑฐ ๊ฐ™๋„ค์š”) ์ตœ๊ทผ wget, ์ฆ‰ gnu wget์—์„œ Arbitrary File Upload์™€ Remote Code Execution ์ทจ์•ฝ์ ์ด ๋ฐœ๊ฒฌ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋”ฑ๋ด๋„ ํŒŒ๊ธ‰๋ ฅ์ด ํฌ๊ธฐ ๋•Œ๋ฌธ์— ๋‹น์—ฐ CVE๋„ ๋ถ™์—ˆ๊ณ  CVSS Risk level ๋„ ๋†’์„ ๊ฒƒ์œผ๋กœ ๋ณด์ด๋„ค์š”. ๊ทธ๋Ÿผ ์‹œ์ž‘ํ•ด๋ณผ๊นŒ์š”?

PUT/DELETE CSRF(Cross-site Request Forgrey) Attack

2 min read

์˜ค๋Š˜์€ ์›น ํ•ดํ‚น ๊ธฐ๋ฒ• ์ค‘ ํ•ซํ•œ CSRF์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ข€ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. XSS์™€ ํ•จ๊ป˜ ์ •๋ง ์ž์ฃผ ์žก๊ฒŒ๋˜๋Š” ์ทจ์•ฝ์ ์ด๊ณ  ์‚ฌ์šฉ ๋ฐฉํ–ฅ์— ๋”ฐ๋ผ ์˜ํ–ฅ๋ ฅ๋„ ๋†’์„ ์ˆ˜๋„ ์žˆ๋Š” ๋ฉ‹์ง„ ์นœ๊ตฌ์ด์ง€์š”. ์˜ค๋Š˜์€ ์•„์ฃผ ํฌ์†Œํ•˜์ง€๋งŒ PUT/DELETE ๋“ฑ GET/POST๊ฐ€ ์•„๋‹Œ CSRF์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

HIDDEN:XSS - input type=hidden ์—์„œ์˜ XSS

3 min read

์›น ์ทจ์•ฝ์  ์ง„๋‹จ์—์„œ ๊ฐ€์žฅ ๋งŒ๋งŒํ•˜๋ฉด์„œ ๊ฐ€์žฅ ์–ด๋ ค์šธ๋•Œ๋„ ์žˆ๋Š” XSS์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๊ทธ ์ค‘์—์„œ๋„ ์˜ค๋Š˜์€ hidden XSS. ์ฆ‰ hidden ์†์„ฑ์„ ๊ฐ€์ง„ ํƒœ๊ทธ์— ๋Œ€ํ•œ xss์ž…๋‹ˆ๋‹ค.

[WEB HACKING] Making XSS Keylogger(XSS Keylogger ๋งŒ๋“ค๊ธฐ)

2 min read

์˜ค๋Š˜์€ ๊ณต๊ฒฉ์„ ํ†ตํ•œ ์˜ํ–ฅ๋ ฅ ์ธก๋ฉด์—์„œ ๋ฐ”๋กœ ์‚ฌ์šฉ์ž์˜ ํ‚ค ์ž…๋ ฅ์„ ๊ฐ€๋กœ์ฑ„๋Š” Keylogger๋ฅผ ๊ฐ„๋‹จํ•˜๊ฒŒ ๋งŒ๋“ค์–ด๋ณผ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์•…์šฉํ•˜์‹œ๋ฉด ์•ˆ๋ฉ๋‹ˆ๋‹ค. ์—ฐ๊ตฌ์ ์ธ ์ธก๋ฉด์—์„œ ํ•ด๋ณด์‹œ๊ธธ ๋ฐ”๋ž๋‹ˆ๋‹ค.

[HACKING] JDWP(Java Debug Wire Protocol) Remote Code Execution

5 min read

์˜ค๋Š˜์€ JDWP์— ๋Œ€ํ•œ RCE ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ด ์ทจ์•ฝ์ ์€ 2014๋…„๋„ ๋‚˜์˜จ ์ทจ์•ฝ์ ์ด์ง€๋งŒ ์ตœ๊ทผ์—๋„ ๋ช‡๋ฒˆ ๋งŒ๋‚œ์ ์ด ์žˆ์–ด ์ •๋ฆฌํ•ด๋‘˜๊นŒํ•˜๋„ค์š”.

Anti-XSS Filter Evasion of XSS

6 min read

์›น ํ•ดํ‚น ์‹œ ๊ฐ€์žฅ ๋งŽ์ด ์žก๋Š” ์ทจ์•ฝ์  ์ค‘ ํ•˜๋‚˜๊ฐ€ XSS์™€ URL Redirection์ž…๋‹ˆ๋‹ค. ํ•ญ์ƒ ํ•˜๋‹ค๋ณด๋ฉด ๊ผญ! ์Šคํฌ๋ฆฝํŠธ๋กœ ๋“ค์–ด๊ฐˆ ์ˆ˜ ์žˆ์œผ๋‚˜ ํ•จ์ˆ˜ ๋ฐ ํŠน์ • ํŠน์ˆ˜๋ฌธ์ž ํ•„ํ„ฐ๋ง์— ๋ง‰ํžˆ๋Š” ๊ฒฝ์šฐ๊ฐ€ ์ข…์ข… ์žˆ์ฃ . ๊ทธ๋ž˜๋„ ์—ฌ๋Ÿฌ๋ถ„๋“ค๊ป˜ ์žฌ๋ฏธ์žˆ๋Š” ์šฐํšŒ ๊ธฐ๋ฒ• ๋ช‡๊ฐœ ๊ณต์œ ํ•ด๋“œ๋ฆฌ๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์•„์„œ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

[WEB HACKING] Reflected File Download(RFD) Attack

3 min read

์š”์ฆ˜ ์ •์‹ ์—†์ด ๋ณด๋‚ด๋‹ค๋ณด๋‹ˆ ๊ฐ„๋งŒ์— ๊ธ€์„ ์“ฐ๊ฒŒ ๋˜๋„ค์š”. ์˜ค๋Š˜์€ BlackHat 2014์—์„œ Hotํ–ˆ๋˜ RFD์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค. (๋ฒŒ์จ 2๋…„์ด๋‚˜ ์ง€๋‚ฌ๋„ค์š” ใ…Žใ…Ž..)

[WEB HACKING] XDE(XSS DOM-base Evasion) Attack

3 min read

์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ…Œ์ŠคํŠธ๋ฅผ ํ•˜๋‹ค๋ณด๋‹ˆ ์žฌ๋ฏธ์žˆ๋Š” ๊ฒƒ์„ ํ•˜๋‚˜ ์ฐพ์•„์„œ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[WEB HACKING] SWF๋‚ด DEBUG Password Crack ํ•˜๊ธฐ(Cracking DEBUG password in SWF flash file / EnableDebugger2)

2 min read

์˜ˆ์ „์— ๋ฏธ๋ฆฌ ์ž‘์„ฑํ•ด๋†“๊ณ .. ํ•œ์ฐธ ๋ฐ”์˜๋‹ค๊ฐ€ ์ด์ œ์„œ์•ผ ์˜ฌ๋ฆฌ๊ฒŒ๋ฌ๋„ค์š”. ์˜ค๋Š˜์€ ํ”Œ๋ž˜์‹œ ํŒŒ์ผ. ์ฆ‰ SWF์•ˆ์— ์žˆ๋Š” enableDebugger์— ๋Œ€ํ•ด ์•Œ์•„๋ณด๊ณ , Key๋ฅผ ํฌ๋ž™ํ•˜๋Š” ๋ฒ•์— ๋Œ€ํ•ด ๋ณผ๊นŒํ•ฉ๋‹ˆ๋‹ค.

[WEB HACKING] DotDotPwn - The Path Traversal Fuzzer(DDP๋ฅผ ์ด์šฉํ•œ Path Traversal)

2 min read

Path Traversal , Directory Traversal์„ ์ข€ ๋” ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŒ…ํ•  ์ˆ˜ ์žˆ๋Š” Traversal ์ „์šฉ Fuzzer - DotDotPwn์— ๋Œ€ํ•œ ๋‚ด์šฉ์œผ๋กœ ์ง„ํ–‰ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ด ํˆด์€ ํ˜„์žฌ Kali Project์—๋„ ์†ํ•ด์žˆ์„ ์ •๋„๋กœ ์œ ๋ช…ํ•˜๊ณ  ์ž˜ ์‚ฌ์šฉ๋˜๋Š” ํˆด ์ž…๋‹ˆ๋‹ค. ์ž˜ ์ตํ˜€๋‘๋ฉด ์ •๋ง ํ•„์š”ํ•  ๋•Œ ์•Œ๋งž๊ฒŒ ์‚ฌ์šฉํ•˜์‹ค ์ˆ˜ ์žˆ์ฃ .

[WEB HACKING] Apache Struts2 DMI REC(Remote Command Executeion) Vulnerability(CVE-2016-3081)

2 min read

์ง€๋‚œ CVE-2016-0785 ์ทจ์•ฝ์ ์— ์ด์–ด CVE-2016-3081 Struts2 ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ์ •๋ฆฌํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ์ผ๋‹จ Struts2 ์ทจ์•ฝ์ ์€ ์˜ˆ์ „๋ถ€ํ„ฐ ์•„์ฃผ ์น˜๋ช…์ ์ธ ์ทจ์•ฝ์ ์œผ๋กœ ์•Œ๋ ค์กŒ์—ˆ๊ณ , ์ตœ๊ทผ์— ๋˜ ์ค„์ค„์ด ๋‚˜ํƒ€๋‚˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ฌ ์ดˆ๋ถ€ํ„ฐ ๋ฐœ์ƒํ•œ Sturts2 ์ทจ์•ฝ์ ๋“ค์€ ์•ฝ๊ฐ„ ๋น„์Šทํ•œ ํ˜•ํƒœ์˜ ๊ตฌ์„ฑ์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

Apache Struts2 REC Vulnerability (CVE-2016-0785)

2 min read

์ตœ๊ทผ Apache Struts2์— Remote Command Execution ์ทจ์•ฝ์ ์ด ํ•˜๋‚˜ ์˜ฌ๋ผ์™”์Šต๋‹ˆ๋‹ค. ์ด์ „์—๋„ ๊ต‰์žฅํžˆ ์ด์Šˆ๊ฐ€ ๋งŽ์•˜๋˜ Struts ์ทจ์•ฝ์ ์€ Struts2๋ฅผ ์‚ฌ์šฉํ•˜๋Š” Apache์—์„œ ์ทจ์•ฝํ•  ์ˆ˜ ์žˆ์œผ๋ฉฐ ์›๊ฒฉ ๋ช…๋ น์ด ์‹คํ–‰๋˜์–ด ์„œ๋ฒ„ ๊ถŒํ•œ์„ ํƒˆ์ทจํ•  ์ˆ˜ ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๊ต‰์žฅํžˆ ์œ„ํ—˜ํ•˜์ฃ .

Google Hacking(๊ตฌ๊ธ€ํ•ดํ‚น) - ๊ฒ€์ƒ‰์—”์ง„์„ ์ด์šฉํ•œ ํ•ดํ‚น ๊ธฐ์ˆ 

1 min read

IT์ชฝ์— ์ผํ•˜๊ฑฐ๋‚˜ ๊ณต๋ถ€ํ•œ๋‹ค๋ฉด ๊ตฌ๊ธ€๋ง์€ ๊ธฐ๋ณธ์ž…๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ด๋Ÿฐ ๊ฒ€์ƒ‰ ์Šคํ‚ฌ๋“ค์„ ์ด์šฉํ•œ ๊ตฌ๊ธ€ํ•ดํ‚น ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] Social Engineering Attack(์†Œ์…œ ์—”์ง€๋‹ˆ์–ด๋ง) - ์ŠคํŒŒ์ด ๊ฐ™์€ ํ•ดํ‚น

3 min read

ํ•ดํ‚น์˜ ๊ธฐ๋ฒ•์€ ์•„์ฃผ ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ์œ ๋ช…ํ•œ ํ•ด์ปค์ธ ์ผ€๋นˆ ๋ฏธํŠธ๋‹‰์˜ ๊ฐ•์ ์ด์ž, ์ŠคํŒŒ์ด๋“ค์ด ํ•  ๊ฒƒ ๊ฐ™์€ ์†Œ์…œ ์—”์ง€๋‹ˆ์–ด๋ง(Social Engineering)์ž…๋‹ˆ๋‹ค.

[HACKING] Phase of Ethical Hacking Phase4 - Maintaining Access

2 min read

์œค๋ฆฌํ•ดํ‚น(Ethical Hacking)์˜ 5๊ฐ€์ง€ ๋‹จ๊ณ„ ์ค‘ ๋„ค๋ฒˆ์งธ Maintaining Access์ž…๋‹ˆ๋‹ค. Maintaining Access๋Š” Gaining Access๋ฅผ ํ†ตํ•ด ์‹œ์Šคํ…œ์— ์ ‘๊ทผ ํ›„ ์ ‘๊ทผ์˜ ์œ ์ง€๋ฅผ ์œ„ํ•ด ํ•˜๋Š” ์ ˆ์ฐจ์ž…๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋กœ Backdoor๋ฅผ ์‹ฌ๊ณ  Rootkit์„ ์„ค์น˜ํ•˜๋Š” ๊ณผ์ •์ด์ฃ .

[HACKING] Phase of Ethical Hacking Phase3 - Gaining Access

3 min read

์œค๋ฆฌํ•ดํ‚น(Ethical Hacking)์˜ 5๊ฐ€์ง€ ๋‹จ๊ณ„ ์ค‘ ์„ธ๋ฒˆ์งธ Gaining Access์ž…๋‹ˆ๋‹ค. Gaining Access ๋Š” ์š”์•ฝํ•˜์ž๋ฉด Recon, Scan ๋“ฑ์„ ํ†ตํ•ด ์–ป์–ด์ง„ ์ •๋ณด๋ฅผ ๊ฐ€์ง€๊ณ  ์‹ค์ œ ์‹œ์Šคํ…œ์— ์ ‘๊ทผ์„ ์–ป์–ด๋‚ด๋Š” ๊ณผ์ •์ž…๋‹ˆ๋‹ค. MSF๋‚˜ ๋งŒ๋“  ๊ณต๊ฒฉ์ฝ”๋“œ๋ฅผ ํ†ตํ•ด Exploit ํ•˜๋Š” ๊ณผ์ •์ด๋ผ๊ณ  ๋ณผ ์ˆ˜ ์žˆ์ง€์š”.

[HACKING] Phase of Ethical Hacking Phase2 - Scanning/Enumeration

1 min read

์œค๋ฆฌํ•ดํ‚น(Ethical Hacking)์˜ 5๊ฐ€์ง€ ๋‹จ๊ณ„ ์ค‘ ๋‘๋ฒˆ์งธ Scanning & Enumeration์ž…๋‹ˆ๋‹ค. ์ด ๋‹จ๊ณ„๋Š” ํƒ€๊ฒŸ์— ๋Œ€ํ•ด Scanning ํ•˜๋Š” ๋‹จ๊ณ„์ž…๋‹ˆ๋‹ค. ํƒ€๊ฒŸ ์‹œ์Šคํ…œ์— ๋Œ€ํ•ด Port Scan ๋“ฑ์„ ์ง„ํ–‰ํ•˜๊ณ  ์ง์ ‘์ ์ธ ๊ณต๊ฒฉ ์ˆ˜ํ–‰์— ์•ž์„œ ์ ๊ฒ€ํ•˜๊ฒŒ ๋˜๋Š” ์ˆœ์„œ์ž…๋‹ˆ๋‹ค. ์ด๋ฒˆ ํฌ์ŠคํŒ…์—์„œ๋Š” Scanning๊ณผ Enumeration ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] Phase of Ethical Hacking/Pentest(๋ชจ์˜/์œค๋ฆฌํ•ดํ‚น์˜ ๋‹จ๊ณ„)

2 min read

๋ชจ์˜ํ•ดํ‚น/์œค๋ฆฌ์ ์ธ ํ•ดํ‚น์„ ์œ„ํ•ด ์ œ์‹œ๋˜๋Š” ๋‹จ๊ณ„๋“ค์ด ์—ฌ๋ ค๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด ๊ฐ€์šด๋ฐ ๋Œ€ํ‘œ์ ์œผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ๊ฒƒ์„ ์กฐ๊ธˆ ์ •๋ฆฌํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์‹ค๋ฌด์—์„œ๋Š” ๋‹ค๋ฅธ ๋Š๋‚Œ์œผ๋กœ ์ ‘๊ทผํ•˜์ง€๋งŒ์š”.. (๋ฌผ๋ก  ๊ฐ๊ฐ ๋‹ค ์ฐจ์ด๊ฐ€ ์žˆ์„ ์ˆ˜ ์žˆ์Œ)

[HACKING] OpenSSL Client ์—์„œ SSLv2 ์‚ฌ์šฉํ•˜๊ธฐ(Check DROWN Attack)

1 min read

OpenSSL, Python ๋‚ด ssl ํŒจํ‚ค์ง€๋„ ์–ด๋Š์‹œ์ ๋ถ€ํ„ฐ SSLv2 ์‚ฌ์šฉ์— ๋Œ€ํ•ด ์ง€์›์„ ์ค‘๋‹จํ•˜๊ณ  ์‚ฌ์šฉํ•˜์ง€ ๋ชปํ•˜๋„๋ก ํŒจ์น˜๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ฌ ์ดˆ์— ์ด์Šˆ๊ฐ€ ๋˜์—ˆ๋˜ DROWN Attack์— ๋Œ€ํ•ด์„œ ์ ๊ฒ€ํ•˜๊ธฐ ์œ„ํ•ด์„œ๋Š” SSLv2 ๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ์„œ๋ฒ„์— ์ ‘๊ทผํ•ด์•ผํ•˜์ง€๋งŒ, ๊ธฐ์กด์— ์‚ฌ์šฉํ•˜๋˜ OpenSSL์€ -ssl2 ์˜ต์…˜์„ ์‚ฌ์šฉํ•˜์ง€ ๋ชปํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ๊ฐ„๋‹จํ•œ ๋ฐฉ๋ฒ•์œผ๋กœ ํŒจ์น˜ํ•˜์—ฌ ์‚ฌ์šฉํ•˜๋Š” ๋ฒ•์— ๋Œ€ํ•ด ๊ณต์œ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] SSLv2 DROWN Attack(CVE-2016-0800) ์ทจ์•ฝ์  ๋ถ„์„ / ๋Œ€์‘๋ฐฉ์•ˆ

3 min read

์˜ฌ ์ดˆ์— ๋ฐœ๊ฒฌ๋˜์—ˆ๋˜ DROWN Attack์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ๋ฐœ๊ฒฌ ๋‹น์‹œ ์ด ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ๊ต‰์žฅํžˆ ํฅ๋ฏธ๊ฐ€ ์ƒ๊ฒผ์ง€๋งŒ, ๋ฐ”์œ ์ผ์ •๊ณผ ์ ์€ ์ž๋ฃŒ๋กœ ๊ด€์‹ฌ์„ ์ ‘๊ฒŒ๋˜์—ˆ์ง€์š”. ์ตœ๊ทผ์— a2sv์— ํ•ด๋‹น ์ทจ์•ฝ์ ์„ ์ ๊ฒ€ํ•  ์ˆ˜ ์žˆ๋Š” ๋ชจ๋“ˆ์„ ๋„ฃ๋Š”๊ฒŒ ์ข‹๋‹ค๊ณ  ์ƒ๊ฐ๋˜์–ด์„œ ๋‹ค์‹œ ์—ด์–ด๋ณด๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

NMAP Part2 - NSE(Nmap Script Engine)์„ ์ด์šฉํ•œ ์ทจ์•ฝ์  ์Šค์บ๋‹

2 min read

Nmap script ์ธ NSE๋Š” nmap์„ ํ†ตํ•ด ๋„คํŠธ์›Œํฌ ์Šค์บ”์„ ์ง„ํ–‰ํ•˜๊ฑฐ๋‚˜, ์ทจ์•ฝ์  ์ง„๋‹จ์„ ์ˆ˜ํ–‰ํ•  ๋•Œ ์œ ์šฉํ•˜๊ฒŒ ์“ฐ์ผ ์ˆ˜ ์žˆ๋Š” ์Šคํฌ๋ฆฝํŠธ์ž…๋‹ˆ๋‹ค. Lua๋กœ ์ž‘์„ฑ๋˜์–ด ์žˆ์œผ๋ฉฐ nmap์„ ํ†ตํ•ด ํฌํŠธ์Šค์บ”, ๋„คํŠธ์›Œํฌ ์ ‘๊ทผ ์ด์™ธ์—๋„ ๋” ๋„“์€ ๋ฒ”์œ„์˜ ํ…Œ์ŠคํŠธ๋ฅผ ์ง€์›ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ NSE์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

nmap์„ ์ด์šฉํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋„คํŠธ์›Œํฌ ์Šค์บ” ๊ธฐ๋ฒ• ์‚ดํŽด๋ณด๊ธฐ

3 min read

๋„คํŠธ์›Œํฌ๋ฅผ ์Šค์บ”ํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ๊ฐ€์žฅ ์œ ๋ช…ํ•˜๊ณ  ๋Œ€ํ‘œ์ ์ธ nmap์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ์ •๋ฆฌํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Arachni - Web application security scanner framework

1 min read

๋งŽ์€ WVS(Web Vulnerability Scanner) ์ค‘ ์˜คํ”ˆ์†Œ์Šค ํ”„๋ ˆ์ž„์›Œํฌ์ธ Arachni์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ํ…Œ์ŠคํŠธ ํ•˜์˜€๊ณ , ๋ฌด๋‚œํ•˜๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„ ๊ฒƒ ๊ฐ™์•„ ์ •๋ฆฌํ•ฉ๋‹ˆ๋‹ค.

MSF์˜ local_exploit_suggester ๋ชจ๋“ˆ์„ ์ด์šฉํ•œ Local Exploit ์ฐพ๊ธฐ

2 min read

Metasploit์„ ํ†ตํ•ด ๋Œ€์ƒ ์‹œ์Šคํ…œ์— ์นจํˆฌํ–ˆ์„ ๊ฒฝ์šฐ ์šฐ๋ฆฌ๋Š” ๊ถŒํ•œ ์ƒ์Šน์„ ์œ„ํ•ด Local ์ทจ์•ฝ์ ์„ ์ฐพ๊ธฐ ์œ„ํ•ด ๋…ธ๋ ฅํ•  ๊ฒƒ์ž…๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ทจ์•ฝํ•œ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์ด ๋ˆˆ์— ์ž˜ ๋„์ง€๋Š” ์•Š์ง€๋งŒ์š”. Meterpreter Shell์—์„œ ์‚ฌ์šฉ๊ฐ€๋Šฅํ•œ ๋ชจ๋“ˆ ์ค‘ ์ด๋Ÿฌํ•œ ๊ณผ์ •์„ ์ž๋™ํ™”ํ•ด์ค€ ๋ชจ๋“ˆ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ local_exploit_suggester ์ธ๋ฐ์š”, ์˜ค๋Š˜์€ ์ด ๋ชจ๋“ˆ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] steghide๋ฅผ ์ด์šฉํ•œ Steganography(Embed/Extract Steganography with steghide)

6 min read

Steganography์™€ steghide

Steganography Steganography (US Listeni/หŒstษ›.ษกษ™หˆnษ”ห.ษกrษ™.fi/, UK /หŒstษ›ษก.ษ™หˆnษ’ษก.rษ™.fi/) is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography combines the Greek words steganos (ฯƒฯ„ฮตฮณฮฑฮฝฯŒฯ‚), meaning โ€œcovered, concealed, or protectedโ€, and graphein (ฮณฯฮฌฯ†ฮตฮนฮฝ) meaning โ€œwritingโ€.

[METASPLOIT] Default Shell์„ Meterpreter Shell๋กœ ์—…๊ทธ๋ ˆ์ด๋“œํ•˜๊ธฐ(Nomal Shell to Meterpreter shell)

1 min read

Metasploit ๋ชจ๋“ˆ ์ค‘ shell_to_meterpreter๋ผ๋Š” POST ๋ชจ๋“ˆ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ด ๋ชจ๋“ˆ์„ ์ด์šฉํ•ด์„œ reverse_tcp, bind_tcp ๋“ฑ ์ผ๋ฐ˜ ์‰˜์„ meterpreter shell๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

SQLNinja๋ฅผ ์ด์šฉํ•œ SQL Injection ํ…Œ์ŠคํŒ…

2 min read

SQL NINJA๋ž€?

SqlMap๊ณผ ํ•จ๊ป˜ SQL Injection Testing ๋„๊ตฌ๋กœ ์œ ๋ช…ํ•œ ํˆด์ž…๋‹ˆ๋‹ค. perl ๊ธฐ๋ฐ˜์œผ๋กœ ์ œ์ž‘๋˜์—ˆ์œผ๋ฉฐ, Kali Default Tool์—๋„ ํฌํ•จ๋  ๋งŒํผ ์ข‹์€ ์„ฑ๋Šฅ์„ ์ž๋ž‘ํ•˜์ง€์š”.

[SYSTEM HACKING] Remote NFS Mount ๋ฐ Metasploit nfs/nfsmount ๋ชจ๋“ˆ์„ ์ด์šฉํ•œ NFS Scan/Access

1 min read

Mount ๋ช…๋ น์„ ์ด์šฉํ•œ Remote NFS Mount

Linux, Unix ๋“ฑ์—์„œ HDD,USB ๋“ฑ์„ ์‚ฌ์šฉํ•˜๊ธฐ ์œ„ํ•ด์„œ๋Š” mount๋ฅผ ํ†ตํ•ด OS์™€ ํ•ด๋‹น ๋“œ๋ผ์ด๋ธŒ๋ฅผ ์—ฐ๊ฒฐ์‹œ์ผœ์ฃผ๋Š” ์ž‘์—…์ด ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค. ๋žฉํ†ฑ์—์„œ ์‚ฌ์šฉํ•˜๋Š” Linux๋Š” ๊ธฐ๋ณธ์ ์œผ๋กœ ๋“œ๋ผ์ด๋ธŒ ์—ฐ๊ฒฐ ์‹œ ์ž๋™์œผ๋กœ mount ํ•˜๋Š” ๊ธฐ๋Šฅ์„ ๊ฐ€์ง€๊ณ  ์žˆ์ง€์š”.

[SYSTEM HACKING] RPC Port Map Dump๋ฅผ ์ด์šฉํ•œ ์„œ๋น„์Šค Port ํ™•์ธ

1 min read

System์— ์˜คํ”ˆ๋˜์–ด ์žˆ๋Š” Port ๋ฅผ ํ™•์ธํ•˜๋Š” ๋ฐฉ๋ฒ•์—๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋กœ port ์— ๋Œ€ํ•ด ์ง์ ‘ ์š”์ฒญํ•˜์—ฌ ํ™•์ธํ•˜๋Š” ๋ฐฉ๋ฒ•(Syn Scan, XMAS ๋“ฑ๋“ฑ)์ด ์žˆ์ง€์š”. nmap์„ ํ†ตํ•ด ์„œ๋น„์Šค์— ์žˆ๋Š” ํฌํŠธ๋“ค์— ๋Œ€ํ•ด ํ™•์ธํ•˜๊ฒŒ ๋˜๋Š”๋ฐ ์ด ์ค‘ rpc ๊ด€๋ จ ํฌํŠธ๊ฐ€ ์žˆ๋‹ค๋ฉด ์ข€ ๋” ์„ธ์‹ฌํ•˜๊ฒŒ ์Šค์บ”์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

[EXPLOIT] Linux Kernel REFCOUNT Overflow/UAF in Keyrings ์ทจ์•ฝ์  ๋ถ„์„

6 min read

์š”์ฆ˜ Linux Kernel ์ทจ์•ฝ์ ์ด ๊ฐ„๊ฐ„ํžˆ ๋งŽ์ด ์˜ฌ๋ผ์˜ค๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค . ๊ทธ ์ค‘ 1์›” 9์ผ EDB๋ฅผ ํ†ตํ•ด ๊ณต๊ฐœ๋œ CVE-2016-0728 ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ๋ฆฌ๋ˆ…์Šค ์ „๋ฐ˜์ ์œผ๋กœ ์˜ํ–ฅ๋ ฅ์ด ์žˆ์–ด ํŒŒ๊ธ‰๋ ฅ์ด ๊ฐ•ํ•œ ์ทจ์•ฝ์ ์ด๋„ค์š”.

Java Applet์„ ์ด์šฉํ•œ ๊ณต๊ฒฉ ๋ฐฉ๋ฒ•๋“ค

2 min read

์›น ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ๋ถ„์„ ์‹œ ์ฃผ์š” ํƒœ๊ทธ๋กœ ์•Œ๋ ค์ง„ ๊ฒƒ๋“ค์€ ๋Œ€๋‹ค์ˆ˜ ํ•„ํ„ฐ๋ง ๋˜์–ด ์žˆ์ง€๋งŒ ๊ฐ„ํ˜น ๋น ์ง€๋Š” ํƒœ๊ทธ๋“ค์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ์˜ค๋Š˜์€ applet ํƒœ๊ทธ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค.

TOCTOU(Time-of-check Time-of-use) Race Condition

1 min read

๊ฐ„๋งŒ์— ๋‚ด์šฉ ์ •๋ฆฌํ• ๊ฒธ Race Condition Attack์— ๋Œ€ํ•ด ์ž‘์„ฑํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ผ๋‹จ Race Condition ๊ธฐ๋ฒ•์€ ์ด๋ฆ„ ๊ทธ๋Œ€๋กœ โ€œ๊ฒฝ์Ÿ์กฐ๊ฑดโ€ ์„ ์˜๋ฏธํ•˜๋Š” ๊ณต๊ฒฉ์ด๊ณ  ์ทจ์•ฝํ•œ ํ”„๋กœ๊ทธ๋žจ์ด ์‚ฌ์šฉํ•˜๋Š” ๋ถ€๋ถ„์„ ๋™์ผํ•˜๊ฒŒ ์ ์œ ํ•˜์—ฌ ๊ฒฝ์Ÿํ•˜๊ณ  ๋ฐ˜๋ณต์ ์ธ ์š”์ฒญ ์ค‘ ๊ณต๊ฒฉํ”„๋กœ๊ทธ๋žจ์ด ์ด๊ธธ ์‹œ ๊ณต๊ฒฉ์ž๊ฐ€ ์›ํ•˜๋Š” ํ๋ฆ„์œผ๋กœ ํ”„๋กœ๊ทธ๋žจ์˜ ๋กœ์ง์„ ๋ฐ”๊ฟ€์ˆ˜๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค.

MongoDB Injection์œผ๋กœ ์•Œ์•„๋ณด๋Š” NoSQL Injection

2 min read

โš ๏ธ NoSQL Injection์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > NoSQL Injection ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

[WEB HACKING] XXN Attack(X-XSS-Nightmare) :: R-XSS Bypass Browser XSS Filter

2 min read

์ž‘๋…„ ๋ง ์ด ์žฌ๋ฏธ์žˆ๋Š” XXN ๊ณต๊ฒฉ์— ๋Œ€ํ•ด ๋“ฃ๊ฒŒ๋˜๊ณ  ๋ถ„์„์„ ํ•ด๋ณด์•˜์—ˆ๊ณ  ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ์ž‘์„ฑํ•˜๊ฒŒ ๋˜๋„ค์š”.

[SYSTEM HACKING] ShellNoob๋ฅผ ์ด์šฉํ•œ Shellcode ์ž‘์„ฑ ๋ฐ ํ™œ์šฉ (Writing Shell Code with ShellNoob ย  Install and Using ShellNoob)

3 min read

shellcode ๋ฅผ ๋งŒ๋“œ๋Š” ์ผ์€ ์žฌ๋ฏธ์žˆ์ง€๋งŒ, ์ƒ๊ฐ๋ณด๋‹ค ์‹œ๊ฐ„๋„ ํˆฌ์ž๋˜๊ณ  ์•ฝ๊ฐ„ ๊ท€์ฐฎ์€ ๋ถ€๋ถ„๋„ ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌํ•œ ๊ณผ์ •์„ ์กฐ๊ธˆ ์ค„์—ฌ์ค„ ์ˆ˜ ์žˆ๋Š” ์ข‹์€ ํˆด์ด ์žˆ์–ด ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค.

64bit Linux Execve Shell Code ๋งŒ๋“ค๊ธฐ

4 min read

์˜ค๋Š˜์€ 64๋น„ํŠธ ์‰˜์ฝ”๋“œ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์˜ˆ์ „์— ์ด์ชฝ ๋ถ„์•ผ ๊ด€์‹ฌ์„ ๊ฐ€์กŒ์„ ์ดˆ๋ฐ˜ ์ฏค์— 32bit์— ๋Œ€ํ•œ ์‰˜์ฝ”๋“œ๋ฅผ ๋งŒ๋“ค๊ณ  ์‚ฌ์šฉํ–ˆ์—ˆ์ง€๋งŒ ์ง€๊ธˆ์€ ์ผ ํŠน์„ฑ์ƒ ๋”ฑํžˆ ์‰˜์ฝ”๋“œ๋ฅผ ์‚ฌ์šฉํ•  ์ผ์ด ๊ต‰์žฅํžˆ ์ ์–ด์กŒ๊ธฐ์— ๊ฐ„๋งŒ์— ๋ณด๋Š” ๋Š๋‚Œ์ž…๋‹ˆ๋‹ค.

[EXPLOIT] Joomla 1.5 Object Injection & Remote Command Execution ์ฝ”๋“œ ๋ถ„์„(Code Analysis)

2 min read

EDB์—๋Š” ๊พธ์ค€ํžˆ ๋ช‡๊ฐœ์”ฉ Exploit code, zero day ๋“ฑ์ด ์˜ฌ๋ผ์˜ค๋Š”๋ฐ ์ด๋ฒˆ์— ์•ฝ๊ฐ„ ํŒŒ๊ธ‰๋ ฅ์ด ์ง™์€ ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋น ์„œ ์‹ ๊ฒฝ์„ ๋ชป์“ฐ๊ณ  ์žˆ๋‹ค๊ฐ€ ํ™•์ธํ•ด๋ณด๋‹ˆ ๋งŽ์ด ์‚ฌ์šฉํ•˜๋Š” ํ”„๋ ˆ์ž„์›Œํฌ์— ์˜ํ–ฅ๋ ฅ๊นŒ์ง€ ๋†’์•„๋ณด์—ฌ ์ฐจ๊ทผ์ฐจ๊ทผ ์ฝ”๋“œ๋ฅผ ๋ณผ๊นŒํ•ฉ๋‹ˆ๋‹ค.

JS,CSS๋ฅผ ์ด์šฉํ•ด ํŒ์—… ๋ ˆ์ด์–ด ๋งŒ๋“ค๊ธฐ

1 min read

๋ธ”๋กœ๊ทธ ๋””์ž์ธ ์ˆ˜์ • ์ค‘ ๊ฒ€์ƒ‰ ๋ถ€๋ถ„์— ์žฌ๋ฏธ์žˆ๋Š” ์ƒ๊ฐ์ด ๋‚˜์„œ ์•ฝ๊ฐ„ ์ž‘์—…์„ ํ•˜์˜€์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด์— ์“ฐ๋˜ ๊ฒ€์ƒ‰์ฐฝ์€ ๋ธ”๋กœ๊ทธ์—์„œ ๋ฐ”๋กœ ๋ณด์ด๊ณ  ์ž…๋ ฅ ํ›„ ๊ฒ€์ƒ‰ํ•˜๋Š” ๋ฐฉ๋ฒ•์œผ๋กœ ๊ตฌ์„ฑํ•˜์˜€๋Š”๋ฐ, ํด๋ฆญํ•˜์—ฌ ๋”ฐ๋กœ ํŒ์—…์„ ๋„์šด ํ›„ ๊ฑฐ๊ธฐ์„œ ๊ฒ€์ƒ‰ํ•˜๋Š” ๋ฐฉ๋ฒ•์ด ๋” ์ข‹์„ ๊ฒƒ ๊ฐ™๋‹ค๋Š” ์ƒ๊ฐ์— ์ˆ˜์ •ํ•˜์˜€์Šต๋‹ˆ๋‹ค.

[WEB HACKING] Weevely๋ฅผ ์ด์šฉํ•˜์—ฌ Stealth Webshell ๋งŒ๋“ค๊ธฐ(weevely ์„ค์น˜ ๋ฐ ์‚ฌ์šฉ)

3 min read

Web Hacking ์—์„œ ๊ฐ€์žฅ ํŒŒ๊ธ‰๋ ฅ์ด ๊ฐ•ํ•œ ๊ณต๊ฒฉ์ด๋ผ๊ณ  ์ƒ๊ฐ๋˜๋Š” ์›น์‰˜์— ๊ด€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ๋ณดํ†ต ๋งŽ์ด ์•Œ๋ ค์ง„ r57๋“ฑ์˜ ์‰˜์„ ์‚ฌ์šฉํ•˜๊ฑฐ๋‚˜ one line shell์„ ์‚ฌ์šฉํ•˜๊ธฐ ๋‚˜๋ฆ„์ธ๋ฐ ์ฐพ๋‹ค๋ณด๋‹ˆ ์ข‹์€ ํˆด์ด ์žˆ์–ด ๊ฒธ์‚ฌ๊ฒธ์‚ฌ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค.

Burp Suite๋ฅผ ํ†ตํ•œ Android SSL Packet ๋ถ„์„(Android Proxy + SSL Certificate)

1 min read

Android ๋ถ„์„ ์ค‘ ๋ฐœ์ƒํ•˜๋Š” ํŒจํ‚ท์— ๋Œ€ํ•ด ๋ถ„์„ํ•  ๋•Œ ๋Œ€๋ถ€๋ถ„ tcpdump + wireshark ์กฐํ•ฉ์„ ๋งŽ์ด ์‚ฌ์šฉํ•˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค. ๊ทธ ์ค‘ http ํŒจํ‚ท์— ๋Œ€ํ•ด์„œ๋Š” wireshark ๋ณด๋‹ค ์ต์ˆ™ํ•œ burp๊ฐ€ ์ข‹๊ธฐ ๋•Œ๋ฌธ์— ํ”„๋ก์‹œ๋ฅผ burp๋กœ ๊ฑธ๊ณ  ๋ณด๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์•˜์ง€์š”.

HSTS(Http Strict Transport Security)์™€ ๋ณด์•ˆ/์นจํˆฌ ํ…Œ์ŠคํŠธ

2 min read

์›น ํ•ดํ‚น์„ ์ง„ํ–‰ ์ค‘ SSL์ด ๊ฒฐ๋ ค์žˆ๋Š” https ์— ๋Œ€ํ•œ ์นจํˆฌํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•  ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋Œ€๋ถ€๋ถ„์˜ site ๋Š” SSL(https)๋งŒ ์ ์šฉ๋˜์–ด Proxy๋ฅผ ํ†ตํ•ด ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŠธ๊ฐ€ ๊ฐ€๋Šฅํ•˜์ง€๋งŒ ๊ฐœ์ธ์ •๋ณด๋‚˜ ์ค‘์š”์ •๋ณด๋ฅผ ๋‹ค๋ฃจ๋Š” ์„œ๋ฒ„๋Š” HSTS ๊ธฐ์ˆ ์ด ์ ์šฉ๋˜์–ด ์žˆ์Šต๋‹ˆ๋‹ค.

[SYSTEM HACKING] Peach Fuzzer์˜ GUI ๋ชจ๋“œ - Peach3 Fuzz Bang(Run Peach Fuzzer on GUI Interface)

1 min read

์ฐพ๋‹ค๋ณด๋‹ˆ Peach Fuzzer์— ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ธฐ๋Šฅ ์ค‘ GUI ๋ชจ๋“œ๋ฅผ ์ง€์›ํ•˜๋Š” ๊ธฐ๋Šฅ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์›๋ž˜ Windows Base ๋กœ ๋งŒ๋“ค์–ด์กŒ๋˜ ํ„ฐ๋ผ, ./peach ํŒŒ์ผ์— ๋Œ€ํ•ด์„œ๋งŒ ์‹ ๊ฒฝ์ผ์ง€ ๋‹ค๋ฅธ๊ฑด ์ข€ ๋ชป๋ณด๊ณ  ์žˆ์—ˆ๋Š”๋ฐ์š”.

[SYSTEM HACKING] Peach Fuzzer๋ฅผ ํ†ตํ•ด Application ๋ถ„์„ 2 - Application Fuzzing for Exploit

7 min read

Peach Fuzzer๋ฅผ ์ด์šฉํ•œ ํ”„๋กœ๊ทธ๋žจ Fuzzing ์— ๋Œ€ํ•œ ๋‚ด์šฉ์„ ๋‹ค๋ฃน๋‹ˆ๋‹ค. ์„ค์น˜ ๋ฐฉ๋ฒ•์€ ์•„๋ž˜ ํฌ์ŠคํŒ… ์ฐธ๊ณ ํ•˜์…”์„œ ์ง„ํ–‰ํ•˜์‹œ๋ฉด ๋ฉ๋‹ˆ๋‹ค.

[SYSTEM HACKING] Peach Fuzzer๋ฅผ ํ†ตํ•ด Application ๋ถ„์„ 1 - Install Peach Fuzzer

3 min read

์ทจ์•ฝ์ ์„ ์ฐพ๊ธฐ ์œ„ํ•ด์„œ Fuzzing ์ด๋ผ๋Š” ๋ฐ˜๋ณต์ ์ด๊ณ  ์žฌ๋ฏธ์—†๋Š” ์ž‘์—…์„ ํ•ด์•ผํ•˜๋Š”๋ฐ, ์ด๋ฅผ ๋„์™€๋Š” Fuzzer ๋“ค๋กœ ์ธํ•ด ์ข€ ๋” ์‰ฝ๊ฒŒ ์ทจ์•ฝ ํฌ์ธํŠธ๋ฅผ ์ฐพ์•„๋‚˜๊ฐˆ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์—ฌ๋Ÿฌ Fuzzer ์ค‘ ์ด๋ฒˆ์—”๋Š” ์•ฝ๊ฐ„ ํฐ Peach Fuzzer(Fuzzing Framework)์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[SYSTEM HACKING] Melkor ELF(Binary) Fuzzer ์„ค์น˜ ๋ฐ ์‚ฌ์šฉ๋ฒ•(Install and Usage)

4 min read

์˜ˆ์ „๋ถ€ํ„ฐ ๊ฐ„๊ฐ„ํžˆ ์‚ฌ์šฉํ•˜๋˜ Linux Base Fuzzer์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. Melkor๋ผ๋Š” ์ด Fuzzer๋Š” Linux ์‹œ์Šคํ…œ์—์„œ EFL ํŒŒ์ผ์— ๋Œ€ํ•œ Fuzzing ์„ ์œ„ํ•œ ํˆด์ด๊ณ , ๊ฐ„๋‹จํ•œ ์‚ฌ์šฉ๋ฒ•์— ์„ฑ๋Šฅ๋„ ๊ดœ์ฐฎ์€ ํŽธ์ด๋ผ ๊ณต์œ ๋“œ๋ฆฌ๋„ค์š”.

[HACKING] APKInspector๋ฅผ ์ด์šฉํ•œ Android Malware ๋ถ„์„ํ•˜๊ธฐ 2 - APKInspector๋ฅผ ์ด์šฉํ•œ Malware Analysis

2 min read

[HACKING] APKInspector๋ฅผ ์ด์šฉํ•œ Android Malware ๋ถ„์„ํ•˜๊ธฐ 1 - APKInspector ์„ค์น˜ํ•˜๊ธฐ(Install APKInspector) [HACKING] APKInspector๋ฅผ ์ด์šฉํ•œ Android Malware ๋ถ„์„ํ•˜๊ธฐ 2 - APKInspector๋ฅผ ์ด์šฉํ•œ Malware Analysis

[HACKING] APKInspector๋ฅผ ์ด์šฉํ•œ Android Malware ๋ถ„์„ํ•˜๊ธฐ 1 - APKInspector ์„ค์น˜ํ•˜๊ธฐ(Install APKInspector)

1 min read

[HACKING] APKInspector๋ฅผ ์ด์šฉํ•œ Android Malware ๋ถ„์„ํ•˜๊ธฐ 1 - APKInspector ์„ค์น˜ํ•˜๊ธฐ(Install APKInspector) [HACKING] APKInspector๋ฅผ ์ด์šฉํ•œ Android Malware ๋ถ„์„ํ•˜๊ธฐ 2 - APKInspector๋ฅผ ์ด์šฉํ•œ Malware Analysis

Binary ๋ถ„์„์„ ํ†ตํ•ด ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์— ํฌํ•จ๋œ ์ˆจ๊ฒจ์ง„ ๋ฐ์ดํ„ฐ ์ฐพ์•„๋‚ด๊ธฐ

3 min read

์ผ๋ฐ˜์ ์œผ๋กœ PC Application ํ•ดํ‚น์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋Š” ๋ฆฌ๋ฒ„์‹ฑ์œผ๋กœ ์‹œ์ž‘ํ•˜์—ฌ, ๋ฆฌ๋ฒ„์‹ฑ์œผ๋กœ ๋๋‚˜๊ธฐ ๋งˆ๋ จ์ž…๋‹ˆ๋‹ค. ๋Œ€๋ถ€๋ถ„ ๋””์Šค์–ด์…ˆ๋ธ”๋Ÿฌ์™€ ๋””๋ฒ„๊ฑฐ๋ฅผ ์ด์šฉํ•˜์—ฌ ์ทจ์•ฝ์ ์„ ๋ถ„์„ํ•˜๊ฑฐ๋‚˜ ๋‚ด๋ถ€ ๋ณด์•ˆ๋กœ์ง์„ ์šฐํšŒํ•˜๋Š” ๋“ฑ ํ”„๋กœ๊ทธ๋žจ์— ๋Œ€ํ•œ ๊ณต๊ฒฉ์„ ์ˆ˜ํ–‰ํ•˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

[WEB HACKING] URL Redirection & URL Forwards ์šฐํšŒ ๊ธฐ๋ฒ•(Bypass Redirection Filtering)

2 min read

URL Redirection, URL Forwarding ์ด๋ผ๊ณ ๋„ ๋ถ€๋ฅด๋Š” ์ด ์ทจ์•ฝ์ (?) ๊ณต๊ฒฉ ๋ฐฉ๋ฒ•์€ ์‚ฌ์šฉ์ž๋กœ ํ•˜์—ฌ๊ธˆ ์˜๋„ํ•˜์ง€ ์•Š์€ ํŽ˜์ด์ง€๋กœ ์ด๋™์‹œํ‚ค๋Š” ๋ชฉ์ ์„ ๊ฐ€์ง€๋Š” ๊ณต๊ฒฉ ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค.

[EXPLOIT] OpenSSL Alternative Chains Certificate Forgery (CVE-2015-1793) ์ทจ์•ฝ์  ๋ถ„์„

2 min read

์ตœ๊ทผ SSL ๊ด€๋ จํ•˜์—ฌ ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๊ฐ€ ํ•˜๋‚˜ ๋” ์žˆ์—ˆ๋Š”๋ฐ, 11/5์ผ ๊ธฐ์ค€์œผ๋กœ EDB์— ํ•ด๋‹น ์ฝ”๋“œ๊ฐ€ ์˜ฌ๋ผ์™€ ๋ณด๊ณ  ๋ถ„์„ํ•  ๊ฒธ ํ•˜์—ฌ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค.

[METASPLOIT] Metasploit Custom Scanner ๋งŒ๋“ค๊ธฐ(Make Simple Scan Module)

1 min read

offensive-security ์—์„œ ๋ญ ๋ณผ๊ฒŒ ์žˆ๋‹ค ๋’ค์ ๋’ค์ ํ•˜๋˜ ์ค‘ Metasploit Unleashed ์—์„œ ๊ฐ„๋‹จํ•œ Scan Moudle ์ฝ”๋“œ๋ฅผ ๋ณด์•˜์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  msf ์ž์ฒด๊ฐ€ ruby๋กœ ๊ตฌ์„ฑ๋˜์–ด ์žˆ์–ด ruby๋ฅผ ์“ฐ์‹œ๋Š” ๋ถ„๋“ค์€ ์‰ฝ๊ฒŒ ์ œ์ž‘ํ•  ์ˆ˜ ์žˆ์ง€๋งŒ, ์ผ๋‹จ ์ƒ˜ํ”Œ์ฝ”๋“œ๊ฐ€ ์žˆ๋‹ค๋ฉด ๋‹ค๋ฅธ ์ฝ”๋“œ๋กœ ํ™•์žฅํ•˜๊ธฐ ๊ต‰์žฅํžˆ ์œ ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๋”ฐ๋กœ ํฌ์ŠคํŒ…ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] Metasploit์—์„œ generate ๋ช…๋ น์„ ํ†ตํ•ด payload ์ƒ์„ฑํ•˜๊ธฐ(generate shellcode on metasploit)

2 min read

msf์—์„œ๋Š” ๊ณต๊ฒฉ์— ์‚ฌ์šฉ๋˜๋Š” shell์„ code ํ˜•ํƒœ๋กœ ๋‚˜ํƒ€๋‚ผ ์ˆ˜ ์žˆ๋Š” ๊ธฐ๋Šฅ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ generate ๋ช…๋ น์ž…๋‹ˆ๋‹ค. ์ด ๋ช…๋ น์„ ํ†ตํ•ด shellcode๋ฅผ ์œก์•ˆ์œผ๋กœ ๋ณด๊ณ  ๋ณต์‚ฌํ•˜์—ฌ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๊ฒŒ ํ•˜๋Š” ์ข‹์€ ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค.

[HACKING] BDF(BackDoor-Factory) ์„ค์น˜ ๋ฐ exe ํŒŒ์ผ์— backdoor ํŒจ์น˜ํ•˜๊ธฐ(patch executable binaries with user desired shellcode)

3 min read

๊ณต๊ฒฉ ์„ฑ๊ณต ํ›„ ๊ฐ€์žฅ ๋จผ์ง€ ์„ค์น˜ํ•˜๋Š” ๋„๊ตฌ๋Š” ๋ฌด์—‡์ด ์žˆ์„๊นŒ์š”? ์•„๋งˆ Dropper๋ฅผ ์ด์šฉํ•œ Backdoor ์„ค์น˜๊ฐ€ ๋จผ์ €๋ผ๋Š” ์ƒ๊ฐ์ด ์ข€ ๋“œ๋„ค์š”.

[METASPLOIT] Veil Framework(Payload Generator)๋ฅผ ์ด์šฉํ•œ Antivirus ์šฐํšŒํ•˜๊ธฐ

1 min read

Payload Generator ๋ฅผ ์ฐพ๋˜ ์ค‘ ์žฌ๋ฏธ์žˆ๋Š” ํˆด์„ ๋ฐœ๊ฒฌํ•˜์˜€์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Veil์ด๋ผ๋Š” ํˆด์ธ๋ฐ์š”, MSF์—์„œ ์‚ฌ์šฉํ•˜๋Š” Meterpreter Shell์— ๋Œ€ํ•ด Antivirus๋ฅผ ์šฐํšŒํ•˜๊ธฐ ์œ„ํ•ด ์ธ์ฝ”๋”ฉํ•  ์ˆ˜ ์žˆ๋Š” ํˆด์ž…๋‹ˆ๋‹ค. ๋กœ๊ณ ๋„ ์–‘๊ณผ ๋Š‘๋Œ€์˜ ๊ทธ๋ฆผ์ž์ด๋„ค์š”. (๋ญ”๊ฐ€ ์–‘์˜ ํƒˆ์„ ์“ด ๋Š‘๋Œ€๋ž„๊นŒ์š”)

[Exploit] SSLv3 POODLE Attack ํ™•์ธ ๋ฐ ๋Œ€์‘๋ฐฉ์•ˆ(Check and Modify)

3 min read

์ด์ „์— SSL3 Version ์‚ฌ์šฉ ์‹œ ๋ณด์•ˆ์ ์ธ ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ๋˜ POODLE Attack์— ๊ด€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ๋‚˜์˜จ์ง€๋„ ์ข€ ๋˜์—ˆ๊ณ , ์ด๋ฏธ ๋ธŒ๋ผ์šฐ์ € ๊ฐœ๋ฐœ์‚ฌ ๋ฐ ์„œ๋ฒ„ ์ธก์—์„œ SSLv3 ๋ฅผ ์‚ฌ์šฉํ•˜์ง€ ์•Š๋Š” ์‹์œผ๋กœ ํ•˜์—ฌ์„œ ์˜ํ–ฅ๋ ฅ์€ ๋งŽ์ด ๋–จ์–ด์กŒ์ง€๋งŒ ๊ทธ๋ž˜๋„ ๊ฐ„๋‹จํ•˜๊ฒŒ ์ •๋ฆฌํ•ด๋†“๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[EXPLOIT] StageFright Exploit Code ๋ถ„์„(StageFrigt Exploit Analysis)

9 min read

StageFright Vulnerability

์ตœ๊ทผ ์•ˆ๋“œ๋กœ์ด๋“œ์ชฝ์—์„œ ํ•ซ ์ด์Šˆ์˜€๋˜ StageFright ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ๊ธฐ์–ตํ•˜์‹œ๋‚˜์š”? ๋ฉ€ํ‹ฐ๋ฏธ๋””์–ด๋ฅผ ๋กœ๋“œํ•˜๋Š” ์Šคํ…Œ์ด์ง€ํ”„๋ผ์ดํŠธ ๊ตฌ๊ฐ„์— ์ทจ์•ฝ์ ์œผ๋กœ ์ธํ•ด ๋ฏธ๋””์–ด๋ฅผ ์ „์†กํ•˜๋Š” MMS๋กœ ์‚ฌ์šฉ์ž์˜ ํ•ธ๋“œํฐ์„ ๊ฐ์—ผ์‹œํ‚ฌ ์ˆ˜ ์žˆ๋Š” ์ทจ์•ฝ์ ์ด์˜€์Šต๋‹ˆ๋‹ค. MMS ์ด์™ธ์—๋„ ๋ฏธ๋””์–ด๋ฅผ ๋กœ๋“œํ•˜๋Š” ๊ตฌ๊ฐ„์—์„œ ๋‹ค์ˆ˜ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ๋Š” ์ทจ์•ฝ์ ์ด์˜€์—ˆ์ฃ .. ๋‚˜๋ฆ„ ํฌ๊ฒŒ ์ด์Šˆ๊ฐ€ ์žˆ๋˜ ์ทจ์•ฝ์ ์ด๋ผ ๋”ฐ๋กœ ํฌ์ŠคํŒ…๋„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ณด์‹œ๋ฉด ๋Œ€์ถฉ ์–ด๋–ค ์ทจ์•ฝ์ ์ด๊ตฌ๋‚˜.. ๋ผ๊ณ  ์•Œ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

/proc/self/maps ํŒŒ์ผ์„ ์ด์šฉํ•˜์—ฌ ์‹คํ–‰์ค‘์ธ ์‹œ์Šคํ…œ ๋ฉ”๋ชจ๋ฆฌ ์ฃผ์†Œ ํ™•์ธํ•˜๊ธฐ

1 min read

๋ชจ๋ฐ”์ผ ์•…์„ฑ์ฝ”๋“œ ๋ถ„์„ ์ค‘ /proc/ ํ•˜๋‹จ ๋ฐ์ดํ„ฐ๋ฅผ ๊ฑด๋“œ๋ฆฌ๋Š” ์ฝ”๋“œ๊ฐ€ ์žˆ์–ด ์ถ”๊ฐ€๋กœ ๋‚ด์šฉ ๋” ์จ์„œ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค. ์ฐธ๊ณ ๋กœ /proc ๋””๋ ‰ํ† ๋ฆฌ๋Š” ๋ฆฌ๋ˆ…์Šค์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋””๋ ‰ํ† ๋ฆฌ์ด๊ณ  ์‹œ์Šคํ…œ์˜ ํ”„๋กœ์„ธ์Šค ์ •๋ณด๋ฅผ ๋‹ด๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ตฌ์กฐ๋ฅผ ์‚ดํŽด๋ณด์ž๋ฉด ์•„๋ž˜์™€ ๊ฐ™์Šต๋‹ˆ๋‹ค.

[HACKING] TOR๋ฅผ ์ด์šฉํ•˜์—ฌ ์ต๋ช… ๋„คํŠธ์›Œํฌ ์‚ฌ์šฉํ•˜๊ธฐ(Anonymity Network Using Tor) on linux

~1 min read

์•„๋ž˜ ์–‘ํŒŒ๋กœ๊ณ ๊ฐ€ ๋ฉ”์ธ์ธ tor์— ๋Œ€ํ•ด ๋“ค์–ด๋ณด์…จ๋‚˜์š”? ์ต๋ช…๋ธŒ๋ผ์šฐ์ง•์—์„œ๋Š” ๊ต‰์žฅํžˆ ์œ ๋ช…ํ•œ ํˆด ์ž…๋‹ˆ๋‹ค. ์ด์ „์—๋„ tor ๊ด€๋ จํ•ด์„œ ๊ธ€์„ ์ž‘์„ฑํ–ˆ๋˜๊ฑฐ ๊ฐ™์€๋ฐ์š”, ๋ฆฌ๋ˆ…์Šค์ƒ์—์„œ tor ์„ค์น˜ ํ›„ ์‰ฝ๊ฒŒ ์‚ฌ์šฉํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ž‘์„ฑํ•ด๋ณด์•˜์Šต๋‹ˆ๋‹ค. ์งง์œผ๋‹ˆ ํŽธํ•˜๊ฒŒ ๋ด์ฃผ์‹œ๋ฉด ๋  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Trinity๋ฅผ ํ™œ์šฉํ•œ System call Fuzzing

2 min read

์ทจ์•ฝ์ ์„ ์ฐพ๊ธฐ ์œ„ํ•ด ํ•˜๋Š” ์ž‘์—… ์ค‘ ํฐ ๋ถ€๋ถ„์„ ์ฐจ์ง€ํ•˜๋Š”๊ฒƒ์ด ๋ฐ”๋กœ Fuzzing ์ž…๋‹ˆ๋‹ค. Fuzzing ์„ ๋•๋Š” ํ”„๋กœ๊ทธ๋žจ์„ Fuzzer๋ผ๊ณ  ๋ถ€๋ฅด๋Š”๋ฐ, Fuzzer ์ค‘ Linux ์‹œ์Šคํ…œ์—์„œ Syscall์— ๋Œ€ํ•œ Fuzzing ์ž‘์—…์„ ์ˆ˜ํ–‰ํ•  ์ˆ˜ ์žˆ๋Š” โ€œTrinityโ€ ๋ผ๋Š” ํˆด์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] Metasploit ์„ค์น˜(bundle install) ์‹œ ๋ฐœ์ƒ ์—๋Ÿฌ ์ฒ˜๋ฆฌ(Install Metasploit troubleshooting)

1 min read

Metasploit ์„ค์น˜ ๊ณผ์ • ์ค‘ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ๋Š” ๋ฌธ์ œ์— ๋Œ€ํ•œ ํ•ด๊ฒฐ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. ์ด๋ฒˆ ๊ธ€์—์„œ๋Š” git ์„ ์ด์šฉํ•˜์—ฌ clone ํ›„ bundler ๋ฅผ ํ†ตํ•œ ruby package ์„ค์น˜ ๊ณผ์ • ์ค‘ ๋ฐœ์ƒํ•˜๋Š” ์—๋Ÿฌ์— ๋Œ€ํ•ด์„œ ์ฒ˜๋ฆฌํ•˜๋Š” ๋ฐฉ๋ฒ•์œผ๋กœ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค.

[SYSTEM HACKING] ์†Œํ”„ํŠธ์›จ์–ด ๋ฒ„๊ทธ๋ฅผ ์ด์šฉํ•œ ์‹œ์Šคํ…œ ์ทจ์•ฝ์ /ํ•ดํ‚น(System vulnerability&hacking use software bug)

2 min read

์˜ค๋Š˜ ํ…Œ์ŠคํŠธ ํ”„๋กœ๊ทธ๋žจ์œผ๋กœ ์‚ฌ์šฉํ•  ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ์ž…๋‹ˆ๋‹ค. ์‚ฌ์šฉ์ž๋กœ๋ถ€ํ„ฐ ์ž…๋ ฅ๋œ ํŒŒ์ผ๋ช…์„ tail ๋ช…๋ น์œผ๋กœ ์กฐํšŒํ•˜๋Š” ํ”„๋กœ๊ทธ๋žจ์ž…๋‹ˆ๋‹ค. ๋Œ€์ฒด๋กœ system ํ•จ์ˆ˜ ์‚ฌ์šฉ ์‹œ sprintf๋กœ ๋ช…๋ นํ–‰์ด ๋  ๊ตฌ๊ฐ„์„ ๋ฏธ๋ฆฌ ์ž‘์„ฑํ•˜๊ณ  system ํ•จ์ˆ˜์— ๋„ฃ๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ๋Š”๋ฐ, ์‚ฌ์šฉ์ž์˜ ์ž…๋ ฅ๊ฐ’์— ๋Œ€ํ•œ ํ•„ํ„ฐ๋ง or ๊ฒ€์ฆ์ด ๋ถ€์กฑํ•  ์‹œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ณต๊ฒฉ๋ฐฉ๋ฒ•์— ์ทจ์•ฝํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

[HACKING] katoolin ์„ ์ด์šฉํ•œ Kali Linux Hacking tool ๊ฐ„ํŽธ ์„ค์น˜(Easy Install Kali Linux Hacking Tool)

2 min read

์ตœ๊ทผ Kali linux 2.0 ์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ด์— ๋งž์ถฐ์„œ kali ๋‚ด๋ถ€์˜ ํˆด์„ ์‰ฝ๊ฒŒ ์„ค์น˜ํ•  ์ˆ˜ ์žˆ๋Š” ์Šคํฌ๋ฆฝํŠธ๊ฐ€ ๊ณต์œ ๋˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ €๋„ facebook group๋ฅผ ํ†ตํ•ด ์ •๋ณด๋ฅผ ์–ป์—ˆ๊ณ , ํ™•์ธํ•ด๋ณด๋‹ˆ ๊ฐ„๋‹จํ•˜๊ฒŒ kali ์ €์žฅ์†Œ๋ฅผ ์ด์šฉํ•œ ์„ค์น˜๋ฐฉ๋ฒ•(apt)์ด์ง€๋งŒ ๊ตฌ์กฐ๋‚˜, ์ฃผ์š” ํˆด ๋ฆฌ์ŠคํŠธ๋ฅผ ํ™•์ธํ•˜๋ฉฐ ์„ค์น˜๊ฐ€ ๊ฐ€๋Šฅํ•˜๋‹จ ์ ์—์„œ ์ข‹์€ ์Šคํฌ๋ฆฝํŠธ๋ผ๊ณ  ์ƒ๊ฐ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

[HACKING] BeEF(The Browser Exploitation Framework) ์„ค์น˜ํ•˜๊ธฐ(Install BeEF on Debian)

1 min read

BeEF๋ผ๋Š” ํˆด์„ ๋“ค์–ด๋ณด์…จ๋‚˜์š”? ๋ธŒ๋ผ์šฐ์ € ํ›„ํ‚น,XSS, Exploit ๋“ฑ ๊ต‰์žฅํžˆ ์œ ๋ช…ํ•œ ํˆด ์ž…๋‹ˆ๋‹ค. ์ด๋ฒˆ์—๋Š” BeEF ํˆด ์„ค์น˜ ๊ณผ์ •์„ ๋‹ค๋ค„๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์•„์ฃผ ๊ฐ„๋‹จํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] Metasploit์˜ AutoRunScript๋ฅผ ์ด์šฉํ•œ ์นจํˆฌ ํ›„ ์ž๋™ ํ™˜๊ฒฝ ๊ตฌ์„ฑ

1 min read

Metasploit ์—์„  AutoRunScript ๋ผ๋Š” ์žฌ๋ฏธ์žˆ๋Š” ๊ธฐ๋Šฅ์„ ์ง€์›ํ•ฉ๋‹ˆ๋‹ค. ์ด ๊ธฐ๋Šฅ์€ ์‚ฌ์šฉ์ž๊ฐ€ ๋ฏธ๋ฆฌ .rc ํŒŒ์ผ์„ ์ƒ์„ฑํ•˜์—ฌ ๋™์ž‘ํ•  ๋ชจ๋“ˆ์„ ์ง€์ •ํ•ด๋†“๊ณ  Exploit ์‹œ ์ž๋™์œผ๋กœ ๋“ฑ๋กํ•œ ๋™์ž‘์„ ์ˆ˜ํ–‰ํ•˜๋„๋ก ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Ÿฐ ๊ธฐ๋Šฅ์„ ํ†ตํ•ด ๊ณต๊ฒฉ์ž๊ฐ€ ์นจํˆฌ ํ›„ ์ˆ˜ํ–‰ํ•ด์•ผํ•  ๋ถ€๋ถ„์— ๋Œ€ํ•ด ์–ด๋Š์ •๋„ ์‹œ๊ฐ„ ๋‹จ์ถ•์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] Metasploit ์„ ์ด์šฉํ•œ HashDump ๋ฐ Password Crack(John the Ripper)

3 min read

Metasploit ๋ชจ๋“ˆ ์ค‘ post/hashdump ์™€ john(john the ripper)๋ฅผ ํ†ตํ•œ hash crack์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ผ๋‹จ meterpreter ์‰˜์„ target pc ์— ์ฃผ์ž… ๋ฐ ๊ตฌ๋™ํ•˜์—ฌ shell ์—ฐ๊ฒฐ์„ ์œ ์ง€ํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] Metasploit ์—์„œ์˜ WMAP ๋ชจ๋“ˆ ๋กœ๋“œ ๋ฐ ์‚ฌ์šฉ/์Šค์บ”(Web Vulnerability Scan on MSF-WMAP)

2 min read

Metasploit ์€ ์นจํˆฌ(๊ณต๊ฒช)์„ ์œ„ํ•œ ํ”„๋ ˆ์ž„์›Œํฌ ์ค‘ ๊ฐ€์žฅ ๋งˆ์Œ์— ๋“œ๋Š” ํ”„๋ ˆ์ž„์›Œํฌ์ž…๋‹ˆ๋‹ค. ์ด๋ฒˆ์—๋Š” Metasploit ์—์„œ ๋กœ๋“œ ํ•  ์ˆ˜ ์žˆ๋Š” ๊ธฐ๋Šฅ ์ค‘ wmap ์— ๋Œ€ํ•ด์„œ ์ด์•ผ๊ธฐ๋ฅผ ํ’€์–ด๋‚˜๊ฐ€๊ฒ ์Šต๋‹ˆ๋‹ค.

[Android] aapt ๋ฅผ ์ด์šฉํ•˜์—ฌ AndroidManifest.xml ๋ฐ ํผ๋ฏธ์…˜(perm) ํ™•์ธํ•˜๊ธฐ(malware analysis)

5 min read

์•ˆ๋“œ๋กœ์ด๋“œ APK ๋ถ„์„์€ ์•ˆ๋“œ๋กœ์ด๋“œ ๊ฐœ๋ฐœ๋„๊ตฌ๋ถ€ํ„ฐ, ๋ณด์•ˆํˆด๊นŒ์ง€ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋„๊ตฌ๋กœ ๋ถ„์„ํ•˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค. ์ด ์ค‘ aapt๋ฅผ ์ด์šฉํ•˜์—ฌ ํผ๋ฏธ์…˜ ์ •๋ณด๋งŒ ํ™•์ธํ•˜๋Š”๋ฒ•์— ๋Œ€ํ•ด ๊ฐ„๋‹จํžˆ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[LAIKABOSS]๋กํžˆ๋“œ๋งˆํ‹ด(Lockheed Martin)์˜ ๋ผ์ด์ปค๋ณด์Šค(LAIKABOSS) ์„ค์น˜ ๋ฐ ์‚ฌ์šฉ/๊ฐ„๋‹จ๋ถ„์„

2 min read

์ตœ๊ทผ ์šฐ์ฃผํ•ญ๊ณต ๋ฐ ๋ฐฉ์œ„์‚ฐ์—…์ฒด์ธ ๋กํžˆ๋“œ ๋งˆํ‹ด(Lockheed Martin)์‚ฌ์—์„œ ์•…์„ฑ์ฝ”๋“œ ๋ถ„์„๋„๊ตฌ์ธ ๋ผ์ด์ปค๋ณด์Šค(LaikaBOSS)๋ฅผ ์˜คํ”ˆ์†Œ์Šค๋กœ ๊ณต๊ฐœํ•˜์˜€์Šต๋‹ˆ๋‹ค. ์ด ํˆด์€ ๋กํžˆ๋“œ ๋งˆํ‹ด์—์„œ 3๋…„ ๋™์•ˆ ์‚ฌ์šฉ๋œ ํˆด์ด๋ฉฐ ๋ฉ€์›จ์–ด ๋ถ„์„ ์‹œ ์œ ์šฉํ•˜๋‹ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

OpenVAS Debian Linux ์— ์„ค์น˜ํ•˜๊ธฐ(Install OpenVAS Scanner on debian)

~1 min read

์ตœ๊ทผ OpenVAS ์„ค์น˜ ๊ด€๋ จ ๊ธ€์„ ์ž‘์„ฑํ•˜์˜€๋Š”๋ฐ์š”, ๋ฌธ์ œ๊ฐ€ ์žˆ๋Š” ๊ฒƒ ๊ฐ™์•„. ์‚ญ์ œ ํ›„ ๋‹ค์‹œ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ์Šคํฌ๋ฆฝํŠธ๋กœ ํ•œ๋ฒˆ์— ์„ค์น˜๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

[METASPLOIT] MSF์—์„œ workspace๋ฅผ ์ด์šฉํ•œ ํšจ์œจ์ ์ธ Target ๊ด€๋ฆฌ(workspace management)

1 min read

Metasploit์„ ์ด์šฉํ•ด Target ์— ๋Œ€ํ•ด ํ…Œ์ŠคํŠธ ์ง„ํ–‰ ํ›„ shell ์ด๋‚˜ ๊ด€๋ จ ํƒ€๊ฒŸ ์ •๋ณด๋ฅผ db์— ์ €์žฅํ•˜๊ณค ํ•ฉ๋‹ˆ๋‹ค. postgresql ์„ ์ด์šฉํ•˜์—ฌ MSF์™€ ์—ฐ๋™ํ•˜์—ฌ target host, port , vulnerability ๋“ฑ์„ ์ €์žฅํ•˜๋Š”๋ฐ ๋ฐ์ดํ„ฐ๊ฐ€ ๋งŽ์ด ์Œ“์ด๋‹ค ๋ณด๋ฉด ์–ด๋””๊ฐ€ ์–ด๋–ค ์‚ฌ์ดํŠธ์ธ์ง€ ํ˜ผ๋™์ด ๊ฐ€๊ธฐ ์‹œ์ž‘ํ•  ๊ฒ๋‹ˆ๋‹ค.

MSFVENOM์„ ์ด์šฉํ•œ Android ์นจํˆฌ ๋ฐ Meterpreter Shell ์‚ฌ์šฉ

2 min read

metasploit ์€ ๊ณต๊ฒฉ์„ ์œ„ํ•œ ๋„๊ตฌ ์ค‘ ์ •๋ง ์œ ์šฉํ•˜๊ณ  Custom ํ•˜๊ธฐ์—๋„ ์ข‹์€ ํˆด์ž…๋‹ˆ๋‹ค. ๋Œ€์ฒด๋กœ linux, unix, windows ์‹œ์Šคํ…œ์— ๋Œ€ํ•ด ํ…Œ์ŠคํŠธ๋ฅผ ํ•˜๊ณ  shell ์„ ์‚ฝ์ž… ํ–ˆ์—ˆ๋Š”๋ฐ, Android ์—์„œ ์ž‘๋™ํ•˜๋Š” Meterpreter shell ์€ ์–ด๋–จ๊นŒ? ๋ผ๋Š” ์ƒ๊ฐ์ด ๋“ค์–ด ํ•ด๋ณด์•˜์Šต๋‹ˆ๋‹ค.

XSS(Cross Site Script)์™€ XFS(Cross Frame Script)์˜ ์ฐจ์ด

1 min read

โš ๏ธ XSS์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > XSS ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

HEX Encoding์„ ์ด์šฉํ•œ XSS ํ•„ํ„ฐ๋ง ์šฐํšŒ

1 min read

โš ๏ธ XSS์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > XSS ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

์•ˆ๋“œ๋กœ์ด๋“œ ์ฝ”๋“œ๋‹จ์—์„œ ๋ฃจํŒ… ๊ธฐ๊ธฐ๋ฅผ ํ™•์ธํ•˜๋Š” ๋ฐฉ๋ฒ•๋“ค

~1 min read

๋‹ค์ˆ˜์˜ ๋ชจ๋ฐ”์ผ ์•…์„ฑ์ฝ”๋“œ๋Š” ์‚ฌ์šฉ์ž ๋””๋ฐ”์ด์Šค์˜ ๋ฃจํŒ… ์—ฌ๋ถ€๋ฅผ ํ™•์ธํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค. ์ถ”๊ฐ€์ ์ธ root exploit ์—†์ด ์‰ฝ๊ฒŒ root ๊ถŒํ•œ์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์œผ๋ฉฐ, root ๊ถŒํ•œ์„ ํ†ตํ•ด ์•ˆ๋“œ๋กœ์ด๋“œ OS์—์„œ ํ†ต์ œํ•˜์ง€ ๋ชปํ•˜๋Š” ๋ถ€๋ถ„์— ๋Œ€ํ•ด์„œ๋„ ์ž‘์—…์ด ๊ฐ€๋Šฅํ•˜๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.

JAD(Java Decompiler)๋ฅผ ์ด์šฉํ•œ Android APK Decompile

3 min read

์•…์„ฑ ์•ˆ๋“œ๋กœ์ด๋“œ APK ๋ถ„์„ ์‹œ ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” ํˆด์ธ jad์— ๊ด€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. jad ๋Š” ์ฃผ๋กœ dex2jar ๋ฅผ ํ†ตํ•ด ๋””์ปดํŒŒ์ผํ•˜์—ฌ ๋ถ„์„ํ•˜๋Š” ๊ณผ์ • ์ค‘ ๋””์ปดํŒŒ์ผ์ด ๋ถˆ๊ฐ€๋Šฅํ•œ ๋ถ€๋ถ„(ERROR ๋…ธ์ถœ)์„ java ์ฝ”๋“œ๋กœ ๋ณ€ํ™˜ํ•˜์—ฌ ํ™•์ธํ•˜๊ธฐ ์œ„ํ•ด ๋งŽ์ด ์‚ฌ์šฉํ•˜์˜€์Šต๋‹ˆ๋‹ค.

[CVE-2015-1328] overlayfs local root exploit

1 min read

์ตœ๊ทผ ์ผ€๋…ธ๋‹ˆ์ปฌ ์‚ฌ ํ™ˆํŽ˜์ด์ง€ ๋ฐ Exploit-db ๋ฅผ ํ†ตํ•ด์„œ ๊ณต์œ ๋œ ์ทจ์•ฝ์ ์ž…๋‹ˆ๋‹ค. CVE-2015-1328์€ Ubuntu 12.04, 14.04, 14.10, 15.04 ๋“ฑ 6/15์ผ ์ด์ „ ์ปค๋„์—์„œ ๋™์ž‘ํ•˜๋ฉฐ overlayfs ๋ฅผ ์‚ฌ์šฉํ•  ๋•Œ ๊ถŒํ•œ ์ƒ์Šน์ด ๊ฐ€๋Šฅํ•œ ์ทจ์•ฝ์ ์ด๋ฉฐ ํ•ด๋‹น ์ทจ์•ฝ์ ์„ ํ†ตํ•ด ๊ณต๊ฒฉ์ž๊ฐ€ ์‰ฝ๊ฒŒ ๊ด€๋ฆฌ์ž ๊ถŒํ•œ(root) ํš๋“์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Javascript ์ฝ”๋“œ ๋‚œ๋…ํ™”(Code Obfuscation)์™€ JS Packing

1 min read

์ฝ”๋“œ ๋‚œ๋…ํ™”๋ž€ ์ฝ”๋“œ๋ฅผ ์‰ฝ๊ฒŒ ์•Œ์•„๋ณผ ์ˆ˜ ์—†๋„๋ก ๋งŒ๋“œ๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ์‰ฝ๊ฒŒ ์ƒ๊ฐํ•˜๋ฉด int a = 123 ์ด๋ž€ ์ฝ”๋“œ๋ฅผ int a = ((123+34+350-34-350)*0)+123 ๊ฐ™์ด ์ข€ ๋” ์•Œ์•„๋ณด๊ธฐ ์–ด๋ ต๊ฒŒ ๋งŒ๋“œ๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์œ„์˜ ๋Œ€์ถฉ ์“ด ์ฝ”๋“œ๋Š” ์‰ฝ๊ฒŒ ๋ณผ ์ˆ˜ ์žˆ์ง€๋งŒ escape, unescape ํ•จ์ˆ˜ ๋“ฑ์„ ์ด์šฉํ•ด์„œ ์ฝ”๋“œ๊ฐ€ ๋ˆˆ์— ์ž˜ ๋“ค์–ด์˜ค์ง€ ์•Š๋„๋ก ๋งŒ๋“ค ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Linux System hooking using LD_PRELOAD

3 min read

๊ณต์œ  ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์˜ ๊ฒฝ๋กœ๋ฅผ ์˜๋ฏธํ•˜๋Š” LD_PRELOAD๋ฅผ ์ด์šฉํ•˜์—ฌ Linux System ํ›„ํ‚น์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ํฌ๊ฒŒ ์‹œ๋‚˜๋ฆฌ์˜ค๋ฅผ ๋ณด์ž๋ฉด LD_PRELOAD์— ๊ณต๊ฒฉ์ž๊ฐ€ .so ํŒŒ์ผ์„ ์‚ฝ์ž…ํ•˜๊ณ  ์‹œ์Šคํ…œ ๋ช…๋ น์ด ํ•ด๋‹น so ํŒŒ์ผ์„ ๋กœ๋“œํ•˜์—ฌ ๋ช…๋ น ๋‚ด์—์„œ ์‚ฌ์šฉ๋˜๋Š” ํ•จ์ˆ˜๋ฅผ ๋ฐ”๊ฟ”์น˜๊ธฐ ํ•˜์—ฌ ๋ฐ์ดํ„ฐ๋ฅผ ์ˆจ๊ธฐ๋Š” ๊ณผ์ •์ž…๋‹ˆ๋‹ค.

MSFVENOM์„ ์ด์šฉํ•˜์—ฌ Application์— Exploit Code ์ฃผ์ž…ํ•˜๊ธฐ

1 min read

MSFVENOM

metasploit ์— ํฌํ•จ๋œ ๊ธฐ๋Šฅ ์ค‘ ํ•˜๋‚˜์ด๋ฉฐ ๊ฐ„๋‹จํ•œ ๋ช…๋ น์œผ๋กœ exploit ์ฝ”๋“œ ์ƒ์„ฑ, exploit์ด ํฌํ•จ๋œ ํ”„๋กœ๊ทธ๋žจ ์ƒ์„ฑ, ๊ธฐ์กด์— ์กด์žฌํ•˜๋Š” ํ”„๋กœ๊ทธ๋žจ์— ์ฃผ์ž…ํ•˜๋Š” ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ–‰์œ„๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. msfpayload, msfencoder ๋กœ๋„ ๊ฐ€๋Šฅํ•˜์ง€๋งŒ ๊ฐœ์ธ์ ์œผ๋กœ๋Š” venom ์ด ๊ฐ€์žฅ ํŽธํ•œ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Android ๋””๋ฐ”์ด์Šค์—์„œ ์„ค์น˜๋œ APK ํŒŒ์ผ ์ถ”์ถœํ•˜๊ธฐ (adb x pm)

~1 min read

adb shell ๋‚ด pm ๋ช…๋ น์„ ์ด์šฉํ•˜์—ฌ package ๊ฒฝ๋กœ ํ™•์ธ์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ๊ฒฝ๋กœ ํ™•์ธ ํ›„ adb pull ์„ ์ด์šฉํ•˜์—ฌ apk ํŒŒ์ผ์„ ๊บผ๋‚ด์˜ฌ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

HTTP.sys Remote Code Exploit(CVE-2015-1635/MS15-034) ์ทจ์•ฝ์ 

1 min read

์ตœ๊ทผ ์ด์Šˆ๊ฐ€ ๋ฌ์—ˆ๋˜ MS ๋ณด์•ˆํŒจ์น˜ ์ค‘ HTTP.sys Remote Code Exploit(CVE-2015-1635/MS15-034)์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ณต๊ฒฉ์ž๊ฐ€ HTTP ํ—ค๋”๋ฅผ ์กฐ์ž‘ํ•˜์—ฌ ์ทจ์•ฝํ•œ ์‹œ์Šคํ…œ์— ์ด์ƒ์„ ๋ฐœ์ƒ์‹œํ‚ค๋Š” ์ทจ์•ฝ์ ์ด๋ฉฐ ์œˆ๋„์šฐ ๊ณ„์—ด ์„œ๋ฒ„์ธ IIS์—์„œ ๊ฐ€๋Šฅํ•˜๋ฉฐ, ์–ด๋Š์ •๋„ ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ๋˜ ๊ฒƒ์œผ๋กœ ๋ณด์ž…๋‹ˆ๋‹ค.

SWF ๋””์ปดํŒŒ์ผ๋Ÿฌ FFDEC (JPEX Free Flash Decompiler)

1 min read

SWF ๋””์ปดํŒŒ์ผ๋Ÿฌ์ธ FFDEC ์— ๋Œ€ํ•œ ์„ค์น˜ ๋ฐฉ๋ฒ• ๋ฐ ๊ฐ„๋‹จํ•œ ์‚ฌ์šฉ ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. FFDEC๋Š” SWF ํŒŒ์ผ์— ๋Œ€ํ•ด ์‰ฝ๊ฒŒ ๋ถ„์„ ๊ฐ€๋Šฅํ•˜๋„๋ก ์ฝ”๋“œ๋‹จ์—์„œ ํ™•์ธ์ด ๊ฐ€๋Šฅํ•œ ํˆด ์ž…๋‹ˆ๋‹ค. ์—ฌ๊ธฐ์„œ ์ž ๊น ์œ„ํ‚ค ํ”ผ๋””์•„์˜ SWF์˜ ์ •์˜์— ๋Œ€ํ•ด์„œ ํ•œ๋ฒˆ ๋ณด๋ฉด ์•„๋ž˜์™€ ๊ฐ™์Šต๋‹ˆ๋‹ค.

HTML Event Handler๋ฅผ ์ด์šฉํ•œ XSS

7 min read

โš ๏ธ XSS์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > XSS ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

NTFS File System ์˜ ์ˆจ๊ฒจ์ง„ ์˜์—ญ ADS(Alternate Data Stream)

2 min read

์š”์ฆ˜ ํฌ๋ Œ์‹, ์œˆ๋„์šฐ์ฆˆ ์‹œ์Šคํ…œ์— ๊ด€์‹ฌ์ด ์ƒ๊ฒผ์Šต๋‹ˆ๋‹ค. ๊ฑฐ์˜ ๋ฆฌ๋ˆ…์Šค๋งŒ ์‚ฌ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์œˆ๋„์šฐ์ฆˆ ์‹œ์Šคํ…œ์˜ ์žฌ๋ฏธ์žˆ๋Š” ๋ถ€๋ถ„์— ๋Œ€ํ•ด์„œ ๋งŽ์ด ๋ชจ๋ฅด๊ณ  ์žˆ์—ˆ๋”๊ตฐ์š”. ๊ทธ ์ค‘ ์˜ค๋Š˜์€ ADS(Alternate Data Stream) ์˜์—ญ์— ๊ด€๋ จ๋œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

iOS์—์„œ usb ํ„ฐ๋„์„ ํ†ตํ•œ SSH ์—ฐ๊ฒฐ ๋ฐฉ๋ฒ•

~1 min read

IOS์—์„œ ์ž‘์—…์„ ํ•  ๋•Œ ํ„ฐ๋ฏธ๋„ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜ ์•ฑ์„ ์ด์šฉํ•˜๋Š” ๊ฒƒ์€ ๊ต‰์žฅํžˆ ๋ถˆํŽธํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์ฃผ๋กœ SSH ์—ฐ๊ฒฐ์„ ํ†ตํ•ด ์ž‘์—…์„ ์ง„ํ–‰ํ•˜๋Š”๋ฐ, ๋„คํŠธ์›Œํฌ๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์—†๋Š” ํ™˜๊ฒฝ์ด๋‚˜ ์†๋„์— ์ด์Šˆ๊ฐ€ ์žˆ๋Š” ๊ฒฝ์šฐ ์ด ๋˜ํ•œ ์ž‘์—…ํ•˜๊ธฐ์— ์กฐ๊ธˆ ๋ถˆํŽธํ•ฉ๋‹ˆ๋‹ค.

Short XSS! ๊ณต๊ฒฉ๊ตฌ๋ฌธ ์‚ฝ์ž…๋ถ€๋ถ„์ด ์ž‘์„๋•Œ XSS๋ฅผ ์‚ฝ์ž…ํ•˜๋Š” ๋ฐฉ๋ฒ•๋“ค

1 min read

โš ๏ธ XSS์— ๋Œ€ํ•œ ์ „๋ฐ˜์ ์ธ ๋‚ด์šฉ์€ Cullinan > XSS#short-xss ํŽ˜์ด์ง€์—์„œ ๊ด€๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€์—์„œ ์ตœ์‹  ๋ฐ์ดํ„ฐ๊ฐ€ ์œ ์ง€๋˜๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” :D

Back to Top ↑

develop

PQ3 and PQC ๐Ÿ—๏ธ

2 min read

Apple์—์„œ ์กฐ๋งŒ๊ฐ„ iMessage์— PQ3๋ผ๋Š” ์•”ํ˜ธํ™” ํ”„๋กœํ† ์ฝœ์„ ์ ์šฉํ•  ์˜ˆ์ •์ด๋ผ๊ณ  ๋ฐœํ‘œํ–ˆ์Šต๋‹ˆ๋‹ค.

Do you need a config? Now, Pkl

1 min read

์ตœ๊ทผ์— Apple์ด ๋‚ด๋ถ€์—์„œ ์‚ฌ์šฉํ•˜๋˜ Configuration language๋ฅผ ์˜คํ”ˆ์†Œ์Šค๋กœ ๊ณต๊ฐœํ—€์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Pkl(ํ”ผํด)์ธ๋ฐ์š”, ๊ณผ์—ฐ Pkl์€ JSON๊ณผ YAML๊ณผ ํ•จ๊ป˜ Config๊ณ„์˜ ๋Œ€ํ‘œ ์ฃผ์ž๊ฐ€ ๋  ์ˆ˜ ์žˆ์„๊นŒ์š”?

Crystal-Lang is โค๏ธ

2 min read

์ €๋Š” ์ตœ๊ทผ์— Crystal-lang์„ ์ฆ๊ธฐ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•œ ํ† ์ด ํ”„๋กœ์ ํŠธ๋ถ€ํ„ฐ Noir๋ž€ ์‚ฌ์ด์ฆˆ๊ฐ€ ์ ์  ์ปค์ง€๊ณ  ์žˆ๋Š” ํ”„๋กœ์ ํŠธ๊นŒ์ง€ Crystal์„ ํ†ตํ•ด ๊ตฌํ˜„ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ œ๊ฐ€ Crystal์„ ์ข‹์•„ํ•˜๊ฒŒ๋œ ์ด์œ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

DOM Handling with MutationObserver

3 min read

์ตœ๊ทผ ZAP์€ SPA ๊ธฐ๋ฐ˜์˜ ์•ฑ์„ ์‰ฝ๊ฒŒ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•ด Client Side Integration ์ด๋ž€ ๊ธฐ๋Šฅ์„ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค. ์ด ์ด ๋•Œ DOM์˜ ๋ณ€ํ™”๋ฅผ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•œ ์žฅ์น˜๋กœ MutationObserver๊ฐ€ ์‚ฌ์šฉ๋˜์—ˆ๋Š”๋ฐ์š”. ์˜ค๋Š˜์€ MutationObserver๊ฐ€ ๋ญ”์ง€ ๊ทธ๋ฆฌ๊ณ  ๋ณด์•ˆ ํ…Œ์ŠคํŒ… ์‹œ ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„์ง€ ์ด์•ผ๊ธฐํ•ด๋ด…๋‹ˆ๋‹ค.

Lazy-loading iframe in Firefox

~1 min read

์ตœ๊ทผ์— Firefox์ชฝ์—์„œ ํ•˜๋‚˜ ์—…๋ฐ์ดํŠธ๋ฅผ ์˜ˆ๊ณ  ํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ณง img ํƒœ๊ทธ์—๋งŒ ์กด์žฌํ•˜๋˜ lazy-loading์ด iframe์—๋„ ์ ์šฉ๋˜๋Š”๋ฐ์š”. ์„ฑ๋Šฅ์ ์ธ ์žฅ์ ์€ ๋ถ„๋ช…ํžˆ ์žˆ๊ฒ ์ง€๋งŒ, img์™€ ๋‹ฌ๋ฆฌ XSS์˜ ๋ฆฌ์Šคํฌ๊ฐ€ ๋†’์€ iframe์˜ ๋กœ๋“œ ์‹œ์ ์„ ํ†ต์ œํ•  ์ˆ˜ ์žˆ๋Š” ํ˜•ํƒœ๋ผ ์žฌ๋ฏธ์žˆ๋Š” ์ด์Šˆ๊ฐ€ ๋‚˜์˜ฌ์ง€ ๊ธฐ๋Œ€๋˜๊ธฐ๋„, ๋ฐ˜๋Œ€๋กœ ๋˜ ๊ฑฑ์ •๋˜๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค.

Fiber concurrency

2 min read

๋™์‹œ์„ฑ ํ”„๋กœ๊ทธ๋ž˜๋ฐ์€ ์žฌ๋ฏธ์žˆ์ง€๋งŒ ๊ตฌ์กฐ๋‚˜ ์‚ฌ์ด์ฆˆ์— ๋”ฐ๋ผ ์–ด๋ ค์›€์„ ๋™๋ฐ˜ํ•ฉ๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ๋„ ๋„๊ตฌ ์ž‘์„ฑ ์‹œ ์ž์ฃผ ์‚ฌ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์ œ๊ฐ€ ์ง„ํ–‰ํ•˜๋Š” ํ”„๋กœ์ ํŠธ์—์„œ ์ž์ฃผ ๋ณผ ์ˆ˜ ์žˆ๊ณ , ๋ธ”๋กœ๊ทธ์—๋„ Goroutine๊ณผ Sync, Ruby Concurrency ๋“ฑ ๋งค๋…„ ๋™์‹œ์„ฑ ๊ด€๋ จํ•ด์„œ ๊ธ€์„ ์ž‘์„ฑํ•œ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

WebAuthn๊ณผ Passkey

4 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ํŒจ์Šค์›Œ๋“œ ๋งค๋‹ˆ์ €๋ฅผ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ๊ฐœ์ธ์ ์œผ๋กœ Apple์˜ ์•”ํ˜ธ ๊ธฐ๋Šฅ์„ ์ฃผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋˜ํ•œ icloud+๋„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์–ด ์ด๋ฉ”์ผ ๊ฐ€๋ฆฌ๊ธฐ + ์•”ํ˜ธ ์กฐํ•ฉ์œผ๋กœ ๊ฐ€๊ธ‰์  ์„œ๋น„์Šค๋ณ„๋กœ ๊ณ„์ •๊ณผ ํŒจ์Šค์›Œ๋“œ๊ฐ€ ๊ฒน์น˜์ง€ ์•Š๋Š” ์ƒํƒœ๋กœ ์œ ์ง€ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ตฌ๊ธ€์˜ ๊ฒฝ์šฐ Google password manager๋ฅผ ํ†ตํ•ด ๋น„์Šทํ•˜๊ฒŒ ์‚ฌ์šฉํ•˜์‹œ๋Š” ๋ถ„๋“ค๋„ ์žˆ์„๊ฑฐ๋ผ๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค. Apple์ด๋‚˜ Google์˜ ์ด๋Ÿฌํ•œ ๊ธฐ๋Šฅ๋“ค๊ณผ FIDO ๊ด€๋ จ ์ธ์ฆ ๋ฐฉ์‹๋“ค์€ Passwordless์˜ ๋Œ€์ค‘ํ™”๋ฅผ ์•ž๋‹น๊ฒผ๊ณ  ์ด์ œ๋Š” Password๋ฅผ ์ž…๋ ฅํ•˜๋Š” ๊ฒƒ์ด ์ ์  ์–ด์ƒ‰ํ•ด์ง€๋Š” ์‹œ๊ธฐ๊ฐ€ ์˜จ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Zest + YAML = โค๏ธ

1 min read

์ตœ๊ทผ์— Zest ์ชฝ์˜ Commit (zaproxy/zest/6d67925) ํ•˜๋‚˜๋ฅผ ์ฃผ์‹œํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Zest์—์„œ YAML ํฌ๋งท ์ง€์›์— ๋Œ€ํ•œ ๋‚ด์šฉ์ด์˜€๋Š”๋ฐ์š”. ๋“œ๋””์–ด ๊ณต์‹ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ด๋ฃจ์–ด์กŒ๊ณ  ์ด์ œ Zest์—์„œ YAML ํฌ๋งท์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

XSpear Reborn: Big Changes Coming

2 min read

์ œ๊ฐ€ Dalfox ๋ฅผ ๊ฐœ๋ฐœํ•˜๊ธฐ ์ „์— Ruby๋กœ ์ž‘์„ฑํ–ˆ์—ˆ๋˜ XSpear๋ž€ ๋„๊ตฌ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋™์ผํ•˜๊ฒŒ XSS๋ฅผ ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ ์œ„ํ•œ ๋„๊ตฌ์˜€๊ณ , ํ˜„์žฌ ์„ฑ๋Šฅ์€ ๋‹น์—ฐํžˆ Dalfox์ชฝ์ด ์••๋„์ ์œผ๋กœ ์ข‹์€ ์ƒํƒœ์ž…๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ž‘๋…„๋ถ€ํ„ฐ XSpear์— ๋Œ€ํ•œ Reborn ๊ณ„ํš์„ ์ƒ๊ฐํ•ด ๋‘์—ˆ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ ๋งŒ๋“ค๋˜ ๋„๊ตฌ๋„ ์–ด๋Š ์ •๋„ ์œค๊ณฝ์ด ์žกํ˜€์„œ ์ด์ œ ๋ณธ๊ฒฉ์ ์œผ๋กœ XSpear์— ๋Œ€ํ•ด ๋Œ€๊ทœ๋ชจ ๊ฐœํŽธ์„ ์ง„ํ–‰ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

๊ฐœ์ธ/์‚ฌ์„ค ๋„๋ฉ”์ธ์—์„œ Crystal Shard ํŒจํ‚ค์ง€ ์ฝ์–ด์˜ค๊ธฐ

~1 min read

Crystal-lang์—์„  Shards๋ฅผ ํ†ตํ•ด์„œ ํŒจํ‚ค์ง€์™€ ๋””ํŽœ๋˜์‹œ๋ฅผ ๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” go์˜ go get๊ณผ ์œ ์‚ฌํ•˜๊ฒŒ yaml ๋‚ด ์ž‘์„ฑ๋œ github repository์—์„œ ์†Œ์Šค๋ฅผ ์ฝ์–ด์™€ ์„ค์น˜ํ•˜๋Š” ํ˜•ํƒœ์ž…๋‹ˆ๋‹ค.

Embed resources in crystal

2 min read

Crystal์—์„œ ๋ฆฌ์†Œ์Šค ํŒŒ์ผ์„ ๋ฐ”์ด๋„ˆ๋ฆฌ์— Embed ํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ๊ธฐ๋กํ•ด๋‘ก๋‹ˆ๋‹ค. ๊นƒํ—™ ์ด์Šˆ๋“ฑ์„ ์ฐพ์•„๋ณด๋ฉด stdlib๋กœ ๋งŒ๋“ค์–ด์ค„ ๊ฒƒ ๊ฐ™์ง„ ์•Š์•˜๊ณ  ์ฐพ์•„๋ณด๋‹ˆ Rucksack์ด๋ž€ ์ข‹์€ shard๋ฅผ ๋ฐœ๊ฒฌํ•ด์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ์ •๋ฆฌํ•ด๋‘˜๊ฒŒ์š”. ์ฐธ๊ณ ๋กœ Rucksack์€ Linux์™€ macOS์—์„œ๋งŒ ๋™์ž‘ํ•˜๊ณ  Windows๋Š” ์ง€์›ํ•˜์ง€ ์•Š๋Š”๋‹ค๊ณ  ํ•˜๋‹ˆ ์ด ์  ์ฐธ๊ณ ํ•˜๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Default vs Release build in Crystal

1 min read

Crystal์€ ์ปดํŒŒ์ผ ์–ธ์–ด๋กœ ๋ฐ”์ด๋„ˆ๋ฆฌ๋กœ ๋นŒ๋“œํ•˜์—ฌ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ๊ณต์‹ ๊ฐ€์ด๋“œ์—์„  release build ์‹œ โ€”release flag ์‚ฌ์šฉ์„ ๊ถŒ๊ณ ํ•˜๊ณ  ์žˆ๋Š”๋ฐ์š”. ์˜ค๋Š˜์€ ์ด flag๊ฐ€ ์–ด๋–ค ์—ญํ• ์„ ํ•˜๋Š”์ง€, ์™œ ๊ถŒ๊ณ ๋˜๊ณ  ์žˆ๋Š”์ง€ ์ •๋ฆฌํ•ด๋ด…๋‹ˆ๋‹ค.

Homebrew๋กœ ํŒจํ‚ค์ง€ ์ œ๊ณตํ•˜๊ธฐ ๐Ÿบ

2 min read

์ œ๊ฐ€ ๋งŒ๋“  ๋„๊ตฌ๋Š” ๋Œ€๋ถ€๋ถ„ Homebrew, Binary, RubyGem, Snapcraft ๋“ฑ์„ ํ†ตํ•ด ๋ฐฐํฌํ•ฉ๋‹ˆ๋‹ค. ํŠนํžˆ macOS์˜ ๊ฒฝ์šฐ Homebrew๋ฅผ ํ†ตํ•œ ์„ค์น˜ ๋น„์ค‘์ด ์—„์ฒญ ๋†’๊ธฐ ๋–„๋ฌธ์— Go ๊ธฐ๋ฐ˜ ์•ฑ๋“ค์€ ๊ฐ€๊ธ‰์ ์ด๋ฉด Homebrew๋ฅผ ์ง€์›ํ•˜๋ ค๊ณ  ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ด๋Ÿฌํ•œ ๋Œ€๋ถ€๋ถ„์˜ ์ž‘์—…์€ Goreleaser๋ž€ ๋„๊ตฌ๋ฅผ ํ†ตํ•ด์„œ ์ง„ํ–‰ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๋งค์šฐ ํŽธ๋ฆฌํ•˜๊ฒŒ ์ง„ํ–‰ํ–ˆ์—ˆ์ฃ .

Encoding Only Your Choices, EOYC

2 min read

์š”์ฆ˜ ์žฅ๋‚œ๊ฐ ์‚ผ์•„ Crystal๊ณผ Elixir๋กœ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ฝ”๋“œ๋ฅผ ์ž‘์„ฑํ•ด๋ณด๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ํŠนํžˆ Crystal์€ Ruby์™€ ์ œ๊ฐ€ ์˜ˆ์ „์— ํ•œ๋ฒˆ ์†Œ๊ฐœํ•˜๊ธฐ๋„ ํ—€๊ณ  Ruby์™€ ๊ฑฐ์˜ ์œ ์‚ฌํ•œ ๋ฌธ๋ฒ•์— ์†๋„๊นŒ์ง€ ๊ฐ–์ถ”๊ณ  ์žˆ์–ด ๊ฐœ์ธ์ ์œผ๋กœ ๊ด€์‹ฌ์ด ๋งŽ์•˜๋˜ ์–ธ์–ด์ž…๋‹ˆ๋‹ค. ์ตœ๊ทผ์— ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ด์œ ๋กœ Crystal์€ ์ฃผ๋ ฅ ์–ธ์–ด๋กœ ๋งŒ๋“ค์–ด๊ฐ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ Crystal๋กœ ์ž‘์„ฑํ•œ ๊ฐ„๋‹จํ•œ ๋„๊ตฌ ํ•˜๋‚˜ ๊ณต์œ ํ•˜๋ ค๊ณ  ๊ธ€์„ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

CORS Bypass via dot

1 min read

Origin ํ—ค๋”์™€ ACAO(Access-Control-Allow-Origin) ํ—ค๋”๋Š” Cross-Origin ๊ด€๊ณ„์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ์ „๋‹ฌํ•˜๊ณ  ์ˆ˜์‹ ํ•˜๊ธฐ ์œ„ํ•œ ํ—ค๋”๋กœ SOP(Same-Origin Policy)๋ฅผ ๊ณต์‹์ ์œผ๋กœ ์šฐํšŒํ•˜๊ธฐ ์œ„ํ•œ ํ—ค๋”์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ CORS๋ผ๊ณ  ํ†ต์šฉ๋˜์–ด ๋ถ€๋ฅด๋ฉฐ, ์ด๋Š” JSON Hijacking๊ณผ CSRF ์ทจ์•ฝ์ ์— ํฐ ์ ‘์ ์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP Custom En/Decoder ๋งŒ๋“ค๊ธฐ

2 min read

ZAP์˜ ํ™•์žฅ์„ฑ์€ Scripting Engine์˜ ํŒŒ์›Œ์—์„œ ๋‚˜์˜ต๋‹ˆ๋‹ค. URL, HTML, Base64 ๋“ฑ ํ…Œ์ŠคํŒ… ๋‹จ๊ณ„์—์„  ์ธ/๋””์ฝ”๋”ฉ์„ ํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๊ต‰์žฅํžˆ ๋งŽ์€๋ฐ์š”. ์ด ๋•Œ ์‚ฌ์šฉํ•˜๋Š” Encode/Decode/Hash ๊ธฐ๋Šฅ ๋˜ํ•œ Scripting์œผ๋กœ ํ™•์žฅํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Broken link๋ฅผ ์ฐพ์ž! DeadFinder

1 min read

์ตœ๊ทผ์— Broken Link(Dead Link)๋ฅผ ์‰ฝ๊ฒŒ ์ฐพ๊ธฐ ์œ„ํ•œ ๋„๊ตฌ๋ฅผ ํ•˜๋‚˜ ๋งŒ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. ์ œ ๋ธ”๋กœ๊ทธ์˜ Broken Link๋ฅผ ์ฐพ๊ธฐ ์œ„ํ•œ ๋ชฉ์ ์ด์˜€์ง€๋งŒ, ๊ฐ€๋ณ๊ฒŒ๋ผ๋„ ํ•œ๋ฒˆ ๊ณต์œ ํ•˜๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„์„œ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Rake(Ruby Make)

2 min read

Rake๋Š” Ruby์—์„œ ์‚ฌ์šฉ๋˜๋Š” build utility๋กœ Make์œ ์‚ฌํ•ฉ๋‹ˆ๋‹ค. rake๋ž€ ์ด๋ฆ„ ๋˜ํ•œ ruby + make ์—์„œ ๋งŒ๋“ค์–ด์ง„ ๋‹จ์–ด๋กœ ์ผ๋ฐ˜์ ์ธ Ruby application๊ณผ Rails ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ™˜๊ฒฝ์—์„œ ๊ฐœ๋ฐœ ๋„๊ตฌ๋กœ์จ ์‚ฌ์šฉ๋ฉ๋‹ˆ๋‹ค.

Ruby Concurrency

2 min read

๋งค๋ฒˆ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์„ ๋งŒ๋“ค ๋•Œ๋ฉด ๋™์‹œ์„ฑ์— ๋Œ€ํ•œ ๊ณ ๋ฏผ์„ ํ•˜์ง€ ์•Š์„ ์ˆ˜๊ฐ€ ์—†์Šต๋‹ˆ๋‹ค. ๊ธฐ๋Šฅ์ ์ธ ๊ตฌํ˜„์— ์ง์ ‘ ํ•„์š”ํ•œ ๊ฒฝ์šฐ๋„ ์žˆ๊ณ  ํผํฌ๋จผ์Šค๋ฅผ ๊ฒฐ์ • ์ง€์„ ์ˆ˜ ์žˆ๋Š” ์š”์†Œ์ด๊ธฐ ๋•Œ๋ฌธ์— ์ค‘์š”ํ•˜๋‹ค๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

Jekyll Collection ๋‹ค๋ฃจ๊ธฐ

1 min read

์ตœ๊ทผ์— Jekyll๋กœ ๋‹ค์‹œ ์ด์‚ฌ ํ›„ ๋ช‡๊ฐ€์ง€ ๊ธฐ๋Šฅ๋“ค์„ ๊ฐœ๋ฐœํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ํ•˜๋‚˜๋ฅผ ํ•ด๊ฒฐํ•˜๊ธฐ ์œ„ํ•ด์„  ํŠน์ • type์˜ ํŽ˜์ด์ง€๋“ค์„ ๋ชจ์•„์„œ json์œผ๋กœ ๋งŒ๋“ค์–ด์ฃผ๋Š” ๊ณผ์ •์ด ํ•„์š”ํ•œ๋ฐ, Jekyll์˜ Collection ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด์„œ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐํ–ˆ์Šต๋‹ˆ๋‹ค.

Hugo to Jekyll

1 min read

์ •๋ง ์„ค๋งˆ์„ค๋งˆ ํ–ˆ์Šต๋‹ˆ๋‹ค. ์•„๋‹ˆ ์ด๋Ÿฐ ์ผ์€ ์—†์„๊ฑฐ๋ผ๊ณ  ์žฅ๋‹ดํ–ˆ์Šต๋‹ˆ๋‹ค. ์ž‘๋…„์— Jekyll์—์„œ Hugo๋กœ ์ „ํ™˜ํ•œ์ง€ ๋”ฑ 1๋…„๋งŒ์— ๋งˆ์Œ์ด ๋ฐ”๋€Œ์—ˆ์Šต๋‹ˆ๋‹ค. ๋‹ค์‹œ Jekyll๋กœ ๋Œ์•„๊ฐ‘๋‹ˆ๋‹ค.

Hex? Imhex and Hexyl

1 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ์–ด๋–ค Hex editor/viewer๋ฅผ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” Linux๋ฅผ ๋ฉ”์ธ์œผ๋กœ ์‚ฌ์šฉํ•  ๋–ˆ Ghex์™€ hexdump, macOS์—์„  hexyl์™€ vim(+plug)์„ ์ฃผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ํฌ๋กœ์Šค ํ”Œ๋žซํผ์„ ์ง€์›ํ•˜๋Š” ์—„์ฒญ๋‚œ Hex Editor์ธ ImHex์— ๋Œ€ํ•ด ์†Œ๊ฐœํ•ด๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ์ €๋„ ์ด์ œ๋Š” ImHex์™€ hexyl ์กฐํ•ฉ์œผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค :D

Docker์™€ Dumb-Init

2 min read

์˜ค๋Š˜์€ ๋„์ปค์—์„œ ์•ˆ์ •์ ์ธ ๊ตฌ๋™์„ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๋Š” dumb-init๊ณผ pid1 ๊ทธ๋ฆฌ๊ณ  init ์‹œ์Šคํ…œ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Go dependency(go.mod) ์ถ”์ ํ•˜๊ธฐ

~1 min read

์ œ๊ฐ€ ์ตœ๊ทผ์— Dependabot alerts ์— ํ™•์ธ๋œ ์ทจ์•ฝ์  ์ค‘ ํŒจํ‚ค์ง€ ํ™•์ธ์ด ์•ˆ๋˜๋Š” ์ทจ์•ฝ์ ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Go์—์„œ Stdin์— ๋Œ€ํ•œ ํ…Œ์ŠคํŠธ ์ฝ”๋“œ ์ž‘์„ฑํ•˜๊ธฐ

1 min read

ํ…Œ์ŠคํŠธ ์ฝ”๋“œ ์ž‘์„ฑ ์ค‘ ์šฐ๋ฆฌ๊ฐ€ ์˜ˆ์ธก ๊ฐ€๋Šฅํ•œ ํ•จ์ˆ˜ ์ธ์ž ๊ฐ’์€ ์‰ฝ๊ฒŒ ์ฒดํฌ๊ฐ€ ๊ฐ€๋Šฅํ•˜์ง€๋งŒ, ์‹œ์Šคํ…œ์œผ๋กœ ๋ถ€ํ„ฐ ๋„˜์–ด์˜ค๋Š” ๋ฐ์ดํ„ฐ๋Š” ๋ง‰์ƒ ์ž‘์„ฑํ•˜๋ ค๊ณ  ํ•˜๋ฉด ์–ด๋–ป๊ฒŒ ํ•ด์•ผํ• ์ง€ ๊ณ ๋ฏผ์ด ๋˜๊ธฐ ์‹œ์ž‘ํ•ฉ๋‹ˆ๋‹ค.

Golang Logrus์—์„œ Channel hook ๋งŒ๋“ค๊ธฐ

1 min read

Logrus๋Š” golang์˜ ์•„์ฃผ ์ข‹์€ logger ํŒจํ‚ค์ง€์ž…๋‹ˆ๋‹ค. logrus๋Š” hook์„ ์ด์šฉํ•ด์„œ ์ง€์ •๋œ ํ•œ๋ฒˆ์— ์—ฌ๋Ÿฌ๊ณณ์— ๋กœ๊ทธ๋ฅผ ๋‚จ๊ธธ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. built-in hook์œผ๋กœ๋Š” ํ˜„์žฌ syslog์™€ io.Writer๊ฐ€ ์žˆ๊ณ  ์ €๋Š” channel๋กœ hook์„ ์“ธ ์ผ์ด ์žˆ์–ด ๊ฐ„๋‹จํ•˜๊ฒŒ ์ž‘์„ฑํ•˜์—ฌ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค :D

๊ฐœ๋ฐœ์ž๋งŒ? ์•„๋‹ˆ ์šฐ๋ฆฌ๋„ ์Šคํฌ๋ž˜์น˜ ํŒจ๋“œ ํ•„์š”ํ•ด! Boop!

1 min read

์ €๋Š” ์ข…์ข… ์žฌ๋ฏธ์žˆ๋Š” ์•ฑ์ด ์žˆ์„์ง€ ์•ฑ์Šคํ† ์–ด๋ฅผ ๋‘˜๋Ÿฌ๋ณด๊ณค ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋˜ ์ค‘ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์—์„œ ์“ธ๋งŒํ•  ๊ฒƒ ๊ฐ™์€ ๋„๊ตฌ๋ฅผ ์ฐพ์•„ ์ด๋ฒˆ ์—ฐํœด๋™์•ˆ ์‚ฌ์šฉํ•ด๋ณด๊ณ , ๊ดœ์ฐฎ๋‹ค๊ณ  ๋Š๊ปด์„œ ๋ธ”๋กœ๊ทธ๋ฅผ ํ†ตํ•ด ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค. ๋ฐ”๋กœ Boop ์ž…๋‹ˆ๋‹ค.

Go์—์„œ HTTP gzip response ์ฒ˜๋ฆฌํ•˜๊ธฐ

1 min read

์ตœ๊ทผ dalfox์— ๋…ํŠนํ•œ ์ด์Šˆ๊ฐ€ ์ œ๋ณด๋ฌ๋Š”๋ฐ(์˜คํ”„๋ผ์ธ์œผ๋กœ๋„ ํ•œ๋ฒˆ ์ œ๋ณด๋ฐ›์€ ์‚ฌํ•ญ์ด๋ผ ์ด๋ฏธ ์‚ฝ์งˆ์„ ์ข€ ํ—€๋˜ ์ƒํƒœ์˜€๋„ค์š”) ์˜ค๋Š˜ ์ด๋ฅผ ํ•ด๊ฒฐํ•˜๊ณ  ์–ด๋–ป๊ฒŒ ํ•ด๊ฒฐํ–ˆ๋Š”์ง€ ๊ฐ„๋žตํ•˜๊ฒŒ ๊ณต์œ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ํŠน๋ณ„ํ•œ ๋‚ด์šฉ์€ ์•„๋‹ˆ์ง€๋งŒ, golang์—์„œ http ๊ธฐ๋ฐ˜ ๊ฐœ๋ฐœ์„ ์ง„ํ–‰ํ•  ๋•Œ ์•Œ๊ณ  ์žˆ์œผ๋ฉด ์‹ค์ˆ˜๋ฅผ ์˜ˆ๋ฐฉํ•  ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์ด์ฃ .

Hugo aliases์—์„œ noindex๋กœ ์ธํ•œ SEO ๋ฌธ์ œ ํ•ด๊ฒฐํ•˜๊ธฐ

1 min read

Hugo์—์„œ aliases๋ฅผ ์‚ฌ์šฉํ•˜๋ฉด ํ•ด๋‹น ์ฃผ์†Œ๋Š” meta tag๋ฅผ ์ด์šฉํ•œ redirect๋ฅผ ํŽ˜์ด์ง€๊ฐ€ ์ƒ์„ฑ๋ฉ๋‹ˆ๋‹ค. ์ด๋Ÿฌํ•œ ํ˜•ํƒœ๋Š” ์ผ๋ฐ˜์ ์œผ๋กœ url์„ ์ด๋™ํ•˜๊ธฐ์—” ์ ํ•ฉํ•˜์ง€๋งŒ, 30x์˜ status code๊ฐ€ ์•„๋‹ˆ๊ณ  200์ด๊ธฐ ๋•Œ๋ฌธ์— ๊ตฌ๊ธ€ ๋“ฑ ๊ฒ€์ƒ‰ ๋ด‡์ด ํ•ด๋‹น ํŽ˜์ด์ง€๋ฅผ ์ˆ˜์ง‘ํ•˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

pkg.go.dev์— go ํŒจํ‚ค์ง€ ์ฆ‰์‹œ ์—…๋ฐ์ดํŠธํ•˜๊ธฐ

~1 min read

golang์œผ๋กœ ๊ฐœ๋ฐœ๋œ ์•ฑ์€ pkg.go.dev์— ์ €์žฅ๋˜๋ฉฐ ํ•ด๋‹น ์‚ฌ์ดํŠธ๋ฅผ ํ†ตํ•ด ํŒจํ‚ค์ง€ ์ •๋ณด๋ฅผ ๋ณผ ์ˆ˜ ์žˆ๊ณ  ์‹ค์ œ go get ์œผ๋กœ ํŒจํ‚ค์ง€๋ฅผ ๊ฐ€์ ธ์˜ฌ ๋•Œ ์ด๊ณณ์˜ latest ๋ฒ„์ „์„ ๊ฐ€์ ธ์˜ค๊ฒŒ ๋ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์ด ์‚ฌ์‹ค์„ ์ž˜ ๋ชฐ๋ž๋˜ ๊ณผ๊ฑฐ์˜ ์ €๋Š” ์ด๋Ÿฐ ์‹ค์ˆ˜๋„ ํ–ˆ์—ˆ๋˜ ๊ธฐ์–ต์ด ๋‚˜๋„ค์š”.

Github repo ๋‚ด Languages ๋ณ€๊ฒฝํ•˜๊ธฐ (.gitattributes)

1 min read

Github repository ํŽ˜์ด์ง€์˜ ์šฐ์ธก์—๋Š” ํ•ด๋‹น repo์˜ ์–ธ์–ด ํ†ต๊ณ„์ธ Languages๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” ํŽ˜์ด์ง€์— ์ ‘๊ทผํ•œ ์‚ฌ์šฉ์ž๋กœ ํ•˜์—ฌ๊ธˆ ์ด ํ”„๋กœ์ ํŠธ๊ฐ€ ์–ด๋–ค ์–ธ์–ด๋ฅผ ์ฃผ๋ ฅ์œผ๋กœ ๊ตฌ์„ฑ๋˜์—ˆ๋Š”์ง€ ํ™•์ธํ•  ์ˆ˜ ์žˆ๋Š” ์ง€ํ‘œ๊ฐ€ ๋˜๊ณ , ์ผ๋ถ€ ๋„๊ตฌ๋“ค์€ ์ด ๋ฐ์ดํ„ฐ๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ ์˜คํ”ˆ์†Œ์Šค ํ”„๋กœ์ ํŠธ๋“ค์„ ๋ถ„๋ฅ˜ํ•˜๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค.

Go์—์„œ ์•„์ฃผ ํฐ JSON ํŒŒ์ผ์„ ํ•ธ๋“ค๋งํ•˜๊ธฐ

2 min read

์ตœ๊ทผ์— ์‹œ๋ฅ์ง€ ์•Š์€ ๋ฌธ์ œ๋กœ ๊ตฌ๊ธ€๋งํ•˜๋‹ค๊ฐ€ ๋‹จ์ˆœํ•˜๊ฒŒ ํ•ด๊ฒฐํ•œ ์ผ์ด ์žˆ์–ด์„œ ์งง๊ฒŒ ๊ธ€๋กœ ๊ณต์œ  ํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ณต์žกํ•œ ๋ฌธ์ œ๋กœ ์ƒ๊ฐํ•ด์„œ ์˜คํžˆ๋ ค ๊ฐ€๊นŒ์ด์— ์žˆ๋Š” ๋‹ต์„ ๋†“์น˜๊ณ  ๋ง์•˜์—ˆ๋„ค์š”.

Goreleaser์—์„œ M1, Windows ARM64 ์ง€์›ํ•˜๊ธฐ

~1 min read

goreleaser์˜ ๊ฐ๊ฐ v0.157.0, v0.175.0 ๋ฒ„์ „์—์„œ M1 macbook, Windows ARM 64 ์ง€์›์ด ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ €๋„ ์ œ๊ฐ€ ๊ฐœ๋ฐœํ•˜๋Š” ๋„๊ตฌ์—์„  M1 ์ง€์›์ด ์•ฝ๊ฐ„ ๋Šฆ์€ ๋Š๋‚Œ์ด ์žˆ๊ธดํ•œ๋ฐ์š”. ๊ด€๋ จํ•ด์„œ ์ฃผ์˜ํ•ด์•ผํ•  ์ ๋“ค ์ •๋ฆฌํ•ด ๋‘ก๋‹ˆ๋‹ค.

Asciinema Shortcode in Hugo

2 min read

TL;DR

์ฝ”๋“œ๋ฅผ gist์— ๋”ฐ๋กœ ์˜ฌ๋ ค๋‘์—ˆ์Šต๋‹ˆ๋‹ค.

Hugo์—์„œ Sitemap-index ์‚ฌ์šฉํ•˜๊ธฐ(split sitemap)

3 min read

sitemap.xml

sitemap.xml์€ Sitemap protocol์„ ์œ„ํ•œ XML schema๋กœ ์›น ์„œ๋น„์Šค๊ฐ€ ํฌํ•จํ•˜๊ณ  ์žˆ๋Š” ๋งํฌ๋“ค์„ ์‚ฌ์šฉ์ž์—๊ฒŒ ์ œ๊ณตํ•˜๊ธฐ ์œ„ํ•œ ๋ชฉ์ ์œผ๋กœ ๊ตฌ์„ฑ๋˜๋Š” ํŒŒ์ผ์ž…๋‹ˆ๋‹ค. ์•„๋ž˜์™€ ๊ฐ™์€ ๊ตฌ์กฐ๋ฅผ ๊ฐ€์ง€๋ฉฐ, ์‚ฌ์šฉ์ž๋‚˜ ๊ฒ€์ƒ‰ ๋ด‡ ๋“ฑ์€ ์ด ํŒŒ์ผ์„ ์ฐธ์กฐํ•˜์—ฌ ์›น ํŽ˜์ด์ง€๋ฅผ ์ˆ˜์ง‘ํ•ฉ๋‹ˆ๋‹ค.

Github action ์„ฑ๊ณต ์‹œ ๋‹ค๋ฅธ action ์‹คํ–‰ํ•˜๊ธฐ

1 min read

Github action์€ github์—์„œ ์ œ๊ณตํ•˜๋Š” CI/CD๋ฅผ ์œ„ํ•œ ๋„๊ตฌ์ž…๋‹ˆ๋‹ค. yaml ํฌ๋งท์˜ config ๋ฅผ ์ด์šฉํ•ด์„œ ์ฝ”๋“œ ๋นŒ๋“œ, ํ…Œ์ŠคํŠธ๋ถ€ํ„ฐ deploy ๊นŒ์ง€ ๊ตฌํ˜„ํ•˜๊ธฐ์— ๋”ฐ๋ผ ์ •๋ง ๋งŽ์€ ๊ธฐ๋Šฅ์„ ์ž๋™์œผ๋กœ ์ฒ˜๋ฆฌํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ์ด๊ณ  github๋ฅผ ์‚ฌ์šฉํ•œ๋‹ค๋ฉด jenkins๋‚˜ ๋‹ค๋ฅธ devops ๋„๊ตฌ๋ฅผ ๋ฒ„๋ฆฌ๊ณ  ์ด๋™ํ•  ๋งŒํผ ์ถฉ๋ถ„ํžˆ ์ข‹์€ ๊ธฐ๋Šฅ์„ฑ์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

git subtree๋ฅผ ์ด์šฉํ•ด github pages์— ๋ฐฐํฌํ•˜๊ธฐ

1 min read

hugo ๋“ฑ jekyll์ด ์•„๋‹Œ static site generator๋ฅผ ์ด์šฉํ•˜๊ฑฐ๋‚˜ ๋ณ„๋„๋กœ ๊ฐœ๋ฐœํ•ด์„œ github pages์— ํŽ˜์ด์ง€๋ฅผ ๋ฐฐํฌํ•˜๋Š” ๊ฒฝ์šฐ gh-pages ๋ธŒ๋žœ์น˜๋‚˜ ๋ณ„๋„์˜ ๋””๋ ‰ํ† ๋ฆฌ์— ๋ฐฐํฌํ•˜๊ณ  ๋ฐฐํฌ path๋ฅผ ์—ฐ๊ฒฐํ•˜์—ฌ github pages๋กœ ํ˜ธ์ŠคํŒ…ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Hugo Shortcodes

1 min read

Hugo์—๋Š” Shortcode๋ผ๋Š” snippet์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ œ๊ฐ€ hugo๋กœ ๋„˜์–ด์˜ค๊ณ  ๊ต‰์žฅํžˆ ๋ง˜์— ๋“ค์—ˆ๋˜ ๋ถ€๋ถ„์ธ๋ฐ์š”. ์˜ค๋Š˜์€ shortcode๊ฐ€ ๋ญ”์ง€, ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”์ง€ ๊ทธ๋ฆฌ๊ณ  ์–ด๋–ป๊ฒŒ ์“ฐ๋ฉด ๋” ์ข‹์„์ง€ ์ด์•ผ๊ธฐํ•ด๋ณผ๊ฒŒ์š”.

Hugo Archetypes์„ ์ด์šฉํ•œ ๊ธ€ Template ์‚ฌ์šฉํ•˜๊ธฐ

1 min read

Hugo์—์„œ๋Š” content management๋ฅผ ์œ„ํ•ด archetypes ๋ผ๋Š” template file์„ ์ œ๊ณตํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” hugo new ๋กœ ์ƒˆ๋กœ์šด ๊ธ€์„ ๋งŒ๋“ค ๋•Œ ์ž๋™์œผ๋กœ ๊ธ€์— ํ•„์š”ํ•œ ์ •๋ณด๋ฅผ ์ž‘์„ฑํ•ด์ฃผ๋ฉฐ, ์ข…๋ฅ˜์— ๋”ฐ๋ผ์„œ ์ปค์Šคํ…€ํ•˜๊ฒŒ ์ž‘์„ฑํ•  ์ˆ˜ ์žˆ๋„๋ก ์ œ๊ณตํ•ด์ฃผ๋Š” ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค.

Goroutine๊ณผ Sync

3 min read

Go ํ•˜๋ฉด ์–ด๋–ค ํŠน์ง•์ด ๋– ์˜ค๋ฅด์‹œ๋‚˜์š”? ๊ตฌ๊ธ€์˜ ์–ธ์–ด, ๋น ๋ฅด๋‹ค ๋“ฑ ์ „๋ฐ˜์ ์ธ ๊ฐœ๋…์—์„œ goroutine, ์ฑ„๋„ ๋“ฑ ๋””ํ…Œ์ผํ•œ ๋ถ€๋ถ„๊นŒ์ง€ ๋งŽ์€ ๊ฒƒ๋“ค์ด ์žˆ์„ํ…๋ฐ์š”, ์ €๋Š” ์ œ๊ฐ€ ์ฒ˜์Œ ๊ณ ๋ฅผ ์ ‘ํ–ˆ์„ ๋•Œ ๊ฐ€์žฅ ์žฌ๋ฏธ์žˆ๊ฒŒ ๋ดค๋˜ ๊ฒƒ์ด goroutine๊ณผ ์ฑ„๋„์ด์˜€์Šต๋‹ˆ๋‹ค.

Html to Markdown in Cli

1 min read

์–ด์ œ Hugo๋กœ ์ด์‚ฌ๋กœ ์ด์‚ฌ๋ฅผ ๋งˆ๋ฌด๋ฆฌํ•˜๋ฉด์„œ ๋ชปํ–ˆ๋˜ ์ž‘์—…์„ ํ•˜๋‚˜ ์ง„ํ–‰ํ•œ๊ฒŒ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ๊ธฐ์กด jekyll ๋ถ€ํ„ฐ ์œ ์ง€ํ•ด์˜ค๋˜ blogger๋กœ ๋ถ€ํ„ฐ ๋„˜์–ด์˜จ ์ž”ํ•ด, html ํฌ์ŠคํŠธ๋“ค์ธ๋ฐ์š”. ๋ฌผ๋ก  ํŽ˜์ด์ง€ ๋žœ๋”ฉ์—๋Š” ์ „ํ˜€ ์ง€์žฅ์ด ์—†์ง€๋งŒ, html ํŒŒ์ผ ์ž์ฒด๊ฐ€ ์œ ์ง€๋ณด์ˆ˜๊ฐ€ ์–ด๋ ต๋‹ค๋ณด๋‹ˆ ๊ธ€์„ ์ˆ˜์ •ํ•˜๊ธฐ ๊นŒ๋‹ค๋กญ๋‹ค๋Š” ๋‹จ์ ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Utterances์—์„œ ๋Œ“๊ธ€ ์ด๋™ํ•˜๊ธฐ

~1 min read

๊ฐ„ํ˜น github page์˜ repo ์ด์ „ ๋“ฑ utterances์˜ ๋Œ“๊ธ€์„ ์ด๋™ํ•ด์•ผํ•  ๊ฒฝ์šฐ๊ฐ€ ์ƒ๊น๋‹ˆ๋‹ค. ์ด๋ฒˆ์— hugo ์ด์ „ํ•˜๋Š” ์ž‘์—…์„ ์ง„ํ–‰ํ•˜๋ฉด์„œ ํ…Œ์ŠคํŠธ ํ•˜๋‹ค๋ณด๋‹ˆ, ๊ฐ„๋‹จํ•œ ํŠธ๋ฆญ์„ ์ด์šฉํ•˜์—ฌ ๋Œ“๊ธ€์„ ์‰ฝ๊ฒŒ ์˜ฎ๊ธธ ์ˆ˜ ์žˆ์–ด ๋‚ด์šฉ์„ ์ •๋ฆฌํ•ด๋ด…๋‹ˆ๋‹ค.

Jekyll์—์„œ Hugo๋กœ ์ด์‚ฌ๊ฐ€๊ธฐ (Migration log)

7 min read

jekyllโ€ฆ ์ œ๊ฐ€ ์˜ˆ์ „์—๋Š” rubyist(ruby ์‚ฌ์šฉ์ž) ์˜€์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋‹ค๊ฐ€ 2018~19๋…„ ์ฏค์— gopher(golang ์‚ฌ์šฉ์ž)๊ฐ€ ๋˜์—ˆ๊ณ  ์ดํ›„๋ถ€ํ„ด ๋งŒ๋“ค๊ณ  ์žˆ๋Š” ๋Œ€๋‹ค์ˆ˜์˜ ๋„๊ตฌ๋Š” golang ๊ธฐ๋ฐ˜์œผ๋กœ ๋งŒ๋“ญ๋‹ˆ๋‹ค.

Golang์˜ nil๊ณผ interface nil์˜ ์žฌ๋ฏธ์žˆ๋Š” ํŠน์ง•

1 min read

Null์€ ์ผ๋ฐ˜์ ์œผ๋กœ ์กด์žฌํ•˜์ง€ ์•Š๋Š” ๊ฐ’ ๋˜๋Š” ๋ฉ”๋ชจ๋ฆฌ ์ฃผ์†Œ๋ฅผ ์˜๋ฏธํ•˜๋ฉฐ ์–ธ์–ด์— ๋”ฐ๋ผ null nil nan none undefined ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ˜•ํƒœ๋กœ ํ‘œํ˜„๋ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ null์ด๋ž€ ๊ฐœ๋…์ด ์–ธ์–ด๋งˆ๋‹ค ํŠน์„ฑ๊ณผ ์ฒ ํ•™, ํ‘œํ˜„ํ•˜๋Š” ๋ฐฉ์‹์— ๋”ฐ๋ผ์„œ ๋‹ฌ๋ผ์ง€๊ธฐ๋„ ํ•˜๋Š”๋ฐ์š”. ์˜ค๋Š˜์€ golang์—์„œ์˜ null์ธ nil์˜ ํŠน์„ฑ ํ•˜๋‚˜๋ฅผ ์‚ดํŽด๋ณด๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

25 Keywords in Go

1 min read

Go supports only 25 keywords. Itโ€™s very simple, which has the advantage of a low learning curve. Iโ€™ve never posting it while using Go. Let me summarize the meaning of each keyword today.

go-jwt์™€ golang-jwt/jwt

1 min read

์ตœ๊ทผ์— golang์œผ๋กœ ๊ฐœ๋ฐœํ•œ ๋„๊ตฌ ์ค‘ jwt ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ์‚ฌ์šฉํ•œ ๋Œ€๋‹ค์ˆ˜์˜ ํ”„๋กœ์ ํŠธ์—์„œ ์•„๋ž˜์™€ ๊ฐ™์ด Security dependency alert์ด ๋‚˜ํƒ€๋‚ฌ์Šต๋‹ˆ๋‹ค.

Ruby์™€ Google Indexing API๋ฅผ ์ด์šฉํ•˜์—ฌ ์ž๋™์œผ๋กœ ์‹ ๊ทœURL ๋“ฑ๋กํ•˜๊ธฐ

4 min read

์ œ๊ฐ€ ๋ธ”๋กœ๊ทธ ๊ธ€์„ ์ž‘์„ฑํ•˜๊ณ  commit - push ์‹œ ๋งŽ์€ ์ž‘์—…๋“ค์ด ์ผ์–ด๋‚ฉ๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์ธ ๊ฒƒ๋“ค์„ ์ด์•ผ๊ธฐ ๋“œ๋ฆฌ๋ฉด, Jekyll build ๋ฐ deploy ๊ณผ์ •์ด ์ง„ํ–‰๋˜๊ณ  ์ด๋ฏธ์ง€ ์ค‘ compress๊ฐ€ ํ•„์š”ํ•œ ์ด๋ฏธ์ง€๋Š” compress ์ฒ˜๋ฆฌํ•˜์—ฌ ์šฉ๋Ÿ‰์„ ์ค„์ด๊ณ , notify ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ณผ์ •๋“ค์ด github action์— ๋…น์•„์žˆ์Šต๋‹ˆ๋‹ค.

Github default branch ๋ณ€๊ฒฝํ•˜๊ธฐ (master to main)

1 min read

์˜ค๋Š˜ ๋„๊ตฌ๋งŒ๋“ค ๋–„ ์“ธ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ๋งŒ๋“ค์–ด๋‘๋ ค๊ณ  github repository๋ฅผ ์ถ”๊ฐ€ํ•˜๋ ค ํ–ˆ๋”๋‹ˆ ์•„๋ž˜์™€ ๊ฐ™์€ ๋ฉ”์‹œ์ง€๊ฐ€ ๋ฐœ์ƒํ–ˆ์Šต๋‹ˆ๋‹ค.

Go์—์„œ ์ž๋™์œผ๋กœ ํ…Œ์ŠคํŠธ ์ฝ”๋“œ ์ƒ์„ฑํ•˜๊ธฐ(with gotests)

3 min read

์ €๋Š” ํ…Œ์ŠคํŠธ ์ฝ”๋“œ๋ฅผ ๋งŽ์ด ์ž‘์„ฑํ•˜์ง„ ์•Š์Šต๋‹ˆ๋‹ค. ์•„๋ฌด๋ž˜๋„ ๋ณธ์—…์ด ๋ณด์•ˆ ์—”์ง€๋‹ˆ์–ด๋ง์ด๋‹ค ๋ณด๋‹ˆ ํ˜„์—… ๊ฐœ๋ฐœ์ž์ฒ˜๋Ÿผ ๊ผผ๊ผผํ•˜๊ฒŒ ํ…Œ์ŠคํŠธ ์ฝ”๋“œ๋ฅผ ์ž‘์„ฑํ•˜๊ณ  ์กฐ๊ธˆ ๋” ๋‚˜์•„๊ฐ€ TDD(Test-Driven Development)๋ฅผ ์‹ ๊ฒฝ์“ฐ๋ฉด์„œ ๊ฐœ๋ฐœํ•  ์ˆ˜ ์žˆ๋Š” ์—ฌ์œ ๊ฐ€ ์žˆ๋Š” ๊ฒƒ๋„ ์•„๋‹ˆ๊ตฌ์š”.

rvm is not a function ์—๋Ÿฌ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

Problem

์ €๋Š” ๋ณดํ†ต ๊ธ€์„ ์ž‘์„ฑํ•  ๋–„ ๋งฅ๋ถ์—์„œ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ํ™ˆ ์„œ๋ฒ„์—์„œ๋Š” ์ง์ ‘ ๊ธ€์„ ์ž‘์„ฑํ•  ์ผ์ด ๋ณ„๋กœ ์—†์—ˆ๋Š”๋ฐ, ๋””์ž์ธ ์ข€ ์ˆ˜์ •ํ•˜๊ธฐ ์œ„ํ•ด์„œ ์„œ๋ฒ„์—์„œ ์ง์ ‘ ์ž‘์—…ํ•˜๋‹ค ๋ณด๋‹ˆ jekyll serve ์‹œ ruby ๋ฒ„์ „ ๊ด€๋ จ ์—๋Ÿฌ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์š”์•ฝํ•˜๋ฉด github pages gem์€ 2.x ๋ฒ„์ „๋งŒ ์ง€์›ํ•˜๋Š”๋ฐ, ์‹œ์Šคํ…œ ๋ฒ„์ „์ด 3.x ๋ฒ„์ „์ด๋ผ์„œ ๋ฐœ์ƒํ•œ ๋ฌธ์ œ์˜€๊ณ , ์ด๋ฅผ rvm๋กœ ์ฒ˜๋ฆฌํ•˜๊ณ ์ž rvm use๋ฅผ ์‚ฌ์šฉํ–ˆ๋”๋‹ˆ ์•„๋ž˜์™€ ๊ฐ™์€ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ–ˆ์—‡์Šต๋‹ˆ๋‹ค.

GOPRIVATE์„ ํ†ตํ•ด ๊ฐœ์ธ/์‚ฌ์„ค ๋„๋ฉ”์ธ์—์„œ go get ํ•˜๊ธฐ(Gitlab, Github enterprise)

~1 min read

go get

go ๊ธฐ๋ฐ˜ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜๋“ค์„ ์‚ฌ์šฉํ•ด๋ณด์…จ๊ฑฐ๋‚˜ go ์–ธ์–ด๋กœ ๊ฐœ๋ฐœ์„ ํ•œ๋‹ค๋ฉด go get ์€ ๋งค์šฐ ์ต์ˆ™ํ•œ ๋ช…๋ น์ด๋ผ๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

DCO and Github Sign-off Commit

3 min read

์–ด์ œ ๋ฐค์— ZAP์ชฝ์— Pull Request๋ฅผ ๋‚ ๋ ธ๋‹ค๊ฐ€ ์•„๋ž˜์™€ ๊ฐ™์€ ์ƒํ™ฉ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Secure JWT and Slinding Sessions

3 min read

Sessions ์ด๋ž€?

Sessions์€ ์ปดํ“จํŒ…์—์„œ ๋น„์Šทํ•˜์ง€๋งŒ ์—ฌ๋Ÿฌ ์˜๋ฏธ๋กœ ์‚ฌ์šฉ๋˜๋Š” ์šฉ์–ด์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ ์ƒํƒœ๋ฅผ ์˜๋ฏธํ•œ๋‹ค๊ณ  ๋ณด๋ฉด ๋  ๊ฒƒ ๊ฐ™๊ณ , ์›น์—์„œ๋Š” HTTP๊ฐ€ ๋น„ ์—ฐ๊ฒฐํ˜• ํ”„๋กœํ† ์ฝœ์ด๊ธฐ ๋•Œ๋ฌธ์— ์„œ๋ฒ„๊ฐ€ ๊ธฐ์กด์— ์ ‘์†ํ–ˆ๋˜ ํด๋ผ์ด์–ธํŠธ์ธ์ง€ ํ™•์ธํ•  ์ˆ˜ ์žˆ๋Š” ์ˆ˜๋‹จ์œผ๋กœ ์‚ฌ์šฉ๋ฉ๋‹ˆ๋‹ค. (ํŒŒ์ผ ์ฟ ํ‚ค๋ž‘ ๋น„์Šทํ•˜์ฃ . ๋‹ค๋งŒ ์ฒ˜๋ฆฌ์—์„  ์•ฝ๊ฐ„ ๋‹ค๋ฅด๊ธดํ•ฉ๋‹ˆ๋‹ค.)

[Learn ML #1] ์ด์ œ๋ถ€ํ„ฐ ๋จธ์‹ ๋Ÿฌ๋‹(Machine Learning)๋„ ๊ณต๋ถ€ํ•ฉ๋‹ˆ๋‹ค ๐Ÿ˜

1 min read

์ตœ๊ทผ์— ๋จธ์‹ ๋Ÿฌ๋‹ ๊ณต๋ถ€๋ฅผ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ๋ญ ๊นŠ๊ฒŒ ๊ณต๋ถ€ํ•˜๊ธฐ์—๋Š” ์ œ ์ฃผ๋ ฅ์ธ ๋ณด์•ˆ๊ณผ ๋„๋ฉ”์ธ๋„ ์›Œ๋‚™ ๋‹ค๋ฅด๊ณ , ๊ฐœ๋ฐœ์ ์ธ ํ…Œํฌ๋‹‰ ์ด์™ธ์—๋„ ์ˆ˜ํ•™/ํ†ต๊ณ„ํ•™์ ์ธ ๋ถ€๋ถ„์ด ๋งŽ์ด ํ•„์š”ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์ž˜ ํ•  ์ˆ˜ ์žˆ์„๊ฑฐ๋ž€ ํ™•์‹ ์€ ๋“ค์ง€ ์•Š๋„ค์š”.

[Phoenix #4] Fixed bug in session entropy page

~1 min read

Problem

Session entropy ๊ณ„์‚ฐ ์‹œ ํŠน์ˆ˜๋ฌธ์ž๊ฐ€ ๋ฐ˜์˜๋˜์ง€ ์•Š๋Š” ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ƒฅ ์ž๋™์œผ๋กœ ๊ณ„์‚ฐํ•˜๊ธฐ ๊ท€์ฐฎ์•„์„œ Session type ๋“œ๋กญ๋ฐ•์Šค์— Ascii๋กœ ์„ ํƒ ์‹œ ๋ฐ˜์˜๋˜๋„๋ก ์ถ”๊ฐ€ํ–ˆ์—ˆ๋Š”๋ฐ, ํฌ๊ฒŒ ํšจ์šฉ์„ฑ์ด ์—†๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”..

[Phoenix #3] Update session entropy page

~1 min read

Change note

  • ์†Œ์ˆซ์  3์ž๋ฆฌ ๊นŒ์ง€ ์ž˜๋ ค์„œ Entropy ํ‘œํ˜„ํ•˜๋„๋ก ์ˆ˜์ •
  • ์ผ๋ถ€ ๋ฌธ๊ตฌ ์ˆ˜์ • ๋ฐ table ๋“ฑ ๊ฐ„๊ฒฉ ์ˆ˜์ •
  • Case , Length ๋“ฑ์„ ์‰ฝ๊ฒŒ ์ˆ˜์ •ํ•  ์ˆ˜ ์žˆ๋„๋ก ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ ๋ณ€๊ฒฝ(๋‹จ์ผ Element์—๋งŒ ์ ์šฉ๋˜๋„๋ก)

Bump a go package version

1 min read

My Problem

๊ฐ„ํ˜น go get ์œผ๋กœ ์ œ๊ฐ€ ๋งŒ๋“  ๋„๊ตฌ๋ฅผ ์„ค์น˜ ์‹œ ๊ตฌ๋ฒ„์ „(ํ˜„์žฌ๋Š” 2๋ฒ„์ „๋Œ€์ธ๋ฐ, 1๋ฒ„์ „๋Œ€๊ฐ€..)์ด ์„ค์น˜๋˜๋Š” ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋˜ํ•œ pkg.go.dev์—๋„ ๊ตฌ๋ฒ„์ „์ด ๋งˆ์ง€๋ง‰ ๋ฆด๋ฆฌ์ฆˆ๋กœ ์žˆ๊ณ  ๋ณ€ํ™”๊ฐ€ ์—†๋˜ ์ƒํƒœ์˜€์ฃ .

Go flag์—์„œ custom usage ๋งŒ๋“ค๊ธฐ

2 min read

golang์—์„œ cli ๋„๊ตฌ๋ฅผ ๋งŒ๋“ค ๋•Œ ๊ฐ€์žฅ ๋จผ์ € ์ ‘ํ•˜๋Š” ๋„๊ตฌ๋Š” flag์ž…๋‹ˆ๋‹ค. ์ € ๋˜ํ•œ flag๋กœ ์‹œ์ž‘ํ•˜์—ฌ cobra, unfave ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์จ๋ณด๋‹ค๊ฐ€ ๊ฒฐ๊ตญ์€ ์ž˜ ์‚ฌ์šฉํ•˜๋˜ cobra๋ฅผ ๋ฒ„๋ฆฌ๊ณ  flag๋กœ ๋‹ค์‹œ ๋Œ์•„์™”์Šต๋‹ˆ๋‹ค. go์˜ ๋‚ด์žฅํ˜• option parser๋กœ ์‹ฌํ”Œํ•˜์ง€๋งŒ, ํŽธ์˜์„ฑ์„ ์œ„ํ•œ ๋ถ€๋ถ„๋“ค์€ ๋งŽ์ด ์ ์–ด์„œ ๋•Œ๋•Œ๋กœ, ์ง์ ‘ ์˜ค๋ฒ„๋ผ์ด๋“œ์™€ ๊ฐ™์ด ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์˜ ์›๋ณธ ํ•จ์ˆ˜๋ฅผ ์ˆ˜์ •ํ•˜์—ฌ ์‚ฌ์šฉํ•ด์•ผํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค.

Rails generate ์‹œ ๋ฉˆ์ถ”๋Š” ๊ฒฝ์šฐ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•

~1 min read

์ œ๊ฐ€ 2019๋…„๋ถ€ํ„ฐ go๋ฅผ ๋ฉ”์ธ์–ธ์–ด๋กœ ํ™•์ •ํ•˜๋ฉด์„œ ruby๋กœ ๊ฐœ๋ฐœํ•  ์ผ์ด ๋งค์šฐ ์ค„์–ด๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜๋„ ๊ฐ€๋”์”ฉ ๋น ๋ฅด๊ฒŒ ์ž‘์—…์ด ํ•„์š”ํ•œ ๊ฒฝ์šฐ ruby๋ฅผ ์˜๋„ํ•˜์ง€ ์•Š๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”๋ฐ, ๊ฐ„ํ˜น rails g, rails generate ์‹œ ๋ฉˆ์ถ”๋Š” ์ƒํ™ฉ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿผ ์›์ธ๊ณผ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค :D

MacOS Atom์—์„œ ์ด๋ชจ์ง€ ์‚ฌ์šฉ ๋ถˆ๊ฐ€ ๋ฒ„๊ทธ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

Atom์„ ์‚ฌ์šฉํ•˜๋˜ ์ค‘ ์€๊ทผํžˆ ๋ถˆํŽธํ•œ ๋ถ€๋ถ„์ด ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ์ด๋ชจ์ง€๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์—†๋Š” ์ด์Šˆ์ธ๋ฐ์š”. ๊ณ ์ณ์„œ ์จ์•ผ์ง€ ํ•˜๋‹ค๊ฐ€ ์ด์ œ์„œ์•ผ ์†”๋ฃจ์…˜์„ ์ฐพ์•„๋ณด๊ณ  ์ ์šฉํ•ด์„œ ์‚ฌ์šฉํ•˜๋‹ˆ ํŒจ์น˜ ์ „๊นŒ์ง„ ์ž„์‹œ๋ฐฉํŽธ์œผ๋กœ ์“ธ๋งŒํ•œ ๊ฒƒ ๊ฐ™์•„ ๊ธ€๋กœ ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค.

Git pull/merge ์ถฉ๋Œ ์‹œ ๊ธฐ๋ณธ ์—๋””ํ„ฐ ๋ณ€๊ฒฝ, ์—๋””ํ„ฐ ๋„์šฐ์ง€ ์•Š๊ธฐ

~1 min read

git์€ ๋•Œ๋•Œ๋กœ git pull ๋“ฑ remote์˜ ์†Œ์Šค๋ฅผ ๊ฐ€์ ธ์˜ค๋Š” ์ค‘ ์ถฉ๋Œ์ด ์žˆ๋Š” ๊ฒฝ์šฐ ์—๋””ํ„ฐ๊ฐ€ ์—ด๋ฆฌ๋ฉฐ ์ •๋ณด๋ฅผ ๋ณ€๊ฒฝํ•  ์ˆ˜ ์žˆ๋„๋ก ๋ฉ๋‹ˆ๋‹ค. ์ €์˜ ๊ฒฝ์šฐ nvim์„ ๊ธฐ๋ณธ ์—๋””ํ„ฐ๋กœ ์‚ฌ์šฉํ•˜๋Š”๋ฐ, ์ฝ”๋“œ ๋จธ์ง€ ๋‹จ๊ณ„์—์„œ ์—ด๋ฆฌ๋Š” ๊ธฐ๋ณธ ์—๋””ํ„ฐ๊ฐ€ nano๋ผ ์ƒ๋‹นํžˆ ๋ถˆํŽธํ–ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  CI์—์„œ ์ด๋Ÿฌํ•œ ํŒ์—…์€ ์ž๋™ํ™”๋œ push ๊นŒ์ง€ ์ด์–ด์ง€๋Š”๋ฐ ๋ถˆํŽธํ•จ์ด ๋ฐœ์ƒํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๊ธฐ๋ณธ ์—๋””ํ„ฐ๋ฅผ ๋ณ€๊ฒฝํ•˜๋Š” ๋ฐฉ๋ฒ•๊ณผ Auto-Edit์„ ๋ฌด์‹œํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ๊ฐ„๋‹จํ•˜๊ฒŒ ์ •๋ฆฌํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[Phoenix #2] Added change note

~1 min read

Cullinan๊ณผ ๋™์ผํ•˜๊ฒŒ Phoenix์—๋„ change note๋ฅผ ์ถ”๊ฐ€ํ–ˆ์Šต๋‹ˆ๋‹ค. ์ด์ œ๋ถ€ํ„ด phoenix ํŽ˜์ด์ง€์—์„œ ๋ณ€๊ฒฝ ์ด๋ ฅ์— ๋Œ€ํ•œ ์ •๋ณด๋ฅผ ํ™•์ธํ•˜์‹ค ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ตฌํ˜„ ๋ฐฉ์‹ ๋˜ํ•œ ๋™์ผํ•˜๋‹ˆ ์•„๋ž˜ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ•ด์ฃผ์„ธ์š”.

[Phoenix #1] Phoenix์— gist ๊ธฐ๋ฐ˜ snippets๊ฐ€ ์ถ”๊ฐ€

1 min read

์ด์ „๋ถ€ํ„ฐ ๋””์ž์ธ/๊ธฐ๋Šฅ ๋“ฑ ๋ธ”๋กœ๊ทธ ๋ณ€๊ฒฝ์‚ฌํ•ญ์— ๋Œ€ํ•œ ๊ธ€๋„ ์ž‘์„ฑํ•˜๋ ค๊ณ  ํ–ˆ์—ˆ๋Š”๋ฐ, ์˜ฌํ•ด๋˜์„œ์•ผ ์žฌ๋Œ€๋กœ ์‹œ์ž‘๋˜๋„ค์š”. ์‚ฌ์‹ค ๋ญ ์ค‘์š”ํ•œ ์ •๋ณด๊ฑฐ๋ฆฌ๋Š” ์•„๋‹ˆ๊ณ , ๊ทธ๋ƒฅ ๊ฐœ์ธ์ ์œผ๋กœ ๋ณ€๊ฒฝ์‚ฌํ•ญ์— ๋Œ€ํ•œ ๊ธฐ๋ก์ด ์žˆ์œผ๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์•„์„œ ํƒœ๊ทธ ํ•˜๋‚˜ ์ถ”๊ฐ€ํ•˜๊ณ  ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค. ์•„๋งˆ ๊ฐ„๋‹จํ•œ ๋‚ด์šฉ๋“ค๋งŒ ๋“ค์–ด๊ฐˆ ๊ฒƒ ๊ฐ™์•„์š”.

How to applying IntelliJ theme in ZAP

1 min read

์–ด์ œ BurpSuite์˜ Customizer์— ๋Œ€ํ•œ ๊ธ€์„ ์ผ์—ˆ์Šต๋‹ˆ๋‹ค. BurpSuite์—์„œ FlatLaf์˜ IntelliJ Theme๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•ด์ฃผ๋Š” ํ™•์žฅ ๊ธฐ๋Šฅ์ด์˜€๊ณ , ๊ธ€ ๋ง๋ฏธ์™€ ๋Œ“๊ธ€์—๋„ ์ž‘์„ฑํ–ˆ๋“ฏ์ด ZAP ๋˜ํ•œ 2.10 ๋ฒ„์ „๋ถ€ํ„ฐ FlatLaf๋ฅผ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๊ตฌํ˜„์ด ๊ฐ€๋Šฅํ• ๊ฑฐ๋ž€ ์ƒ๊ฐ์ด ๋“ค์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค.

๋‚ด๊ฐ€ ์˜คํ”ˆ ์†Œ์Šค ํ”„๋กœ์ ํŠธ๋ฅผ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๋Š” Github actions๊ณผ App

1 min read

์˜ค๋Š˜์€ ์ œ๊ฐ€ ์˜คํ”ˆ์†Œ์Šค ํ”„๋กœ์ ํŠธ์—์„œ ์ฃผ๋กœ ์‚ฌ์šฉํ•˜๋Š” git-action ๊ณผ app์— ๋Œ€ํ•ด ๊ฐ€๋ณ๊ฒŒ ์†Œ๊ฐœํ•ด๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋ฅธ ํ”„๋กœ์ ํŠธ๋“ค๊ณผ ๋น„๊ตํ•ด๋ณด๋ฉด ์ „ ๊ทธ๋ƒฅ ๋งŽ์ง€๋„, ์ ์ง€๋„ ์•Š์€ ์–‘์„ ์‚ฌ์šฉํ•˜๋Š” ๊ฒƒ ๊ฐ™๋„ค์š” ๐Ÿ˜

Make cloud base ZAP Scanning Environment Using github-action

1 min read

Hi hackers and bugbounty hunters :D Today, I talk about building a github-action-based ZAP scanning environment. As you know, there is no time limit for public repo, so you can configure a cloud-based vulnerability scanner for free ๐Ÿ˜‰

Github 2FA ์ธ์ฆ ์ดํ›„ Authentication Error ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

Gitub๋Š” ํŽธ์˜์„ฑ ๋•Œ๋ฌธ์— 2FA(Two-Factor) ์ธ์ฆ์„ ์‚ฌ์šฉํ•˜์ง€ ์•Š์•˜์—ˆ๋Š”๋ฐ, Marketplace ์—…๋ฐ์ดํŠธ๋ฅผ ์œ„ํ•ด ์•ฝ๊ฐ„์˜ ๋ถˆํŽธํ•จ์„ ๊ฐ์ˆ˜ํ•˜๊ณ  2FA๋ฅผ ์„ค์ •ํ–ˆ์Šต๋‹ˆ๋‹ค. (์–ด์ฐจํ”ผ ๋‹ค๋ฅธ ์„œ๋น„์Šค์—์„œ ์ด๋ฏธ ๋งŽ์ด ์“ฐ๊ณ ์žˆ๋˜ ์ƒํƒœ๋ผ.. ๋ญ ์‚ฌ์‹ค ํฌ๊ฒŒ ๋ถˆํŽธํ• ๊ฒŒ ์—†์„ ์ค„ ์•Œ์•˜์ฃ )

Jekyll Build Speed Up!

3 min read

์ข…์ข… ์ œ Github page๋Š” ๋นŒ๋“œ๊ฐ€ ์‹คํŒจํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ๋Œ€๋žต์ ์ธ ์ด์œ ๋Š” ์•Œ๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. Github page๋Š” ์•ฝ ์ตœ๋Œ€ 13๋ถ„ ์ „ํ›„ ์ •๋„์˜ build time์„ ๊ฐ€์งˆ ์ˆ˜ ์žˆ๋Š”๋ฐ, ์ด๋ฅผ ๋„˜์–ด๊ฐ€๊ฒŒ ๋˜๋ฉด pending ๋˜๊ฑฐ๋‚˜ ์‹คํŒจํ•ฉ๋‹ˆ๋‹ค. ์ œ Jekyll์˜ ๋นŒ๋“œ ์‹œ๊ฐ„์ด 15๋ถ„ ์ •๋„ ๊ฑธ๋ฆฌ๋˜ ์ƒํƒœ๋กœ ๋‹น์—ฐํžˆ ์‹คํŒจํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋ฐœ์ƒํ–ˆ์—ˆ์ฃ .

Jekyll feed.xml ์ตœ์†Œํ™”ํ•˜๊ธฐ

2 min read

RSS๋Š” ๋งค์šฐ ์˜ค๋ž˜๋œ ๊ธฐ์ˆ ์ด์ง€๋งŒ, ์•„์ง๊นŒ์ง€๋„ ๋งŽ์€ ์›น ์„œ๋น„์Šค์—์„œ ์ง€์›ํ•˜๊ณ  ์‚ฌ์šฉ๋˜๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜ ์‚ฌ์šฉ์ž๊ฐ€ ๋ฆฌ๋”๋ฅผ ํ†ตํ•ด ์‰ฝ๊ฒŒ ๊ธ€ ๋ชฉ๋ก์„ ๋ฐ›์•„์„œ ์ฝ์„ ์ˆ˜ ์žˆ๊ณ , SEO ๊ด€์ ์—์„œ๋„ ์ƒ๋‹นํžˆ ์ค‘์š”ํ•œ ๋ถ€๋ถ„์ž…๋‹ˆ๋‹ค.

workflow_dispatch๋ฅผ ์ด์šฉํ•œ github action ์ˆ˜๋™ ํŠธ๋ฆฌ๊ฑฐ

1 min read

์ด๋ฒˆ ์ฃผ๋ง์— ์ง‘ ์„œ๋ฒ„์— ์žˆ๋˜ ์ž๋™ํ™” ๋กœ์ง ์ค‘ ์ผ๋ถ€๋ฅผ github action์œผ๋กœ ์ด๋™ํ•˜๋Š” ์ž‘์—…์„ ์ง„ํ–‰ํ–ˆ์Šต๋‹ˆ๋‹ค. ์–ด์ฐจํ”ผ git pro๋ฅผ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์–ด์„œ, ์›” 3000๋ถ„์˜ private repo์—์„œ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” github action์˜ ์‹œ๊ฐ„์ด ์žˆ๊ธฐ๋„ํ•˜๊ณ , ์•„๋ฌด๋ž˜๋„ ํด๋ผ์šฐ๋“œ ํ™˜๊ฒฝ์ด๋‹ค๋ณด๋‹ˆ, ํ”ผ์”จ๊บผ์ง ๋“ฑ์œผ๋กœ ์ธํ•ด cron์ด ๋™์ž‘ํ•˜์ง€ ์•Š์„ ๊ฐ€๋Šฅ์„ฑ์„ ์ค„์ด๊ธฐ ์œ„ํ•ด์„œ ์ด๋™์„ ๊ฒฐ์‹ฌํ–ˆ์ฃ .

Jekyll์— Utterances, Giscus ๋Œ“๊ธ€ ์ ์šฉํ•˜๊ธฐ

2 min read

์ตœ๊ทผ์— ๋ธ”๋กœ๊ทธ๋ฅผ blogger์—์„œ github page๋กœ ์˜ฎ๊ธฐ๋ฉด์„œ ๋Œ“๊ธ€์„ ์ž‘์„ฑํ•  ์ˆ˜ ์žˆ๋Š” ํ™˜๊ฒฝ์ด ์‚ฌ๋ผ์กŒ์Šต๋‹ˆ๋‹ค. Jekyll์—์„œ ๋งŽ์ด๋“ค ์‚ฌ์šฉํ•˜์‹œ๋Š” Disqus์˜ ๊ฒฝ์šฐ ๊ฐœ์ธ์ ์œผ๋กœ ๊ด‘๊ณ  ์ด์Šˆ๋•Œ๋ฌธ์— ์ข‹์•„ํ•˜์ง€ ์•Š๊ธฐ ๋•Œ๋ฌธ์— ๋Œ“๊ธ€ ์„œ๋น„์Šค๋ฅผ ๋‹ค์‹œ ์ฐพ์•„๋ดค๊ณ , github issue ๊ธฐ๋ฐ˜์˜ ๋Œ“๊ธ€ ์„œ๋น„์Šค์ธ Utterances๋ฅผ ์•Œ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

How to add custom header in ZAP and zap-cli

3 min read

The zap-cli is a tool that helps make ZAP easy to use on the command line. From simple scanning to CI/CD Pipeline, itโ€™s a tool thatโ€™s used everywhere. Unlike other scanners, it does not support custom headers.

Write Metasploit Module in Golang

2 min read

Metaploit์—์„œ 2018๋…„ 12์›”๋ถ€ํ„ฐ golang module ์ง€์›์ด ์‹œ์ž‘๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ €๋„ ์ž˜ ๋ชจ๋ฅด๊ณ  ์žˆ๋‹ค๊ฐ€ ์ตœ๊ทผ์—์„œ์•ผ ์•Œ๊ฒŒ ๋˜์—ˆ๋„ค์š”.

theme-color๋ฅผ ์ด์šฉํ•˜์—ฌ ๋ชจ๋ฐ”์ผ ํฌ๋กฌ ๋ธŒ๋ผ์šฐ์ €์—์„œ toolbar ์˜์—ญ ์ƒ‰์ƒ ๋ฐ”๊พธ๊ธฐ

~1 min read

๋ชจ๋ฐ”์ผ ๊ธฐ๊ธฐ๋กœ ๊ฒ€์ƒ‰ํ•˜๋‹ค ๋ณด๋ฉด ๊ฐ€๋” ์ƒ๋‹จ์˜ ํˆด๋ฐ” ์˜์—ญ(์ฃผ์†Œํ‘œ์‹œ์ค„์ด ํฌํ•จ๋œ..)์˜ ์ƒ‰์ƒ์ด ๋‹ค๋ฅธ ์‚ฌ์ดํŠธ๋“ค์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์‚ฌ์ดํŠธ๋ณ„๋กœ ๋‹ค ๋‹ค๋ฅธ ์ƒ‰์ƒ์„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์–ด์„œ ๋ถ„๋ช… HTML/CSS/JS ์ค‘ ํ•˜๋‚˜ ์ผ๊บผ๋ผ ์ƒ๊ฐํ–ˆ์—ˆ๋Š”๋ฐ, @yozora770 ์˜ ๋„์›€์œผ๋กœ ์•Œ๊ฒŒ๋˜์–ด ๊ฐ€๋ณ๊ฒŒ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Cookie and SameSite

5 min read

์˜ฌ 2์›”๋ถ€ํ„ฐ Chrome ๋ธŒ๋ผ์šฐ์ €์—์„œ SameSite=Lax๊ฐ€ ๊ธฐ๋ณธ๊ฐ’์œผ๋กœ ๋ณ€๊ฒฝ๋ฉ๋‹ˆ๋‹ค.

Update golang 1.10 to 1.13 with update-golang(subfinder install error fix)

~1 min read

SubFinder ์„ค์น˜ ์ค‘ undefined: os.UserHomeDir , undefined: strings.ReplaceAll ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•ด์„œ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ• ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. ์•„๋งˆ.. ํ˜„์žฌ ์ผ๋ถ€ ํ”ผ์”จ์—์„œ ์„ค์น˜ ์‹œ ์œ„์™€ ๊ฐ™์€ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ• ํ…๋ฐ์š”, ์›์ธ์€ golang ์˜ ๋ฒ„์ „ ๋ฌธ์ œ์ž…๋‹ˆ๋‹ค.

Check logic vulnerability point using GET/HEAD in Ruby on Rails

3 min read

์ตœ๊ทผ์— Github OAuth flow bypass ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ด ์ทจ์•ฝ์ ์€ Rails ์•ฑ์˜ ํŠน์„ฑ์„ ์ด์šฉํ•œ ์ทจ์•ฝ์ ์ด๊ณ , Github๋งŒ์˜ ๋ฌธ์ œ๊ฐ€ ์•„๋‹ˆ๊ณ  ํŒจ์น˜๋กœ ๋ชจ๋“  Rails ์•ฑ์„ ๋ณดํ˜ธํ•  ์ˆ˜๋„ ์—†์Šต๋‹ˆ๋‹ค. Today, I going to review one vulnerability that needs to be checked in the Rails App environment through the Github OAuth flow bypass vulnerability. (B recently shared something interesting to me.)

[๋ฃจ๋น„์—์„œ Go๋กœ ๋„˜์–ด๊ฐ€๊ธฐ] Revel์„ ์ด์šฉํ•ด MVC ์›น ๊ตฌ์„ฑํ•˜๊ธฐ

3 min read

Ruby์—์„œ golang์œผ๋กœ ์ฃผ๋ ฅ ์–ธ์–ด๋ฅผ ๋ฐ”๊ฟ”๊ฐ€๋Š” ์ค‘์ž…๋‹ˆ๋‹ค. ์ด ๊ณผ์ •์—์„œ ๊ฐ€์žฅ ๋ฌธ์ œ๊ฐ€ ๋˜๋Š” ๋ถ€๋ถ„์ด ์›น์•ฑ์ด์˜€์Šต๋‹ˆ๋‹ค. ์ด๋ฏธ Rails์— ์ต์ˆ™ํ•ด์ง„ํ„ฐ๋ผ ๋Œ€์•ˆ์ด ๋ ๋งŒํ•œ ์—ฌ๋Ÿฌ ํ”„๋ ˆ์ž„์›Œํฌ๋ฅผ ์ฐพ์•„๋ดค๊ณ , 2๊ฐ€์ง€ ์ƒ๊ฐ์ด ๋‚˜์™”์Šต๋‹ˆ๋‹ค.

Mac ์—…๊ทธ๋ ˆ์ด๋“œ ํ›„ xcrun: error: invalid active developer path ์—๋Ÿฌ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

MacOS ์—…๊ทธ๋ ˆ์ด๋“œ ์‹œ ์–ด๊น€์—†์ด ๋ฐœ์ƒํ•˜๋Š” ๋ฌธ์ œ๊ฐ€ ํ•˜๋‚˜ ์žˆ์Šต๋‹ˆ๋‹ค ๐Ÿ˜ซ ๋ฐ”๋กœ ๊ฐœ๋ฐœ ๊ด€๋ จ ๋„๊ตฌ ์‚ฌ์šฉ ์‹œ ๋Œ€๋‹ค์ˆ˜๊ฐ€ ๋ฐœ์ƒํ•˜๋Š” missing xcrun ์—๋Ÿฌ์ธ๋ฐ์š”.

Golang ์œผ๋กœ ๋งŒ๋“  ์›น ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ

1 min read

์š”์ฆ˜ ๊ณต๋ถ€๋„ํ• ๊ฒธ golang ์œผ๋กœ ๋„์ ๋„์  ๋งŒ๋“ค์–ด๋ณด๊ณ  ์žˆ๋Š”๊ฒŒ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ์ผ๋ถ€๋Š” ์›น ํ™˜๊ฒฝ์œผ๋กœ ๊ตฌ์„ฑํ•˜๊ณ  heroku์— ๋„์šธ ์ƒ๊ฐ์ธ๋ฐ, ๋ฃจ๋น„์ฒ˜๋Ÿผ ์‚ฌ์ „์— ์„ธํŒ…์ด ํ•„์š”ํ•œ ๋ถ€๋ถ„๋“ค์ด ์žˆ์–ด์„œ ๋‚ด์šฉ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

Rails์—์„œ HTTP Basic Auth ์ ์šฉํ•˜๊ธฐ

~1 min read

HTTP Basic Auth๋Š” HTTP์—์„œ ๊ธฐ๋ณธ์ ์œผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ์ธ์ฆ ๋ฐฉ์‹์ž…๋‹ˆ๋‹ค. ID/PW๋ฅผ Base64๋กœ ์ธ์ฝ”๋”ฉํ•ด์„œ Auth ํ—ค๋”์— ๋„ฃ์–ด ์„œ๋ฒ„๊ฐ€ ์‹ ๋ขฐ๋œ ์‚ฌ์šฉ์ž์ธ์ง€ ๊ฒ€์ฆํ•˜๋Š” ๋ฐฉ์‹์œผ๋กœ ๋™์ž‘ํ•ฉ๋‹ˆ๋‹ค.

HTTP Request(ZAP, Burp) Parsing on Ruby code

1 min read

XSpear ๊ด€๋ จํ•ด์„œ ์ด๋Ÿฐ ๊ฑด์˜์‚ฌํ•ญ์ด ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. Burp, ZAP ๋“ฑ์—์„œ ์‚ฌ์šฉํ•˜๋Š” ํŒจํ‚ท ๋ฐ์ดํ„ฐ๋ฅผ ํŒŒ์ผ๋กœ ์ €์žฅํ•œ ํ›„ ์˜ต์…˜์„ ์ฃผ์–ด ์ฝ์œผ๋ฉด ์ž๋™์œผ๋กœ URL, Header ๋“ฑ์„ ํŒŒ์‹ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๋Š” ํ˜•ํƒœ๋ฅผ ๋ง์”€ํ•˜์‹  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.(๋งˆ์น˜ sqlmap์˜ ๊ทธ๊ฒƒ ์ฒ˜๋Ÿผ)

Ruby on Rails Double-Tap ์ทจ์•ฝ์ (CVE-2019-5418, CVE-2019-5420)

4 min read

๊ฐ„๋งŒ์— ์ทจ์•ฝ์  ๋ฆฌ๋ทฐํ•ด๋ด…๋‹ˆ๋‹ค. ์˜ฌ ๋ด„์— ์ •๋ฆฌํ•œ๋ฒˆํ•˜๊ณ  ์ตœ๊ทผ์— ์ถ”๊ฐ€๋กœ ์ •๋ฆฌํ–ˆ๋˜๊ฑฐ๋ผ ๋จธ๋ฆฌ์†์—์„œ ๋‚ ์•„๊ฐ€๊ธฐ ์ „์— ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๋‚จ๊ฒจ๋ณด์•„์š”. ์šฐ์„  ์˜ฌ ํ•ด 3์›” ์ •๋„์— ๋ ˆ์ผ์ฆˆ ๊ด€๋ จ ์ทจ์•ฝ์ ์ด 3๊ฐœ์ •๋„ ์˜ฌ๋ผ์™”์—ˆ์Šต๋‹ˆ๋‹ค. CVE-2019-5418 ~ 5420 ์ด์Šˆ์ธ๋ฐ, ๊ฒฐ๊ณผ์ ์œผ๋ก  Rails์—์„œ ์‹œ์Šคํ…œ ํŒŒ์ผ์„ ์ฝ๊ณ , ๋ช…๋ น ์‹คํ–‰๊นŒ์ง€ ๊ฐ€๋Šฅํ•œ 3๊ฐ€์ง€์˜€์Šต๋‹ˆ๋‹ค.

Finding in-page scripts & map files with javascript (very simple..)

~1 min read

๋ณ„ ์ฝ”๋“œ๋Š” ์•„๋‹ˆ์ง€๋งŒ ๋งŒ๋“ค์–ด ๋†“๊ณ  ์“ฐ๋ฉด ํŽธํ•˜๋‹ˆ.. ํŽ˜์ด์ง€์— ์žˆ๋Š” ์™ธ๋ถ€ ์Šคํฌ๋ฆฝํŠธ ๋งํฌ์™€ map ํŒŒ์ผ ๋งํฌ ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. (map์€ ๊ทธ๋ƒฅ ๋ฌด์กฐ๊ฑด ๋‚˜ํƒ€๋‚˜๊ฒŒ..)

Rails์—์„œ routing parameters์™€ ๋™์ผํ•œ ์ด๋ฆ„์˜ ํŒŒ๋ผ๋ฏธํ„ฐ ์ฒ˜๋ฆฌํ•˜๊ธฐ

1 min read

Rails์—์„œ ํŒŒ๋ผ๋ฏธํ„ฐ ๊ฐ’์€ params๋ฅผ ํ†ตํ•ด ๋ฐ›์•„์˜ต๋‹ˆ๋‹ค. ์ด ๊ณผ์ • ์ค‘ ๋ ˆ์ผ์ฆˆ์—์„œ ๊ธฐ๋ณธ์œผ๋กœ ์„ค์ •ํ•œ ๊ฐ’์ด ์žˆ์–ด ์ฝ์–ด์˜ค์ง€ ๋ชปํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ์ด๋Ÿฐ ์ผ€์ด์Šค์ž…๋‹ˆ๋‹ค.

How to resolve duplicate mail transmission in Rails ActionMailer(์ค‘๋ณต ๋ฉ”์ผ ์ „์†ก ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•)

~1 min read

Rails์—์„œ ActionMailer๋ฅผ ์ด์šฉํ•˜๋ฉด ์‰ฝ๊ฒŒ ๋ฉ”์ผ ์†ก/์ˆ˜์‹  ๋กœ์ง์„ ์ฒ˜๋ฆฌํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ActionMailer๋กœ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ตฌ์„ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋Š”๋ฐ, ํŠน์ • ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์—์„œ ๋ฉ”์ผ์ด ์ค‘๋ณต์œผ๋กœ ๋ฐœ์†ก๋˜๋Š” ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ์š”, ์ฐพ์•„๋ณด๋‹ˆ ์ •ํ™•ํ•œ ์ด์œ ๋Š” ๋ชจ๋ฅด๊ฒ ์ง€๋งŒ ์ž์ฒด์ ์ธ ๋ฒ„๊ทธ๋กœ ๋ณด์ž…๋‹ˆ๋‹ค. (์ค‘๋ณต ์ฝœ์ด ์ผ์–ด๋‚˜๋Š” ๊ฒƒ ๊ฐ™์€๋ฐโ€ฆ)

Send Gmail using Rails ActionMailer Class (ActionMailer๋ฅผ ์ด์šฉํ•˜์—ฌ Gmail ์ „์†กํ•˜๊ธฐ)

2 min read

Rails๋Š” ๊ธฐ๋ณธ์ ์œผ๋กœ Mail ์†ก/์ˆ˜์‹ ์ด ๊ฐ€๋Šฅํ•œ ๊ฐ์ฒด๋ฅผ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต ์›น์—์„œ ๋งŽ์ด ์‚ฌ์šฉํ•˜๋Š” ๊ธฐ๋Šฅ์ด๊ธฐ ๋•Œ๋ฌธ์— ๋ฏธ๋ฆฌ ๊ตฌํ˜„๋˜์–ด ์žˆ๋Š” ์ƒํƒœ์ธ๋ฐ์š”, ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ ์˜์กด์„ฑ์ด๋‚˜ ๋ณต์žกํ•œ ์„ค์ • ์—†์ด ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ๋กœ ๋ฉ”์ผ ์ฒ˜๋ฆฌ๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Rails App ์‹œ์ž‘ ์‹œ ํŠน์ • ์ฝ”๋“œ ์‹คํ–‰ํ•˜๊ธฐ(How to startup code on Ruby on Rails with initialize)

1 min read

Rails ์•ฑ ๊ตฌ๋™ ์‹œ ํŠน์ • ์ž‘์—…์ด๋‚˜ ๋กœ์ง์„ ์ˆ˜ํ–‰ํ•˜๊ณ  ์‹ถ์„ ๋•Œ ์–ด๋–ป๊ฒŒ ํ• ๊นŒ? ๊ณ ๋ฏผ์„ ์˜ˆ์ „์— ํ–ˆ์—ˆ๋Š”๋ฐ, ๊ทธ๋•Œ initialize๋กœ ํ•ด๊ฒฐํ–ˆ๋˜ ๊ธฐ์–ต์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋งŒ์— ๋™์ผํ•œ ๊ณ ๋ฏผ์„ ์ž ๊นํ•˜๊ฒŒ ๋ฌ์—ˆ๋Š”๋ฐ, ๊ฒธ์‚ฌ๊ฒธ์‚ฌ ๊ธ€๋กœ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

Rails crono๋ฅผ ์ด์šฉํ•˜์—ฌ ์Šค์ผ€์ค„๋งํ•˜๊ธฐ(Scheduling with crono on Rails)

2 min read

๋ณดํ†ต ์œ ๋‹‰์Šค ๊ธฐ๋ฐ˜ PC์—์„  ์Šค์ผ€์ค„๋ง์„ ์œ„ํ•ด crontab ๋˜๋Š” at๋ฅผ ์‚ฌ์šฉํ•˜๊ณ , ์œˆ๋„์šฐ์—์„  ์„œ๋น„์Šค์— ๋“ฑ๋กํ•˜๋Š”์‹์œผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ์œ„ํ•ด์„  ์‹œ์Šคํ…œ์—์„œ crontab ๊ฐ™์€ ๋„๊ตฌ ์‚ฌ์šฉ์ด ๊ฐ€๋Šฅํ•ด์•ผํ•˜๋ฉฐ, PaaS ์ด์ƒ์˜ ์ถ”์ƒํ™”๊ฐ€ ์ด๋ฃจ์–ด์ง„ ํ”Œ๋žซํผ์—์„  ์‚ฌ์šฉํ•˜๊ธฐ ์–ด๋ ค์šด ๊ฒฝ์šฐ๊ฐ€ ๋Œ€๋‹ค์ˆ˜์ž…๋‹ˆ๋‹ค.

Rails์—์„œ kaminari๋ฅผ ์ด์šฉํ•˜์—ฌ Pagination ๊ตฌํ˜„ํ•˜๊ธฐ(How to make pagination on rails(with kaminari)

1 min read

Rails์—์„œ ํŽ˜์ด์ง€(Pagination)๋ฅผ ์‰ฝ๊ฒŒ ๊ตฌํ˜„ํ•  ์ˆ˜ ์žˆ๋Š” ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋Š” kaminari, will_paginate ๋“ฑ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ์ค‘์—์„œ ์˜ค๋Š˜์€ kaminari๋ฅผ ๊ฐ€์ง€๊ณ  ํŽ˜์ด์ง€๋ฅผ ๋งŒ๋“œ๋Š” ๋‚ด์šฉ์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

๋ฃจ๋น„์—์„œ string-similarity๋กœ ๋ฌธ์ž์—ด ํผ์„ผํŠธ๋กœ ๋น„๊ตํ•˜๊ธฐ(Comparing string-similarity percent in Ruby)

~1 min read

ํ•œ ๋‘๋‹ฌ? ์ •๋„์ „์— ๋ฃจ๋น„ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ค‘์— ๊ดœ์ฐฎ์€๊ฑฐ ํ•˜๋‚˜ ๋ด๋‘”๊ฒŒ ์žˆ์—ˆ๋Š๋ฐ, ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ์ž‘์„ฑํ•˜๋„ค์š”. ๋ฌธ์ž์—ด ๋น„๊ต ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ธ๋ฐ, ๋งค์นญ๋ฅ ์„ ํผ์„ผํŠธ๋กœ ๋ฝ‘์„ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ํ™œ์šฉ์ฒ˜๊ฐ€ ๋งŽ์„๋“ฏํ•˜์—ฌ ๋ฉ”๋ชจํ•ด๋‘ก๋‹ˆ๋‹ค.

[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ

~1 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

[ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ

2 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

[ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ

1 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

Get cookie value in Javascript function

~1 min read

Javascript ์—์„œ ์ฟ ํ‚ค ๊ฐ’ ๊ฐ€์ ธ์˜ค๋Š” ํ•จ์ˆ˜์ž…๋‹ˆ๋‹ค. ์ž์ฃผ์“ฐ๋Š”๋ฐ, ๋”ฐ๋กœ ์ •๋ฆฌ ์•ˆํ•ด๋‘๋‹ˆ ์‚ฝ์งˆํ•˜๋Š” ๊ฒƒ ๊ฐ™๋„ค์š”.. ๋ฉ”๋ชจ ์ฐจ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์ฝ”๋“œ์Šค๋‹ˆํ•!

Swift codeโ€™s Access Control(์Šค์œ„ํ”„ํŠธ์˜ ์ ‘๊ทผ์ œ์–ด)

1 min read

iOS ๊ฐœ๋ฐœํ•˜๋‹ค๊ฐ€ ์ž๊พธ ๊นŒ๋จน์–ด์„œ ๊ฒ€์ƒ‰ํ•˜๊ธธ๋ž˜ ๋ฉ”๋ชจํ•ด๋‘ก๋‹ˆ๋‹ค. Swift์—์„  ์ฝ”๋“œ์— ๋Œ€ํ•œ ์ ‘๊ทผ ์ œ์–ด๋ฅผ open, public, internal, file-private, private๋กœ ์ง€์ •ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋‹ค๋ฅธ ์–ธ์–ด๋“ค์—์„œ ์‚ฌ์šฉํ•˜๋Š” ๊ฒƒ๊ณผ ๊ฑฐ์˜ ์œ ์‚ฌํ•˜์ง€๋งŒ, ๋ช‡๊ฐœ ๋‹ค๋ฅธ ๋ถ€๋ถ„๋“ค์ด ์žˆ๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค.

Blogger์— ๋ชฉ์ฐจ ์ž๋™์œผ๋กœ ์ถ”๊ฐ€ํ•˜๊ธฐ(Table of Contents on blogger)

1 min read

์ œ ๋ธ”๋กœ๊ทธ ๊ธ€์— ์•„์ง๊นŒ์ง„ ๋ชฉ์ฐจ ๊ฐœ๋…์ด ์—†์—ˆ๋Š”๋ฐ, ์•„๋ฌด๋ž˜๋„ ์žˆ๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„ ์ƒˆ๋ฒฝ์— ๋ถ€๋žด๋ถ€๋žด ๋งŒ๋“ค์–ด๋ดค์Šต๋‹ˆ๋‹ค.

How to Re-Size Image in Blogger

~1 min read

์ด๊ฑฐ ์ด์ „๊ธ€(video resize) ์ž‘์„ฑํ•˜๋ฉด์„œ ๋ธ”๋กœ๊ทธ ๋‚ด ์ด๋ฏธ์ง€๋„ ์ตœ๋Œ€ ํฌ๊ธฐ๋กœ ์กฐ์ •ํ–ˆ๋Š”๋ฐ, ๋ฉ”๋ชจํ• ๊ฒธ ๋‚จ๊ฒจ๋‘ก๋‹ˆ๋‹ค. google blogger์—์„œ ์ฒจ๋ถ€/์‚ฝ์ž…ํ•œ ์ด๋ฏธ์ง€๋Š” ๋ณ„๋กœ์˜ class,id๋ฅผ ์ฃผ์ง€ ์•Š๊ธฐ ๋•Œ๋ฌธ์— .post-body(๋ณธ๋ฌธ)์— ์ง์ ‘ css๋ฅผ ์ง€์ •ํ•ด์ฃผ์–ด์•ผํ•ฉ๋‹ˆ๋‹ค. ์–ด์ฐจํ”ผ .post-body์—์„œ img ํƒœ๊ทธ๊ฐ€ ์“ฐ์ด๋Š”๊ฑด, ์ฒจ๋ถ€ํ•œ ์ด๋ฏธ์ง€๊ฐ€ ์ „๋ถ€์ธ์ง€๋ผ, ์ตœ๋Œ€ ํฌ๊ธฐ ๋ฐ ํ…Œ๋‘๋ฆฌ๋งŒ ์ง€์ •ํ•˜์˜€์Šต๋‹ˆ๋‹ค.

How to Re-Size Video in Blogger Posts

~1 min read

Problem

๊ตฌ๊ธ€ ๋ธ”๋กœ๊ฑฐ์—์„  ๊ธ€ ์ž‘์„ฑ์ค‘์— youtube ์˜์ƒ์„ ์‚ฝ์ž…ํ•˜๋Š” ๊ธฐ๋Šฅ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ด ๊ธฐ๋Šฅ์„ ์‚ฌ์šฉํ•ด์„œ ์˜์ƒ์„ ์‚ฝ์ž…ํ•˜๊ฒŒ ๋˜๋ฉด ์•„๋ž˜์™€ ๊ฐ™์ด ๊ต‰์žฅํžˆ ์ž‘์€ ํ™”๋ฉด์œผ๋กœ ๋‚˜ํƒ€๋‚˜์ง‘๋‹ˆ๋‹ค(์ด๊ฒŒ ๊ธฐ๋ณธ ํฌ๊ธฐ..) ๊ทธ๋ž˜์„œ ๋ณดํ†ต youtube ํŽ˜์ด์ง€์—์„œ ๊ณต์œ (iframe ํƒœ๊ทธ) ํ•˜์—ฌ ์ฝ”๋“œ ์‚ฝ์ž…ํ•˜๊ณ  ์ง์ ‘ ํฌ๊ธฐ ์กฐ์ •์„ ํ–ˆ์—ˆ๋Š”๋ฐ,์•ฝ๊ฐ„์˜ ํŠธ๋ฆญ์œผ๋กœ ์†์ด ์ข€ ๋œ๊ฐ€๊ฒŒ ๋ฆฌ์‚ฌ์ด์ฆˆํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

editor.js - Simple Markdown Javascript Library

~1 min read

ํ•˜๋ฃจํŒจ๋“œ(haroopad) ์•Œ๊ธฐ์ „์— google blogger์— markdown ์–ด๋–ป๊ฒŒ ์ ์šฉํ• ๊นŒ ๊ณ ๋ฏผ์ด ๋งŽ์•˜์—ˆ๋Š”๋ฐ์š”, ๊ทธ๋Ÿฌ๋ฉด์„œ ์ฐพ์•„๋ณธ๊ฒƒ๋“ค ์ค‘ ํ•˜๋‚˜ ๊ฐ„๋žตํ•˜๊ฒŒ ์†Œ๊ฐœํ•ด๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. editor.js๋ž€ ์ž๋ฐ”์Šคํฌ๋ฆฝํŠธ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋กœ ๋ณ„๋‹ค๋ฅธ ์ฝ”๋“œ ์—†์ด ์›น์ƒ์—์„œ ๋งˆํฌ๋‹ค์šด ์—๋””ํ„ฐ๋ฅผ ๊ตฌํ˜„ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

HarooPad - markdown ์—๋””ํ„ฐ(to html view, to plain html)

1 min read

markdown์ด ํŽธํ•œ์ง€๋ผ, ๋ฉ”๋ชจ๋‚˜ ๋ธ”๋กœ๊น… ์ดˆ์•ˆ ์ž‘์„ฑ๋„ ๊ธฐ๋ณธ์ ์œผ๋กœ markdown์œผ๋กœ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ ์ด ๊ณผ์ •์ด ์ „๋ฌธํ™”๋œ ์—๋””ํ„ฐ๋Š” ์•„๋‹ˆ๊ณ  ๊ฐ€๋ฒผ์šด ์ฝ”๋”ฉ์šฉ์œผ๋กœ ์“ฐ๋˜ geany์—์„œ ๊ทธ๋ƒฅ ์ž‘์„ฑ๋งŒ ํ•ด์„œ ์‚ฌ์šฉํ–ˆ์Šต๋‹ˆ๋‹ค.

ZAP Java ๋ฒ„์ „ ๋ฐ”๊ฟ”์น˜๊ธฐ(Change Java version for fixed ssl error on ZAP)

1 min read

ZAP HUD ํ…Œ์ŠคํŠธํ•œ๋‹ค๊ณ  alpha ๋ฒ„์ „ ์˜ฌ๋ ธ์—ˆ๋Š”๋ฐ, macOS ์—์„  ์ธ์•ฑ ๋ธŒ๋ผ์šฐ์ €๋กœ ํŠน์ • ์‚ฌ์ดํŠธ ์ ‘๊ทผ ์‹œ SSL ๊ด€๋ จ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•ด์„œ ์‚ฝ์งˆํ–ˆ๋˜๊ฑฐ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. Linux๋Š” ๋ณ„ ๋ฌธ์ œ ์—†๋˜ ๊ฑธ๋กœ ๋ณด์•„.. macOS์™€ ์—ฐ๊ด€๋œ ๋ฌธ์ œ์ธ๊ฐ€๋ณด๋„ค์š”.

Ruby gem ๋งŒ๋“ค๊ธฐ(Make ruby gem)

1 min read

์š”์ฆ˜ ์ข€ ์ •์‹ ์—†์ด ์ง€๋‚ด๋‹ค๋ณด๋‹ˆ ๋ฒŒ์จ 10์›”์ด๋„ค์š”.. ์จ๋†“์€ ๊ธ€๋„ ๋งˆ์นจ ์—†๋Š” ์ƒํƒœ์ธ์ง€๋ผ ์ด๋ฒˆ์—๋„ ๊ฐ„๋žตํ•œ ๊ธ€ ์ž‘์„ฑํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. (์•„ 10์›”์˜ ์ฒซ๊ธ€์ด ๋ฉ”๋ชจ๊ธ€์ด๋ผ๋‹ˆโ€ฆ) ๋งŽ์€ ruby application ๋“ค์ด ๋‹จ์ˆœํžˆ ์ฝ”๋“œ๋ฅผ clone ํ•ด์„œ ์“ฐ๋Š” ํ˜•ํƒœ๋ณด๋‹จ gem์œผ๋กœ ํŒจํ‚ค์ง•ํ•˜์—ฌ ๋ฐฐํฌํ•˜๊ณ  ์‚ฌ์šฉํ•˜๋Š” ํ˜•ํƒœ๋ฅผ ๊ฐ€์ง‘๋‹ˆ๋‹ค.

Ruby IDB(iOS App ๋ณด์•ˆ๋ถ„์„ ๋„๊ตฌ) Select App ์‹œ ์ฃฝ๋Š” ํ˜„์ƒ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•(iOS10, Error downloading file)

1 min read

์˜ˆ์ „์— idb๋ผ๋Š” iOS ๋ถ„์„๋„๊ตฌ๋ฅผ ๊ณต์œ ๋“œ๋ฆฐ์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ตœ๊ทผ์— ํ…Œ์ŠคํŠธ ์‹œ Select App ์‹œ ์•ฑ ๋ฆฌ์ŠคํŠธ๋ฅผ ๊ฐ€์ ธ์˜ค๋Š” ๊ณผ์ •์—์„œ ์ฃฝ๋Š” ํ˜„์ƒ์ด ์žˆ์—ˆ๋Š๋ฐ์š”, ์˜ˆ์ „์— ๊ฐ€๊นŒ์šด๊ณณ์—์„œ ๋™์ผํ•œ ๋ฌธ์ œ๊ฐ€ ์žˆ์—ˆ๊ณ  ํ•ด๊ฒฐ๋ฐฉ๋ฒ• ๊ณต์œ ํ•ด์ฃผ์…จ๋˜๊ฒŒ ๊ธฐ์–ต๋‚˜์„œ ์ € ๋˜ํ•œ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐํ—€๋„ค์š”.

Scala์˜ underscore(_)๋ž€?

1 min read

์š”์ฆ˜ ์ž๊พธ ์Šค์นผ๋ผ๋ž‘ ๋ถ€๋”ซํžˆ๊ฒŒ ๋˜๋„ค์š”. ์จ๋ณธ์ ๋„ ์—†๋Š” ์–ธ์–ด์ง€๋งŒ ๋‹ค๋ฅธ ์–ธ์–ด๋ž‘ ๋น„์Šทํ•˜๊ฑฐ๋‹ˆ(Js+Java๋Š๋‚Œ..) ํ•˜๊ณ  ๋ดค๋Š”๋ฐ, ์–ด๋งˆ๋ฌด์‹œํ•˜๊ฒŒ ๊ฐ€๋…์„ฑ์„ ๋–จ์–ด๋œจ๋ฆฌ๋Š” ๋ฌด์–ธ๊ฐ€๋ฅผ ๋ฐœ๊ฒฌํ•˜์˜€์Šต๋‹ˆ๋‹ค.

Consul์— ๋Œ€ํ•ด ์•Œ์•„๋ณด์ž! (Service Mesh)

3 min read

์ตœ๊ทผ ์žฌ๋ฏธ์žˆ๋Š” ํ”„๋กœ์ ํŠธ๋ฅผ ํ•˜๊ณ ์žˆ๋Š”๋ฐ, Health cheak, Service discovery ์šฉ๋„๋กœ Consul์„ ์จ๋ณด๊ฒŒ ๋˜์—ˆ๊ณ  ๊ธ€๋กœ ์•ฝ๊ฐ„ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. hashicorp์—์„œ ๋งŒ๋“  Consul, ๊ฑฐ๊ธฐ์„œ ์ง€์ •ํ•œ DevOps ๊ด€๋ จ ๋‚ด์šฉ ์ค‘ Monitor์— ํ•ด๋‹นํ•˜๋Š” ๋ถ€๋ถ„์ž…๋‹ˆ๋‹ค.

Git pull/push ์‹œ Password ๋ฌผ์–ด๋ณด์ง€ ์•Š๋„๋ก ์„ค์ •ํ•˜๊ธฐ(credential.helper)

~1 min read

git์„ ์“ฐ๋‹ค๋ณด๋ฉด ๊ฐ„ํ˜น config ๋ฏธ์Šค, ํ™˜๊ฒฝ ๋ณ€๊ฒฝ์œผ๋กœ push/pull ๋“ฑ ๊ธฐ๋Šฅ ์‹คํ–‰ ์‹œ ๊ณ„์ •๊ณผ ํŒจ์Šค์›Œ๋“œ๋ฅผ ๋ฌผ์–ด๋ณด๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋ฐœ์ƒํ•ฉ๋‹ˆ๋‹ค.

Ruby์—์„œ Cookie ๊ฐ’์„ JSON ํฌ๋งท์œผ๋กœ ๋ณ€ํ™˜ํ•˜๊ธฐ(Cookie format to JSON with hash!)

~1 min read

ํ…Œ์ŠคํŠธํ•˜๋˜ ์ฝ”๋“œ ์ƒ๊ฐ๋‚˜์„œ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. Ruby์—์„œ Cookie format์˜ ๋ฐ์ดํ„ฐ๋ฅผ JSON์œผ๋กœ ๋ณ€ํ™˜ํ•˜๊ธฐ ์œ„ํ•ด์„  hash๋ฅผ ์ด์šฉํ•ด์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ๋งŒ๋“ค ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

์šฐ๋ถ„ํˆฌ 18.04 ์—์„œ ์นด์นด์˜คํ†ก ์„ค์น˜ํ•˜๊ธฐ(Install kakaotalk on ubuntu 18.04)

1 min read

๐Ÿ“•ํŠน์ด์‚ฌํ•ญ WineTrick์—์„œ ์‚ฌ์šฉํ•˜๋Š” MPSetup.exe๊ฐ€ download.microsoft.com์—์„œ ์‚ญ์ œ๋œ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์šฐ์„  ๋Œ€์•ˆ์œผ๋ก  ์ง์ ‘ ๋ฐ›์•„์„œ ์„ค์น˜ํ•˜๋ฉด ๋˜๊ธดํ•˜๋Š”๋ฐ, ์•„๋ฌด๋ž˜๋„ ์™ธ๋ถ€์—์„œ ๋ฐ›๋Š” ํŒŒ์ผ์ด๋‹ˆ ๋ฐ”์ด๋Ÿฌ์Šค ํ† ํƒˆ ๊ฒฐ๊ณผ๋‚˜ ์›๋ณธ ์žˆ๋‹ค๋ฉด ์›๋ณธ์ด๋ž‘ ๋น„๊ต ํ›„ ์„ค์น˜ํ•˜์‹œ๋Š”๊ฒŒ ์ข‹์„๋“ฏ ์‹ถ์Šต๋‹ˆ๋‹ค..์•„๋ž˜ ๋Œ“๊ธ€ 2๊ฐœ ์ฐธ๊ณ ํ•ด์ฃผ์„ธ์š”.

JRuby Burp suite ํ™•์žฅ ๊ธฐ๋Šฅ ๊ฐœ๋ฐœ ์ค‘ ๋ฐœ์ƒํ•œ ์—๋Ÿฌ(failed to coerce [Lburp.IHttpRequestResponse; to burp.IHttpRequestResponse)

~1 min read

๊ธ€ ์ข€ ์“ฐ๊ณ  ์ž๋ คํ–ˆ๋Š”๋ฐ, ์žก๋‹คํ•œ ์ผ์ด ๊ผฌ์—ฌ.. ๊ธ€์€ ํŒจ์Šคํ•˜๊ณ  ๊ฐ„๋‹จํ•˜๊ฒŒ ๋ฉ”๋ชจ ํ•˜๋‚˜๋งŒ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

Crystal - Ruby์™€ ๋น„์Šทํ•˜๋ฉฐ ๋น ๋ฅธ ํ”„๋กœ๊ทธ๋ž˜๋ฐ ์–ธ์–ด

2 min read

์˜ฌ ์ดˆ์ฏค์— Crystal์ด๋ž€ ์–ธ์–ด์— ๋Œ€ํ•ด ์ž ๊น ์ด์•ผ๊ธฐ๋“ค์€์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค. Ruby ๋ฌธ๋ฒ•๊ณผ ์œ ์‚ฌํ•˜๋‹ค๋Š” ๊ฒƒ๋งŒ ๋“ฃ๊ณ  ๋“œ๋””์–ด ์กฐ๊ธˆ ๋” ์‚ดํŽด๋ดค๋„ค์š”. ์•„์ง ์ •์‹ ๋ฆด๋ฆฌ์ฆˆ๋„ ์•„๋‹Œ ์ƒํƒœ์ด๋‹ˆ ์–ด๋–ค ์–ธ์–ด์ธ์ง€ ์ •๋„๋งŒ ์ •๋ฆฌํ•ด๋‘˜๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Git commit์œผ๋กœ Issue ์ข…๋ฃŒํ•˜๊ธฐ(Closing issue with commit)

~1 min read

Git์€ ์ฝ”๋“œ ๊ด€๋ฆฌ ๋ฟ๋งŒ ์•„๋‹ˆ๋ผ Issue ๊ด€๋ฆฌ์— ์žˆ์–ด๋„ ๊ต‰์žฅํžˆ ํŽธ๋ฆฌํ•œ ๋„๊ตฌ์ž…๋‹ˆ๋‹ค. ์ฝ”๋“œ ๋ฐ˜์˜์„ ์œ„ํ•ด Commit ํ•˜๋Š” ๊ณผ์ •์—์„œ ํŠน์ • ํ‚ค์›Œ๋“œ์™€ ์ด์Šˆ๋ฒˆํ˜ธ๋ฅผ ๊ฐ™์ด ๊ธฐ์ž…ํ•ด์ฃผ๋ฉด ์ž๋™์œผ๋กœ Issue์— ๋Œ€ํ•œ ์ฒ˜๋ฆฌ๋„ ๊ฐ™์ด ์ง„ํ–‰๋ฉ๋‹ˆ๋‹ค.

Insomnia๋กœ REST API๋ฅผ ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŠธํ•˜์ž ๐Ÿ˜Ž

1 min read

์˜ค๋Š˜ ์†Œ๊ฐœํ•ด๋“œ๋ฆด ํˆด์€ REST API ํ…Œ์ŠคํŒ… ํˆด์ธ Insomnia ์ž…๋‹ˆ๋‹ค. postman๊ณผ ๊ฐ™์ด API๋ฅผ ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ ์œ„ํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ธฐ๋Šฅ๋“ค์„ ์ œ๊ณตํ•˜๊ณ  ์žˆ๊ณ , ๊ฐœ๋ฐœ์ž๋ฟ๋งŒ ์•„๋‹ˆ๋ผ ๋ณด์•ˆ์ชฝ์—์„œ๋„ ์ถฉ๋ถ„ํžˆ ์ž์ฃผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ๋ผ์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ณต์œ ๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Rubocop auto correct๋ฅผ ์ด์šฉํ•˜์—ฌ ์‰ฝ๊ฒŒ ์ฝ”๋“œ ์Šคํƒ€์ผ ๋”ฐ๋ผ๊ฐ€๊ธฐ

1 min read

์ตœ๊ทผ์— ๋ฃจ๋น„ ํ”„๋กœ๊ทธ๋ž˜๋ฐ ์Šคํƒ€์ผ ๊ฐ€์ด๋“œ ๊ด€๋ จํ•ด์„œ ๊ธ€์„ ํ•˜๋‚˜ ์ž‘์„ฑํ–ˆ์—ˆ๋Š”๋ฐ์š”, ์ด์–ด์„œ ๊ทธ๋–„ ์ž ๊น ์†Œ๊ฐœ๋“œ๋ ธ๋˜ rubocop์„ ์ด์šฉํ•ด์„œ ์ฝ”๋“œ๋ฅผ ๊ต์ •ํ•˜๋Š” ๊ณผ์ •์— ๋Œ€ํ•ด ์ž ๊น ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Ruby Limit to number of thread in loop(๋ฐ˜๋ณต๋ฌธ์—์„œ ์ œํ•œ๋œ ๊ฐฏ์ˆ˜์˜ ์“ฐ๋ ˆ๋“œ ๋Œ๋ฆฌ๊ธฐ)

~1 min read

๋ณดํ†ต ์“ฐ๋ ˆ๋“œ๋Š” ๊ฐœ๋ณ„๋‹จ์œ„์˜ ์ฒ˜๋ฆฌ ์ˆ˜ํ–‰์ด๋‚˜ ๊ณ  ์„ฑ๋Šฅ์˜ ์ž‘์—…(์š”์ฒญ์„ ์—„์ฒญ๋‚˜๊ฒŒ ์ „์†กํ•œ๋‹ค๋Š” ๋‘ฅ, ๋น ๋ฅธ ๊ณ„์‚ฐ์ด ํ•„์š”ํ•œ๋‹ค๋Š” ๋‘ฅ)์ด ํ•„์š”ํ•  ๋•Œ ๋™์ผํ•œ ์ฝ”๋“œ๋กœ ๊ณต์œ ๋˜๋Š” ์ž์›์„ ํ• ๋‹น๋ฐ›์œผ๋ฉฐ ์ฒ˜๋ฆฌํ•˜๋Š” ์‹์œผ๋กœ ๋งŽ์ด ๊ตฌ์„ฑํ•˜๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

Ruby Style Guide์™€ Rubocop

1 min read

์˜ค๋Š˜์€ ๋ฃจ๋น„ ๊ฐœ๋ฐœ ๊ด€๋ จํ•ด์„œ ์ข‹์€ ๊ฐ€์ด๋“œ๊ฐ€ ์žˆ์–ด ๊ณต์œ ๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ •๋ง ์ •๋ฆฌ๊ฐ€ ์ž˜ ๋˜์–ด์žˆ์Šต๋‹ˆ๋‹ค. ์ฒœ์ฒœํžˆ ๋‚ด์šฉ ์ฝ์–ด๋ณด๋ฉด์„œ ๊ณ ์ณ์•ผํ•  ์Šต๊ด€๋“ค์ด ๋งŽ์ด ๋ณด์ด๋„ค์š”.

inquirer ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ์ด์šฉํ•œ ์ปค๋งจ๋“œ๋ผ์ธ ๊ธฐ๋ฐ˜ ์ฒดํฌ๋ฐ•์Šค ๋งŒ๋“ค๊ธฐ(Ruby/Python)

1 min read

recon-raven ๊ฐœ๋ฐœ ์ค‘ ์ปค๋งจ๋“œ๋ผ์ธ ๊ธฐ๋ฐ˜ ์ฒดํฌ๋ฐ•์Šค(๋ชจ๋“ˆ๊ฐ™์€๊ฑฐ ๊ณ ๋ฅผ ์ˆ˜ ์žˆ๋„๋ก..) ๊ตฌ์„ฑํ•ด๋ณด๋ฉด ์–ด๋–จ๊นŒ ํ•ด์„œ ํ•™์ƒ๋•Œ ์ปค๋งจ๋“œ๋ผ์ธ ๊ธฐ๋ฐ˜ ๊ฒŒ์ž„ ๋งŒ๋“  ๊ธฐ์–ต์„ ๋”๋“ฌ์œผ๋ฉฐ ์ง์ ‘ ๋งŒ๋“ค๋‹ค๊ฐ€ ์ข‹์€ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ์ฐพ์•„ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐํ•˜์˜€์Šต๋‹ˆ๋‹ค.

ZAP์—์„œ Passive Script ๋งŒ๋“ค๊ธฐ

1 min read

์š”์ฆ˜ ๋ช‡๊ฐ€์ง€ ๋งŒ๋“ค์–ด์“ฐ๊ณ  ์žˆ๋Š”๋ฐ, ๊ฐ„๋‹จํ•˜๊ฒŒ ํ‹€์ด๋˜๋Š” ์ฝ”๋“œ์™€ ๋Œ€๋žต์ ์ธ ์„ค๋ช…์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

Ruby์—์„œ Exception ์ฒ˜๋ฆฌ( begin-rescue-else-ensure-end )

~1 min read

๋ฒŒ์จ 7์›”์ด๋„ค์š”.. ์˜ค๋Š˜์€ ๋งค๋ฒˆ ์ฝ”๋“œ ์ž‘์„ฑํ• ๋•Œ๋งˆ๋‹ค ๊ท€์ฐฎ์ง€๋งŒ, ๋บด๋จน์„ ์ˆ˜ ์—†๋Š” ์ค‘์š”ํ•œ ์นœ๊ตฌ์— Exception, ์ฆ‰ ์˜ˆ์™ธ์ฒ˜๋ฆฌ์— ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๊ฑฐ์˜ ์ •๋ฆฌ ์ฐจ์›์—์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ์“ฐ๋Š”๊ฑฐ๋‹ˆ ๋น ๋ฅด๊ฒŒ ์‹œ์ž‘ํ•˜์ฃ .

JRuby๋กœ Ruby์™€ Java ๋™์‹œ์— ์‚ฌ์šฉํ•˜๊ธฐ

1 min read

๊ฐœ์ธ์ ์œผ๋กœ BurpSuite์˜ Extender๋ฅผ ๋งŒ๋“ค ๋•Œ Java๋ฅผ ์‚ฌ์šฉํ–ˆ์Šต๋‹ˆ๋‹ค. ๋‹น์—ฐํžˆ Burp๊ฐ€ Java base์ด๊ณ , API ๋“ฑ์˜ ์‚ฌ์šฉ์„ฑ ๋•Œ๋ฌธ์— Java๋กœ ๊ฐœ๋ฐœํ•˜๋Š” ๊ฒƒ์ด ์ผ๋ฐ˜์ ์ธ๋ฐ์š”, ์˜ค๋Š˜์€ Jruby๋ฅผ ์ด์šฉํ•˜์—ฌ Ruby์™€ Java๋ฅผ ํ˜ผ์šฉํ•˜์—ฌ ์‚ฌ์šฉํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Javascript๋ฅผ ์ด์šฉํ•˜์—ฌ ๊ฐ„๋‹จํ•˜๊ฒŒ ์นด์นด์˜คํ†ก ๊ณต์œ (์นด์นด์˜ค๋งํฌ) ์ ์šฉํ•˜๊ธฐ

2 min read

์š”์ฆ˜์€ SNS ๊ณต์œ  ๊ธฐ๋Šฅ์„ ์‚ฌ์šฉํ•˜์ง€ ์•Š๋Š” ์›น ํŽ˜์ด์ง€๋ฅผ ๋งŒ๋‚˜๋ณด๊ธฐ๊ฐ€ ๊ต‰์žฅํžˆ ์–ด๋ ต์Šต๋‹ˆ๋‹ค. ํŠนํžˆ๋‚˜ ๋ธ”๋กœ๊ทธ๋‚˜ ๋งค์ฒด, ํŒ๋งค ์‚ฌ์ดํŠธ๋“ค์€ ์ปจํ…์ธ ์˜ ๊ณต์œ ์— ์žˆ์–ด ๊ต‰์žฅํžˆ ์ข‹์€ ๋ฐฉ๋ฒ•์ด๊ณ  ๋งŽ์ด ์‚ฌ์šฉ๋˜๊ณ  ์žˆ๊ธฐ ๋–„๋ฌธ์— ๊ทธ๋ ‡๋‹ค๊ณ  ์ƒ๊ฐ์ด ๋“œ๋„ค์š”. ์ด์ „๋ถ€ํ„ฐ ์—ฌ๋Ÿฌ๊ฐ€์ง€ SNS ์„œ๋น„์Šค์— ๋Œ€ํ•ด์„œ ๊ณต์œ  ๋ฒ„ํŠผ์„ ๋งŒ๋“ค๊ณ  ์‚ฌ์šฉํ•˜๋‹ค๊ฐ€ ์ตœ๊ทผ์—๋Š” google, twitter, facebook ์ •๋„๋งŒ ์œ ์ง€ํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

MacOS์—์„œ git ์‹คํ–‰ ์‹œ CommandLIneTools ์—๋Ÿฌ ๋ฐœ์ƒํ•œ ๊ฒฝ์šฐ ํ•ด๊ฒฐ๋ฐฉ๋ฒ•

~1 min read

์ตœ๊ทผ(?)์— MacOS ๋ฐฐํฌํŒ ์—…๊ทธ๋ ˆ์ด๋“œ(์‹œ์—๋ผ => ํ•˜์ด์‹œ์—๋ผ) ์ดํ›„ git ๋ช…๋ น์— ๋ฌธ์ œ๊ฐ€ ์ƒ๊ฒผ์—ˆ์Šต๋‹ˆ๋‹ค. (ํŒ์˜ฌ๋ฆผ์„ ์ข€ ๋Šฆ๊ฒŒํ•˜๊ธดํ–ˆ์ฃ ..)

Rails์˜ ๋ผ์šฐํŒ…๊ณผ constraints๋ฅผ ์ด์šฉํ•˜์—ฌ IP๊ธฐ๋ฐ˜ ACL ๋งŒ๋“ค๊ธฐ

2 min read

Rails Application์—์„œ ์ ‘๊ทผ์ œ์–ด๋ฅผ ํ•˜๋Š” ๋ฐฉ๋ฒ•์€ ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ˆ์ „์— ํฌ์ŠคํŒ…ํ•˜๊ธฐ๋„ ํ—€๊ณ , ํŠœํ† ๋ฆฌ์–ผ์—์„œ๋„ ๊ธฐ๋ณธ์ ์œผ๋กœ ์ด์•ผ๊ธฐ๋˜๋Š” HTTP Auth๋ฅผ ์ด์šฉํ•œ ์ธ์ฆ๋ฐฉ์‹ ๋ถ€ํ„ฐ ์„ธ์…˜, ๋กœ๊ทธ์ธ ๊ธฐ๋ฐ˜ ์ธ์ฆ๊นŒ์ง€ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ˜•ํƒœ๋กœ ๊ตฌํ˜„์ด ๊ฐ€๋Šฅํ•˜์ฃ . ์˜ค๋Š˜์€ ๊ฐ€์žฅ ๊ธฐ๋ณธ์ ์ธ ์ ‘๊ทผ์ œ์–ด์ธ IP ๊ธฐ๋ฐ˜ ACL์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Rails development ํ™˜๊ฒฝ์—์„œ error ์ •๋ณด ์ค„์ด๊ธฐ

~1 min read

rails application์€ ๊ธฐ๋ณธ์ ์œผ๋กœ application ์‹คํ–‰ ์‹œ development, test, production์™€ ๊ฐ™์ด ์‹คํ–‰ ํ™˜๊ฒฝ์„ ์ง€์ •ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ๊ฐ ์‹คํ–‰ ํ™˜๊ฒฝ๋ณ„๋กœ ๋””๋ฒ„๊ทธ, ์—๋Ÿฌ ์ฒ˜๋ฆฌ ์—ฌ๋ถ€ ๋“ฑ ํ™˜๊ฒฝ๊ณผ ์ฒ˜๋ฆฌ ๋ฐฉ์‹์— ๋Œ€ํ•ด ๊ฒฐ์ •ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

HTTPS/HTTP Mixed Content (์„ž์ธ ๋™์  ์ฝ˜ํ…์ธ  [File] ๋ฅผ ์ฝ์–ด์˜ค๋Š” ๊ฒƒ์„ ์ฐจ๋‹จํ–ˆ์Šต๋‹ˆ๋‹ค.)

1 min read

์–ด์ œ ๋ธ”๋กœ๊ทธ๋ฅผ https๋กœ ๋ณ€๊ฒฝ ํ›„ ์†Œ์†Œํ•œ ๋ฌธ์ œ๊ฐ€ ์ฐพ์•„์™”์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ js, css ๋“ฑ ๋ฆฌ์†Œ์Šค๋“ค์˜ ์ฃผ์†Œ๊ฐ€ https๋กœ ๊ฐ•์ œ ์น˜ํ™˜๋˜๊ณ  ๋•๋ถ„์— https๊ฐ€ ์—†๋Š” ๊ณณ์—์„œ ๋ถˆ๋Ÿฌ์˜จ ํŒŒ์ผ๋“ค์€ ๋กœ๋“œ๋˜์ง€ ์•Š์•„ ์ผ๋ถ€ ๊ธฐ๋Šฅ์ด ๋™์ž‘ํ•˜์ง€ ์•Š์•˜์—ˆ์ฃ .

๊ตฌ๊ธ€ ๋ธ”๋กœ๊ฑฐ ๊ฐœ์ธ ๋„๋ฉ”์ธ์— HTTPS ์ œ๊ณต! (HTTPS support to custom domain on google blogger)

~1 min read

๊ตฌ๊ธ€์€ ์˜ˆ์ „์— ์ž์‚ฌ ๋ธ”๋กœ๊ทธ ์„œ๋น„์Šค์ธ Blogger์— https ์ ์šฉ์„ ์ง€์›ํ–ˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” .blogspot.com ํ•˜์œ„์˜ ๋„๋ฉ”์ธ๋งŒ ๊ฐ€๋Šฅํ–ˆ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ ์ปค์Šคํ…€ ๋„๋ฉ”์ธ์— ๋Œ€ํ•ด์„œ๋„ https๋ฅผ ์ง€์›ํ•ด์ฃผ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Ruby language์—์„œ์˜ Symbol(์‹ฌ๋ณผ)์ด๋ž€?

2 min read

์–ธ์–ด ์ž์ฒด์— ๋Œ€ํ•œ ๊ธ€์„ ์“ฐ๋Š”๊ฑด ๊ต‰์žฅํžˆ ์˜ค๋žœ๋งŒ์ธ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๋ฃจ๋น„์˜ ์‹ฌ๋ณผ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค.

MITM Proxy server in Ruby (evil-proxy์™€ rails๋ฅผ ์ด์šฉํ•œ WASE ํŠธ๋ž˜ํ”ฝ ์ˆ˜์ง‘ ๊ตฌ๊ฐ„ ๋งŒ๋“ค๊ธฐ)

2 min read

WASE๋ฅผ ๋งŒ๋“ค๋ฉด์„œ MITM Proxy๋กœ ํŠธ๋ž˜ํ”ฝ์„ ์ˆ˜์ง‘ํ•˜๋Š” ์„œ๋ฒ„๋ฅผ ๋งŒ๋“ค์—ˆ๋Š”๋ฐ์š”, ์ด ๊ณผ์ •์—์„œ ์•Œ์•„๋ดค๋˜๊ฑฐ๋ž‘ ๊ธฐ๋ฐ˜(?)์ด ๋˜์—ˆ๋˜ ์‹ฌํ”Œํ•œ ์ €์˜ ์ฝ”๋“œ ๊ด€๋ จํ•ด์„œ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

Protocol-relative URL! //๋กœ ์‹œ์ž‘ํ•˜๋Š” URL

1 min read

์›น ์ฝ”๋“œ์—์„œ ์ฃผ์†Œ๋ฅผ ์‚ฌ์šฉํ•  ๋•Œ double slash(//)๋ฅผ ๋งŽ์ด ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์š”์ฆ˜์€ ๋Œ€์ฒด๋กœ double slash๋ฅผ ๋งŽ์ด ์‚ฌ์šฉํ•˜๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์•„๋ฌด๋Ÿฐ ์ƒ๊ฐ์—†์ด ์‚ฌ์šฉํ•˜๋ฉด์„œ ์ •์ž‘ http:// , https:// ์™€ ๊ฐ™์ด ํ”„๋กœํ† ์ฝœ ๋ช…์‹œ๋œ ๊ฒฝ์šฐ์™€ ๋‹จ์ˆœํ•˜๊ฒŒ double slash๋กœ ๊ตฌ์„ฑ๋œ ์ฃผ์†Œ์˜ ์ฐจ์ด์— ๋Œ€ํ•œ ๊ถ๊ธˆ์ฆ์„ ๊ฐ€์ง€์ง€ ์•Š์•˜์—ˆ๋„ค์š”.

website capture๋ฅผ ์œ„ํ•œ ruby gem (feat PhantomJS)

~1 min read

์ด๋ฒˆ ์ฃผ๋ง์—” ๋”ฑํžˆ ์“ธ ๊ธ€์ด ์—†๋„ค์š”.. (์‹œ๊ฐ„์ด ใ…œใ…œ) ๊ฐ„๋žตํ•˜๊ฒŒ ruby library๋ฅผ ์ด์šฉํ•œ ์›น ํŽ˜์ด์ง€ ์บก์ณ ๊ด€๋ จํ•ด์„œ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

๊ตฌ๊ธ€ ๋ธ”๋กœ๊ฑฐ(Google Blogger) ํŽ˜์ด์ง€, ๊ฒŒ์‹œ๊ธ€(ํฌ์ŠคํŠธ) ๊ด€๋ จ ํƒ€์ž…๋“ค

3 min read

์ด์ „๋ถ€ํ„ฐ ์ฒœ์ฒœํžˆ ์ค€๋น„ํ•ด์˜ค๋˜ ๋ธ”๋กœ๊ทธ ์‚ฌ์ดํŠธ์˜ ๋””์ž์ธ๊ณผ ๊ตฌ์กฐ ๋ณ€๊ฒฝ.. ๋“œ๋””์–ด ์ด๋ฒˆ ์ฃผ๋ง์— ๋Œ€๋Œ€์ ์ธ ๊ฐœํŽธ์„ ์ง„ํ–‰ํ–ˆ์Šต๋‹ˆ๋‹ค.

[HACKING] Bug Bounty๋ฅผ ์œ„ํ•œ WASE(Web Audit Search Engine) ๋งŒ๋“ค๊ธฐ [1] - Elastic search์™€ ruby-rails

2 min read

์š”์ฆ˜๋“ค์–ด ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ์— ๋Œ€ํ•œ ์ƒ๊ฐ์ด ์กฐ๊ธˆ ๊นŠ์–ด์กŒ์Šต๋‹ˆ๋‹ค. ์ผ์„ ํ•˜๋Š” ๊ฒƒ ์ด์™ธ์—๋„ ๋ฌด์–ธ๊ฐ€ ๊ฐ€์น˜๋ฅผ ๋งŒ๋“ค ์ˆ˜ ์žˆ๊ฒ ๋‹ค๋ผ๋Š” ์ƒ๊ฐ ๋•Œ๋ฌธ์ด์ฃ . (๊ทธ๋ƒฅ ๋ˆ์„ ๋” ๋ฒŒ๊ณ ์‹ถ๋‹ค๊ณ  ๊ทธ๋ž˜ =_=)

[DOCKER] ๋„์ปค ์ปจํ…Œ์ด๋„ˆ, ํ˜ธ์ŠคํŠธ๊ฐ„ ํŒŒ์ผ ์ „์†ก/๋ฐ›๊ธฐ(How to send/recive docker container)

~1 min read

๊ทธ๋ƒฅ ๋ฉ”๋ชจ ์ฐจ์›์œผ๋กœ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. docker container ์™€ ํ˜ธ์ŠคํŠธ ๊ฐ„ ํŒŒ์ผ ์ด๋™ ์‹œ cp, scp ์™€ ๋™์ผํ•˜๋‹ˆ ์‰ฝ๊ฒŒ ์ƒ๊ฐํ•˜๋ฉด ๋ฉ๋‹ˆ๋‹ค.

[ROR] Ruby on Rails โ€œcannot load such file โ€“ [package]โ€ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•

1 min read

์™œ๊ทธ๋Ÿฐ์ง„ ์ž˜ ๋ชจ๋ฅด๊ฒ ์ง€๋งŒ ์˜ค๋Š˜ ์—…๋ฐ์ดํŠธ ์ดํ›„์— rails ์„œ๋ฒ„ ์‹œ์ž‘ ์‹œ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•ฉ๋‹ˆ๋‹ค. ๋‚ด์šฉ์„ ๋ณด์ž๋‹ˆ.. mime/types๋ฅผ ์ฐพ์„ ์ˆ˜ ์—†๋‹ค๊ณ  ํ•˜๋„ค์š”.

[RUBY] nokogiri install/update ์—๋Ÿฌ ํ•ด๊ฒฐํ•˜๊ธฐ(An error occurred while installing nokogiri (1.8.2), and Bundler cannot continue.)

1 min read

๊ฐ„๋งŒ์— ๋ ˆ์ผ์ฆˆ ๋–”์— ๋ฃจ๋น„ ๊ฐ€์ง€๊ณ  ๋†€๋˜ ์ค‘ nokogiri๊ฐ€ ๊ณ ์žฅ๋‚ฌ์Šต๋‹ˆ๋‹ค. (๋Œ€์ฒด๋กœ ๋ถ€ํŒ…๊ณผ ํ•จ๊ป˜ ํŒจํ‚ค์ง€ ์—…๋ฐ์ดํŠธ๋ฅผ ํ•˜๋Š”๋ฐ, ๊ทธ๊ฒŒ ๋ฌธ์ œ์˜€์ฃ ..)

iframe์˜ height:100%๊ฐ€ ์•ˆ๋  ๋•Œ viewport๋ฅผ ์ด์šฉํ•˜์—ฌ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

iframe ํƒœ๊ทธ๋ฅผ ์“ฐ๋‹ค๋ณด๋ฉด ๊ฐ„ํ˜น ๋†’์ด๊ฐ€ 100%๊ฐ€ ์•ˆ๋˜๋Š” ์ƒํ™ฉ์ด ๋ฐœ์ƒํ•ฉ๋‹ˆ๋‹ค. ๋˜ํ•œ ๋‹ค๋ฅธ ์š”์†Œ๋“ค์˜ ํฌ๊ธฐ๋ฅผ ์กฐ์ •ํ•˜๋‹ค๊ฐ€ %์˜ ํฌ๊ธฐ๋กœ ํ™”๋ฉด์„ ๋„˜์–ด๊ฐ€๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค.

[CODING] Backspace,Delete not working in vim insert mode(vim์—์„œ ์‚ญ์ œ๊ฐ€ ์ž˜ ๋˜์ง€ ์•Š์„๋•Œ)

~1 min read

๊ฐ„ํ˜น ์‹œ์Šคํ…œ์— ๋”ฐ๋ผ vim์ด ๋ง›์ด๊ฐ‘๋‹ˆ๋‹ค. backspace ํ‚ค๊ฐ€ ์ •์ƒ ์ž‘๋™ํ•˜์ง€ ์•Š์„๋•Œ ๊ต‰์žฅํžˆ ๋‹ต๋‹ตํ•œ๋ฐ์š”.. vimrc์— ํ•œ์ค„ ์ถ”๊ฐ€๋กœ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐ๋ฉ๋‹ˆ๋‹ค.

Vim์—์„œ์˜ ๊ฐœ๋ฐœ์„ ์œ„ํ•œ ์ตœ์†Œํ•œ์˜ plugin ์„ค์ •

1 min read

๋งค๋ฒˆ ๋Š๋ผ์ง€๋งŒ ๊ธ€๋กœ ์ž‘์„ฑํ•˜์ง€ ์•Š์€ ๋‚ด์šฉ๋“ค์€ ๋‚˜์ค‘์— ๋‹ค์‹œ ์„ธํŒ…ํ•˜๊ฑฐ๋‚˜, ์ฐธ๊ณ ํ•ด์•ผํ•  ๋•Œ ์ฐธ ๋ถˆํŽธํ•ฉ๋‹ˆ๋‹ค. ๊ผญ ํ•„์š”ํ•  ๋•Œ ๋ณด๋ฉด ์—†๋‹ค์ฃ . ์ตœ๊ทผ์—๋„ vim ์„ธํŒ…์„ ๋‹ค์‹œ ํ• ์ผ์ด ์žˆ์–ด ํ•˜๋‚˜ํ•˜๋‚˜ ์„ธํŒ…ํ•˜๊ณ  ์žˆ๋Š”๋ฐ, ํ•œ๋ฒˆ์ฏค์€ ๋ฉ”๋ชจํ•ด๋‘๋ฉด ๋‘๊ณ ๋‘๊ณ  ๋ณผ ๊ฒƒ ๊ฐ™๋‹ค๋ผ๋Š” ์ƒ๊ฐ์ด ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. ์งง๊ฒŒ๋‚˜๋งˆ ์‹œ๊ฐ„ ๋‚ด์–ด์„œ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Learning Go Language - Hello world, GoRoutine

2 min read

์š”์ฆ˜ Go langage๋ฅผ ๋ฐฐ์›Œ๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์•„์ฃผ ์ฒœ์ฒœํžˆ ํ‹ˆ๋‚ ๋•Œ๋งˆ๋‹ค ๋ณด๊ณ ์žˆ๋Š”๋ฐ, ์กฐ๊ธˆ์”ฉ์€ ์ •๋ฆฌํ•ด์„œ ํฌ์ŠคํŒ…ํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์•„๋งˆ ์ต์ˆ™ํ•ด์ง€๋ฉด Ruby์™€ ์„ž์–ด์„œ ์ฝ”๋”ฉํ•˜๊ฒŒ ๋  ๊ฒƒ ๊ฐ™๋„ค์š”.

[RUBY] ํด๋ฆฝ๋ณด๋“œ์— ๋ฐ์ดํ„ฐ๋ฅผ ๋ณต์‚ฌํ•˜์ž! clipboard gem

~1 min read

์˜ˆ์ „์— python์˜ tkinter ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ์ด์šฉํ•ด์„œ clipboard ์ œ์–ดํ•˜๊ณ  ๊ฐ„๋‹จํ•œ ํ”„๋กœ๊ทธ๋žจ ๋งŒ๋“œ๋Š” ์ด์•ผ๊ธฐ๋ฅผ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. (http://www.hahwul.com/2016/06/python-tkinter-module-clipboard.html )

Bookmarklet์ด๋ž€?

1 min read

์ตœ๊ทผ์— Bookmarklet์˜ ์กด์žฌ๋ฅผ ์•Œ์•˜์Šต๋‹ˆ๋‹ค. ๋ธŒ๋ผ์šฐ์ € AddOn๋งŒ ๊ฐœ๋ฐœํ•ด์„œ ์จ์˜ค๋˜ ์ €์—๊ฒ ๋‚˜๋ฆ„๋Œ€๋กœ ์‹ ์„ธ๊ณ„ ์˜€๋„ค์š”. ์˜ค๋Š˜์€ Bookmarklet์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค.

Rails์—์„œ DB Column ์ถ”๊ฐ€ํ•˜๊ธฐ

~1 min read

rails๋Š” database schema ๋“ฑ์„ migration ํŒŒ์ผ๋กœ ๊ด€๋ฆฌํ•ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ์ด์šฉํ•˜๋ฉด ์ด๋ฏธ ๋งŒ๋“ค์–ด์ง„ ์•ฑ์—์„œ DB Schema๋ฅผ ๋ณ€๊ฒฝํ•˜๊ฑฐ๋‚˜ ์‰ฝ๊ฒŒ Rollbackํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

[EXPLOIT] JAVA SE Web start JNLP XXE ์ทจ์•ฝ์  ๋ถ„์„(CVE-2017-10309, feat Metasploit)

4 min read

์š”์ฆ˜ ์‹œ๊ฐ„๋‚ด๊ธฐ๊ฐ€ ์™œ์ด๋ฆฌ ์–ด๋ ค์šด๊ฑด์ง€.. ๋•๋ถ„์— ์˜ค๋žœ๋งŒ์— ์ทจ์•ฝ์  ๋ถ„์„๊ธ€์„ ์ž‘์„ฑํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ์ง€๋‚œ 10์›” ๋ง ๊ณต๊ฐœ๋œ JAVA SE ๊ด€๋ จ XXE ์ทจ์•ฝ์ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

XCode Simulator์— App(.ipa) ํŒŒ์ผ ์„ค์น˜ํ•˜๊ธฐ

~1 min read

์ทจ์•ฝ์  ํ…Œ์ŠคํŠธ ๊ธฐ๊ธฐ๋กœ ์“ฐ๋Š” iOS ๋””๋ฐ”์ด์Šค์— ๋ฌธ์ œ๊ฐ€ ์žˆ์–ด Simulator๋ฅผ ์•Œ์•„๋ณด๋˜ ์ค‘ ๊ฐ„๋‹จํ•œ ํŒ์ด ์žˆ์–ด ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ Simulator์— Xcode๋กœ ์ปดํŒŒ์ผํ•œ ์•ฑ์ด ์•„๋‹ˆ๋ฉด ์„ค์น˜๊ฐ€ ๋ถˆ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ ์•ฝ๊ฐ„์˜ ํŠธ๋ฆญ์„ ์“ฐ๋ฉด ์‰ฝ๊ฒŒ ๊ฐ€๋Šฅํ•˜์ง€๋งŒ์š”. ์˜ค๋Š˜์€ app ํŒŒ์ผ์ธ .ipa(app)์œผ๋กœ Xcode Simulator์— ์„ค์น˜ํ•ด ๋ด…์‹œ๋‹ค.

[POWERSHELL] ํŒŒ์›Œ์‰˜์„ ์ด์šฉํ•œ ํŒŒ์ผ ์ •๋ณด ํ™•์ธํ•˜๊ธฐ(Write a get file information script)

5 min read

ํŒŒ์›Œ์‰˜์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ž ๊น ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ์œˆ๋„์šฐ ํ™˜๊ฒฝ์—์„œ ํŒŒ์›Œ์‰˜ ์‚ฌ์šฉ ์‹œ batch ํŒŒ์ผ์— ๋น„ํ•ด ์ƒ์„ธํ•˜๊ฒŒ ์‹œ์Šคํ…œ์— ๋Œ€ํ•ด ์ œ์–ดํ•  ์ˆ˜ ์žˆ๊ณ  Ruby, Python ๊ณผ ๊ฐ™์€ ์–ธ์–ด์™€ ๋‹ฌ๋ฆฌ ๊ธฐ๋ณธ์ ์œผ๋กœ ๋‚ด์žฅ๋˜์–ด ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๋ณ„๋„์˜ ์„ค์น˜ ์—†์ด ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ์žฅ์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค.

Metasploit API์™€ msfrpcd, ๊ทธ๋ฆฌ๊ณ  NodeJS

5 min read

์š”์ฆ˜ metasploit์˜ rpc์— ๋Œ€ํ•ด ๊ต‰์žฅํžˆ ๊ด€์‹ฌ์ด ๋งŽ์Šต๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋ก  msgrpc plugin ๋ถ€ํ„ฐ msfrpcd ๋ฐ๋ชฌ๊นŒ์ง€ metasploit์—์„œ rpc๋ฅผ ์ด์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋ฐฉ๋ฒ•๋“ค์„ ๋งŽ์ด ์ฐพ์•„๋ณด๊ณ  ์žˆ์ง€์š”.

[METASPLOIT] Writing Custom Plugin for metasploit

3 min read

์ตœ๊ทผ์— a2sv๋ฅผ metasploit plugin์œผ๋กœ ์ง€์›ํ•  ์ƒ๊ฐ์„ ํ•˜๊ณ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ชจ๋“ˆ ์ œ์ž‘์ด ์•„๋‹Œ plugin ์ œ์ž‘์œผ๋ก  ๊ฒฝํ—˜์ด ๊ฑฐ์˜ ์—†๊ธฐ์—.. ํ•˜๋‚˜ํ•˜๋‚˜ ์ฐพ์•„๋ณด๋ฉด์„œ ์ง„ํ–‰ํ•˜๊ธฐ๋กœ ํ–ˆ์ฃ .

RUBY์—์„œ RQRCode๋ฅผ ์ด์šฉํ•˜์—ฌ QR์ฝ”๋“œ ์ƒ์„ฑํ•˜๊ธฐ

~1 min read

์˜ค๋Š˜์€ RQRCode์— ๋Œ€ํ•ด ์ž‘์„ฑํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. RQRCode๋Š” Ruby์—์„œ QR์ฝ”๋“œ๋ฅผ ๋‹ค๋ฃฐ ์ˆ˜ ์žˆ๋Š” ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ž…๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ๋กœ ์‰ฝ๊ฒŒ QR์ฝ”๋“œ ์ƒ์„ฑ์ด ๊ฐ€๋Šฅํ•˜๊ธฐ ๋–„๋ฌธ์— QR์ฝ”๋“œ ๊ด€๋ จ ์„œ๋น„์Šค๋‚˜ Rails ๋‚ด QR ์ฝ”๋“œ ์‚ฌ์šฉ ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋ฐฉ๋ฉด์œผ๋กœ ํ™œ์šฉํ•  ์ˆ˜ ์žˆ๊ฒ ๋„ค์š”.

PuDB ์ด์šฉํ•˜์—ฌ cli์—์„œ python ๋””๋ฒ„๊น…ํ•˜๊ธฐ

~1 min read

ํŒŒ์ด์ฌ ๋””๋ฒ„๊น…์„ ์œ„ํ•ด ๊ตฌ๊ธ๋งํ•˜๋˜ ์ค‘ stackoveflow์—์„œ ์“ธ๋งŒํ•œ python debugger๋ฅผ ํ•˜๋‚˜ ์ฐพ์•˜์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ PuDB python ๋ชจ๋“ˆ์ž…๋‹ˆ๋‹ค. ์ด ๋ชจ๋“ˆ์€ ํŒŒ์ด์ฌ ์ฝ”๋“œ๋ฅผ ์‰ฝ๊ฒŒ ๋””๋ฒ„๊น…ํ•˜๊ธฐ ์œ„ํ•ด ๋งŒ๋“ค์–ด์ง„ ๋ชจ๋“ˆ์ž…๋‹ˆ๋‹ค.

[CODING] Ruby telegram-bot ์„ ์ด์šฉํ•œ ํ…”๋ ˆ๊ทธ๋žจ ๋ด‡ ๋งŒ๋“ค๊ธฐ

1 min read

์•ˆ๋…•ํ•˜์„ธ์š”. ํ•˜ํ›Œ์ž…๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ Ruby๋ฅผ ์ด์šฉํ•œ ํ…”๋ ˆ๊ทธ๋žจ ๋ด‡ ๋งŒ๋“ค๊ธฐ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋กœ ์ค€๋น„ํ–ˆ์Šต๋‹ˆ๋‹ค. ์งง์€ ๋‚ด์šฉ์ด์ง€๋งŒ.. ์›Œ๋‚™ ์ •์‹ ์—†์ด ์ง€๋‚ธ์ง€๋ผ ์ด์ œ์„œ์•ผ ํฌ์ŠคํŒ…์„ ํ•˜๊ฒŒ๋˜๋„ค์š”.

[WEB HACKING] PHP Comparison Operators Vulnerability for Password Cracking

2 min read

๊ฐœ์ธ์ ์œผ๋กœ ํ”„๋กœ๊ทธ๋ž˜๋ฐ์˜ ์žฌ๋ฏธ์žˆ๋Š” ์š”์†Œ๋Š” ์—ฐ์‚ฐ์ž๊ฐ€ ์•„๋‹๊นŒ ์‹ถ์Šต๋‹ˆ๋‹ค. ์ž‘์€ ์—ฐ์‚ฐ์ž๋“ค์ด ๋ชจ์—ฌ ํฐ ํ๋ฆ„์„ ๋งŒ๋“ค๊ณ , ์šฐ๋ฆฌ๊ฐ™์€ ํ•ด์ปค๋Š” ์ด ํ๋ฆ„์„ ํ‹€์–ด ์˜ˆ์ƒ์น˜๋„ ๋ชปํ•œ ํ–‰์œ„๋ฅผ ์ด๋Œ์–ด๋‚ด๋‹ˆ ๊ต‰์žฅํžˆ ์žฌ๋ฏธ์žˆ๋Š” ๋ถ€๋ถ„์ด์ฃ .

์ด ํŠน์ˆ˜๋ฌธ์ž๋Š” ์–ด๋–ป๊ฒŒ ์ฝ์–ด์•ผ ํ• ๊นŒ์š”?

~1 min read

๋ณด์•ˆ์ „๋ฌธ๊ฐ€๋‚˜ ๊ฐœ๋ฐœ์ž๊ฐ™์ด ์‹ค๋ฌด์ ์ธ IT ์—…๋ฌด๋ฅผ ํ•˜๋‹ค๋ณด๋ฉด ํŠน์ˆ˜๋ฌธ์ž์— ๋Œ€ํ•ด ์„ค๋ช…ํ•ด์•ผํ•  ๋•Œ๊ฐ€ ๋งŽ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ € ๋˜ํ•œ ๊ฐœ๋ฐœ์ž์—๊ฒŒ ๋งค๋ฒˆ ์„ค๋ช…ํ•ด์•ผํ•˜๊ณ , ๊ทธ ๊ณผ์ •์—์„œ ํŠน์ˆ˜๋ฌธ์ž์— ๋Œ€ํ•œ ์–ธ๊ธ‰์ด ๋งŽ๊ธฐ ๋•Œ๋ฌธ์— ๋ชจ๋ฅด๋Š” ๋ถ€๋ถ„์€ ์ผ๋ถ€๋Ÿฌ ์ฐพ์•„์„œ ์ •๋ฆฌํ•ด๋‘๊ณ  ํ–ˆ์Šต๋‹ˆ๋‹ค. ์ƒ๊ฐํ•ด๋ณด๋‹ˆ ์ด๋Ÿฐ ๋‚ด์šฉ์€ ๊ณต์œ ๋˜๋ฉด ์ข‹์„ ๊ฒƒ ๊ฐ™์•„ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

SOP(Same-Origin Policy)์™€ Web Security

1 min read

์˜ค๋Š˜์€ ์›น ํ•ดํ‚น ์‹œ ์šฐ๋ฆฌ์˜ ๋ฐœ๋ชฉ์„ ์žก๋Š” ์นœ๊ตฌ์ธ SOP(Same-Origin Policy)์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Form์—์„œ ์ฒดํฌ๋ฐ•์Šค ์—ฌ๋Ÿฌ๊ฐœ ๊ฐ’ ์ „๋‹ฌํ•˜๊ธฐ

~1 min read

์›น ๊ฐœ๋ฐœ์„ ํ•˜๋‹ค๋ณด๋ฉด ์ฒดํฌ๋ฐ•์Šค๋ฅผ ์ด์šฉํ•˜์—ฌ ์—ฌ๋Ÿฌ๊ฐœ์˜ ๊ฐ’์„ ๋„˜๊ฒจ์•ผ ํ•  ์ƒํ™ฉ์ด ์ƒ๊น๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋กœ ์˜ต์…˜ ๊ฐ™์€ ๊ธฐ๋Šฅ๋“ค์ด์ฃ . form์„ ํ†ตํ•œ ์ „์†ก ์‹œ array ํ˜•ํƒœ๋กœ ๋˜์ง€๊ณ  php์—์„œ array๋กœ ๋ฐ›๋Š”๋‹ค๋ฉด ์‰ฝ๊ฒŒ ๊ตฌํ˜„ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

[CODING] WebSocket - Overview , Protocol/API and Security

1 min read

WebSocket์ด๋ž€?

WebSocket์€ ์›น ํŽ˜์ด์ง€์—์„œ ์‹ค์‹œ๊ฐ„์œผ๋กœ ๋™์ž‘ํ•˜๋Š” ์›น ์„œ๋น„์Šค๋ฅผ ๋งŒ๋“ค์–ด ์ค„ ์ˆ˜ ์žˆ๋Š” ํ‘œ์ค€ ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ ์›น ํ”„๋กœํ† ์ฝœ์ธ HTTP๋Š” Request์™€ Response ๊ธฐ๋ฐ˜์œผ๋กœ ์ƒˆ๋กœ ์š”์ฒญ์ด ๋ฐœ์ƒํ•˜๋ฉด ํŽ˜์ด์ง€๋ฅผ ๋‹ค์‹œ ๊ทธ๋ ค์•ผํ•˜๋Š” ๊ตฌ์กฐ์ž…๋‹ˆ๋‹ค. ๋•๋ถ„์— ์ฟ ํ‚ค๋ผ๋Š” ๊ฐœ๋…๋„ ์‚ฌ์šฉ๋˜๊ฒŒ ๋˜์—ˆ์ง€์š”. (์ธ์ฆ ์ •๋ณด๋ฅผ ์œ ์ง€ํ•˜๊ธฐ ์œ„ํ•ด)

[RUBY] Cuntom column sort function on Two-dimensional array

1 min read

๋ฃจ๋น„๋กœ ์ฝ”๋”ฉํ•˜๋˜ ์ค‘ ๊ท€์ฐฎ์€ ์ผ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ array์— ๋Œ€ํ•œ ์ •๋ ฌ ์ค‘ 2์ฐจ์› ์ด์ƒ ๋ฐฐ์—ด์—์„œ๋Š” ์ œ๊ฐ€ ์ง€์ •ํ•œ ์—ด์„ ๊ธฐ์ค€์œผ๋กœ ์ •๋ ฌํ•  ์ˆ˜ ์žˆ๋Š” ํ•จ์ˆ˜๊ฐ€ ์—†๋˜๊ฒƒ์ž…๋‹ˆ๋‹ค..

[DEBIAN] malloc() ์‹œ sysctl vm.swappiness๋ฅผ ์ด์šฉํ•˜์—ฌ Swap ์ ๊ทน ํ™œ์šฉํ•˜๊ธฐ

1 min read

๋ฆฌ๋ˆ…์Šค์—์„œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ…Œ์ŠคํŠธ๋ฅผ ํ•˜๋‹ค๋ณด๋ฉด memory๋ฅผ full ์‹œ์ผœ์•ผํ•  ์ƒํ™ฉ์ด ์˜ค๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ œ๊ฐ€ ์ด๋Ÿฐ ํ…Œ์ŠคํŠธ๊ฐ€ ํ•„์š”ํ•˜๊ธฐ๋ณด๋‹จ ํ•„์š”ํ•œ ๋ถ„ ๋„์™€๋“œ๋ฆฌ๋‹ค๋ณด๋‹ˆ ์•„๋ฌด๋ž˜๋„ ์ •๋ฆฌํ•ด๋†“๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„ ๊ฐ€๋ณ๊ฒŒ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

Ruby nokogiri๋ฅผ ์ด์šฉํ•œ Web Spider ๋งŒ๋“ค๊ธฐ

3 min read

์ง€๋‚œ ํฌ์ŠคํŒ…์—์„  nokogiri๋ฅผ ์ด์šฉํ•œ parsing ์„ ํ–ˆ๋‹ค๋ฉด ์ด๋ฒˆ์—๋Š” ์กฐ๊ธˆ ๋” ๋ฐœ์ „ ์‹œ์ผœ์„œ ๊ฐ„๋‹จํ•œ Spider๋ฅผ ๋งŒ๋“ค์–ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ํ›จ์”ฌ ์ข‹์€ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋“ค์ด ์žˆ์ง€๋งŒ ๊ฐ€์žฅ ๊ธฐ๋ณธ์ด๋˜๋Š” nokogiri๋ฅผ ์ž˜ ์•ˆ๋‹ค๋ฉด ๋งŽ์€ ๋„์›€์ด ์žˆ์„ ์ˆ˜ ์žˆ๊ฒ ์ง€์š”.

Ruby Nokogiri๋ฅผ ์ด์šฉํ•œ Web Parsing

2 min read

์›น ์„œ๋น„์Šค๋ฅผ ํƒ์ƒ‰ํ•˜๋Š” ๋„๊ตฌ๋“ค์„ ๋งŒ๋“ค๋‹ค ๋ณด๋ฉด ๋งŽ์ด ์ ‘ํ•˜๊ฒŒ ๋˜๋Š” ์ž‘์—…์ด ํ•˜๋‚˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ HTML, XML ๋“ฑ ๊ตฌ์กฐํ™”๋œ ๋ฌธ์„œ๋ฅผ ํŒŒ์‹ฑํ•˜๋Š” ์ž‘์—…์ธ๋ฐ์š”. ์˜ค๋Š˜์€ Ruby์˜ ๊ฐ•๋ ฅํ•œ ํŒŒ์‹ฑ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ธ Nokogiri์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊ฐ€ ํ•ฉ๋‹ˆ๋‹ค.

[JQUERY] Create wait/loading animation using jquery(addClass,removeClass)

1 min read

์›น ๊ฐœ๋ฐœ์„ ํ•˜๋‹ค๋ณด๋ฉด Ajax ๋“ฑ์„ ์ด์šฉํ•˜์—ฌ ๋ฐ์ดํ„ฐ๋ฅผ ์ฒ˜๋ฆฌํ•  ๋•Œ ์‚ฌ์šฉ์ž์˜ ๋ˆˆ์„ ์ฆ๊ฒ๊ฒŒ(?)ํ•˜๋Š” ๋กœ๋”ฉ ๋ฐ”๋ฅผ ๋งŒ๋“œ๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ž‘์„ฑํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค.

[PYTHON] Tkinter module์„ ์ด์šฉํ•œ Clipboard(ํด๋ฆฝ๋ณด๋“œ) ์ œ์–ด/์ƒ์šฉ๊ตฌ ๋งŒ๋“ค๊ธฐ

1 min read

์ผ์„ ํ•˜๋‹ค๋ณด๋ฉด ํ•ญ์ƒ ๊ฐ™์€ ๋ง์„ ์ž์ฃผ ์จ์•ผํ•  ์ƒํ™ฉ์ด ๋งŽ์ด ์ƒ๊น๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ํ‰์†Œ์— ์ œ๊ฐ€ Python ์„ ์ด์šฉํ•˜์—ฌ ์‚ฌ์šฉํ•˜๋˜ ๊ฒƒ์„ ํ’€์–ด๋ณผ๊นŒํ•ฉ๋‹ˆ๋‹ค.

[RUBY] ๋ฃจ๋น„์—์„œ Process/command ์‹คํ–‰ํ•˜๊ธฐ(Execute Process and command)

2 min read

C์–ธ์–ด๋ถ€ํ„ฐ ruby, python ๋“ฑ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์–ธ์–ด ์ค‘ ํ•˜๋‚˜๋ผ๋„ ํ•ด๋ณด์…จ๋‹ค๋ฉด ์ •๋ง ๋ฐ˜๊ฐ€์šด ํ•จ์ˆ˜๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ system() ํ•จ์ˆ˜(C์–ธ์–ด ๊ธฐ์ค€)์ธ๋ฐ์š”, ์ด ํ•จ์ˆ˜๋ฅผ ํ†ตํ•ด ์‹œ์Šคํ…œ์— ๋ช…๋ น์„ ๋‚ด๋ฆฌ๊ฑฐ๋‚˜ ์ƒˆ๋กœ์šด ํ”„๋กœ์„ธ์Šค๋ฅผ ์ƒ์„ฑํ•  ์ˆ˜ ์žˆ๋Š” ํ•จ์ˆ˜์ด์ง€์š”. ์ด ํ•จ์ˆ˜๋กœ ๋งŽ์€ ๋…ธ๊ฐ€๋‹ค ์ž‘์—…์ด ์ค„๊ฒŒ๋˜์ง€์š”.

Java Applet์„ ์ด์šฉํ•œ ๊ณต๊ฒฉ ๋ฐฉ๋ฒ•๋“ค

2 min read

์›น ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ๋ถ„์„ ์‹œ ์ฃผ์š” ํƒœ๊ทธ๋กœ ์•Œ๋ ค์ง„ ๊ฒƒ๋“ค์€ ๋Œ€๋‹ค์ˆ˜ ํ•„ํ„ฐ๋ง ๋˜์–ด ์žˆ์ง€๋งŒ ๊ฐ„ํ˜น ๋น ์ง€๋Š” ํƒœ๊ทธ๋“ค์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ์˜ค๋Š˜์€ applet ํƒœ๊ทธ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค.

Ruby WEBrick์—์„œ ์„œ๋ฒ„ ์‚ฌ์ด๋“œ ์ฝ”๋“œ ์ฒ˜๋ฆฌํ•˜๊ธฐ

1 min read

WEBRick ๋˜ํ•œ ์›น ์„œ๋น„์Šค๋ฅผ ์œ„ํ•œ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ด๊ธฐ ๋•Œ๋ฌธ์— ๊ฐ„๋‹จํ•œ ๋ผ์šฐํŒ… ๊ธฐ๋Šฅ์„ ์ง€์›ํ•ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ์ด์šฉํ•˜๋ฉด Static ํŒŒ์ผ๋งŒ ์„œ๋น™ํ•˜๋Š”๊ฒŒ ์•„๋‹Œ ์‹ค์ œ ์›น ์š”์ฒญ ์‹œ ์›ํ•˜๋Š” ์ฝ”๋“œ๋ฅผ ๋™์ž‘์‹œํ‚ฌ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

WEBrick์„ ์ด์šฉํ•˜์—ฌ ๊ฐ„๋‹จํ•œ Ruby ์›น ์„œ๋ฒ„ ๋งŒ๋“ค๊ธฐ

~1 min read

์˜ˆ์ „์— Ruby on Rails๋ฅผ ๋‹ค๋ฃจ๋ฉด์„œ ์•Œ๊ฒŒ๋œ webrick ์›น์„œ๋ฒ„ ๋ชจ๋“ˆ์ž…๋‹ˆ๋‹ค. ์ด ๋ชจ๋“ˆ์€ ์‰ฌ์šด ๋ฐฉ๋ฒ•์œผ๋กœ ์›น ์„œ๋ฒ„๋ฅผ ๊ตฌ์„ฑํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•˜๋Š” ์ข‹์€ ๋ชจ๋“ˆ์ด์ง€์š”.

JS,CSS๋ฅผ ์ด์šฉํ•ด ํŒ์—… ๋ ˆ์ด์–ด ๋งŒ๋“ค๊ธฐ

1 min read

๋ธ”๋กœ๊ทธ ๋””์ž์ธ ์ˆ˜์ • ์ค‘ ๊ฒ€์ƒ‰ ๋ถ€๋ถ„์— ์žฌ๋ฏธ์žˆ๋Š” ์ƒ๊ฐ์ด ๋‚˜์„œ ์•ฝ๊ฐ„ ์ž‘์—…์„ ํ•˜์˜€์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด์— ์“ฐ๋˜ ๊ฒ€์ƒ‰์ฐฝ์€ ๋ธ”๋กœ๊ทธ์—์„œ ๋ฐ”๋กœ ๋ณด์ด๊ณ  ์ž…๋ ฅ ํ›„ ๊ฒ€์ƒ‰ํ•˜๋Š” ๋ฐฉ๋ฒ•์œผ๋กœ ๊ตฌ์„ฑํ•˜์˜€๋Š”๋ฐ, ํด๋ฆญํ•˜์—ฌ ๋”ฐ๋กœ ํŒ์—…์„ ๋„์šด ํ›„ ๊ฑฐ๊ธฐ์„œ ๊ฒ€์ƒ‰ํ•˜๋Š” ๋ฐฉ๋ฒ•์ด ๋” ์ข‹์„ ๊ฒƒ ๊ฐ™๋‹ค๋Š” ์ƒ๊ฐ์— ์ˆ˜์ •ํ•˜์˜€์Šต๋‹ˆ๋‹ค.

CSS๋ฅผ ํ†ตํ•ด Body ํƒœ๊ทธ ์—ฌ๋ฐฑ ์—†์• ๊ธฐ

~1 min read

๋ธ”๋กœ๊ทธ ํŽ˜์ด์ง€ ๊ฐœํŽธ ์ค‘ ๊ณ„์† ์—ฌ๋ฐฑ์ด ์ƒ๊ฒจ์„œ ํ•˜๋‚˜ํ•˜๋‚˜ css ๋ฅผ ๋’ค์ ธ๊ฐ€๋ฉฐ, ์ž˜๋ชป ์ ์šฉํ•œ ๊ฒƒ์ด ์žˆ๋Š”์ง€ ์ฐพ์•„๋ณด์•˜์ง€๋งŒ ๋‹ต์€ ๊ฐ€๊นŒ์šด ๊ณณ์— ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. HTML์—์„œ ์—ฌ๋ฐฑ์ด ๋ฐœ์ƒํ•  ๋•Œ CSS๋‚˜ HTML ์†์„ฑ์œผ๋กœ ๊ฐ„๋‹จํ•˜๊ฒŒ ํ•ด๊ฒฐ์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ์•„๋ž˜๋Š” ์ด๋ฒˆ์— ์ฝ”๋“œ์— ์ ์šฉํ•œ ๋ถ€๋ถ„์ธ๋ฐ์š”, leftmargin, rightmargin ์„ ํ†ตํ•ด ์ขŒ์šฐ ์—ฌ๋ฐฑ์„ ์ค„์—ฌ์คฌ์—ˆ์Šต๋‹ˆ๋‹ค.

[CODING] HTML/CSS ๊ธ€์ž ํ…Œ๋‘๋ฆฌ ์ ์šฉํ•˜๊ธฐ(Apply text border) / text-shadow

~1 min read

์›น์—์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ธ€์ž์— ํ…Œ๋‘๋ฆฌ๋ฅผ ๋„ฃ๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. CSS์—์„œ text-shadow ๋ฅผ ํ†ตํ•ด ๊ทธ๋ฆผ์ž๋ฅผ ๋„ฃ๊ณ , ๊ทธ๋ฆผ์ž ์ƒ‰์ƒ์„ ์ง€์ •ํ•˜์—ฌ ํ…Œ๋‘๋ฆฌ์ฒ˜๋Ÿผ ๋ณด์ด๋„๋ก ๊พธ๋ฐ€ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Javascript ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ๋ฅผ ์ด์šฉํ•˜์—ฌ Input ํƒœ๊ทธ ์—”ํ„ฐ ์ฒ˜๋ฆฌ Char Codes)

1 min read

์›น ๊ฐœ๋ฐœ์„ ํ•˜๋‹ค ๋ณด๋ฉด ํ…์ŠคํŠธ ๋ฐ•์Šค์—์„œ submit, button ์„ ๋ˆ„๋ฅด์ง€ ์•Š๊ณ  ์—”ํ„ฐ๋งŒ์œผ๋กœ ๋ฐ์ดํ„ฐ๋ฅผ ์ „์†กํ•˜๊ฑฐ๋‚˜ ํŽ˜์ด์ง€๋ฅผ ์ด๋™ํ•˜๋Š” ๋“ฑ ์•ก์…˜์ด ๋“ค์–ด๊ฐ€์•ผํ•  ๋ถ€๋ถ„๋“ค์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ์ด๋ฒคํŠธ ํ•ธ๋“ค๋Ÿฌ๋ž‘ javascript ๋ฅผ ์ด์šฉํ•ด์„œ ํ…์ŠคํŠธ ์ž…๋ ฅ์ฐฝ์—์„œ ์—”ํ„ฐ๋ฅผ ๋ˆ„๋ฅผ ์‹œ ์ฒ˜๋ฆฌ๋ฅผ ํ•˜๋„๋ก ์ฝ”๋“œ๋ฅผ ๋งŒ๋“ค์–ด๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Javascript ์ฝ”๋“œ ๋‚œ๋…ํ™”(Code Obfuscation)์™€ JS Packing

1 min read

์ฝ”๋“œ ๋‚œ๋…ํ™”๋ž€ ์ฝ”๋“œ๋ฅผ ์‰ฝ๊ฒŒ ์•Œ์•„๋ณผ ์ˆ˜ ์—†๋„๋ก ๋งŒ๋“œ๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ์‰ฝ๊ฒŒ ์ƒ๊ฐํ•˜๋ฉด int a = 123 ์ด๋ž€ ์ฝ”๋“œ๋ฅผ int a = ((123+34+350-34-350)*0)+123 ๊ฐ™์ด ์ข€ ๋” ์•Œ์•„๋ณด๊ธฐ ์–ด๋ ต๊ฒŒ ๋งŒ๋“œ๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์œ„์˜ ๋Œ€์ถฉ ์“ด ์ฝ”๋“œ๋Š” ์‰ฝ๊ฒŒ ๋ณผ ์ˆ˜ ์žˆ์ง€๋งŒ escape, unescape ํ•จ์ˆ˜ ๋“ฑ์„ ์ด์šฉํ•ด์„œ ์ฝ”๋“œ๊ฐ€ ๋ˆˆ์— ์ž˜ ๋“ค์–ด์˜ค์ง€ ์•Š๋„๋ก ๋งŒ๋“ค ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

rvm, rbenv๋ฅผ ํ†ตํ•œ Ruby ๋ฒ„์ „ ๊ด€๋ฆฌ

~1 min read

์˜ค๋žœ๋งŒ์— ๋…ธํŠธ๋ถ์—์„œ Metasploit ์—…๋ฐ์ดํŠธ๋ฅผ ํ•˜์˜€๋”๋‹ˆ ํŒจํ‚ค์ง€ ํ•˜๋‚˜๊ฐ€ ์˜์กด์„ฑ ๋ฌธ์ œ๊ฐ€ ๊ฑธ๋ ธ์Šต๋‹ˆ๋‹ค. gem ์œผ๋กœ ์„ค์น˜ํ•˜๋ ค ํ–ˆ์œผ๋‚˜, ๋ฐœ์ƒํ•˜๋Š” ๊ฑด ruby 2.1 ์ด์ƒ์—์„œ ์„ค์น˜ ๊ฐ€๋Šฅํ•˜๋‹ค๋Š” ๋ฉ”์‹œ์ง€์˜€์Šต๋‹ˆ๋‹ค.

iOS์—์„œ์˜ Python 2.7 ๋ฒ„์ „ ์„ค์น˜

~1 min read

ํƒˆ์˜ฅ iOS ๊ธฐ๊ธฐ์—์„œ apt ํŒจํ‚ค์ง€๋กœ ํŒŒ์ด์ฌ์„ ๋”ฐ๋กœ ์„ค์น˜ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๋‹ค๋งŒ ๋ฒ„์ „์ด 2.5 ๋ฒ„์ „์ธ ์ƒํƒœ์ธ๋ฐ, ๋งŽ์€ ๋ชจ๋“ˆ์ด๋‚˜ ํ”„๋กœ๊ทธ๋žจ๋“ค์ด 2.7 ์ด์ƒ์˜ ๋””ํŽœ๋˜์‹œ๋ฅผ ๊ฐ€์ง€๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์–ด ์ƒํ™ฉ์— ๋”ฐ๋ผ 2.7 ๋ฒ„์ „์„ ์ง์ ‘ ์„ค์น˜ํ•ด์•ผํ•  ํ•„์š”๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค.

Back to Top ↑

system

Docker์™€ Dumb-Init

2 min read

์˜ค๋Š˜์€ ๋„์ปค์—์„œ ์•ˆ์ •์ ์ธ ๊ตฌ๋™์„ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๋Š” dumb-init๊ณผ pid1 ๊ทธ๋ฆฌ๊ณ  init ์‹œ์Šคํ…œ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Kubernetes ingress์—์„œ์˜ 413 ์—๋Ÿฌ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•

~1 min read

Kubernetes์—์„œ nginx-ingress๋ฅผ ์‚ฌ์šฉํ•œ๋‹ค๋ฉด ํŒŒ์ผ ์—…๋กœ๋“œ ๋“ฑ ํฐ ๋ฐ์ดํ„ฐ๋ฅผ ์ „์†กํ•  ๋•Œ 413 Request Entity Too Large ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” nginx-ingress์—์„œ ๊ธฐ๋ณธ์ ์œผ๋กœ ๊ฐ€์ง€๊ณ  ์žˆ๋Š” ์ตœ๋Œ€ body size๊ฐ€ ํฌ์ง€ ์•Š๊ฒŒ ์ถ”๊ฐ€๋˜์–ด ์žˆ์–ด์„œ ๋ฐœ์ƒํ•˜๋Š” ๋ฌธ์ œ๋กœ ์•„๋ž˜์™€ ๊ฐ™์ด ingress์˜ annotation์„ ์„ค์ •ํ•˜์—ฌ ํ•ด๊ฒฐํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

k8s livenessProbe๋ฅผ ์ด์šฉํ•œ self-healing

1 min read

Kubernetes์˜ self-healing

k8s๋Š” ์ž์ฒด์ ์œผ๋กœ self-healing์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ์‹œ์Šคํ…œ์ด ์˜ํ–ฅ๋ฐ›์„ ๋•Œ ๋งˆ๋‹ค pod, container ๋‹จ์œ„๋กœ ์ƒํƒœ๋ฅผ ๊ฐ์ง€ํ•˜๊ณ , ๋น„์ •์ƒ์ ์ธ ๊ฒฝ์šฐ ์ž์ฒด์ ์œผ๋กœ ๊ต์ฒดํ•˜์—ฌ ์ตœ๋Œ€ํ•œ ์•ˆ์ •์ ์ธ ์„œ๋น„์Šค๋ฅผ ์œ ์ง€ํ•  ์ˆ˜ ์žˆ๋„๋ก ๋„์™€์ค๋‹ˆ๋‹ค.

dpkg-deb error paste subprocess was killed by signal ์—๋Ÿฌ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

์–ด์ œ ๋ฐค์— ์ง‘ ์šฐ๋ถ„ํˆฌ ์„œ๋ฒ„์— rust ๊ธฐ๋ฐ˜ cli ๋„๊ตฌ์ธ hexyl์™€ bat์„ ์„ค์น˜ํ•˜๋˜ ์ค‘ dpkg ์—๋Ÿฌ๋ฅผ ๋ฐœ์ƒํ•˜์˜€์Šต๋‹ˆ๋‹ค. ์ฒ˜์Œ ๋ณด๋Š” ํŒจํ„ด์ด๋ผ ์•ฝ๊ฐ„ ๋‹นํ™ฉํ–ˆ์ง€๋งŒ, ์—ญ์‹œ ์—๋Ÿฌ ๋ฉ”์‹œ์ง€ ์•ˆ์— ๋‹ต์ด ์žˆ์–ด์„œ ๊ฐ„๋‹จํ•˜๊ฒŒ ํ•ด๊ฒฐํ–ˆ๋˜ ๋ฐฉ๋ฒ• ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

PKA ๊ธฐ๋ฐ˜ ssh ํ™˜๊ฒฝ์—์„œ passphrase๋ฅผ ๋ฌป์ง€ ์•Š๋„๋ก ์„ค์ •ํ•˜๊ธฐ

~1 min read

Problem

๋ณดํ†ต ํŽธ์˜์„ฑ๊ณผ ๋ณด์•ˆ์„ฑ ๋ชจ๋‘๋ฅผ ์œ„ํ•ด ssh๋Š” PKA(Public Key Authentication) ๊ธฐ๋ฐ˜์œผ๋กœ ์šด์˜ํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค. ํŠนํžˆ๋‚˜ AWS, Azure, GCP ๋“ฑ์˜ ํผ๋ธ”๋ฆญ ํด๋ผ์šฐ๋“œ ์„œ๋น„์Šค๋“ค์€ ์™ธ๋ถ€์— 22 ์™€ ๊ฐ™์€ ssh ํฌํŠธ๋ฅผ ์˜คํ”ˆํ•ด์•ผํ•˜๋Š” ํ•„์š”์„ฑ์ด ์žˆ๊ธฐ ๋•Œ๋ฌธ์—(ACL์ด ์žˆ๋˜ ์—†๋˜) ๋‹น์—ฐํžˆ PKA๋ฅผ ๊ธฐ๋ณธ ์ธ์ฆ ์ฒด์ œ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. (ํŒจ์Šค์›Œ๋“œ๋Š” ๋˜๋„๋ก์ด๋ฉด ์‚ฌ์šฉํ•˜์ง€ ๋ง๋ผ๊ณ  ๊ฐ€์ด๋“œํ•˜๊ณ  ์žˆ์ฃ .)

๋ฉ€ํ‹ฐ ํด๋ผ์šฐ๋“œ, ๋ณด์•ˆ์  ๊ด€์ ์—์„œ ๋ฐ”๋ผ๋ณด๊ธฐ

2 min read

AWS๊ฐ€ ๊ฐœ์ตœํ•˜๋Š” Re:Invent๋ผ๋Š” ์ปจํผ๋Ÿฐ์Šค์—์„œ ๋ฉ€ํ‹ฐ ํด๋ผ์šฐ๋“œ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๊ฐ€ ์•ฝ๊ฐ„ ์–ธ๊ธ‰๋˜์—ˆ๋‚˜ ๋ด…๋‹ˆ๋‹ค. ๋Œ€์ถฉ ๋“ฃ๊ธฐ๋ก  ๋ฉ€ํ‹ฐ ํด๋ผ์šฐ๋“œ๋ฅผ ์œ„ํ•œ ๊ด€๋ฆฌํˆด์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ธ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์˜ค๋Š˜์€ ๋ฉ€ํ‹ฐํด๋ผ์šฐ๋“œ๊ฐ€ ๋ญ”์ง€, ๊ทธ๋ฆฌ๊ณ  ๋ณด์•ˆ์ชฝ ๊ด€์ ์—์„  ์–ด๋–ค ๋ฐฉ๋ฒ•์œผ๋กœ ๋ฐ”๋ผ๋ด์•ผํ• ์ง€ ๊ธ€๋กœ ํ’€์–ด๋ด…๋‹ˆ๋‹ค. (์‚ฌ์‹ค ์ €๋„ ์ž˜ ๋ชฐ๋ผ์š”. ๊ทธ๋ƒฅ ์ƒ๊ฐ๋‚˜๋Š” ๋Œ€๋กœ ์ ๋Š”๊ฑฐ๊ณ , ์˜๊ฒฌ์€ ๋Œ“๊ธ€๋กœ ์ฃผ์„ธ์š” ๐Ÿ˜…)

Docker scratch image from a Security perspective

2 min read

์ตœ๊ทผ ๋„์ปค ๊ด€๋ จํ•ด์„œ ํ…Œ์ŠคํŠธํ•˜๋˜ ์ค‘ Scratch ๋ผ๋Š” ์ด๋ฏธ์ง€๋ฅผ ๋ณด๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋ก  ์ฒ˜์Œ๋ณด๋Š” ์ด๋ฏธ์ง€์ธ๋ฐ, ํŠน์ดํ•˜๊ฒŒ๋„ ๋ณดํŽธ์ ์ธ OS์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋ช…๋ น์–ด๋ถ€ํ„ฐ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ์ค‘์š”ํ•œ ๋ฐ”์ด๋„ˆ๋ฆฌ๋‚˜ ์„ค์ •๊นŒ์ง€ ์—†๋Š” ๋…ํŠนํ•œ ์ด๋ฏธ์ง€์˜€์ฃ . ์ฐพ๋‹ค๋ณด๋‹ˆ ์ƒ๊ฐ๋ณด๋‹ค ์žฌ๋ฏธ์žˆ๋Š” ์ด๋ฏธ์ง€์—ฌ์„œ ๊ด€๋ จ ๋‚ด์šฉ๊ณผ ์ €์˜ ์ƒ๊ฐ์„ ์•ฝ๊ฐ„ ๋”ํ•ด์„œ ๊ธ€์„ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Docker multi-stage build๋ฅผ ํ†ตํ•ด ์ด๋ฏธ์ง€ ๊ฒฝ๋Ÿ‰ํ™”ํ•˜๊ธฐ

1 min read

Why?

๋ณดํ†ต ๋ฒ ์ด์Šค๊ฐ€ ๋˜๋Š” ๋„์ปค ์ด๋ฏธ์ง€๋Š” ์ƒ๊ฐ๋ณด๋‹ค ํฐ ์šฉ๋Ÿ‰์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฑฐ๊ธฐ์— ์˜์กด์„ฑ์œผ๋กœ ์ถ”๊ฐ€์ ์ธ ๋„๊ตฌ๋ฅผ ์„ค์น˜ํ•˜๊ณ , ๋นŒ๋“œํ•˜๊ฒŒ ๋˜๋ฉด ์ƒ๊ฐ๋ณด๋‹ค ์—„์ฒญ ํฐ ์šฉ๋Ÿ‰์œผ๋กœ ํƒ„์ƒํ•ฉ๋‹ˆ๋‹ค. ์ด๋Ÿฐ ๊ฒฝ์šฐ์— alpine์ด๋‚˜ minimum ์ด๋ฏธ์ง€์™€ ๊ฐ™์ด ๊ฒฝ๋Ÿ‰ํ™”๋œ ์ด๋ฏธ์ง€๋ฅผ ์‚ฌ์šฉํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ๋งŽ์ด ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค.

Use proxy in macos and pulse (with psproxy, for ZAP/Burp)

~1 min read

Problem

Have a light but troublesome problem. Pulse secure is enabled on the mac and proxy does not operate normally while connected. To solve this, I googled. and I find convenient tool and i share it

Asciinema ์˜์ƒ์„ GIF๋กœ ๋ณ€ํ™˜ํ•˜๊ธฐ(How to convert asciinema to gif)

~1 min read

Install

asciicast2gif๋ฅผ ์„ค์น˜ํ•ด์ค์‹œ๋‹ค. npm ํŒจํ‚ค์ง€์ž…๋‹ˆ๋‹ค. ์ถ”๊ฐ€๋กœ asciicast2gif ๊ฐ€ ImageMagick๊ณผ gifsicle์„ ์‚ฌ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์„ค์น˜๊ฐ€ ์•ˆ๋˜์–ด ์žˆ๋‹ค๋ฉด ์•„๋ž˜ ๋ถ€๋ถ„๋„ ๊ฐ™์ด ์„ค์น˜๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.

How to solv โ€œargument list too long: grepโ€ error using grep

1 min read

There was an unusual phenomenon in which grep did not work in a particular directory. The directory was a result of testing multiple url with a meg, and I thought it was a phenomenon that was caused by a large number of subfiles and directories, but the funny thing is that the grep works normally in the parent directory of that directory. ํŠน์ • ๋””๋ ‰ํ† ๋ฆฌ์—์„œ grep์ด ๋™์ž‘ํ•˜์ง€ ์•Š๋Š” ํŠน์ดํ•œ ํ˜„์ƒ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ๋””๋ ‰ํ† ๋ฆฌ๋Š” meg๋กœ ๋‹ค์ˆ˜์˜ url์„ ํ…Œ์ŠคํŒ…ํ•œ ๊ฒฐ๊ณผ์˜€๊ณ , ํ•˜์œ„ ํŒŒ์ผ๊ณผ ๋””๋ ‰ํ† ๋ฆฌ๊ฐ€ ๋งŽ์•„์„œ ๋ฐœ์ƒํ•˜๋Š” ํ˜„์ƒ์œผ๋กœ ์ƒ๊ฐํ–ˆ์—ˆ๋Š”๋ฐ, ์›ƒ๊ธด๊ฒŒ ํ•ด๋‹น ๋””๋ ‰ํ† ๋ฆฌ์˜ ์ƒ์œ„ ๋””๋ ‰ํ† ๋ฆฌ์—์„œ grep์€ ์ •์ƒ ๋™์ž‘ํ•ฉ๋‹ˆ๋‹ค.

MacOS ์™ธ๋ถ€๋ชจ๋‹ˆํ„ฐ ์—ฐ๊ฒฐ ์‹œ ์ƒ‰์ƒ ๋ฌธ์ œ(๋ณด๋ผ์ƒ‰ํ™”๋ฉด?) ํ•ด๊ฒฐ๋ฐฉ๋ฒ• / Display Profile RGB ๋ชจ๋“œ ๊ฐ•์ œ ์„ค์ •

2 min read

์ตœ๊ทผ์— ๋ชจ๋‹ˆํ„ฐ๋ฅผ ๋ฐ”๊ฟจ์Šต๋‹ˆ๋‹ค ๐Ÿ˜ ๋‹ค๋งŒ ์‚ฌ์šฉํ•˜๋˜ ์ค‘ ํŠน์ • ๋งฅ๋ถ์—์„œ ์—ฐ๊ฒฐ ์‹œ ํ™”๋ฉด์ด ๋ฌด์กฐ๊ฑด ๋ณด๋ผ์ƒ‰์œผ๋กœ ๋ณด์ด๋Š” ํ˜„์ƒ์ด ์žˆ์—ˆ๊ณ , ๊ตฌ๊ธ€๋งํ•ด์„œ ์–ป์€ ์ •๋ณด ํ† ๋Œ€๋กœ ๊ณ ์ณค๋˜ ๋‚ด์šฉ ๊ฐ„๋žตํ•˜๊ฒŒ ์ •๋ฆฌํ•ฉ๋‹ˆ๋‹ค. (๋‚˜์ค‘์— ๋˜ ์ด๋Ÿด์ˆ˜๋„ ์žˆ์œผ๋‹ˆ)

๋งฅOS์˜ ๊ธฐ๋ณธ VNC Client ์‚ฌ์šฉํ•˜๊ธฐ

~1 min read

์ง‘์— ์žˆ๋Š” ํ…Œ์ŠคํŠธ์šฉ ์„œ๋ฒ„์— VNC ์‚ฌ์šฉํ•ด์•ผํ•  ์ผ์ด ์žˆ์–ด ์„ค์น˜&์„ธํŒ…ํ•˜๊ณ  ๋งฅ์œผ๋กœ ๋ถ™์œผ๋ ค๊ณ  ์ฐพ์•„๋ณด๋‹ค ๋ณด๋‹ˆ MacOS์—๋Š” ๊ธฐ๋ณธ์ ์œผ๋กœ VNC Client๊ฐ€ ๊น”๋ ค์žˆ๋‹ค๊ณ  ํ•˜๋„ค์š”. ๋ณ„๋„ ์•ฑ์œผ๋กœ ์žˆ๋Š”๊ฑด ์•„๋‹ˆ๊ณ  vnc:// ํ”„๋กœํ† ์ฝœ์„ ํ†ตํ•ด ๋ฐ”๋กœ ์ ‘๊ทผํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๋งŒ์•ฝ VNC Sever์˜ IP๊ฐ€ 192.168.0.11 Port๊ฐ€ 5901 ์ด๋ผ๊ณ  ๊ฐ€์ •ํ–ˆ์„ ๋•Œ ์•„๋ž˜์™€ ๊ฐ™์Šต๋‹ˆ๋‹ค.

nq๋ฅผ ์ด์šฉํ•œ command line queueing

1 min read

์ตœ๊ทผ Pipeline์œผ๋กœ ์—ฌ๋Ÿฌ๊ฐ€์ง€๋ฅผ ์Šค์บ๋‹ํ•ด์ค„ ๋„๊ตฌ๋ฅผ ๋งŒ๋“ค๊ณ  ์žˆ๋Š”๋ฐ, ํ•ด๋‹น ๊ตฌ๊ฐ„์—์„œ ์‚ฌ์šฉํ•  ํ์— ๋Œ€ํ•ด ๊ณ ๋ฏผํ•˜๋˜์ค‘ ์‹ฌํ”Œํ•œ ํˆด์ด ์žˆ์–ด์„œ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ท.. (์‚ฌ์‹ค ์žฅ์ธ์ •์‹ ์œผ๋กœ ํ•œ๋•€ํ•œ๋•€ ์„œ๋น„์Šค๋ฅผ ๋ถ„์„ํ•˜๋Š”๊ฑธ ์ฆ๊ธฐ์ง€๋งŒ, ์Šฌ์Šฌ ๊ฐœ์ธ์ ์ธ ์˜์—ญ์—๋„ ์ž๋™ํ™”์˜ ํ•„์š”์„ฑ์„ ์ ์  ๋Š๋ผ๊ณ  ์žˆ๋„ค์š”..)

MacOS์—์„œ ํ„ฐ๋ฏธ๋„์•ฑ์ด ์ฐจ๋‹จ๋œ ๊ฒฝ์šฐ (Gatekeeper disable ํ•˜๊ธฐ)

1 min read

๊ฐ„๋งŒ์— Arachni ์†Œ์Šค๋ฅผ ์ข€ ๊ณ ์ณ๋ณผ๊นŒ ํ•˜๊ณ  ๋ณด๋˜ ์ค‘ ๋‚œ๊ฐํ•œ ์ƒํ™ฉ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์–ธ์  ๊ฐ€๋ถ€ํ„ฐ MacOS์—์„œ ์•ฑ์Šคํ† ์–ด ์ถœ์ฒ˜๊ฐ€ ์•„๋‹Œ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜ ๊ฒฝ์šฐ ๊ธฐ๋ณธ์ ์œผ๋กœ ์‹คํ–‰์„ ์ฐจ๋‹จํ•˜๊ณ  ๋ณ„๋„์˜ ๊ณผ์ •์„ ํ†ตํ•ด ์‹คํ–‰ํ•  ์ˆ˜ ์žˆ๊ฒŒ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

Mac ์—…๊ทธ๋ ˆ์ด๋“œ ํ›„ xcrun: error: invalid active developer path ์—๋Ÿฌ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

MacOS ์—…๊ทธ๋ ˆ์ด๋“œ ์‹œ ์–ด๊น€์—†์ด ๋ฐœ์ƒํ•˜๋Š” ๋ฌธ์ œ๊ฐ€ ํ•˜๋‚˜ ์žˆ์Šต๋‹ˆ๋‹ค ๐Ÿ˜ซ ๋ฐ”๋กœ ๊ฐœ๋ฐœ ๊ด€๋ จ ๋„๊ตฌ ์‚ฌ์šฉ ์‹œ ๋Œ€๋‹ค์ˆ˜๊ฐ€ ๋ฐœ์ƒํ•˜๋Š” missing xcrun ์—๋Ÿฌ์ธ๋ฐ์š”.

Golang ์œผ๋กœ ๋งŒ๋“  ์›น ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ

1 min read

์š”์ฆ˜ ๊ณต๋ถ€๋„ํ• ๊ฒธ golang ์œผ๋กœ ๋„์ ๋„์  ๋งŒ๋“ค์–ด๋ณด๊ณ  ์žˆ๋Š”๊ฒŒ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ์ผ๋ถ€๋Š” ์›น ํ™˜๊ฒฝ์œผ๋กœ ๊ตฌ์„ฑํ•˜๊ณ  heroku์— ๋„์šธ ์ƒ๊ฐ์ธ๋ฐ, ๋ฃจ๋น„์ฒ˜๋Ÿผ ์‚ฌ์ „์— ์„ธํŒ…์ด ํ•„์š”ํ•œ ๋ถ€๋ถ„๋“ค์ด ์žˆ์–ด์„œ ๋‚ด์šฉ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

MacOS์—์„œ ๋งž์ถค๋ฒ• ์ž๋™ ๊ต์ •, ๋”๋ธ”์ฟผํ…Œ์ด์…˜(๋”ฐ์˜ดํ‘œ) ๋ณ€๊ฒฝ๋˜์ง€ ์•Š๋„๋ก ํ•ด์ œํ•˜๊ธฐ

~1 min read

MacOS์—์„  ๊ธฐ๋ณธ์ ์œผ๋กœ ํ‚ค๋ณด๋“œ ๊ด€๋ จ ์—ฌ๋Ÿฌ ๊ธฐ๋Šฅ๋“ค์ด ํ™œ์„ฑํ™” ๋˜์–ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ผ๋ฐ˜ ์‚ฌ์šฉ์ž ์ž…์žฅ์—์„  ๋ถˆํŽธํ•œ๊ฒŒ ์—†์ง€๋งŒ, ๊ฐœ๋ฐœ์ž๋‚˜ ๋ณด์•ˆ ๋“ฑ๋“ฑ ์ผ๋ฐ˜์ ์ด์ง€ ์•Š์€ ์˜๋ฌธ์žฅ์„ ์ž์ฃผ ์‚ฌ์šฉํ•˜๊ณ , ๋งž์ถค๋ฒ•๋“ค์ด ํ•„์š” ์—†๋Š” ์‚ฌ๋žŒ์—๊ฒ ์•„์ฃผ ๊ฑฐ์Šฌ๋ฆฌ๊ณ  ๋ถˆํŽธํ•œ ๊ธฐ๋Šฅ๋“ค์ด์ฃ .

[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ

~1 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

[ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ

2 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

[ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ

1 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

MacOS์—์„œ Proxy ์„ค์ •ํ•˜๊ธฐ(for ZAP, BurpSuite)

~1 min read

MacOS์—์„œ ํ”„๋ก์‹œ ์„ค์ •ํ•˜๋Š” ๋ฐฉ๋ฒ• ๋ฉ”๋ชจํ•ด๋‘˜๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ๋ญ ๋ณ„๋‹ค๋ฅธ๊ฑด ์•„๋‹ˆ๊ณ .. ๋‹ค๋ฅธ OS์—์„œ ์ง์ ‘ ์„ค์ •ํ•˜๋Š” ๊ฒƒ๊ณผ ๋™์ผํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ MacOS์˜ ๊ฒฝ์šฐ ์ข€ ๋” On/Off๊ฐ€ ์‰ฌ์šด ํŽธ์ด๋ผ ๋ณ„๋„์˜ ํ”„๋กœ๊ทธ๋žจ์ด ํ•„์š”ํ•˜๋‹จ ๋Š๋‚Œ์„ ๋ฐ›์ง„ ์•Š์•˜๋„ค์š”.

Seagate Personal Cloud์—์„œ ssh ์ ‘์†ํ•˜๊ธฐ(Connect SSH on Seagate Personal Cloud)

1 min read

๋ผ์ฆˆ๋ฒ ๋ฆฌํŒŒ์ด๋กœ ํŒŒ์ผ์„œ๋ฒ„๋ฅผ ์“ฐ๋‹ค๊ฐ€ ์ตœ๊ทผ์— NASํ•˜๋‚˜๋ฅผ ๊ตฌ์ž…ํ–ˆ์Šต๋‹ˆ๋‹ค. ๋’ค์ ๋’ค์  ๋ณด๋‹ค๊ฐ€ ssh ์˜คํ”ˆํ•  ์ˆ˜ ์žˆ๋Š” ์ผ€์ด์Šค๋ฅผ ์ฐพ์•˜๋Š”๋ฐ ์ด๋ฏธ ๊ด€๋ จ ๊ธ€๋„ ์žˆ๋”๊ตฐ์š”โ€ฆ (๊ตฌ๊ธ€๋ง ํ•ด๋ณผ๊ป„..)

์šฐ๋ถ„ํˆฌ 18.04์—์„œ OBS Studio ์„ค์น˜ ๋ฐ ์ŠคํŠธ๋ฆฌ๋ฐ ํ™˜๊ฒฝ ๊ตฌ์„ฑ(+Android ํ™”๋ฉด ์ถœ๋ ฅํ•˜๊ธฐ)

1 min read

์ด์ „๋ถ€ํ„ฐ ์˜์ƒ ๊ด€๋ จํ•ด์„œ ์—ฐ์Šต์‚ผ์•„ ์“ฐ๋˜ ํ”„๋กœ๊ทธ๋žจ ์ค‘ OBS Studio๋ผ๋Š” ๋„๊ตฌ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐฉ์†ก์„ ์œ„ํ•œ ํ”„๋กœ๊ทธ๋žจ์ด๋ฉฐ, ๊ฐœ์ธ์ ์œผ๋กœ๋Š” ํ™”๋ฉด ๋…นํ™” ๋–„๋ฌธ์— ์‚ฌ์šฉํ–ˆ์—ˆ์ฃ .

AWS ์„œ์šธ ๋ฆฌ์ „ ๋‚ด ์„œ๋น„์Šค ๋„๋ฉ”์ธ, ์ „์ฒด ๋ฆฌ์ „ ์ •๋ณด(Domain of AWS Region)

~1 min read

AWS๋Š” ์ „์„ธ๊ณ„์ ์œผ๋กœ ์ •๋ง ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” ํด๋ผ์šฐ๋“œ ํ”Œ๋žซํผ์ž…๋‹ˆ๋‹ค. ํ…Œ์ŠคํŠธํ•  ๋–„ aws ์„œ๋ฒ„๋ฅผ ๋งŒ๋‚  ์ƒํ™ฉ์ด ์žˆ๋Š”๋ฐ, ์ด๋•Œ ์ฐธ๊ณ ํ•˜๊ณ ์ž ์„œ์šธ ๋ฆฌ์ „ ์ •๋ณด ๊ธฐ๋กํ•ด๋‘ก๋‹ˆ๋‹ค.

apt-get ์ง€์ •ํ•œ ํŒจํ‚ค์ง€๋งŒ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•˜๊ธฐ(Upgrade only specified packages)

~1 min read

๋ฉ”๋ชจ ์ฐจ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค. apt ํŒจํ‚ค์ง€ ๊ด€๋ฆฌ์ž์—์„œ ๊ฐ„ํ˜น ๋‹จ์ผ ํŒจํ‚ค์ง€๋งŒ ์—…๊ทธ๋ ˆ์ด๋“œ๊ฐ€ ํ•„์š”ํ•  ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต ์„ค์น˜ ๋ช…๋ น์œผ๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•˜๋ž€ ์ด์•ผ๊ธฐ๊ฐ€ ์žˆ๊ธดํ•œใ„ท..

Ubuntu 18.04 Shutter Edit ์‚ฌ์šฉ ๋ถˆ๊ฐ€ ์ด์Šˆ(Fixed disable edit)

1 min read

Shutter๋Š” ์ œ๊ฐ€ ์ •๋ง ์• ์šฉํ•˜๋Š” ์บก์ณ&์ด๋ฏธ์ง€ ํŽธ์ง‘ ํˆด์ž…๋‹ˆ๋‹ค. ๊ฐ€๋” ์•„๋ž˜ ์ด๋ฏธ์ง€ ๊ฐ™์€ ๋ฌธ์ œ๊ฐ€ ์ƒ๊ธธ๋•Œ๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ, ๊ฐ„๋‹จํ•œ ๋ฐฉ๋ฒ•์œผ๋กœ ํ•ด๊ฒฐํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Windcard(*) Attack on linux (์™€์ผ๋“œ ์นด๋“œ๋ฅผ ์ด์šฉํ•œ ๊ณต๊ฒฉ)

2 min read

์กฐ๊ธˆ ์ฒ  ์ง€๋‚œ ๊ธฐ๋ฒ•์ด์ง€๋งŒ ๊ด€์‹ฌ์ด ์ ์–ด ๋ชจ๋ฅด๊ณ  ์žˆ๋˜๊ฑฐ๋ผ.. ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค. wildcard๋Š” ๊ต‰์žฅํžˆ ๋งŽ์€ ์˜์—ญ์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋ฌธ์ž์ด๊ณ  ์ปดํ“จํŒ…, ํ”„๋กœ๊ทธ๋ž˜๋ฐ์—์„  ๋”๋”์šฑ ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” ๋ฌธ์ž๋“ค์ž…๋‹ˆ๋‹ค.

unix timestamp 2038 ๋ฒ„๊ทธ(Year 2038 problem)

~1 min read

์ตœ๊ทผ์— timestamp ๊ณ„์‚ฐํ• ๊ฑฐ ์žˆ์–ด์„œ ๊ตฌ๊ธ€๋งํ•ด์„œ ์›น ํŽ˜์ด์ง€ ์ฐพ์•„์„œ ์‚ฌ์šฉํ–ˆ์—ˆ๋Š”๋ฐ์š”, ํ•ด๋‹น ์›น ์‚ฌ์ดํŠธ์—์„œ ์ด๋Ÿฐ ๋‚ด์šฉ์ด ์žˆ์–ด ์กฐ๊ธˆ ์ฐพ์•„๋ณด์•˜๊ณ , ์žฌ๋ฏธ์žˆ๋Š” ๋‚ด์šฉ์ด๋ผ ๊ฐ€๋ณ๊ฒŒ ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค.

Ubuntu Linux์—์„œ Spectable(macOS App) ๊ฐ™์€ ์ฐฝ ์ œ์–ด ์‚ฌ์šฉํ•˜๊ธฐ(Spectable for linux?)

~1 min read

macOS์—์„œ ์“ธ๋งŒํ•˜๋‹ค๊ณ  ๋Š๊ผˆ๋˜ App ์ค‘ ํ•˜๋‚œ Spectable ์ž…๋‹ˆ๋‹ค. ๋‹จ์ถ•ํ‚ค๋กœ ํ™”๋ฉด ๋‚ด ์ฐฝ์˜ ์œ„์น˜๋ฅผ ์ „์ฒดํ™”๋ฉด์ด๋‚˜ ์ขŒ/์šฐ/์ƒ/ํ•˜ ๋กœ ๋ฐ˜๋“ฏํ•˜๊ฒŒ ๋ฐ˜์œผ๋กœ ๋‚˜๋ˆ„์–ด ์ •๋ฆฌ๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. (์ด์   ์ด๊ฒŒ ์—†์œผ๋ฉด ๋ชจ๋‹ˆํ„ฐ ์ •๋ฆฌ๊ฐ€ ์•ˆ๋ ๋“ฏ ์‹ถ์–ด์š”.)

p0wn-box - ๊ฐ€๋ณ๊ฒŒ ์‚ฌ์šฉํ•˜๊ธฐ ์ข‹์€ ๋ชจ์˜ํ•ดํ‚น/์นจํˆฌํ…Œ์ŠคํŠธ ํˆด ๋„์ปค ์ด๋ฏธ์ง€

2 min read

์ตœ๊ทผ์— Docker image ํ•œ๋ฒˆ ์ œ๋Œ€๋กœ ๋‚ ๋ ค๋จน์€์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ํ…Œ์ŠคํŠธ์šฉ ์นผ๋ฆฌโ€ฆ.ใ…œใ…œ (๋งฅ์€ ๋ฆฌ๋ˆ…์Šค์™€ ๋‹ค๋ฅด๊ฒŒ ์„ธํŒ…์„ ๋‹ค ์•ˆํ•ด๋†“์€์ง€๋ผโ€ฆ ๋„์ปค์— ์—„์ฒญ ์˜์กดํ•˜๊ณ  ์žˆ์—ˆ์ฃ )

tree๋ช…๋ น ์—†์ด ls๋กœ treeview๋กœ ๋ณด๊ธฐ(Treeview without tree command as ls)

~1 min read

๊ฐœ์ธ์ ์œผ๋กœ tree ๋ช…๋ น์„ ๊ต‰์žฅํžˆ ์ž์ฃผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ ๊ฐ„ํ˜น, tree๊ฐ€ ์—†๋Š” ํ™˜๊ฒฝ์—์„œ treeview๋กœ ๋ณด๊ณ  ์‹ถ์€ ๊ฒฝ์šฐ๊ฐ€ ์žˆ๋Š”๋ฐ, ls, grep, sed 3๊ฐœ๋ฅผ ์ด์šฉํ•˜๋ฉด tree์™€ ๋น„์Šทํ•œ ํ˜•ํƒœ์˜ ์ถœ๋ ฅ์„ ์–ป์–ด๋‚ผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๋ฆฌ๋ˆ…์Šค์—์„œ OWASP ZAP๊ณผ BurpSuite์˜ ์ƒ‰์ƒ ๋ฐ”๊พธ๊ธฐ

2 min read

์•„์ฃผ ์˜ˆ์ „๋ถ€ํ„ฐ Burp suite, ZAP์˜ ์ƒ‰์ƒ์„ ๋ฐ”๊ฟ€ ์ˆ˜ ์žˆ์œผ๋ฉด ์ข‹๊ฒ ๋‹ค๋Š” ์ƒ๊ฐ์„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ด€๋ จํ•ด์„œ ์–‘์ชฝ ๊ฐœ๋ฐœ์ž๋ถ„๊ผ ์—ฌ์ญค๋ดค์ง€๋งŒ ๋™์ผํ•˜๊ฒŒ ์ฝ”๋“œ ์ˆ˜์ •์„ ๋งค์šฐ ์–ด๋ ต๋‹ค๊ณ  ๋‹ต๋ณ€ ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. (๋‹น์—ฐํ•œ ์ด์•ผ๊ธฐโ€ฆ, ์—ญ์‹œ ์ž๋ฐ”๋ž€)

Mapscii - Ascii base Map on Linux terminal (๋ฆฌ๋ˆ…์Šค ํ„ฐ๋ฏธ๋„์—์„œ ์•„์Šคํ‚ค ์ง€๋„๋ฅผ ๋ณด์ž!)

~1 min read

์ข…์ข… ํ„ฐ๋ฏธ๋„ ๋ธŒ๋ผ์šฐ์ €๋ฅผ ํ†ตํ•ด ์›น์„œํ•‘ ํ•˜๊ณค ํ•ฉ๋‹ˆ๋‹ค. ์ด์ „์— ์ข…์ข… ์“ฐ๋‹ค๋ณด๋‹ˆ ๋‚˜๋ฆ„ ํŽธ๋ฆฌํ•œ ๊ฒฝ์šฐ๋„ ์žˆ์–ด ์ผ๋ฐ˜ ๋ธŒ๋ผ์šฐ์ €๋ž‘ ์„ž์–ด์„œ ์‚ฌ์šฉํ•˜๋Š”๋ฐ, ๋ฌธ๋œฉ ์ด๋Ÿฐ ์ƒ๊ฐ์ด ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

MacOS์—์„œ git ์‹คํ–‰ ์‹œ CommandLIneTools ์—๋Ÿฌ ๋ฐœ์ƒํ•œ ๊ฒฝ์šฐ ํ•ด๊ฒฐ๋ฐฉ๋ฒ•

~1 min read

์ตœ๊ทผ(?)์— MacOS ๋ฐฐํฌํŒ ์—…๊ทธ๋ ˆ์ด๋“œ(์‹œ์—๋ผ => ํ•˜์ด์‹œ์—๋ผ) ์ดํ›„ git ๋ช…๋ น์— ๋ฌธ์ œ๊ฐ€ ์ƒ๊ฒผ์—ˆ์Šต๋‹ˆ๋‹ค. (ํŒ์˜ฌ๋ฆผ์„ ์ข€ ๋Šฆ๊ฒŒํ•˜๊ธดํ–ˆ์ฃ ..)

๋„์ปค ์ปจํ…Œ์ด๋„ˆ(Docker Container)์— ๋Œ€ํ•œ ์‰˜ ๊ถŒํ•œ๊ณผ ์ ‘๊ทผ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ

~1 min read

์ž ๊น ์‹œ๊ฐ„๋‚ด์–ด ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. docker ์ปจํ…Œ์ด๋„ˆ ๋‚ด๋ถ€๋กœ ์ ‘๊ทผํ•  ๋–„ ๋ณดํ†ต exec ๋ช…๋ น์œผ๋กœ /bin/bash, /bin/sh๋ฅผ ํ˜ธ์ถœํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค. ํ…Œ์ŠคํŠธ ํ•˜๋‹ค๋ณด๋‹ˆ ๊ถŒํ•œ ๊ด€๋ จํ•ด์„œ ์ข€ ์‹ ๊ธฐํ•œ๊ฒŒ ์žˆ์—ˆ๋„ค์š”. (๋ฌผ๋ก  ์ง€๋‚˜์„œ ๋ณด๋ฉด ๋ณ„๊ฑฐ ์•„๋‹ˆ์˜€์Šต๋‹ˆ๋‹ค)

[DOCKER] ๋„์ปค ์ปจํ…Œ์ด๋„ˆ, ํ˜ธ์ŠคํŠธ๊ฐ„ ํŒŒ์ผ ์ „์†ก/๋ฐ›๊ธฐ(How to send/recive docker container)

~1 min read

๊ทธ๋ƒฅ ๋ฉ”๋ชจ ์ฐจ์›์œผ๋กœ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. docker container ์™€ ํ˜ธ์ŠคํŠธ ๊ฐ„ ํŒŒ์ผ ์ด๋™ ์‹œ cp, scp ์™€ ๋™์ผํ•˜๋‹ˆ ์‰ฝ๊ฒŒ ์ƒ๊ฐํ•˜๋ฉด ๋ฉ๋‹ˆ๋‹ค.

[EXPLOIT] macOS High Sierra root privilege escalation ์ทจ์•ฝ์ /๋ฒ„๊ทธ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ(code metasploit)

1 min read

์˜ค๋žœ๋งŒ์— ๊ธ€์„์”๋‹ˆ๋‹ค. ๊ธ€๊ฐ์€ ํ•ญ์ƒ ์ ์–ด๋‘์ง€๋งŒ, ๊ธ€ ์“ฐ๊ธฐ๊นŒ์ง€๊ฐ€ ์ฐธ ์–ด๋ ต๋„ค์š”. (๊ทธ๋ƒฅ ๋ฐ”์˜๋‹ค๋Š” ํ•‘๊ณ„์ž„)

[LINUX] Install docker on kali linux(์นผ๋ฆฌ ๋ฆฌ๋ˆ…์Šค์—์„œ ๋„์ปค ์„ค์น˜ํ•˜๊ธฐ)

~1 min read

Kali Linux ์—์„  ๊ธฐ๋ณธ ํŒจํ‚ค์ง€ ๋งค๋‹ˆ์ €์— ์žˆ๋Š” docker ์‚ฌ์šฉ์ด ๋ถˆ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋‹ค ๋ณด๋‹ˆ ์ง์ ‘ source.list๋ฅผ ์ถ”๊ฐ€ํ•˜๊ณ  dockerproject์—์„œ docker ์„ค์น˜๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.

[SYSTEM HACKING] lynis๋ฅผ ์ด์šฉํ•œ ์‹œ์Šคํ…œ ์ทจ์•ฝ์  ์Šค์บ”(System vulnerability Scanning with lynis)

1 min read

Install

์„ค์น˜๋Š” ๋‹ค๋ฅธ ํˆด๊ณผ ๋™์ผํ•˜๊ฒŒ ์•„์ฃผ ์‹ฌํ”Œํ•ฉ๋‹ˆ๋‹ค. CISOfy์˜ github๋ฅผ ์ด์šฉํ•ด๋„ ๋˜๊ณ  ํŒจํ‚ค์ง€ ๋งค๋‹ˆ์ €๋ฅผ ์ด์šฉํ•ด๋„ ๋ฉ๋‹ˆ๋‹ค.

[LINUX] Make a Persistent Live OS USB(๋น„ ํœ˜๋ฐœ์„ฑ Live OS ๋งŒ๋“ค๊ธฐ)

~1 min read

ํŒŒํ‹ฐ์…˜์˜ Label์ด persistence๋กœ ์ง€์ •ํ•˜๊ณ  persistence.conf ๋ฅผ ์ž‘์„ฑํ•ด์ฃผ๋ฉด persistence ํŒŒํ‹ฐ์…˜์— ๋ณ€๊ฒฝ์‚ฌํ•ญ์„ ๊ธฐ๋กํ•˜๋ฉฐ LiveOS์ง€๋งŒ ๋ฐ์ดํ„ฐ ์ €์žฅ์ด ๊ฐ€๋Šฅํ•ด์ง‘๋‹ˆ๋‹ค.

[HACKING] Kali Live OS๋ฅผ ์ด์šฉํ•œ Windows, Linux ๋ฌผ๋ฆฌ ์ ‘๊ทผ ํ•ดํ‚น

2 min read

Live USB ๋ฅผ ์ด์šฉํ•œ ๋ฌผ๋ฆฌ์ ์ธ ํ•ดํ‚น ์‹œ ์‚ฌ์šฉํ• ๋งŒํ•œ ๊ฐ„๋‹จํ•œ ํˆดํ‚ท ํ•˜๋‚˜ ๋งŒ๋“œ๋ ค๊ณ  ํ•˜๋Š”๊น€์— ๋ฉ”๋ชจ์ฐจ์›์œผ๋กœ ํฌ์ŠคํŒ… ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[LINUX] Plank Dock - ์‹ฌํ”Œํ•˜๊ณ  ๊น”๋”ํ•œ Dock Application

1 min read

๋ฆฌ๋ˆ…์Šค ์œ ์ €๋ผ๋ฉด Dock์„ ์‚ฌ์šฉํ•˜์‹œ๊ฑฐ๋‚˜ ํ•œ๋ฒˆ์ฏค์€ ๊ผญ ๋“ค์–ด๋ดค์„๊ฑฐ๋ผ ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค. Dock ์–ดํ”Œ์ด ์•„๋‹ˆ์—ฌ๋„ xfce ํŒจ๋„์ด๋ผ๋˜์ง€, ์œ ๋‹ˆํ‹ฐ์˜ ๊ธฐ๋ณธ dock gnome3์˜ dash dock ๋“ฑ ์ž์—ฐ์Šค๋Ÿฝ๊ฒŒ ์ ‘ํ•˜๊ฒŒ ๋˜์–ด์žˆ์ฃ .

[LINUX] How to install xfce on blackarch linux

~1 min read

๊ฐœ์ธ์ ์œผ๋กœ gnome๊ณผ xfce๋ฅผ ์ข‹์•„ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ์ค‘์—์„œ๋„ xfce๋ฅผ ์ตœ๊ณ ๋กœ ์ƒ๊ฐํ•˜๋Š”๋ฐ, ๊ทธ ์ด์œ ๋Š” ํด๋ž˜์‹์˜ ์ต์ˆ™ํ•œ ๋Š๋‚Œ๊ณผ ๋น ๋ฅธ ์†๋„ ๋•Œ๋ฌธ์ด์ฃ .

[LINUX] BlackArch Linux install tip!

1 min read

์ตœ๊ทผ์— OS ๋ฐฐํฌํŒ ๋ณ€๊ฒฝ์„ ์‹œ๋„ํ–ˆ๋‹ค๊ฐ€.. ๋‹ค์‹œ Debian์œผ๋กœ ๋Œ์•„์™”๋Š”๋ฐ์š” (์ด์ œ๋Š” 5์ผ์”ฉ ๋ฐค์„์ƒ ์ˆ˜ ์—†๋„ค์š”.. / ์ธ๊ฐ„์€ ์‹ค์ˆ˜๋ฅผ ๋ฐ˜๋ณตํ•˜์ฃ )

[HACKING] KALI Linux 2017.2 Release Review (๋ฌด์—‡์ด ๋‹ฌ๋ผ์กŒ์„๊นŒ์š”?)

1 min read

์ง€๋‚œ ์ฃผ ์ˆ˜์š”์ผ Pentesting OS์ธ Kali Linux์˜ 2017.2 ๋ฒ„์ „์ด Release ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ค‘๊ตญ์— ์žˆ์—ˆ๋˜์ง€๋ผ ์ด์ œ์•ผ ์†Œ์‹์„ ์ ‘ํ•˜๊ฒŒ ๋˜์—ˆ๋„ค์š”. ๊ฐ„๋‹จํ•˜๊ฒŒ ๋ฆฌ๋ทฐ ๋“ค์–ด๊ฐ‘๋‹ˆ๋‹ค.

[POWERSHELL] ํŒŒ์›Œ์‰˜์„ ์ด์šฉํ•œ ํŒŒ์ผ ์ •๋ณด ํ™•์ธํ•˜๊ธฐ(Write a get file information script)

5 min read

ํŒŒ์›Œ์‰˜์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ž ๊น ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ์œˆ๋„์šฐ ํ™˜๊ฒฝ์—์„œ ํŒŒ์›Œ์‰˜ ์‚ฌ์šฉ ์‹œ batch ํŒŒ์ผ์— ๋น„ํ•ด ์ƒ์„ธํ•˜๊ฒŒ ์‹œ์Šคํ…œ์— ๋Œ€ํ•ด ์ œ์–ดํ•  ์ˆ˜ ์žˆ๊ณ  Ruby, Python ๊ณผ ๊ฐ™์€ ์–ธ์–ด์™€ ๋‹ฌ๋ฆฌ ๊ธฐ๋ณธ์ ์œผ๋กœ ๋‚ด์žฅ๋˜์–ด ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๋ณ„๋„์˜ ์„ค์น˜ ์—†์ด ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ์žฅ์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค.

[DEBIAN] Thunder Bird์—์„œ Anigmail, GnuPG(gpg)๋ฅผ ํ†ตํ•œ ์ด๋ฉ”์ผ ์•”ํ˜ธํ™”

3 min read

์˜ค๋Š˜์€ ์•”ํ˜ธํ™”๋œ ๋ฉ”์ผ ํ†ต์‹ ์„ ์œ„ํ•ด GPG๋ฅผ ์ด์šฉํ•œ ํ‚ค์ƒ์„ฑ๊ณผ Thunder Bird์— ์—ฐ๋™ํ•˜๋Š” ๊ณผ์ •์„ ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ผ๋ฐ˜์ ์œผ๋กœ ์“ฐ๋Š” ๋ฉ”์ผ ์„œ๋น„์Šค๋“ค์ด ์•”ํ˜ธํ™”๋˜์–ด ์•ˆ์ „ํ•˜๊ฒŒ ์ „์†ก๋œ๋‹ค๊ณ ๋Š” ํ•˜์ง€๋งŒ ์šฐ๋ฆฌ๋Š” ์‹ ๋ขฐํ•  ์ˆ˜ ์—†๊ธฐ ๋•Œ๋ฌธ์— ์ข…๋‹จ ๊ฐ„ ์•”ํ˜ธํ™”๋กœ ๋” ํŠผํŠผํ•œ ์ด๋ฉ”์ผ์„ ์‚ฌ์šฉํ•˜์ฃ .

[EXPLOIT] Linux Kernel - Packet Socket Local root Privilege Escalation(CVE-2017-7308,out-of-bound) ๋ถ„์„

12 min read

์ •๋ง ์˜ค๋žœ๋งŒ์— ํฌ์ŠคํŒ…์„ ํ•˜๋„ค์š”. ์ตœ๊ทผ์— ๊ณต๊ฐœ๋œ Linux kenel ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ๋ถ„์„ ๋‚ด์šฉ์œผ๋กœ ์ค€๋น„ํ•˜์˜€์Šต๋‹ˆ๋‹ค. (์˜ˆ์ „์— Kernel OOB ์ทจ์•ฝ์  ์จ๋‘”๊ฑด ์–ด๋””๊ฐ”๋Š”์ง€ ๋ชจ๋ฅด๊ฒ ๋„ค์š”.. ์„ค๋งˆ ์ง€์šด๊ฑด๊ฐ€? =_=)

[DEBIAN] terminator๋ฅผ ์ด์šฉํ•œ ์ฐฝ ๋ถ„ํ•  ํ„ฐ๋ฏธ๋„ ์‚ฌ์šฉํ•˜๊ธฐ

~1 min read

์˜ค๋Š˜์€ ์•„์ฃผ ๋งค๋ ฅ์ ์ธ terminal program์— ๋Œ€ํ•ด ์†Œ๊ฐœํ•ด๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ฐฝ ๋ถ„ํ• ์ด ์ปจ์…‰์ธ ํ„ฐ๋ฏธ๋„ ํ”„๋กœ๊ทธ๋žจ์ด์ฃ . ์ €๋Š” ์ฃผ๋กœ tilda์™€ gnome-terminal ์‚ฌ์šฉํ–ˆ๋Š”๋ฐ, terminator๋ฅผ ๋ณด๊ณ  gnome-terminal์„ ๋นผ๋ฒ„๋ฆฌ๊ฒŒ ๋˜์—ˆ๋„ค์š”.

[DEBIAN] Intro Memcahed and Accessing Memcached from the command line

2 min read

์ตœ๊ทผ์— Memcached ๊ด€๋ จ 3rd party application์— ๋Œ€ํ•ด ๊ฐœ์ธ์ ์œผ๋กœ ์•„์•„์•„์•„โ€ฆ์ฃผ ์ž ๊น ๋ถ„์„์„ ํ–ˆ๋˜์ง€๋ผ ๊ด€๋ จ ๋‚ด์šฉ์œผ๋กœ ํฌ์ŠคํŒ…ํ•ฉ๋‹ˆ๋‹ค.

[CODING] Ruby telegram-bot ์„ ์ด์šฉํ•œ ํ…”๋ ˆ๊ทธ๋žจ ๋ด‡ ๋งŒ๋“ค๊ธฐ

1 min read

์•ˆ๋…•ํ•˜์„ธ์š”. ํ•˜ํ›Œ์ž…๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ Ruby๋ฅผ ์ด์šฉํ•œ ํ…”๋ ˆ๊ทธ๋žจ ๋ด‡ ๋งŒ๋“ค๊ธฐ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋กœ ์ค€๋น„ํ–ˆ์Šต๋‹ˆ๋‹ค. ์งง์€ ๋‚ด์šฉ์ด์ง€๋งŒ.. ์›Œ๋‚™ ์ •์‹ ์—†์ด ์ง€๋‚ธ์ง€๋ผ ์ด์ œ์„œ์•ผ ํฌ์ŠคํŒ…์„ ํ•˜๊ฒŒ๋˜๋„ค์š”.

[HACKING] Microsoft Windows Kernel Win32k.sys Local Privilege Escalation Vulnerability ๋ถ„์„(CVE-2016-7255/MS16-135)

19 min read

์˜ค๋žœ๋งŒ์— ์ทจ์•ฝ์  ๋ถ„์„์„ ํ•˜๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ž‘๋…„์— ๋ฐœํ‘œ๋˜๊ณ  ์˜ฌํ•ด ๊ณต๊ฒฉ์ฝ”๋“œ๊ฐ€ ๊ณต๊ฐœ๋œ Windows kenel Win32k.sys Local Privilege Escalation์— ๋Œ€ํ•ด ๋ณด๋„๋กํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค.

[DEBIAN] Remmina - SSH/RDP/VNC Client (Remmina๋ฅผ ์ด์šฉํ•œ ์›๊ฒฉ ์‰˜/๋ฐ์Šคํฌํƒ‘ ๊ด€๋ฆฌํ•˜๊ธฐ)

1 min read

๋งŽ์€ IT์ธ๋“ค์€ ์›๊ฒฉ์—์„œ ์ž‘์—…ํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค. ์ € ๋˜ํ•œ ์„œ๋ฒ„๋‹จ ์ž‘์—…์„ ์œ„ํ•ด์„œ๋Š” ์›๊ฒฉ ์—ฐ๊ฒฐ์„ ์‚ฌ์šฉํ•˜์ฃ . ๋Œ€์ฒด๋กœ SSH!

[DEBIAN] Remote Mount with SSH(๋ฆฌ๋ˆ…์Šค์—์„œ SSH๋กœ ์›๊ฒฉ ๋””๋ ‰ํ† ๋ฆฌ ๋งˆ์šดํŠธํ•˜๊ธฐ)

1 min read

ํด๋ผ์ด์–ธํŠธ์™€ ์„œ๋ฒ„. ์ฆ‰ ์›๊ฒฉ์ง€์—์„œ์˜ ์ž‘์—…์ด๋‚˜ ๊ฐœ๋ฐœ์„ ์œ„ํ•ด์„  ssh ๊ฐ™์€ remote shell์„ ์‚ฌ์šฉํ•ด์•ผํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ssh ํ”„๋กœํ† ์ฝœ์„ ์ด์šฉํ•ด์„œ filesystem ์ฒ˜๋Ÿผ ์‚ฌ์šฉํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์•Œ์•„๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. (์ต์ˆ™ํ•ด์ง€๋ฉด ์ด๋งŒํผ ํŽธ๋ฆฌํ•œ๊ฒŒ ์—†์„์ •๋„..)

[DEBIAN] SquashFS - compressed read-only file system for Linux

1 min read

์„œ๋ฒ„ PC์— ๋ฆฌ๋ˆ…์Šค๋ฅผ ์žฌ์„ค์น˜ ํ•ด์•ผํ•  ์ผ์ด ์ƒ๊ฒจ unetbootin์œผ๋กœ ๊ตฝ๋˜ ์ค‘ ์ผ์‹œ์ ์ธ ๋”œ๋ ˆ์ด๋กœ ์ธํ•ด ์ž ๊น ๋ฉˆ์ถฐ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ ๋ˆˆ์—๋“ค์–ด์˜จ ๊ฒƒ์ด ํ•˜๋‚˜ ์žˆ๋Š”๋ฐ์š”. ๋ฐ”๋กœ โ€œSquashFSโ€ ์ž…๋‹ˆ๋‹ค.

[DEBIAN] webissues๋ฅผ ์ด์šฉํ•œ Bug Tracking(install webissue and tutorial)

1 min read

์ตœ๊ทผ redmine๋ถ€ํ„ฐ trac ๋“ฑ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ bug tracking system์„ ์ฐพ๊ณ  ํ…Œ์ŠคํŠธํ•ด๋ดค์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ui ์ž์ฒด๋Š” yobi(yona)๊ฐ€ ์ข‹๊ธดํ•˜์ง€๋งŒ ํ˜‘์—…๋ณด๋‹ค๋Š” ๊ฐœ์ธ์ ์œผ๋กœ ์ด์Šˆ๊ด€๋ฆฌ๊ฐ€ ํ•„์š”ํ•ด์„œ ์„ ํƒํ•˜์ง€ ์•Š์•˜์Šต๋‹ˆ๋‹ค.

[DEBIAN] Using Redmine on Debian and Apache server, and Change a theme

2 min read

ํ”„๋กœ์ ํŠธ ๊ด€๋ฆฌ ํ”„๋ ˆ์ž„์›Œํฌ๋Š” ์•„์ฃผ ๋งŽ์€ ์ข…๋ฅ˜๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ์ค‘ Redmine, ์ฆ‰ Rails๋กœ ๋งŒ๋“ค์–ด์ง„ Ruby ๊ธฐ๋ฐ˜์˜ ํ”„๋ ˆ์ž„์›Œํฌ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ์„ค์น˜ ๊ณผ์ •์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋กœ ์ง„ํ–‰ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค.

[DEBIAN] Change the GRUB background image

~1 min read

GRUB Background image ์— ๋Œ€ํ•ด ๋ณ€๊ฒฝํ•˜๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. ๋ฉ”๋ชจํ• ๊ฒธ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

[DEBIAN] Geany - Develope IDE for hacker and programmer

2 min read

์šฐ๋ถ„ํˆฌ ์†Œํ”„ํŠธ์›จ์–ด ์„ผํ„ฐ์—์„œ ์“ธ๋งŒํ•œ ํˆด์ด ์žˆ๋‚˜ ์ฐพ์•„๋ณด๋˜ ์ค‘ Geany๋ผ๋Š” ๊ฐœ๋ฐœ IDE์— ๋Œ€ํ•ด ์•Œ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

[HACKING] BlackArch Linux Install, Review (Arch linux for Pentest)

2 min read

์ด๋ฒˆ์— ๊ฐ€์ƒ๋จธ์‹  ์ •๋ฆฌ์ข€ ํ•  ๊ฒธ ์ตœ๊ทผ์— ์ด์•ผ๊ธฐ ๋‚˜์™”๋˜ BlackArch๋ฅผ ์„ค์น˜ํ•ด๋ดค์Šต๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ Arch Linux๋ฅผ ์จ๋ณธ์ ์ด ์—†๊ธฐ ๋•Œ๋ฌธ์—(๋”ฑ ํ•œ๋ฒˆ ์„ค์น˜๋งŒ ํ•ด๋ดค๋˜๊ฑฐ ๊ฐ™๋„ค์š”) ๊ธฐ๋Œ€๊ฐ์„ ์ง€๋‹Œ ์ฑ„ ๊ตฌ์„ฑ์„ ํ•˜์˜€์Šต๋‹ˆ๋‹ค.

[DEBIAN] malloc() ์‹œ sysctl vm.swappiness๋ฅผ ์ด์šฉํ•˜์—ฌ Swap ์ ๊ทน ํ™œ์šฉํ•˜๊ธฐ

1 min read

๋ฆฌ๋ˆ…์Šค์—์„œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ…Œ์ŠคํŠธ๋ฅผ ํ•˜๋‹ค๋ณด๋ฉด memory๋ฅผ full ์‹œ์ผœ์•ผํ•  ์ƒํ™ฉ์ด ์˜ค๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ œ๊ฐ€ ์ด๋Ÿฐ ํ…Œ์ŠคํŠธ๊ฐ€ ํ•„์š”ํ•˜๊ธฐ๋ณด๋‹จ ํ•„์š”ํ•œ ๋ถ„ ๋„์™€๋“œ๋ฆฌ๋‹ค๋ณด๋‹ˆ ์•„๋ฌด๋ž˜๋„ ์ •๋ฆฌํ•ด๋†“๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„ ๊ฐ€๋ณ๊ฒŒ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

[DEBIAN] Linux Terminal์—์„œ .sql ํŒŒ์ผ ์‹คํ–‰ํ•˜๊ธฐ(Execute .sql file on linux . MYSQL)

~1 min read

์˜คํ”ˆ์†Œ์Šค ์ฝ”๋“œ๋ฅผ ์‚ฌ์šฉํ•˜๋‹ค ๋ณด๋ฉด ์ž์ฃผ ๋งŒ๋‚˜๋Š” ๊ฒƒ์ด .sql ํŒŒ์ผ์ž…๋‹ˆ๋‹ค. ์ด๋Š” ๊ฐœ๋ฐœ์ž๊ฐ€ ๋ฏธ๋ฆฌ ๊ตฌ์„ฑํ•œ DB ํ™˜๊ฒฝ์„ ๊ฐ™์ด ๋ฐฐํฌํ•ด์ฃผ๊ธฐ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๊ฑฐ๋‚˜, sql ์ฟผ๋ฆฌ๋ฅผ ๋ชจ์•„์„œ ํ•œ๋ฒˆ์— ์‹คํ–‰ํ•˜๊ธฐ ์œ„ํ•ด ๋งŒ๋“ค์–ด ๋†“๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค.

[DEBIAN] GDB layout(-tui, layout asm,reg) and save setting in gdb(gdb ๋ ˆ์ด์•„์›ƒ ๋ฐ ์„ธํŒ… ์ €์žฅํ•˜๊ธฐ)

1 min read

์›น ํ•ดํ‚น์ด ๋ฐฅ์ค„์ด๊ธฐ ๋•Œ๋ฌธ์— gdb๋ฅผ ๋งŽ์ด ์‚ฌ์šฉํ• ์ผ์€ ์—†์ง€๋งŒ ๊ทธ๋ž˜๋„ ํ•ญ์ƒ ๋ฆฌ๋ˆ…์Šค ํ™˜๊ฒฝ์—์„œ๋Š” ์ •๋ง ์œ ์šฉํ•œ ๋””๋ฒ„๊ฑฐ๋ผ ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ GDB๋ฅผ ์ข€ ๋” ์ด์˜๊ฒŒ ๊พธ๋ฏธ๋Š” ๋ฐฉ๋ฒ•๊ณผ ์„ค์ •์„ ์ €์žฅ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒํ•ฉ๋‹ˆ๋‹ค.

[DEBIAN] Gedit Plugins for hacker/programmer(ํ•ด์ปค/ํ”„๋กœ๊ทธ๋ž˜๋จธ๋ฅผ ์œ„ํ•œ gedit ํ”Œ๋Ÿฌ๊ทธ์ธ)

2 min read

์ตœ๊ทผ sublimetext3๋ฅผ ์œผ๋กœ ๊ฐˆ์•„ํƒ€๋ ค๋‹ค ํ•œ๊ธ€ ๊ด€๋ จ ๋ฌธ์ œ๋ฅผ ํ•ด๊ฒฐํ•˜์ง€ ๋ชปํ•˜๊ณ  ๋‹ค์‹œ gedit์œผ๋กœ ๋Œ์•„์˜ค๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ๊ธฐ์กด์— ์“ฐ๋˜ gedit์„ ๊ฐ•ํ™”ํ•˜๊ธฐ ์œ„ํ•ด์„œ ์œ ์šฉํ•œ ํ”Œ๋Ÿฌ๊ทธ์ธ์— ๋Œ€ํ•ด ์กฐ๊ธˆ ๋” ์ฐพ์•„๋ดค์ง€์š”. (๋ฌผ๋ก  ๊ธฐ์กด์— ์“ฐ๋˜๊ฒŒ ๋Œ€๋‹ค์ˆ˜๋„ค์š”..ใ…‹ใ…‹)

[DEBIAN] Linux์—์„œ Sublimetext3 ํ•œ๊ธ€ ์ž…๋ ฅ ์‚ฌ์šฉํ•˜๊ธฐ(Use hangul on slt3)

1 min read

์ตœ๊ทผ gedit์—์„œ sublimetext3(st3)์œผ๋กœ ๊ฐˆ์•„ํƒ€๋ ค ํ–ˆ์Šต๋””๋งˆ๋‚˜.. ํ•˜๋‚˜ ๋ฌธ์ œ๋ฅผ ๋ฐœ๊ฒฌํ•˜์˜€์ง€์š”. ๋ฐ”๋กœ ibus ์‚ฌ์šฉ ํ™˜๊ฒฝ์—์„œ๋Š” sublime์—์„œ ํ•œ๊ธ€ ์‚ฌ์šฉ์ด ๋˜์ง€ ์•Š๋Š”๋‹ค๋Š” ์  ์ด์˜€์Šต๋‹ˆ๋‹ค.

[BUG] Repair & Fix Windows7 Install Error [0x000035a] (VirtualBox Win7 64-bit ์—๋Ÿฌ ์ˆ˜์ •ํ•˜๊ธฐ)

1 min read

Windows 7 ์„ค์น˜ ์ค‘์— ๋ฐœ์ƒํ•˜๋Š” ์—๋Ÿฌ ์ค‘ ์ž์ฃผ ๋‚˜ํƒ€๋‚˜๋Š” ๊ฒƒ์ด 0x000035a ์—๋Ÿฌ์ž…๋‹ˆ๋‹ค. ๊ฐ€์ƒ๋จธ์‹ (Virtual Machine) ํ™˜๊ฒฝ์—์„œ ์ฃผ๋กœ ๋ฐœ์ƒํ•˜๋ฉฐ ์„ค์น˜ ์ž์ฒด๊ฐ€ ๋ถˆ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

[DEBIAN] qemu๋ฅผ ์ด์šฉํ•œ arm elf ํŒŒ์ผ ์‹คํ–‰

~1 min read

์ผ๋ฐ˜์ ์œผ๋กœ PC์—์„œ arm์œผ๋กœ ์ปดํŒŒ์ผ๋œ ํ”„๋กœ๊ทธ๋žจ์„ ์‹คํ–‰ํ•  ์ˆ˜ ์—†์Šต๋‹ˆ๋‹ค. ๋งŒ์•ฝ ์‹คํ–‰ํ•œ๋‹ค๋ฉด ์•„๋ž˜์™€ ๊ฐ™์€ ๋ฉ”์‹œ์ง€๊ฐ€ ๋ฐœ์ƒํ•˜์ฃ .

[DEBIAN] w3m/lynx :: Linux text base web browser(๋ฆฌ๋ˆ…์Šค ํ…์ŠคํŠธ ๋ธŒ๋ผ์šฐ์ €)

~1 min read

์ œ์ž‘๋…„์ฏค์ธ๊ฐ€์š”.. ํ•œ๋•Œ ํ…์ŠคํŠธ ๋ธŒ๋ผ์šฐ์ €๋ฅผ ์ž ๊น ์ผ์—ˆ๋˜ ์‹œ์ ˆ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ํ‚ค๋ณด๋“œ๋กœ๋งŒ์œผ๋กœ๋„ ์‹ฌํ”Œํ•˜๊ฒŒ ์›น์„ ํƒ์ƒ‰ํ•  ์ˆ˜ ์žˆ์–ด ์ข‹์•˜์ง€๋งŒ, ์ตœ๊ทผ ํ™”๋ คํ•˜๊ณ  ์ปจํ…์ธ ๊ฐ€ ๋งŽ์€ ์›น์˜ ํ˜•ํƒœ์—๋Š” ์•ฝ๊ฐ„ ์–ด์šธ๋ฆฌ๊ธฐ ํž˜๋“  ๋ถ€๋ถ„๋„ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

[SYSTEM HACKING] RPC Port Map Dump๋ฅผ ์ด์šฉํ•œ ์„œ๋น„์Šค Port ํ™•์ธ

1 min read

System์— ์˜คํ”ˆ๋˜์–ด ์žˆ๋Š” Port ๋ฅผ ํ™•์ธํ•˜๋Š” ๋ฐฉ๋ฒ•์—๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์œผ๋กœ port ์— ๋Œ€ํ•ด ์ง์ ‘ ์š”์ฒญํ•˜์—ฌ ํ™•์ธํ•˜๋Š” ๋ฐฉ๋ฒ•(Syn Scan, XMAS ๋“ฑ๋“ฑ)์ด ์žˆ์ง€์š”. nmap์„ ํ†ตํ•ด ์„œ๋น„์Šค์— ์žˆ๋Š” ํฌํŠธ๋“ค์— ๋Œ€ํ•ด ํ™•์ธํ•˜๊ฒŒ ๋˜๋Š”๋ฐ ์ด ์ค‘ rpc ๊ด€๋ จ ํฌํŠธ๊ฐ€ ์žˆ๋‹ค๋ฉด ์ข€ ๋” ์„ธ์‹ฌํ•˜๊ฒŒ ์Šค์บ”์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

[EXPLOIT] Linux Kernel REFCOUNT Overflow/UAF in Keyrings ์ทจ์•ฝ์  ๋ถ„์„

6 min read

์š”์ฆ˜ Linux Kernel ์ทจ์•ฝ์ ์ด ๊ฐ„๊ฐ„ํžˆ ๋งŽ์ด ์˜ฌ๋ผ์˜ค๋Š” ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค . ๊ทธ ์ค‘ 1์›” 9์ผ EDB๋ฅผ ํ†ตํ•ด ๊ณต๊ฐœ๋œ CVE-2016-0728 ์ทจ์•ฝ์ ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ๋ฆฌ๋ˆ…์Šค ์ „๋ฐ˜์ ์œผ๋กœ ์˜ํ–ฅ๋ ฅ์ด ์žˆ์–ด ํŒŒ๊ธ‰๋ ฅ์ด ๊ฐ•ํ•œ ์ทจ์•ฝ์ ์ด๋„ค์š”.

TOCTOU(Time-of-check Time-of-use) Race Condition

1 min read

๊ฐ„๋งŒ์— ๋‚ด์šฉ ์ •๋ฆฌํ• ๊ฒธ Race Condition Attack์— ๋Œ€ํ•ด ์ž‘์„ฑํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ผ๋‹จ Race Condition ๊ธฐ๋ฒ•์€ ์ด๋ฆ„ ๊ทธ๋Œ€๋กœ โ€œ๊ฒฝ์Ÿ์กฐ๊ฑดโ€ ์„ ์˜๋ฏธํ•˜๋Š” ๊ณต๊ฒฉ์ด๊ณ  ์ทจ์•ฝํ•œ ํ”„๋กœ๊ทธ๋žจ์ด ์‚ฌ์šฉํ•˜๋Š” ๋ถ€๋ถ„์„ ๋™์ผํ•˜๊ฒŒ ์ ์œ ํ•˜์—ฌ ๊ฒฝ์Ÿํ•˜๊ณ  ๋ฐ˜๋ณต์ ์ธ ์š”์ฒญ ์ค‘ ๊ณต๊ฒฉํ”„๋กœ๊ทธ๋žจ์ด ์ด๊ธธ ์‹œ ๊ณต๊ฒฉ์ž๊ฐ€ ์›ํ•˜๋Š” ํ๋ฆ„์œผ๋กœ ํ”„๋กœ๊ทธ๋žจ์˜ ๋กœ์ง์„ ๋ฐ”๊ฟ€์ˆ˜๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค.

[SYSTEM HACKING] ShellNoob๋ฅผ ์ด์šฉํ•œ Shellcode ์ž‘์„ฑ ๋ฐ ํ™œ์šฉ (Writing Shell Code with ShellNoob ย  Install and Using ShellNoob)

3 min read

shellcode ๋ฅผ ๋งŒ๋“œ๋Š” ์ผ์€ ์žฌ๋ฏธ์žˆ์ง€๋งŒ, ์ƒ๊ฐ๋ณด๋‹ค ์‹œ๊ฐ„๋„ ํˆฌ์ž๋˜๊ณ  ์•ฝ๊ฐ„ ๊ท€์ฐฎ์€ ๋ถ€๋ถ„๋„ ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌํ•œ ๊ณผ์ •์„ ์กฐ๊ธˆ ์ค„์—ฌ์ค„ ์ˆ˜ ์žˆ๋Š” ์ข‹์€ ํˆด์ด ์žˆ์–ด ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค.

64bit Linux Execve Shell Code ๋งŒ๋“ค๊ธฐ

4 min read

์˜ค๋Š˜์€ 64๋น„ํŠธ ์‰˜์ฝ”๋“œ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์˜ˆ์ „์— ์ด์ชฝ ๋ถ„์•ผ ๊ด€์‹ฌ์„ ๊ฐ€์กŒ์„ ์ดˆ๋ฐ˜ ์ฏค์— 32bit์— ๋Œ€ํ•œ ์‰˜์ฝ”๋“œ๋ฅผ ๋งŒ๋“ค๊ณ  ์‚ฌ์šฉํ–ˆ์—ˆ์ง€๋งŒ ์ง€๊ธˆ์€ ์ผ ํŠน์„ฑ์ƒ ๋”ฑํžˆ ์‰˜์ฝ”๋“œ๋ฅผ ์‚ฌ์šฉํ•  ์ผ์ด ๊ต‰์žฅํžˆ ์ ์–ด์กŒ๊ธฐ์— ๊ฐ„๋งŒ์— ๋ณด๋Š” ๋Š๋‚Œ์ž…๋‹ˆ๋‹ค.

grep -v , -E ์˜ต์…˜์„ ์ด์šฉํ•œ ๋ฌธ์ž์—ด ์ œ์™ธํ•˜์—ฌ ์ฐพ๊ธฐ

~1 min read

์˜ค๋Š˜์€ terminal์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ๊ฑธ๋Ÿฌ๋‚ผ ๋•Œ ๋งŽ์ด ์‚ฌ์šฉํ•˜์‹œ๋Š” grep์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ํŠน๋ณ„ํ•œ๊ฑด ์•„๋‹ˆ๊ณ  -v(invert)์™€ -E(regex)๋ฅผ ์ด์šฉํ•ด์„œ ์›ํ•˜๋Š” ํŒจํ„ด์˜ ๊ฐ’๋งŒ ๊ฑธ๋Ÿฌ๋‚ด๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค.

/proc/self/maps ํŒŒ์ผ์„ ์ด์šฉํ•˜์—ฌ ์‹คํ–‰์ค‘์ธ ์‹œ์Šคํ…œ ๋ฉ”๋ชจ๋ฆฌ ์ฃผ์†Œ ํ™•์ธํ•˜๊ธฐ

1 min read

๋ชจ๋ฐ”์ผ ์•…์„ฑ์ฝ”๋“œ ๋ถ„์„ ์ค‘ /proc/ ํ•˜๋‹จ ๋ฐ์ดํ„ฐ๋ฅผ ๊ฑด๋“œ๋ฆฌ๋Š” ์ฝ”๋“œ๊ฐ€ ์žˆ์–ด ์ถ”๊ฐ€๋กœ ๋‚ด์šฉ ๋” ์จ์„œ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค. ์ฐธ๊ณ ๋กœ /proc ๋””๋ ‰ํ† ๋ฆฌ๋Š” ๋ฆฌ๋ˆ…์Šค์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋””๋ ‰ํ† ๋ฆฌ์ด๊ณ  ์‹œ์Šคํ…œ์˜ ํ”„๋กœ์„ธ์Šค ์ •๋ณด๋ฅผ ๋‹ด๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ตฌ์กฐ๋ฅผ ์‚ดํŽด๋ณด์ž๋ฉด ์•„๋ž˜์™€ ๊ฐ™์Šต๋‹ˆ๋‹ค.

[HACKING] TOR๋ฅผ ์ด์šฉํ•˜์—ฌ ์ต๋ช… ๋„คํŠธ์›Œํฌ ์‚ฌ์šฉํ•˜๊ธฐ(Anonymity Network Using Tor) on linux

~1 min read

์•„๋ž˜ ์–‘ํŒŒ๋กœ๊ณ ๊ฐ€ ๋ฉ”์ธ์ธ tor์— ๋Œ€ํ•ด ๋“ค์–ด๋ณด์…จ๋‚˜์š”? ์ต๋ช…๋ธŒ๋ผ์šฐ์ง•์—์„œ๋Š” ๊ต‰์žฅํžˆ ์œ ๋ช…ํ•œ ํˆด ์ž…๋‹ˆ๋‹ค. ์ด์ „์—๋„ tor ๊ด€๋ จํ•ด์„œ ๊ธ€์„ ์ž‘์„ฑํ–ˆ๋˜๊ฑฐ ๊ฐ™์€๋ฐ์š”, ๋ฆฌ๋ˆ…์Šค์ƒ์—์„œ tor ์„ค์น˜ ํ›„ ์‰ฝ๊ฒŒ ์‚ฌ์šฉํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ž‘์„ฑํ•ด๋ณด์•˜์Šต๋‹ˆ๋‹ค. ์งง์œผ๋‹ˆ ํŽธํ•˜๊ฒŒ ๋ด์ฃผ์‹œ๋ฉด ๋  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Trinity๋ฅผ ํ™œ์šฉํ•œ System call Fuzzing

2 min read

์ทจ์•ฝ์ ์„ ์ฐพ๊ธฐ ์œ„ํ•ด ํ•˜๋Š” ์ž‘์—… ์ค‘ ํฐ ๋ถ€๋ถ„์„ ์ฐจ์ง€ํ•˜๋Š”๊ฒƒ์ด ๋ฐ”๋กœ Fuzzing ์ž…๋‹ˆ๋‹ค. Fuzzing ์„ ๋•๋Š” ํ”„๋กœ๊ทธ๋žจ์„ Fuzzer๋ผ๊ณ  ๋ถ€๋ฅด๋Š”๋ฐ, Fuzzer ์ค‘ Linux ์‹œ์Šคํ…œ์—์„œ Syscall์— ๋Œ€ํ•œ Fuzzing ์ž‘์—…์„ ์ˆ˜ํ–‰ํ•  ์ˆ˜ ์žˆ๋Š” โ€œTrinityโ€ ๋ผ๋Š” ํˆด์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

[HACKING] katoolin ์„ ์ด์šฉํ•œ Kali Linux Hacking tool ๊ฐ„ํŽธ ์„ค์น˜(Easy Install Kali Linux Hacking Tool)

2 min read

์ตœ๊ทผ Kali linux 2.0 ์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ด์— ๋งž์ถฐ์„œ kali ๋‚ด๋ถ€์˜ ํˆด์„ ์‰ฝ๊ฒŒ ์„ค์น˜ํ•  ์ˆ˜ ์žˆ๋Š” ์Šคํฌ๋ฆฝํŠธ๊ฐ€ ๊ณต์œ ๋˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ €๋„ facebook group๋ฅผ ํ†ตํ•ด ์ •๋ณด๋ฅผ ์–ป์—ˆ๊ณ , ํ™•์ธํ•ด๋ณด๋‹ˆ ๊ฐ„๋‹จํ•˜๊ฒŒ kali ์ €์žฅ์†Œ๋ฅผ ์ด์šฉํ•œ ์„ค์น˜๋ฐฉ๋ฒ•(apt)์ด์ง€๋งŒ ๊ตฌ์กฐ๋‚˜, ์ฃผ์š” ํˆด ๋ฆฌ์ŠคํŠธ๋ฅผ ํ™•์ธํ•˜๋ฉฐ ์„ค์น˜๊ฐ€ ๊ฐ€๋Šฅํ•˜๋‹จ ์ ์—์„œ ์ข‹์€ ์Šคํฌ๋ฆฝํŠธ๋ผ๊ณ  ์ƒ๊ฐ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

[DEBIAN] Pidgin(on Debian) ์—์„œ Facebook ์‚ฌ์šฉํ•˜๊ธฐ

1 min read

๋ฆฌ๋ˆ…์Šค์—์„œ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋ฉ”์‹ ์ € ์ข…๋ฅ˜ ์ค‘ ์œ ๋ช…ํ•œ pidgin ์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. pidgin์€ ์—ฌ๋Ÿฌ ๋ฉ”์‹ ์ €๋ฅผ ํ†ตํ•ฉํ•˜์—ฌ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๊ณ , facebook, nateon ๋“ฑ์„ ์ง€์›ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๊ตญ๋‚ด ๋ฆฌ๋ˆ…์„œ๋„ ๋งŽ์ด ์‚ฌ์šฉํ•˜๋Š” ๊ฒƒ์œผ๋กœ ์ƒ๊ฐ๋ฉ๋‹ˆ๋‹ค.

OpenVAS Debian Linux ์— ์„ค์น˜ํ•˜๊ธฐ(Install OpenVAS Scanner on debian)

~1 min read

์ตœ๊ทผ OpenVAS ์„ค์น˜ ๊ด€๋ จ ๊ธ€์„ ์ž‘์„ฑํ•˜์˜€๋Š”๋ฐ์š”, ๋ฌธ์ œ๊ฐ€ ์žˆ๋Š” ๊ฒƒ ๊ฐ™์•„. ์‚ญ์ œ ํ›„ ๋‹ค์‹œ ์ž‘์„ฑํ•˜์˜€์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ์Šคํฌ๋ฆฝํŠธ๋กœ ํ•œ๋ฒˆ์— ์„ค์น˜๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Linux System hooking using LD_PRELOAD

3 min read

๊ณต์œ  ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์˜ ๊ฒฝ๋กœ๋ฅผ ์˜๋ฏธํ•˜๋Š” LD_PRELOAD๋ฅผ ์ด์šฉํ•˜์—ฌ Linux System ํ›„ํ‚น์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์ž…๋‹ˆ๋‹ค. ํฌ๊ฒŒ ์‹œ๋‚˜๋ฆฌ์˜ค๋ฅผ ๋ณด์ž๋ฉด LD_PRELOAD์— ๊ณต๊ฒฉ์ž๊ฐ€ .so ํŒŒ์ผ์„ ์‚ฝ์ž…ํ•˜๊ณ  ์‹œ์Šคํ…œ ๋ช…๋ น์ด ํ•ด๋‹น so ํŒŒ์ผ์„ ๋กœ๋“œํ•˜์—ฌ ๋ช…๋ น ๋‚ด์—์„œ ์‚ฌ์šฉ๋˜๋Š” ํ•จ์ˆ˜๋ฅผ ๋ฐ”๊ฟ”์น˜๊ธฐ ํ•˜์—ฌ ๋ฐ์ดํ„ฐ๋ฅผ ์ˆจ๊ธฐ๋Š” ๊ณผ์ •์ž…๋‹ˆ๋‹ค.

NTFS File System ์˜ ์ˆจ๊ฒจ์ง„ ์˜์—ญ ADS(Alternate Data Stream)

2 min read

์š”์ฆ˜ ํฌ๋ Œ์‹, ์œˆ๋„์šฐ์ฆˆ ์‹œ์Šคํ…œ์— ๊ด€์‹ฌ์ด ์ƒ๊ฒผ์Šต๋‹ˆ๋‹ค. ๊ฑฐ์˜ ๋ฆฌ๋ˆ…์Šค๋งŒ ์‚ฌ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— ์œˆ๋„์šฐ์ฆˆ ์‹œ์Šคํ…œ์˜ ์žฌ๋ฏธ์žˆ๋Š” ๋ถ€๋ถ„์— ๋Œ€ํ•ด์„œ ๋งŽ์ด ๋ชจ๋ฅด๊ณ  ์žˆ์—ˆ๋”๊ตฐ์š”. ๊ทธ ์ค‘ ์˜ค๋Š˜์€ ADS(Alternate Data Stream) ์˜์—ญ์— ๊ด€๋ จ๋œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Gnome3 application menu ์„ค์ •ํ•˜๊ธฐ

~1 min read

gnome3 ์—์„œ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜ ๋ฉ”๋‰ด์— ๋Œ€ํ•ด ์„ค์ •ํ•˜๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. gnome ๋ฒ„์ „์ด๋ฉด ์œ ์‚ฌํ•œ ํ˜•ํƒœ๋กœ ์„ค์ •์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค. ๋ฐ๋น„์•ˆ ๋ฉ”๋‰ด ๋‚ด ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์€ /usr/share/applications ๋””๋ ‰ํ† ๋ฆฌ ํ•˜์œ„์—์„œ ์„ค์ •์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Debian์—์„œ ์™ผ์† ๋งˆ์šฐ์Šค ์ปค์„œ ํ…Œ๋งˆ ์ ์šฉํ•˜๊ธฐ

~1 min read

์™ผ์†์œผ๋กœ ๋งˆ์šฐ์Šค๋ฅผ ์‚ฌ์šฉํ•˜๋‹ค ๋ณด๋ฉด ์˜ค๋ฅธ์† ์žก์ด ๊ธฐ์ค€์ธ ์ปค์„œ๊ฐ€ ์ฐธ ๋ถˆํŽธํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๋ฐ๋น„์•ˆ ํ™˜๊ฒฝ์—์„œ ๋งˆ์šฐ์Šค ์ปค์„œ๋ฅผ ์™ผ์† ์ปค์„œ๋กœ ๋ณ€๊ฒฝํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ๋งˆ์šฐ์Šค ์ปค์„œ ํ…Œ๋งˆ์ ์šฉ๊ณผ ๋™์ผํ•ฉ๋‹ˆ๋‹ค. ๋‹จ ๋ชจ์–‘์ด ๋ฐ˜๋Œ€ ๋ฐฉํ–ฅ์ด์ฃ .

Back to Top ↑

zap

ZAP 2.14 Review โšก๏ธ

3 min read

์ƒ๊ฐ๋ณด๋‹ค ์—„์ฒญ ๋น ๋ฅธ ์ฃผ๊ธฐ๋กœ ZAP 2.14 ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ๋ฐœํ‘œ๋˜์—ˆ์Šต๋‹ˆ๋‹ค ๐ŸŽ‰โšก๏ธ

ZAP Map Local๋กœ ์‰ฝ๊ฒŒ Fake Response ๋งŒ๋“ค๊ธฐ

2 min read

๋ณด์•ˆ ํ…Œ์ŠคํŒ…์—์„  HTTP Response๋ฅผ ์ž์ฃผ ๋ณ€๊ฒฝํ•ด์•ผํ•  ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์Šต๋‹ˆ๋‹ค. ์ด๋Ÿด ๋•Œ ์ €๋Š” ๋ณดํ†ต ZAP์—์„  breakpoint์™€ replace ๊ธฐ๋Šฅ, ๊ทธ๋ฆฌ๊ณ  ์Šคํฌ๋ฆฝํŒ…์„ ์ฃผ๋กœ ์‚ฌ์šฉํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. (+Proxify์˜ DSL)

Zest + YAML = โค๏ธ

1 min read

์ตœ๊ทผ์— Zest ์ชฝ์˜ Commit (zaproxy/zest/6d67925) ํ•˜๋‚˜๋ฅผ ์ฃผ์‹œํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Zest์—์„œ YAML ํฌ๋งท ์ง€์›์— ๋Œ€ํ•œ ๋‚ด์šฉ์ด์˜€๋Š”๋ฐ์š”. ๋“œ๋””์–ด ๊ณต์‹ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ด๋ฃจ์–ด์กŒ๊ณ  ์ด์ œ Zest์—์„œ YAML ํฌ๋งท์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

ZAPโ€™s Client Side Integration

2 min read

์ตœ๊ทผ์— ZAP์— ์žฌ๋ฏธ์žˆ๋Š” Addon์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค. GSoC(Google Summer of Code) 2023์˜ ๊ฒฐ๊ณผ๋ฌผ๋กœ BurpSuite์˜ Navigation Recorder์™€ ๋น„์Šทํ•ด๋ณด์ด๋Š” ๊ธฐ๋Šฅ์œผ๋กœ ๋ฆด๋ฆฌ์ฆˆ ์งํ›„๋ถ€ํ„ฐ ํ‹ˆํ‹ˆํžˆ ๊ฐ€์ง€๊ณ  ๋†€์•„๋ณธ ๊ฒฐ๊ณผ ๋‹ค๋ฅธ ์˜๋ฏธ๋กœ ๊ฐ€๋Šฅ์„ฑ์ด ๋ณด์ด๋Š” Addon์ด๋ž€ ์ƒ๊ฐ์ด ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค.

Customize ZAP HUD ๐ŸŽฎ

1 min read

Today, I write a post about how to use ZAP HUD in an engaging manner. While ZAP HUD may not have incredibly useful features at the moment, experimenting with it could be worthwhile since it has the potential to bring about changes in the analytical approach.

Optimizing ZAP and Burp with JVM

1 min read

๋ˆ„๊ตฐ๊ฐ€๊ฐ€ ์ €์—๊ฒŒ Application Security, Pentest ๋“ฑ์—์„œ ๊ฐ€์žฅ ํ™œ๋ฐœํ•˜๊ฒŒ ์‚ฌ์šฉ๋˜๋Š” ๋„๊ตฌ๋ฅผ ์„ ํƒํ•˜๋ผ๊ณ  ํ•˜๋ฉด ๋‹น์—ฐํžˆ Burpsuite์™€ ZAP ๊ฐ™์€ Proxy ๋„๊ตฌ๋ฅผ ์„ ํƒํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์ตœ๊ทผ Caido๊ฐ€ ๋งŽ์ด ์˜ฌ๋ผ์˜ค๋Š” ์ถ”์„ธ์ด๊ธด ํ•˜๋‚˜, ์žฅ๊ธฐ๊ฐ„ ๋ฆฌ๋“œ ์—ญํ• ์„ ์ˆ˜ํ–‰ํ•ด ์˜จ ๋‘ ๋„๊ตฌ๋ฅผ ๋”ฐ๋ผ๊ฐ€๊ธฐ์—” ์•„์ง ์ถฉ๋ถ„ํ•œ ์‹œ๊ฐ„์ด ๋” ํ•„์š”ํ•  ๊ฒƒ์œผ๋กœ ๋ณด์ž…๋‹ˆ๋‹ค.

ZAP 2.13 Review โšก๏ธ

1 min read

์˜ˆ์ƒ๋ณด๋‹ค ํ›จ์”ฌ ๋น ๋ฅธ ์‹œ๊ธฐ์— ZAP 2.13์ด ๋ฆด๋ฆฌ์ฆˆ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต ๋งค๋…„ ๊ฐ€์„, ๊ฒจ์šธ์ค‘์— ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ, ์ด๋ฒˆ์—๋Š” ์—ฌ๋ฆ„์— ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ƒ๊ฒผ๋„ค์š”. ๋ณ€ํ™”๋œ ๋ถ€๋ถ„์ด ํฌ์ง„ ์•Š์•„์„œ ๋ฆด๋ฆฌ์ฆˆ ๋…ธํŠธ๋ฅผ ๋ณด๋ฉด ๋Œ€๋ถ€๋ถ„ ์•Œ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. 2.13 ๋ฆด๋ฆฌ์ฆˆ ์งํ›„๋ถ€ํ„ฐ ๋ช‡์ผ ๋™์•ˆ ์‚ดํŽด๋ณด๊ณ  ๋Š๊ผˆ๋˜ ์  ์œ„์ฃผ๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

ZAP Site Tree์—์„œ 404 ํŽ˜์ด์ง€ ํ•œ๋ฒˆ์— ์ง€์šฐ๊ธฐ

~1 min read

ZAP์˜ Site tree๋Š” Burp์™€๋Š” ๋‹ค๋ฅด๊ฒŒ 404 Not found๋„ ๋ณด์—ฌ์ฃผ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ข…์ข… ์“ธ๋งŒํ•œ ์ •๋ณด๊ฐ€ ๋˜๊ธฐ ํ•˜์ง€๋งŒ ๋Œ€์ฒด๋กœ ๋ณด๊ธฐ ๋ถˆํŽธํ•œ ์กด์žฌ์ž…๋‹ˆ๋‹ค. ZAP์—์„œ๋Š” ๊ณต์‹์ ์œผ๋กœ ๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•ด์ฃผ๊ณ  ์žˆ์ง€ ์•Š๊ธฐ ๋•Œ๋ฌธ์— ๊ฐ„๋‹จํ•˜๊ฒŒ ์Šคํฌ๋ฆฝํŒ…ํ•˜์—ฌ ์ œ๊ฑฐํ•˜๋Š” ๊ฒƒ์ด ํŽธ๋ฆฌํ•ฉ๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•˜๊ฒŒ ๊ณต์œ ํ•ด๋ด…๋‹ˆ๋‹ค.

Cross handling Cookies in Zest

3 min read

์˜ค๋Š˜์€ Zest ์Šคํฌ๋ฆฝํŠธ์—์„œ Headless Browser์™€ ์ผ๋ฐ˜ ZAP ์š”์ฒญ๊ฐ„ Cookie๋ฅผ ์ฒ˜๋ฆฌํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. Headless Browser์™€ ZAP ๋‚ด๋ถ€์˜ Req/Res ๊ฐ„์— ์ฟ ํ‚ค ๊ตํ™˜์œผ๋กœ ์—ฌ๋Ÿฌ ์ƒํ™ฉ์—์„œ ์›น ์š”์ฒญ์„ ์‰ฝ๊ฒŒ ์ฒ˜๋ฆฌํ•˜์—ฌ ์›ํ•˜๋Š” ๋ณด์•ˆ ํ…Œ์ŠคํŒ…, ์ž๋™ํ™” ๋ฃจํ‹ด์„ ์ด์–ด๊ฐˆ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP์—์„œ ์šฐ์•„ํ•˜๊ฒŒ Cookie ๊ธฐ๋ฐ˜ Auth ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ

3 min read

Web์˜ Authorization, Permission, Access Control ํ…Œ์ŠคํŒ… ์‹œ ์–ด๋–ค ๋ฐฉ๋ฒ•์„ ํ™œ์šฉํ•˜์‹œ๋‚˜์š”? ๋ณดํ†ต ๋ณด์•ˆ ํ…Œ์ŠคํŒ… ๋‹จ๊ณ„์—์„  ๊ถŒํ•œ์„ ๋ฐ”๊ฟ”๊ฐ€๋ฉฐ ์ˆ˜๋™์œผ๋กœ ํ…Œ์ŠคํŠธํ•˜๊ฑฐ๋‚˜ ์ž๋™ํ™”๋œ ๋„๊ตฌ๋ฅผ ํ†ตํ•œ ํ…Œ์ŠคํŒ…, ๋˜๋Š” ๋‘๊ฐœ๋ฅผ ๋ณ‘ํ–‰ํ•˜์—ฌ ํ…Œ์ŠคํŠธํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ž๋™ํ™”๋œ ํ…Œ์ŠคํŒ…์„ ์œ„ํ•ด์„  Burpsuite, ZAP, CLI Tools ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๋„๊ตฌ๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค.

ZAP Custom En/Decoder ๋งŒ๋“ค๊ธฐ

2 min read

ZAP์˜ ํ™•์žฅ์„ฑ์€ Scripting Engine์˜ ํŒŒ์›Œ์—์„œ ๋‚˜์˜ต๋‹ˆ๋‹ค. URL, HTML, Base64 ๋“ฑ ํ…Œ์ŠคํŒ… ๋‹จ๊ณ„์—์„  ์ธ/๋””์ฝ”๋”ฉ์„ ํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๊ต‰์žฅํžˆ ๋งŽ์€๋ฐ์š”. ์ด ๋•Œ ์‚ฌ์šฉํ•˜๋Š” Encode/Decode/Hash ๊ธฐ๋Šฅ ๋˜ํ•œ Scripting์œผ๋กœ ํ™•์žฅํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Front-End Tracker๋กœ DOM/Storage ๋ถ„์„ํ•˜๊ธฐ

2 min read

ZAP ํŒ€์—์„œ ๊ด€๋ฆฌํ•˜๋Š” ๋„๊ตฌ๋“ค ์ค‘์— ์œ ๋… ๊ด€์‹ฌ์ด ๊ฐ€๋˜ ๋„๊ตฌ๊ฐ€ ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๋“œ๋””์–ด ์ •๋ฆฌ๋ฅผ ๋งˆ๋ฌด๋ฆฌํ•ด์„œ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๊ณต์œ ๋“œ๋ฆฌ๋ฉด์„œ ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”์ง€, ์ด๊ฑธ ํ†ตํ•ด ๋ฌด์—‡์„ ํ•  ์ˆ˜ ์žˆ๋Š”์ง€ ์ด์•ผ๊ธฐ๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

๋น ๋ฅธ ํ…Œ์ŠคํŒ…์„ ์œ„ํ•œ ZAP ๋‹จ์ถ•ํ‚ค๋“ค

1 min read

ZAP์—์„œ ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” ๋‹จ์ถ•ํ‚ค๋“ค ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ Tab ๊ณ„ํ†ต(History, Fuzz, Sites, Scripts ๋“ฑ)์€ 3ํ‚ค ์ด์ƒ ๋ˆŒ๋Ÿฌ์•ผ ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๋Œ€๋‹ค์ˆ˜๊ฐ€ 1-2 ํ‚ค ๊ตฌ์„ฑ์ž…๋‹ˆ๋‹ค. (๋ฌผ๋ก  ํƒญ๋“ค๋„ ์‰ฝ๊ฒŒ ์ ์šฉํ•˜๋Š” ๋ฒ•์ด ์žˆ์–ด์š”)

ZAP 2.12 Review โšก๏ธ

2 min read

๋“œ๋””์–ด ZAP 2.12 ๋ฒ„์ „์ด ๋ฆด๋ฆฌ์ฆˆ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๐ŸŽ‰๐Ÿ‘๐Ÿผ๐Ÿพ 10์›” ์ค‘์ˆœ์ฏค์— ๋ฆด๋ฆฌ์ฆˆ ์˜ˆ์ •์ด์˜€์ง€๋งŒ, ์ด์Šˆ๋กœ ์•ฝ๊ฐ„ ๋Šฆ์–ด์กŒ๋‹ค๊ณ  ํ•˜๋„ค์š”. ์˜ค๋Š˜์€ ZAP 2.12 ๋ฒ„์ „์—์„œ ๋ฐ”๋€ ๋‚ด์šฉ๋“ค์„ ๋ฆฌ๋ทฐํ•ด๋ณด๋„๋ก ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿผ ์‹œ์ž‘ํ•˜์ฃ .

Param Digger! Easy param mining via ZAP

1 min read

์˜ฌํ•ด ZAP์˜ GSoC ํ”„๋กœ์ ํŠธ๋Š” Param Mining์„ ํ•˜๋Š” AddOn์ด ์„ ์ • ๋˜์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค. BurpSuite์˜ Param Miner๋ฅผ ๋ชจํ‹ฐ๋ธŒ๋กœ ์‰ฝ๊ฒŒ Miningํ•˜๋Š” ๊ฒƒ์ด ๋ชฉํ‘œ๊ฐ€ ๋˜์—ˆ๊ธฐ์—, Scripting๊ณผ Fuzzing์œผ๋กœ๋งŒ Param Mining์„ ์ œ ์ž…์žฅ์—์„  ๋งค์šฐ ๋ฐ˜๊ฐ€์šด ์†Œ์‹์ด์˜€์—ˆ์ฃ .

ZAPโšก๏ธ Replacer VS Sender Script

2 min read

ZAP์—์„œ ๋ชจ๋“  ์š”์ฒญ์— ์ƒˆ๋กœ์šด ํ—ค๋”๋‚˜ ๋ฐ์ดํ„ฐ๋ฅผ ์ถ”๊ฐ€ํ•˜๋ ค๋ฉด ์–ด๋–ป๊ฒŒ ํ•ด์•ผํ• ๊นŒ์š”? ๋ณดํ†ต์€ Replacer ๋ผ๋Š” ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด์„œ ๊ฐ’์„ ๋ณ€๊ฒฝํ•˜๊ฑฐ๋‚˜ ์ƒˆ๋กœ ์ถ”๊ฐ€ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๊ฐ„๋‹จํ•˜๊ฒŒ ZAP Scripting ๋ฐฐ์›Œ๋ณด๊ธฐ

1 min read

์˜ค๋Š˜์€ ZAP Scripting์„ ์ฒ˜์Œ ์ ‘ํ•  ๋•Œ ์ต์ˆ™ํ•ด์ง€๊ธฐ ์ข‹์€ ์˜ˆ์ œ ๋‘๊ฐ€์ง€๋ฅผ ์†Œ๊ฐœํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์ด ๊ธ€์„ ์ฝ์–ด์ฃผ์‹œ๋ฉด, ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ ์ž‘์„ฑ์œผ๋กœ ZAP์—์„œ ๋ฐ์ดํ„ฐ๋ฅผ ์กฐํšŒํ•˜๊ฑฐ๋‚˜, 3rd party ์Šค์บ”์„ ์š”์ฒญํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ์–ป์–ด๊ฐ€์‹ค ์ˆ˜ ์žˆ์„๊ฑฐ์—์š” ๐Ÿ˜Š

ZAP Forced User Mode!!

1 min read

์ œ๊ฐ€ ์ž‘๋…„๋ถ€ํ„ฐ ZAP์˜ Authentication / Authorization ๊ธฐ๋Šฅ๋“ค์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ๋งŽ์ด ํ–ˆ์—ˆ๋˜ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์‹ค์ œ๋กœ ํ…Œ์ŠคํŒ…์—๋„ ๋งŽ์€ ๋ถ€๋ถ„๋“ค์„ ์ ์šฉํ•˜๊ณ  ์‚ฌ์šฉํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Input/Custom Vectors๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ZAP์—์„œ ์ •๋ฐ€ํ•˜๊ฒŒ ์ทจ์•ฝ์  ์Šค์บ”ํ•˜๊ธฐ ๐ŸŽฏ

1 min read

Active Scan

๋จผ์ € Active Scan์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ๊ฐ€๋ณ๊ฒŒํ•˜๊ณ  ์‹œ์ž‘ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค. ZAP์˜ Active Scan์€ ์ˆ˜์ง‘๋œ URL์„ ๊ธฐ๋ฐ˜์œผ๋กœ ์ง€์ •๋œ ํŒจํ„ด, ๋กœ์ง์œผ๋กœ ์ž๋™ํ™”๋œ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์„ ํ•˜๋Š” ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ๋ณดํŽธ์ ์œผ๋ก  ์‚ฌ์ดํŠธ ์ „์ฒด์— ๋Œ€ํ•œ ์Šค์บ”์ด ๋งŽ์ด ์–ธ๊ธ‰๋˜์ง€๋งŒ, ZAP์˜ ๊ฐ•์  ์ค‘ ํ•˜๋‚˜๋Š” ์›ํ•˜๋Š” HTTP Request๋ฅผ ๋Œ€์ƒ์œผ๋กœ ๋‹จ๊ฑด์˜ ์Šค์บ๋‹์„ ์‰ฝ๊ฒŒ ํ•  ์ˆ˜ ์žˆ๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.

Zest script in CLI

2 min read

ZAP์˜ ๊ฐ•๋ ฅํ•œ ๊ธฐ๋Šฅ์ธ Scripting์—์„œ ํ•œ๋ฒˆ ๋” ๊ฐ•๋ ฅํ•˜๊ฒŒ ๋งŒ๋“ค์–ด ์ฃผ๋Š” ๊ฒƒ์ด ๋ฐ”๋กœ Zest script์ž…๋‹ˆ๋‹ค. JSON ๊ธฐ๋ฐ˜์˜ ์Šคํฌ๋ฆฝํŠธ๋กœ ์›น Req/Res ๊ทธ๋ฆฌ๊ณ  Headless browser์— ๋Œ€ํ•œ ์ปจํŠธ๋กค, ๋งˆ์ง€๋ง‰์œผ๋กœ Assertion ๋“ฑ ํ…Œ์ŠคํŒ… ๊ธฐ๋Šฅ์„ ์ด์šฉํ•ด ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ๋กœ ๋ณต์žกํ•œ ํ…Œ์ŠคํŒ…์„ ํ•  ์ˆ˜ ์žˆ๋Š” ์Šคํฌ๋ฆฝํŠธ์ž…๋‹ˆ๋‹ค. ์ž์„ธํ•œ ๋‚ด์šฉ์€ ์ œ๊ฐ€ ์ „์— ์ž‘์„ฑํ–ˆ๋˜ ๊ธ€๋“ค์„ ์ฐธ๊ณ ํ•ด์ฃผ์„ธ์š”.

ZAP์—์„œ Zest Script๋กœ Headless ๊ธฐ๋ฐ˜์˜ ์ธ์ฆ ์ž๋™ํ™” ์ฒ˜๋ฆฌํ•˜๊ธฐ

3 min read

์ตœ๊ทผ์— Headless ๊ธฐ๋ฐ˜์˜ Authentication script๋ฅผ ๋งŒ๋“ค๊ณ  ์žˆ์—ˆ๋Š”๋ฐ ์•ฝ๊ฐ„์˜ ์–ด๋ ค์›€์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์‹ค์ œ๋กœ headless browser๋ฅผ ํ†ตํ•ด ์ธ์ฆ ์ฒ˜๋ฆฌ๋Š” ์‰ฌ์šฐ๋‚˜ ๊ทธ ๋’ค์— ZAP์ด ์ด๋ฅผ ์ธ์ง€ํ•˜๊ฒŒ ํ•˜๋Š” ๊ฒƒ์ด ์‰ฝ์ง€๊ฐ€ ์•Š์•˜์—ˆ๋Š”๋ฐ์š”. ๋ฌธ๋œฉ ์ œ๊ฐ€ ์˜ˆ์ „์— Zest script๋ฅผ ์ž‘์„ฑํ•  ๋•Œ Client ๊ด€๋ จ ํ•ญ๋ชฉ์„ ๋ดค๋˜๊ฒŒ ๊ฐ‘์ž๊ธฐ ๊ธฐ์–ต์ด ๋‚˜์„œ GUI๋กœ ์ž‘์„ฑํ•ด๋ณด๋‹ˆ ์—ญ์‹œ๋‚˜ Client(Headless browser)๋ฅผ ์ง€์›ํ•˜๋Š”๊ฒŒ ๋งž์•˜๋„ค์š”.

ZAP Active Scan ์‹œ Progress์™€ Response chart ํ™œ์šฉํ•˜๊ธฐ

2 min read

์˜ค๋Š˜์€ ZAP์˜ ActiveScan์—์„œ ๋ณผ ์ˆ˜ ์žˆ๋Š” Progress์™€ Response chart์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ์ž ๊น ํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๋ญ”๊ฐ€ ํฌ๊ฒŒ ๋„์›€๋˜๋Š”๊ฑด ์•„๋‹ˆ์ง€๋งŒ ์Šต๊ด€์ ์œผ๋กœ ์ œ๊ฐ€ ์ฐฝ์— ๋„์–ด๋‘๊ณ  ์žˆ๋Š”๊ฒŒ ๋ฐ”๋กœ Scan์— ๋Œ€ํ•œ Progress์ธ๋ฐ์š”. ์™œ ๋„์šฐ๊ณ , ์–ด๋–ป๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”์ง€ ์ด์•ผ๊ธฐํ•ด๋ณด์ฃ .

ZAP Bookmarklet for Speed up

1 min read

Bookmarklet

Bookmarklet์€ Javascript ํ•จ์ˆ˜๋ฅผ Bookmark์— ์ถ”๊ฐ€ํ•˜์—ฌ ๋งˆ์น˜ ๋ธŒ๋ผ์šฐ์ € ํ™•์žฅ ๊ธฐ๋Šฅ๊ณผ ์œ ์‚ฌํ•˜๊ฒŒ ์‚ฌ์šฉํ•˜๋Š” ๊ธฐ๋ฒ•์œผ๋กœ ๊ฐ„๋‹จํ•œ ์ƒ์„ฑ ๋ฐฉ๋ฒ•์— ๋น„ํ•ด ์›น์—์„œ์˜ ๋ถˆํŽธํ–ˆ๋˜ ์ž‘์—…๋“ค์„ ๋‹จ์ถ•์‹œํ‚ฌ ์ˆ˜ ์žˆ์–ด์„œ ๋งŽ์€ ์‚ฌ๋žŒ๋“ค์ด ์• ์šฉํ•˜๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค.

ZAP HTTP Sessions๋ฅผ ํ†ตํ•ด ๊ฐ„ํŽธํ•˜๊ฒŒ ์„ธ์…˜ ๊ธฐ๋ฐ˜ ํ…Œ์ŠคํŒ…ํ•˜๊ธฐ

2 min read

ZAP์—๋Š” HTTP Sessions๋ผ๋Š” ๊ธฐ๋Šฅ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋ฆ„๊ณผ ์˜ต์…˜์— ์žˆ๋Š” ๋‚ด์šฉ์„ ๋ณด๊ณ  ์„ธ์…˜ ์ฒ˜๋ฆฌ ๊ด€๋ จ๋œ ๊ธฐ๋Šฅ์ด๊ตฌ๋‚˜ ์ƒ๊ฐ๋งŒ ํ–ˆ์ง€ ์‹ค์ œ๋กœ ํ•œ๋ฒˆ๋„ ์‚ฌ์šฉํ•ด๋ณด์ง€ ์•Š์•˜๋˜ ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ์˜ค๋Š˜ ๋†“์นœ ๊ธฐ๋Šฅ์ด ์žˆ์„๊นŒ ์‹ถ์–ด์„œ ๋ฉ”๋‰ด๋ฅผ ๋Œ์•„๋‹ค๋‹ˆ๋˜ ์ค‘ ๋ฐœ๊ฒฌํ•˜์—ฌ ํ…Œ์ŠคํŠธํ•ด๋ดค๋Š”๋ฐ ์ƒ๊ฐ๋ณด๋‹ค ํ…Œ์ŠคํŒ…์˜ ๋ถˆํŽธํ•จ์„ ์ค„์—ฌ์ค„ ์ˆ˜ ์žˆ๋Š” ๋ถ€๋ถ„์œผ๋กœ ๋ณด์—ฌ์„œ ๊ธ€๋กœ ์†Œ๊ฐœํ•ด๋“œ๋ฆฌ๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค :D

ZAP HUNT Remix

1 min read

์ œ๊ฐ€ ์˜ค๋žฌ๋™์•ˆ ์ž˜ ์จ์˜ค๋˜ ๋„๊ตฌ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ HUNT์ธ๋ฐ์š”! ์ € ๋˜ํ•œ ๋ถ„์„ํ•˜๋Š” ๋ฐฉ๋ฒ• ์ค‘ Data Driven Testing์„ ์„ ํ˜ธํ•˜๋Š” ํŽธ์ด๋ผ HUNT ์Šคํฌ๋ฆฝํŠธ๋ฅผ ์ •๋ง ์ž˜ ์“ฐ๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

Context Technology๋กœ ZAP ์Šค์บ” ์†๋„ ์˜ฌ๋ฆฌ๊ธฐ

~1 min read

ZAP์˜ Context(Scope)์—๋Š” Technology ๋ผ๋Š” ํ•ญ๋ชฉ์ด ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ์ด๋Š” Context > Technology ๊ฒฝ๋กœ์— ์กด์žฌํ•˜๋ฉฐ ์ž์„ธํžˆ ์‚ดํŽด๋ณด๋ฉด DB, Language, OS ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ Technology ๋ฆฌ์ŠคํŠธ์™€ ์ฒดํฌ๋ฐ•์Šค๊ฐ€ ์กด์žฌํ•ฉ๋‹ˆ๋‹ค. ๊ธฐ๋ณธ์ ์œผ๋กœ ์ „๋ถ€ ์ฒดํฌ๋˜์–ด ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP Structural Modifier

2 min read

์ €๋Š” ์ทจ์•ฝ์ ์„ ์ฐพ์„ ๋•Œ ์ค‘์š”ํ•œ 3๊ฐ€์ง€๋ฅผ ๋ฝ‘์œผ๋ผ๊ณ  ํ•œ๋‹ค๋ฉด ์•„๋งˆ๋„ ๊ธฐ์ˆ ์— ๋Œ€ํ•œ ์ดํ•ด, ๋Œ€์ƒ์— ๋Œ€ํ•œ ์ดํ•ด, ๊ทธ๋ฆฌ๊ณ  ์„ผ์Šค๋ฅผ ํƒํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ด์™ธ์—๋„ ์ค‘์š”ํ•œ ์š”์†Œ๋“ค์€ ์ •๋ง ๋งŽ๊ฒ ์ง€๋งŒ ์ด 3๊ฐ€์ง€๋Š” ์ผํ•  ๋•Œ ๊ฐ€์žฅ ๋งŽ์ด ๋Š๋ผ๋Š” ๋ถ€๋ถ„์ด์˜€์–ด์š”.

Ajax Spidering ์‹œ ๋ธŒ๋ผ์šฐ์ € ์—”์ง„ ๋ณ„ ์„ฑ๋Šฅ ๋น„๊ต ๐Ÿ

3 min read

ZAP์˜ AjaxSpider๋Š” headless browser๋ฅผ ํ†ตํ•ด์„œ ์ง์ ‘ ๋ธŒ๋ผ์šฐ์ง•ํ•˜๋ฉฐ Spidering ํ•˜๋Š” ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. ๊ธฐ๋ณธ์ ์œผ๋กœ๋Š” Firefox๊ฐ€ ์„ค์ •๋˜์–ด ์žˆ์ง€๋งŒ, ๊ฐœ์ธ์˜ ์ทจํ–ฅ์— ๋”ฐ๋ผ Chrome, PhantomJS ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ browser(headless or common)๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

MyEnv := ZAP+Proxify+Burp

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…ํ•˜์‹ค ๋–„ ์–ด๋–ค ๋„๊ตฌ๋“ค์„ ์‚ฌ์šฉํ•˜์‹œ๋‚˜์š”? ์ €๋Š” ZAP์„ ๋ฉ”์ธ์œผ๋กœ ๊ทธ๋ฆฌ๊ณ  Burpsuite๋ฅผ ๋ณด์กฐ ์Šค์บ๋„ˆ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์ œ๊ฐ€ 2021๋…„ ๋งˆ์ง€๋ง‰๊ธ€(โ€œ๋‚˜์˜ ๋ฉ”์ธ Weapon ์ด์•ผ๊ธฐโ€œ)์— Proxify์— ๋Œ€ํ•ด ์–ธ๊ธ‰์„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ด Proxify๋ฅผ ์ด์šฉํ•˜์—ฌ ์ œ๊ฐ€ ์ƒˆ๋กœ ๊ตฌ์„ฑํ•˜๋ ค๋Š” ๋ถ„์„ ํ™˜๊ฒฝ๊ณผ ์ด์œ , ๊ทธ๋ฆฌ๊ณ  ์ด๋ฅผ ํ†ตํ•ด ๋” ์–ป๊ณ ์ž ํ•˜๋Š” ๊ฒƒ๋“ค์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

System Hardening์„ ํ”ผํ•ด RCE๋ฅผ ํƒ์ง€ํ•˜๊ธฐ ์œ„ํ•œ OOB ๋ฐฉ๋ฒ•๋“ค

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ RCE(Remote Code Execution)๋ฅผ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•ด ์–ด๋–ค ๋ฐฉ๋ฒ•์„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋‚˜์š”? ์ €๋Š” ๊ฐœ์ธ์ ์œผ๋กœ OOB(Out-of-band)๋ฅผ ์ฆ๊ฒจ์„œ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. Sleep ๋“ฑ time ๊ธฐ๋ฐ˜๋„ ์ •ํ™• ํ•˜์ง€๋งŒ, ๋น„๋™๊ธฐ ๋กœ์ง์ด ๋งŽ์€ ์š”์ฆ˜ time ๋ณด๋‹จ oob๊ฐ€ ๋” ์ •ํ™•ํ•˜๋‹ค๊ณ  ์ƒ๊ฐ์ด ๋“œ๋„ค์š”. (๋ฌผ๋ก  ๋‘˜ ๋‹ค ์ฒดํฌํ•˜์ง€๋งŒ์š” ๐Ÿ˜Š)

Attack Surface Detector๋ฅผ ์ด์šฉํ•ด ์†Œ์Šค์ฝ”๋“œ์—์„œ Endpoint ์ฐพ๊ธฐ

1 min read

์ œ๊ฐ€ ์ผํ•  ๋•Œ ์ข…์ข… ์‚ฌ์šฉํ•˜๋Š” ZAP/Burp Addon์ด ์žˆ๋Š”๋ฐ, ์ตœ๊ทผ ์—๋Ÿฌ๊ฐ€ ์žˆ์–ด์„œ ์ฐพ๋‹ค๋ณด๋‹ˆ ์ œ๊ฐ€ ํ•œ๋ฒˆ๋„ ๋ธ”๋กœ๊ทธ์—์„œ ์–ธ๊ธ‰ํ•œ์ ์ด ์—†์—ˆ๋”๊ตฐ์š”. ๊ทธ๋ž˜์„œ ์˜ค๋Š˜์€ ๊ทธ ๋„๊ตฌ์ธ Attack surface detector์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

ZAP์˜ ์ƒˆ๋กœ์šด Networking Stack

2 min read

์ง€๋‚œ ๋ชฉ์š”์ผ ๋ฐค ZAP Developers Groups์— simon์ด ํ•œ๊ฐ€์ง€ ๋‚ด์šฉ์„ ๊ณต์œ ํ–ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ZAP์˜ Networking Layer์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๊ณ , ์ €๋Š” ์ œ๋ชฉ์„ ๋ณด์ž๋งˆ์ž ์–ด๋–ค ๋‚ด์šฉ์ธ์ง€ ์ง๊ฐํ–ˆ์Šต๋‹ˆ๋‹ค. (์ œ๊ฐ€ ์ •๋ง ๊ธฐ๋‹ค๋ ธ๋˜ ๋‚ด์šฉ์ด๊ฑฐ๋“ ์š” ๐Ÿคฉ)

Custom Payloads๋กœ ZAP ์Šค์บ๋‹ ๊ฐ•ํ™” ๐Ÿš€

3 min read

์˜ค๋Š˜์€ ์ œ๊ฐ€ ์ตœ๊ทผ์— ZAP์—์„œ ์•ฝ๊ฐ„ ๊ด€์‹ฌ์žˆ๊ฒŒ ๋ณด๊ณ ์žˆ๋˜ ๊ธฐ๋Šฅ ํ•˜๋‚˜๋ฅผ ์†Œ๊ฐœํ•ด๋“œ๋ฆด๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ฐ”๋กœ Custom Payloads์ธ๋ฐ์š”. Fuzzer๋‚˜ ZAP์˜ Scripting engine์„ ์‚ฌ์šฉํ•˜์ง€ ์•Š๊ณ  ์กฐ๊ธˆ ๋” ์‰ฝ๊ฒŒ ์ง€์ •๋œ ํŽ˜์ด๋กœ๋“œ ๊ธฐ๋ฐ˜์œผ๋กœ ํ…Œ์ŠคํŠธ๋ฅผ ํ•  ์ˆ˜ ์žˆ์–ด์„œ ์•Œ์•„๋‘์‹œ๋ฉด ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์ด๋‚˜ ์ž๋™ํ™” ๊ตฌํ˜„์—์„œ ์ž˜ ์‚ฌ์šฉํ•˜์‹ค ์ˆ˜ ์žˆ์„๊ฑฐ๋ž€ ์ƒ๊ฐ์ด ๋“ญ๋‹ˆ๋‹ค.

๋‚˜์˜ ๋ฉ”์ธ Weapon ์ด์•ผ๊ธฐ โš”๏ธ (ZAP and Proxify)

2 min read

ํ•œ๊ตญ ๊ธฐ์ค€์œผ๋กœ ์ƒˆํ•ด๊นŒ์ง€ ์•ฝ 30๋ถ„์ด ๋‚จ์•˜๊ณ , ์˜ฌํ•ด์˜ ๊ธ€์€ ์ด ๊ธ€์ด ๋งˆ์ง€๋ง‰ ๊ธ€์ด ๋  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ๋ถ„๋ช… 2020 ํšŒ๊ณ ํ•œ์ง€๊ฐ€ ์–ผ๋งˆ ์•ˆ๋œ ๊ฒƒ ๊ฐ™์€๋ฐ, ๋ฒŒ์จ 2021๋„ ํšŒ๊ณ ๋„ ์ด๋ฏธ ์ง€๋‚˜๋ฒ„๋ ธ๋„ค์š” ๐Ÿ˜ฑ

ZAP์˜ ์ƒˆ๋กœ์šด Import/Export Addon, ๊ทธ๋ฆฌ๊ณ  ๋ฏธ๋ž˜์— ๋Œ€ํ•œ ๋‡Œํ”ผ์…œ

1 min read

์ตœ๊ทผ์— ZAP ๋‚ด ์—ฌ๋Ÿฌ๊ฐ€์ง€ Import, Save ๊ด€๋ จ ๊ธฐ๋Šฅ๋“ค์ด โ€œImport/Exportโ€๋ž€ ์ด๋ฆ„์˜ ์ƒˆ๋กœ์šด Addon์œผ๋กœ ํ†ตํ•ฉ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์‚ฌ์šฉ์ž Interface ์ƒ์—์„  ๋ณ€ํ™”๊ฐ€ ์—†์–ด์„œ ํฌ๊ฒŒ ๋‹ฌ๋ผ์ง„ ๊ฑด ์—†์ง€๋งŒ ์ด๋ฅผ ํ†ตํ•ด ์•ž์œผ๋กœ์˜ ZAP์—์„œ Import/Export ๊ธฐ๋Šฅ์— ๋Œ€ํ•œ ๋ฐฉํ–ฅ์„ฑ์„ ์—ฟ๋ณผ ์ˆ˜ ์žˆ์–ด์„œ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค ๐Ÿ˜Ž

ZAP๊ณผ Burpsuite์—์„œ feedback ์ •๋ณด๋ฅผ ์ˆ˜์ง‘ํ•˜์ง€ ๋ชปํ•˜๋„๋ก ์ œํ•œํ•˜๊ธฐ

1 min read

์ตœ๊ทผ์— ZAP์˜ Core addon ์ค‘ ํ•˜๋‚˜์ธ Callhome์ด ์—…๋ฐ์ดํŠธ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ธฐ์กด์— Callhome์€ ๋‹จ์ˆœํžˆ ๋ฉ”์ธ์— News ์ •๋ณด๋ฅผ ๋ณด์—ฌ์ฃผ๊ธฐ ์œ„ํ•ด ๋งŒ๋“ค์–ด์ง„ ๊ธฐ๋Šฅ์ธ๋ฐ, ์ด๋ฒˆ์— Telemetry ๊ด€๋ จ ๋ถ€๋ถ„์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค.

Log4shell ์ „ ์„ธ๊ณ„์˜ ์ธํ„ฐ๋„ท์ด ๋ถˆํƒ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค ๐Ÿ”ฅ (CVE-2021-44228/CVE-2021-45046/CVE-2021-45105)

4 min read

๋„ค ๋ฐ”๋กœ ์–ด์ œ(2021-12-10) Java์˜ logging package์ธ log4j2 ์—์„œ RCE 0-day ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. Service, Application์— ๋กœ๊ทธ๋ฅผ ์Œ“์„์ˆ˜๋งŒ ์žˆ๋‹ค๋ฉด ์–ด๋–ค ํ™˜๊ฒฝ์—์„œ๋„ ๊ณต๊ฒฉ ๊ฐ€๋Šฅ์„ฑ์ด ์กด์žฌํ•˜๊ณ , ๋ฆฌ์Šคํฌ๊ฐ€ RCE์ธ ๋งŒํผ ์ •๋ง ์ „ ์„ธ๊ณ„๊ฐ€ ๋ถˆํƒ€์˜ค๋ฅด๊ณ  ์žˆ๋„ค์š”. (ํ•˜ํ•˜ DM๋„ ํ„ฐ์ ธ๋‚˜๊ฐ‘๋‹ˆ๋‹ค. ์•ˆ๋ณผ๊ฑฐ์—์š”โ€ฆโ€ฆ)

ZAP RootCA๋ฅผ API์™€ Cli-Arguments๋กœ ์ œ์–ดํ•˜๊ธฐ

2 min read

ZAP์— ์ƒˆ๋กœ์šด Addon์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค. ์ด Addon์„ ์ด์šฉํ•˜๋ฉด ZAP์˜ ์ธ์ฆ์„œ, ์ฆ‰ Root CA๋ฅผ API๋‚˜ Cli๋“ฑ์œผ๋กœ ์ปจํŠธ๋กคํ•  ์ˆ˜ ์žˆ๋„๋ก ๊ธฐ๋Šฅ์ด ์ง€์›๋ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ํ™œ์šฉํ•˜๋ฉด Daemon ๋ชจ๋“œ๋กœ ๋™์ž‘ํ•˜๊ฑฐ๋‚˜ CI/CD Pipeline ๋“ฑ์—์„œ ์‚ฌ์šฉ ์‹œ ์กฐ๊ธˆ ๋” ์‰ฝ๊ฒŒ ์ธ์ฆ์„œ ์ฒ˜๋ฆฌ๋ฅผ ํ•  ์ˆ˜ ์žˆ๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

DOM XSS? ๊ทธ๋ ‡๋‹ค๋ฉด Eval Villain

2 min read

์˜ฌํ•ด ์ดˆ Burpsuite์—์„  DOM Invador๋ผ๋Š” ๋„๊ตฌ๋ฅผ ๊ณต๊ฐœํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์ œ๊ฐ€ ๊ฐ€๋ณ๊ฒŒ ๋ฆฌ๋ทฐํ•  ๋•Œ์—๋„ ์ด์•ผ๊ธฐ๋“œ๋ ธ์ง€๋งŒ DOM ๊ธฐ๋ฐ˜ ํ…Œ์ŠคํŒ…์—์„  ๊ต‰์žฅํžˆ ์œ ์šฉํ•˜๊ธฐ ๋•Œ๋ฌธ์— Burpsuite ์‚ฌ์šฉ์ž๋Š” ๋ฌผ๋ก  ZAP ๋“ฑ ๋‹ค๋ฅธ ๋„๊ตฌ ์‚ฌ์šฉ์ž๋„ ์ถฉ๋ถ„ํžˆ ๊ด€์‹ฌ๊ฐ€์ง€๊ณ  ํ…Œ์ŠคํŠธ ๋•Œ ์—ด์–ด์„œ ์จ๋ด์•ผํ•  ์ •๋„์˜ ๋„๊ตฌ์˜€์—ˆ์ฃ .

ZAP Browser์—์„œ Extension ์˜๊ตฌ ์ ์šฉํ•˜๊ธฐ

1 min read

์ตœ๊ทผ ZAP์˜ Extension ์ค‘ selenium ๊ด€๋ จ ์—…๋ฐ์ดํŠธ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฌด์‹ฌํžˆ Change ๋‚ด์šฉ์„ ๋ดค๋‹ค๊ฐ€ โ€œSupport for browser extensionโ€ ๋ฌธ๊ตฌ๋ฅผ ๋ณด์ž๋งˆ์ž ๋ฐ˜๊ฐ€์šด ๋งˆ์Œ์— ๋ฐ”๋กœ ๊ธ€ ์ž‘์„ฑ์„ ์‹œ์ž‘ํ—€์ฃ  ๐Ÿ˜Ž

ZAP ์Šคํฌ๋ฆฝํŒ…์œผ๋กœ ๋น ๋ฅด๊ฒŒ Fake Response ๋งŒ๋“ค๊ธฐ

~1 min read

Response ๋ณ€์กฐ๋Š” ์ธ์ฆ ์ ˆ์ฐจ๋‚˜ ๋น„์ฆˆ๋‹ˆ์Šค ๋กœ์ง์„ ์šฐํšŒํ•  ๋•Œ ์ž์ฃผ ์‚ฌ์šฉ๋˜๋Š” ๊ณต๊ฒฉ ๋ฐฉ๋ฒ• ์ค‘ ํ•˜๋‚˜์ž…๋‹ˆ๋‹ค. ๋ณดํ†ต์€ proxy๋กœ ์š”์ฒญ์„ ์žก์•„ ์ง์ ‘ response๋ฅผ ์ˆ˜์ •ํ•˜์—ฌ continue ํ•˜๋Š” ํ˜•ํƒœ๋กœ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค.

Solving issue the POST scan in zap-cli not work

1 min read

During the test, I found that POST-based scanning(active-scan / quick-scan) was not working in zap-cli ๐Ÿ˜ฑ This problem is zap-cli issue, and it has already been reported as an issue below.

์ด์ œ Interact.sh ๊ฐ€ ZAP OAST์—์„œ ์ง€์›๋ฉ๋‹ˆ๋‹ค

1 min read

์ตœ๊ทผ์— ZAP OAST(Callback ๊ธฐ๋Šฅ)์— projectdiscovery์˜ Interactsh ์ง€์›์ด ์ถ”๊ฐ€๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์•ฝ 2์ฃผ์ „์— commit ๋ฌ๊ณ  ์ €๋„ ์ธ์ง€ํ•œ์ง€ ์ข€ ๋ฌ์—ˆ๋Š”๋ฐ, ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ์ž‘์„ฑํ•˜๋„ค์š” ๐Ÿ˜

ZAP update domains (core and addon)

~1 min read

์ตœ๊ทผ์— ZAP์˜ ์—…๋ฐ์ดํŠธ ์„œ๋ฒ„ ์ฃผ์†Œ ๊ด€๋ จํ•ด์„œ ํ™•์ธํ• ๊ฒŒ ์žˆ์–ด์„œ user-groups์— ๋ฌธ์˜๋ฅผ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋•๋ถ„์— ์‰ฝ๊ฒŒ ์—…๋ฐ์ดํŠธ ์ฃผ์†Œ๋ฅผ ํ™•์ธ ํ–ˆ์ง€๋งŒ ๋ฉ”๋ชจํ•ด๋‘๋ฉด ์ข‹์„ ๋‚ด์šฉ๋“ค์ด ์žˆ์–ด์„œ ์ •๋ฆฌํ•ด์„œ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋‘ก๋‹ˆ๋‹ค.

ZAP 2.11 Review โšก๏ธ

1 min read

์ตœ๊ทผ์— Simon, ZAP ๊ณต์‹ ํŠธ์œ„ํ„ฐ ๊ณ„์ •์—์„œ 2.11์— ๋Œ€ํ•œ ๋ฆด๋ฆฌ์ฆˆ๊ฐ€ ์ž„๋ฐ•ํ–ˆ์Œ์„ ์•Œ๋ ธ์Šต๋‹ˆ๋‹ค.

ZAP Script-base Authentication

3 min read

์ตœ๊ทผ์— ZAP์˜ 2๊ฐ€์ง€ ๊ธฐ๋Šฅ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐ๋ฅผ ๋“œ๋ ธ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ Authentication Spidering๊ณผ Access Control ํ…Œ์ŠคํŠธ์ธ๋ฐ์š”. ์ด 2๊ฐ€์ง€ ๊ธฐ๋Šฅ์˜ ํ•ต์‹ฌ์ ์ธ ๋ถ€๋ถ„์€ ZAP์—์„œ ์ œ๊ณตํ•˜๋Š” Authentication๊ณผ User๋ฅผ ํ™œ์šฉํ•ด์„œ ๋กœ๊ทธ์ธ/๋กœ๊ทธ์•„์›ƒ ํ”Œ๋กœ์šฐ๋ฅผ ๊ตฌํ˜„ํ•˜๋Š” ๊ฒƒ์ธ๋ฐ์š”.

ZAP์˜ fuzz-script๋ฅผ ์ด์šฉํ•ด Fuzzing ์Šคํ‚ฌ ์˜ฌ๋ฆฌ๊ธฐ

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ Fuzzing ๋งŽ์ด ํ•˜์‹œ๋‚˜์š”? ์›นํ•ดํ‚น.. ์•„๋‹ˆ ๋Œ€๋‹ค์ˆ˜ ๋ณด์•ˆ ํ…Œ์ŠคํŒ…์—์„œ Fuzzing์€ ๋งŽ์€ ์‹œ๊ฐ„์„ ์ฐจ์ง€ ํ•˜๊ธฐ๋„ ํ•˜๊ณ , ๋ฐ˜๋Œ€๋กœ ์‹œ๊ฐ„์„ ์ค„์—ฌ์ฃผ๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์›น ํ…Œ์ŠคํŒ…์—์„œ ZAP์„ ์ด์šฉํ•ด Fuzzingํ•  ๋•Œ Script๋ฅผ ์ด์šฉํ•ด์„œ ์กฐ๊ธˆ ๋” ๋‚˜์€ ํ…Œ์ŠคํŒ…์„ ํ•˜๋Š” ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Authentication Spidering in ZAP

3 min read

์ตœ๊ทผ ZAP์˜ Auth(Authentication, Authorization) ๊ด€๋ จ ๊ธฐ๋Šฅ๊ณผ ์„ธ์…˜์— ๋Œ€ํ•œ ๋ถ€๋ถ„์„ ํŒŒํ—ค์น˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ œ๊ฐ€ ์ž˜ ๋ชจ๋ฅด๊ณ  ์‚ฌ์šฉํ•˜์ง€ ์•Š์•˜๋˜ ๊ธฐ๋Šฅ๋“ค์ธ๋ฐ, ์•Œ๊ณ ๋‚˜๋‹ˆ ์ง€๊ธˆ๊นŒ์ง€ ์•ฝ๊ฐ„ ๋‹ต๋‹ตํ•˜๊ฒŒ ์ผํ–ˆ๋˜ ์ œ๊ฐ€ ๋ถ€๋„๋Ÿฌ์›Œ์ง€๋„ค์š”.

Testing Access-Control with ZAP

3 min read

์—ฌ๋Ÿฌ๋ถ„๋“ค์€ ์„ธ์…˜์— ๋Œ€ํ•œ ์ ‘๊ทผ ๊ถŒํ•œ, Authorization์— ๋Œ€ํ•œ ๋ถ€๋ถ„๋“ค์„ ์ ๊ฒ€ํ•˜์‹ค ๋•Œ ์–ด๋–ค ํ˜•ํƒœ๋กœ ํ…Œ์ŠคํŠธํ•˜์‹œ๋‚˜์š”?

ZAP์— ๊ณง ์ถ”๊ฐ€๋  FileUpload AddOn ์‚ดํŽด๋ณด๊ธฐ

1 min read

์ตœ๊ทผ์— ZAP Weekly ๋ฒ„์ „์— ์ƒˆ๋กœ์šด ๊ธฐ๋Šฅ์ด ์ถ”๊ฐ€๋ฌ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ FileUpload ๋ผ๋Š” AddOn ํ˜•ํƒœ๋กœ ์ถ”๊ฐ€๋œ ๊ธฐ๋Šฅ์ธ๋ฐ์š”, ์ด ๊ธฐ๋Šฅ์€ File upload ๊ด€๋ จ ์ทจ์•ฝ์ ์„ ์‹๋ณ„ํ•˜๊ณ  ์Šค์บ๋‹ํ•  ์ˆ˜ ์žˆ๋„๋ก ๋„์™€์ฃผ๋Š” ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

ZAP Automation GUI

1 min read

์ตœ๊ทผ์— ZAP Automation framework๊ฐ€ 0.4 ๋ฒ„์ „์œผ๋กœ ์—…๋ฐ์ดํŠธ ๋ฌ์Šต๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ œ๊ฐ€ 0.4 ๋ฒ„์ „์„ ๊ธฐ๋‹ค๋ฆฐ ๊ฒƒ์€ ์•„๋ž˜ ๋‚ด์šฉ ๋•Œ๋ฌธ์ธ๋ฐ์š”, StackHawk์—์„œ ์ŠคํŠธ๋ฆฌ๋ฐ์œผ๋กœ ์ง„ํ–‰ํ•œ Automation Framework์— ๋Œ€ํ•œ ์†Œ๊ฐœ ๋‚ด์šฉ ์ค‘ ZAP์—์„œ UI๋กœ Automation Framework๋ฅผ ์ปจํŠธ๋กคํ•˜๋Š” ์žฅ๋ฉด์ด ์žกํ˜”์—ˆ๊ณ , Simon์—๊ฒŒ ๋ฌผ์–ด๋ณด๋‹ˆ 0.4 ๋ฒ„์ „๋Œ€ ๊ธฐ๋Šฅ์ด๋ผ๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

ZAP OAST ๋ฆด๋ฆฌ์ฆˆ! ์ด์ œ ZAP์—์„œ Out-Of-Band๊ฐ€ ๋” ์‰ฌ์›Œ์ง‘๋‹ˆ๋‹ค ๐Ÿš€

4 min read

์˜ค๋Š˜ ZAP OAST๊ฐ€ Alpha ๋ฒ„์ „์œผ๋กœ release ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ง€๋‚œ๋ฒˆ์— ์ด์•ผ๊ธฐ๋“œ๋ฆฐ๋Œ€๋กœ OAST๋Š” callback ๊ณผ ๋น„์Šทํ•˜๊ฒŒ Out-Of-Band๋ฅผ ์‹๋ณ„ํ•˜๊ธฐ ์œ„ํ•œ ๋„๊ตฌ๋กœ SSRF, RCE ๋“ฑ์—์„œ ๊ต‰์žฅํžˆ ์œ ์šฉํ•˜๊ฒŒ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP OAST ๋ฏธ๋ฆฌ ๊ตฌ๊ฒฝํ•˜๊ธฐ (for OOB)

2 min read

ZAP developers์— ์ปจํ…์ธ  ํ•˜๋‚˜๊ฐ€ ๊ณต์œ ๋˜์—ˆ๋Š”๋ฐ์š” ๋ฐ”๋กœ OAST์— ๋Œ€ํ•œ ๋‚ด์šฉ์ด์˜€์Šต๋‹ˆ๋‹ค. OAST๋Š” ์ด๋ฒˆ์— ZAP core team(akshath)์—์„œ ์‹ ๊ทœ๋กœ ๊ฐœ๋ฐœ์ค‘์ธ AddOn์ž…๋‹ˆ๋‹ค. ๊ธฐ์กด zap callback ๊ธฐ๋Šฅ์— burp suite์˜ collaborator ์™€ ๊ฐ™์ด out-of-band๋ฅผ ์‰ฝ๊ฒŒ ํ…Œ์ŠคํŠธํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•ด์ฃผ๋Š” AddOn์ž…๋‹ˆ๋‹ค.

ZAP Plug-n-Hack์„ ์ด์šฉํ•œ DOM/PostMessage ๋ถ„์„

2 min read

Plug-n-Hack(PnH)

Plug-n-hack, ์ฆ‰ PnH๋Š” Mozilla ๋ณด์•ˆํŒ€์ด ์ œ์•ˆํ•œ ํ‘œ์ค€์œผ๋กœ ๋ณด์•ˆ ๋„๊ตฌ์™€ ๋ธŒ๋ผ์šฐ์ €๊ฐ„์˜ ์ƒํ˜ธ ์ž‘์šฉ์„ ์‰ฝ๊ณ  ์œ ์šฉํ•˜๊ฒŒ ํ•  ์ˆ˜ ์žˆ๋„๋ก ๋งŒ๋“ค์–ด์ง„ ๋ฐฉ๋ฒ•์„ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค.

ZAP Scanning to Swagger Documents

~1 min read

OpenAPI in ZAP

ZAP์€ ๋‹จ์ˆœํžˆ url ๋ฆฌ์ŠคํŠธ๋ฅผ import ํ•˜๋Š” ๊ธฐ๋Šฅ ์ด์™ธ์—๋„ GraphQL endpoint๋‚˜ OpenAPI๋ฅผ import ํ•˜๋Š” ๊ธฐ๋Šฅ์„ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์—ฌ๊ธฐ์„œ OpenAPI Import๋ฅผ ํ™œ์šฉํ•˜๋ฉด ๋ณดํ†ต API Spec์— ๋งŽ์ด ์‚ฌ์šฉ๋˜๋Š” SwaggerUI์˜ doc ๋ฐ์ดํ„ฐ๋ฅผ ๊ฐ€์ง€๊ณ  Example ์ฝ”๋“œ์— ๋งž๊ฒŒ API ๋ฐ์ดํ„ฐ๋ฅผ ๋กœ๋“œํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Customize request/response panel in ZAP

1 min read

์˜ค๋Š˜์€ ZAP์˜ ์†Œ์†Œํ•œ ํŒ ํ•˜๋‚˜๋ฅผ ๊ณต์œ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ๋ณดํ†ต Request/Response ํƒญ์€ Layout ์ •๋„๋งŒ ๋ณ€๊ฒฝํ•˜๊ณ  ๊ธฐ๋ณธ ๊ฐ’์„ ์‚ฌ์šฉํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ๋งŽ์€๋ฐ์š” ์‚ฌ์‹ค ZAP์˜ Request/Response ํƒญ์€ ์ƒ๊ฐ๋ณด๋‹ค ๋””ํ…Œ์ผํ•˜๊ฒŒ ์„ค์ •์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

ZAP Passive Scan Tags์™€ Neonmarker ๊ทธ๋ฆฌ๊ณ  Highlighter

2 min read

๋งŽ์€ ์–‘์˜ Web URL์„ ๋ถ„์„ํ•˜๊ฒŒ ๋˜๋ฉด ๋ˆˆ์— ์ž˜ ์•ˆ๋“ค์–ด์˜ค๊ณ , ์ค‘์š”ํ•œ ๋ถ€๋ถ„๋“ค์„ ๋†“์น˜๊ธฐ ๋งˆ๋ จ์ธ๋ฐ highlight ๊ด€๋ จ ๊ธฐ๋Šฅ๋“ค์€ ์กฐ๊ธˆ ๋” ์ค‘์š”ํ•œ ํฌ์ธํŠธ์— ์ง‘์ค‘์„ ํ•  ์ˆ˜ ์žˆ๋„๋ก ํฌ์ธํŠธ๋ฅผ ์žก์•„์ฃผ๊ธฐ ๋•Œ๋ฌธ์— ๊ฐœ์ธ์ ์œผ๋กœ๋Š” ์ž˜ ํ™œ์šฉํ•˜๋Š”๊ฒŒ ๋ถ„์„ํ•จ์— ์žˆ์–ด์„œ ํฐ ๋„์›€์ด ๋œ๋‹ค๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

ZAP Automation

2 min read

์˜ฌ ์ดˆ์— ์ฒ˜์Œ ์—ด๋ฆฐ ZAPCon 2021์—์„œ ZAP Automation at Scale์ด๋ž€ ์„ธ์…˜์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ ๋•Œ ๋‹น์‹œ์—๋Š” ๊ทธ๋ƒฅ ZAP Automation Addon์„ ํ†ตํ•ด ๊ธฐ์กด ์ž๋™ํ™” ์ž‘์—…์„ ์ข€ ๋” ์‰ฝ๊ฒŒ ๊ตฌ์„ฑํ•  ์ˆ˜ ์žˆ๋‹ค ์ •๋„๋กœ ๋ฐ›์•„๋“œ๋ ธ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ์— Scan Policy ๊ด€๋ จํ•ด์„œ ๋น„์Šทํ•œ ๊ณ ๋ฏผ์„ ํ•˜๋‹ค๋ณด๋‹ˆ ZAP Automation์˜ ์žฅ์ ์ด ๋ˆˆ์— ๋ณด์˜€์Šต๋‹ˆ๋‹ค.

ZAP Token Generation and Analysis ์‚ดํŽด๋ณด๊ธฐ

1 min read

ZAP์—๋Š” Token Generation and Analysis๋ž€ Addon์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์‚ฌ์‹ค ์ด๋ฆ„๋งŒ ๋ณด๊ณ  ์˜ˆ์ „๋ถ€ํ„ฐ ์„ค์น˜๋Š” ํ•ด๋‘์—ˆ๋Š”๋ฐ ํ•œ๋ฒˆ๋„ ์‚ฌ์šฉํ•˜์ง€ ์•Š์•˜๋˜ ๊ฒƒ ๊ฐ™๋„ค์š”.. ๊ทธ๋ž˜์„œ ์˜ค๋Š˜ ํ•œ๋ฒˆ ์‚ฌ์šฉํ•ด๋ณด๊ณ  ์ •ํ™•ํžˆ ์–ด๋–ค ๋„๊ตฌ์ธ์ง€, ์–ด๋–ค ์šฉ๋„๋กœ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์„์ง€ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Options rule configuration in ZAP

1 min read

ZAP์—์„œ ์˜ต์…˜์ชฝ ์ข€ ๋ณด๋‹ค๊ฐ€ Rule configuration ์ด๋ž€ ๋ถ€๋ถ„์ด ์žˆ๋Š”๋ฐ, ์ œ๊ฐ€ ์•„๋Š” ์ผ๋ฐ˜์ ์ธ ์Šค์บ” ๋ฃฐ ์„ค์ •์ด๋ผ๋Š” ๋‹ฌ๋ผ์„œ ๊ธด๊ฐ€๋ฏผ๊ฐ€ํ•œ ๋ถ€๋ถ„์ด ์žˆ์–ด ๋‚ด์šฉ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

ZAP context based scanning

1 min read

ZAP์—์„œ์˜ quickscan์ด๋‚˜ spider, active scan ๋“ฑ์„ ๊ธฐ๋ณธ์ ์œผ๋กœ ๋‹ค์ค‘ URL์„ ์ง€์›ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์˜ˆ์ „์— ์•„๋ž˜ ํฌ์ŠคํŠธ์™€ ๊ฐ™์€ ๋ฐฉ๋ฒ•์œผ๋กœ API๋ฅผ ์ด์šฉํ•œ ๋ฐฉ๋ฒ•, ๊ทธ๋ฆฌ๊ณ  ๋ณ„๋„์˜ ๋„๊ตฌ๋ฅผ ๋งŒ๋“ค์–ด์„œ ์Šค์บ”ํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ์‚ฌ์šฉํ•˜๊ณค ํ–ˆ์Šต๋‹ˆ๋‹ค.

How to set ZAP active scan input vector in daemon mode

1 min read

What is ZAP Active Scan Input Vector?

Active Scan Input Vector๋Š” ZAP์—์„œ Active Scan ์‹œ Injection ์˜์—ญ์„ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค. ๋ฌผ๋ก  ํŠน์ • Injection ์ทจ์•ฝ์ ์„ ์˜๋ฏธํ•˜๋Š” ๊ฑด ์•„๋‹ˆ๊ณ  ์ ๊ฒ€ํ•  ๋ถ€๋ถ„์ด๋ผ๊ณ  ๋ณด์‹œ๋Š”๊ฒŒ ๋” ์ ํ•ฉํ•ฉ๋‹ˆ๋‹ค. ZAP์˜ ๊ธฐ๋ณธ๊ฐ’์€ URL + POST๋กœ ๊ธฐ๋ณธ์ ์œผ๋กœ URI/Param ๋“ฑ์— ๋Œ€ํ•ด์„œ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜์ง€๋งŒ ์ฟ ํ‚ค๋‚˜ ํ—ค๋”๋“ฑ์—๋Š” ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค. (์‹œ๊ฐ„์ด ์˜ค๋ž˜๊ฑธ๋ ค์„œ, ์ด๋Š” ZAP์ด CICD์— ๋งŽ์ด ๋“ค์–ด๊ฐ€๊ธฐ ๋•Œ๋ฌธ)

Make and change default scan policy in ZAP cli interface

1 min read

ZAP Scan Policy

ZAP์€ Passive/Active Scan์— ๋Œ€ํ•œ ์ •์ฑ…์„ ์ปค์Šคํ…€ํ•˜๊ฒŒ ๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ๋„๋ก ์ œ๊ณตํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Š” ๋‹จ์ˆœํžˆ ํ•ด๋‹น ์Šค์บ” ๋ชจ๋“ˆ์˜ ์‚ฌ์šฉ ์—ฌ๋ถ€ ๋ฟ๋งŒ ์•„๋‹ˆ๋ผ Risk level๋„ ์กฐ์ •ํ•  ์ˆ˜ ์žˆ์–ด ์Šค์บ๋„ˆ๋กœ ํ™œ์šฉํ•˜๊ธฐ์—๋„ ์ข‹์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ์ธ์ง€ DevSecOps๋ฅผ ๊ตฌ์ถ•ํ•  ๋•Œ ZAP์€ ์ž์ฃผ ๊ฑฐ๋ก ๋˜๋Š” DAST ์Šค์บ๋„ˆ์ด๊ธฐ๋„ ํ•˜์ฃ .

ZAP Forced browse ์™€ Fuzz์—์„œ Sync wordlist ์‚ฌ์šฉํ•˜๊ธฐ

3 min read

Forced Browse๋Š” ๋”•์…”๋„ˆ๋ฆฌ ๊ธฐ๋ฐ˜ ๋˜๋Š” ๋‹จ์ˆœ ๋ธŒ๋ฃจํŠธํฌ์Šค๋ฆ ํ†ตํ•ด์„œ ์„œ๋น„์Šค์—์„œ ๊ฒฝ๋กœ์™€ ํŽ˜์ด์ง€๋ฅผ ์‹๋ณ„ํ•˜๋Š” ๋ฐฉ๋ฒ•์ž…๋‹ˆ๋‹ค. ์•„์ฃผ ์ „ํ†ต์ ์ด์ง€๋งŒ Recon ์ธก๋ฉด์—์„  ์•„์ง๋„ ๊ต‰์žฅํžˆ ์ค‘์š”ํ•œ ๋ถ€๋ถ„์ด๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์ด๋Ÿฌํ•œ ์ž‘์—…๋“ค์„ ์œ„ํ•ด์„œ ๊ธฐ์กด์˜ dirsearch, dirbuster ๋“ฑ์˜ ๋„๊ตฌ๋ถ€ํ„ฐ ์ตœ๊ทผ feroxbuster, gobuster ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ธฐ๋Šฅ๊ณผ ๊ฐœ์„ ์„ ์ ์šฉํ•œ ์ƒˆ๋กœ์šด ๋„๊ตฌ๋“ค๋„ ๋Š์ž„์—†์ด ๋‚˜์˜ค๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

Zest์™€ ZAP์„ ์ด์šฉํ•œ Semi-Automated Security Testing

3 min read

What is Zest script

Zest script๋Š” ZAP์—์„œ ์ œ๊ณตํ•˜๋Š” ์Šคํฌ๋ฆฝํŒ… ์–ธ์–ด๋กœ ZAP ๋‚ด๋ถ€์—์„œ์˜ ์š”์ฒญ๊ณผ ์ฒ˜๋ฆฌ ๋“ฑ ๋งŽ์€ ๊ธฐ๋Šฅ์„ JSON ๊ธฐ๋ฐ˜์˜ ์Šคํฌ๋ฆฝํŠธํ™” ํ•˜๊ณ  ์‚ฌ์šฉ/๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ๋Š” ์–ธ์–ด์ž…๋‹ˆ๋‹ค. BurpSuite ๋“ฑ ๋‹ค๋ฅธ ๋ฉ”๋‰ด์–ผ ํ…Œ์ŠคํŒ… ๋„๊ตฌ์—์„œ๋Š” ์—†๋Š” ZAP๋งŒ์˜ ๊ฐ•์ ์ธ ๊ธฐ๋Šฅ์ด์ฃ .

How to applying IntelliJ theme in ZAP

1 min read

์–ด์ œ BurpSuite์˜ Customizer์— ๋Œ€ํ•œ ๊ธ€์„ ์ผ์—ˆ์Šต๋‹ˆ๋‹ค. BurpSuite์—์„œ FlatLaf์˜ IntelliJ Theme๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•ด์ฃผ๋Š” ํ™•์žฅ ๊ธฐ๋Šฅ์ด์˜€๊ณ , ๊ธ€ ๋ง๋ฏธ์™€ ๋Œ“๊ธ€์—๋„ ์ž‘์„ฑํ–ˆ๋“ฏ์ด ZAP ๋˜ํ•œ 2.10 ๋ฒ„์ „๋ถ€ํ„ฐ FlatLaf๋ฅผ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๊ตฌํ˜„์ด ๊ฐ€๋Šฅํ• ๊ฑฐ๋ž€ ์ƒ๊ฐ์ด ๋“ค์—ˆ์—ˆ์Šต๋‹ˆ๋‹ค.

ZAP 2.10 Review โšก๏ธ

3 min read

2020 ๋งˆ์ง€๋ง‰์ด ์–ผ๋งˆ ๋‚จ์ง€ ์•Š์€ ์˜ค๋Š˜ ๋“œ๋””์–ด ZAP 2.10.0์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋™์•ˆ dark mode ๋“ฑ์„ ์ด์œ ๋กœ weekly ๋ฒ„์ „์„ ์‚ฌ์šฉํ–ˆ์—ˆ๋Š”๋ฐ, ์ด์ œ๋Š” ๊ณต์‹ ๋ฒ„์ „์œผ๋กœ ๋„˜์–ด๊ฐ€๋„ ์ข‹์„ ๊ฒƒ ๊ฐ™๋„ค์š”.

Why I Use ZAP

5 min read

Army-Knife for AppSec

Application Security ๋˜๋Š” Pentest, Bugbounty ๋“ฑ ์ „๋ฐ˜์ ์ธ Offensive security ๊ด€๋ จ ์ผ์—์„œ ๊ฐ€์žฅ ํ•ต์‹ฌ์ ์ธ ๋„๊ตฌ๋Š” Burp/ZAP ๊ณผ ๊ฐ™์€ Proxy ๋„๊ตฌ์ž…๋‹ˆ๋‹ค. ์ดˆ๊ธฐ์—๋Š” Proxy ๋„๊ตฌ๋ผ๋Š” ์„ฑํ–ฅ์ด ๊ฐ•ํ–ˆ์ง€๋งŒ, ์ด์ œ๋Š” Proxy ๋„๊ตฌ๋ผ๊ธฐ ๋ณด๋‹จ Army-Knife ๋ผ๊ณ  ๋ณด๋Š”๊ฒŒ ๋” ์ ํ•ฉํ•  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.

Make cloud base ZAP Scanning Environment Using github-action

1 min read

Hi hackers and bugbounty hunters :D Today, I talk about building a github-action-based ZAP scanning environment. As you know, there is no time limit for public repo, so you can configure a cloud-based vulnerability scanner for free ๐Ÿ˜‰

How to add custom header in ZAP and zap-cli

3 min read

The zap-cli is a tool that helps make ZAP easy to use on the command line. From simple scanning to CI/CD Pipeline, itโ€™s a tool thatโ€™s used everywhere. Unlike other scanners, it does not support custom headers.

One custom certificate, Using all tools and your devices (for bug bounty/pentesting)

5 min read

์ €๋Š” Burp pro / ZAP / Cli base proxy 3๊ฐ€์ง€ ๋ชจ๋‘๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋‹จ์ˆœํžˆ ์›น๋งŒ ํ…Œ์ŠคํŒ…ํ•  ๋• ํฌ๊ฒŒ ์™€๋‹ฟ์ง€ ์•Š์ง€๋งŒ, ๋ชจ๋ฐ”์ผ์„ ํ…Œ์ŠคํŠธํ•  ๋• ์ธ์ฆ์„œ๊ฐ€ ์ƒ๋‹นํžˆ ๊ท€์ฐฎ์Šต๋‹ˆ๋‹ค. (ํŠนํžˆ ์ž„์‹œ๋กœ ์‚ฌ์šฉํ•˜๋Š” ํฐ๋“ค์€..)

Find reflected parameter on ZAP for XSS!

1 min read

์˜ฌํ•ด๋ถ€ํ„ฐ ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ ์‹œ ์‚ฌ์šฉํ•˜๊ธฐ ์ข‹์€ ์›น ํ•ดํ‚น ๋„๊ตฌ๋“ค์„ ์ •๋ฆฌํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ์ค‘์—” BurpSuite์™€ ZAP์˜ ํ™•์žฅ ๊ธฐ๋Šฅ ์ปฌ๋ ‰์…˜๋„ ์žˆ๊ณ  ํŠธ์œ—ํ†ตํ•ด ์ถ”์ฒœ์„ ๋ฐ›๋˜ ์ค‘ ์“ธ๋งŒํ•œ ZAP ํ™•์žฅ ๊ธฐ๋Šฅ์„ ์ฐพ์•„ ๊ธ€๋กœ ๊ฐ„๋žตํ•˜๊ฒŒ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

How to import external spidering output to Burpsuite or ZAP

1 min read

Normally, BurpSuite or ZAP is the main tool of testing during bugbounty or security testing. Itโ€™s good to navigate directly with the spider function in there, but sometimes you need help from an external crawler. (especially when using a waybackmachine) ํ‰์†Œ์— ๋ฒ„๊ทธ๋ฐ”์šดํ‹ฐ๋‚˜ ํ…Œ์ŠคํŒ… ์‹œ BurpSuite์—์„œ ์ฃผ๋กœ ํ…Œ์ŠคํŒ…์„ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค. Burp์—์„œ์˜ spider ๊ธฐ๋Šฅ๊ณผ ์ง์ ‘ ๋Œ์•„๋‹ค๋‹ˆ๋Š”๊ฒŒ ์ข‹๊ธดํ•˜์ง€๋งŒ, ๋•Œ๋ก  ์™ธ๋ถ€ ํฌ๋กค๋Ÿฌ์˜ ๋„์›€์ด ํ•„์š”ํ• ๋•Œ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. (ํŠนํžˆ waybackmachine์„ ์‚ฌ์šฉํ• ๋•์š”)

Using the Flat Darcula theme(dark mode) in ZAP!!

~1 min read

ํŠธ์œ„ํ„ฐ๋ฅผ ๋ณด๋˜ ์ค‘ ์‚ฌ์ด๋จผ์˜ ์–ด๋งˆ์–ด๋งˆํ•œ ํŠธ์œ—์„ ๋ณด๊ฒŒ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ZAP์˜ Dark ๋ชจ๋“œ ์ง€์›์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ์˜€๋Š”๋ฐ์š”. ๊ฐ€๋ณ๊ฒŒ ๋ฆฌํŠธ์œ—ํ–ˆ๋”๋‹ˆ ์ด๋ฏธ commit ๋œ ๋‚ด์šฉ์ด๊ณ  ๋ฐ”๋กœ ์‚ฌ์šฉํ•ด ๋ณผ ์ˆ˜ ์žˆ๋‹ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ์•„์ง Weekly ๋ฒ„์ „์—๋„ ๋ฐ˜์˜๋˜์ง€ ์•Š์•˜์ง€๋งŒ, ๋ฏธ๋ฆฌ ์ฒดํ—˜ํ•ด๋ณด๊ธฐ๋กœ ํ•˜๊ฒ ์Šต๋‹ˆ๋‹ค.

HTTP Request(ZAP, Burp) Parsing on Ruby code

1 min read

XSpear ๊ด€๋ จํ•ด์„œ ์ด๋Ÿฐ ๊ฑด์˜์‚ฌํ•ญ์ด ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. Burp, ZAP ๋“ฑ์—์„œ ์‚ฌ์šฉํ•˜๋Š” ํŒจํ‚ท ๋ฐ์ดํ„ฐ๋ฅผ ํŒŒ์ผ๋กœ ์ €์žฅํ•œ ํ›„ ์˜ต์…˜์„ ์ฃผ์–ด ์ฝ์œผ๋ฉด ์ž๋™์œผ๋กœ URL, Header ๋“ฑ์„ ํŒŒ์‹ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๋Š” ํ˜•ํƒœ๋ฅผ ๋ง์”€ํ•˜์‹  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.(๋งˆ์น˜ sqlmap์˜ ๊ทธ๊ฒƒ ์ฒ˜๋Ÿผ)

Run other application in ZAP ๐ŸŽฏ

2 min read

ZAP has one interesting feature. It is a function that can use external applications. This makes it easier and more powerful for security testing to work with external tools. Todayโ€™s post is how to use the Apply bridge(?) in ZAP.

ZAP์—์„œ Request/Respsponse ๊น”๋”ํ•˜๊ฒŒ ๋ณด๊ธฐ

~1 min read

Problem

ZAP์—์„œ Burp์˜ Repeater์™€ ๋น„์Šทํ•œ ์—ญํ• ์„ ํ•˜๋Š” ๋„๊ตฌ๊ฐ€ Requester๋ผ๋Š” ํ™•์žฅ๊ธฐ๋Šฅ์ž…๋‹ˆ๋‹ค. (๋‚ด์žฅ ๊ธฐ๋Šฅ๋„ ์žˆ์ง€๋งŒ ์—ฌ๋Ÿฌ๋ชจ๋กœ ๋ถ€์กฑํ•˜์ฃ .)

ZAP 2.8 Review โšก๏ธ

1 min read

๋“œ๋””์–ด, ์ •๋ง ๋“œ๋””์–ด ZAP 2.8์ด ๋ฆด๋ฆฌ์ฆˆ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

How to fuzzing with regex on ZAP Fuzzer

1 min read

ZAP Fuzzer is a very useful tool for reply attack, brute force, and multiple entropy calculations. Personally, I think itโ€™s better than the burp suite intruder (itโ€™s more flexible).

ZAP์—์„œ ์ •๊ทœํ‘œํ˜„์‹์„ ์ด์šฉํ•˜์—ฌ ์›น ํผ์ง•ํ•˜๊ธฐ

1 min read

ZAP์˜ Fuzzer๋Š” reply attack, brute force ๋ฐ ์—ฌ๋Ÿฌ ์—”ํŠธ๋กœํ”ผ ๊ณ„์‚ฐ์— ์žˆ์–ด ๊ต‰์žฅํžˆ ์œ ์šฉํ•œ ๋„๊ตฌ์ž…๋‹ˆ๋‹ค. ๊ฐœ์ธ์ ์œผ๋กœ๋Š” Burp suite์˜ intruder๋ณด๋‹ค ๋” ์œ ์—ฐํ•˜๋‹ค๊ณ  ์ƒ๊ฐ๋˜๋„ค์š”. ZAP Fuzzer์—์„œ Regex์„ ์ด์šฉํ•ด์„œ ํŽ˜์ด๋กœ๋“œ ๋ฆฌ์ŠคํŠธ๋ฅผ ๋งŒ๋“ค๊ณ  ํ…Œ์ŠคํŠธํ•  ์ˆ˜ ์žˆ๋Š”๋ฐ, ์˜ค๋Š˜์€ ๊ทธ ์ด์•ผ๊ธฐ๋ฅผ ์ข€ ํ•ด๋ณผ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์‹œ์ž‘ํ•˜์ฃ .

ZAP(Zed Attack Proxy)์˜ 4๊ฐ€์ง€ ๋ชจ๋“œ(Four modes of ZAP)

~1 min read

ZAP์„ ์ฒ˜์Œ ์ผ์„ ๋•Œ ๋”ฑ ๋ฐ”๋กœ ๊ถ๊ธˆํ–ˆ๋˜๊ฒŒ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ์ขŒ์ธก ์ƒ๋‹จ์˜ Mode๋“ค์ธ๋ฐ์š”, ์ฐพ์•„๋ณผ๊นŒ ํ•˜๋‹ค๊ฐ€ ๊ทธ๋ƒฅ ๋„˜์–ด๊ฐ”์—ˆ๋Š”๋ฐ, ๋“œ๋””์–ดโ€ฆ ๋Œ€์ถฉ ์–ด๋–ค๊ฑด์ง€ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

MacOS์—์„œ Proxy ์„ค์ •ํ•˜๊ธฐ(for ZAP, BurpSuite)

~1 min read

MacOS์—์„œ ํ”„๋ก์‹œ ์„ค์ •ํ•˜๋Š” ๋ฐฉ๋ฒ• ๋ฉ”๋ชจํ•ด๋‘˜๊นŒ ํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์‹ค ๋ญ ๋ณ„๋‹ค๋ฅธ๊ฑด ์•„๋‹ˆ๊ณ .. ๋‹ค๋ฅธ OS์—์„œ ์ง์ ‘ ์„ค์ •ํ•˜๋Š” ๊ฒƒ๊ณผ ๋™์ผํ•ฉ๋‹ˆ๋‹ค. ๋‹ค๋งŒ MacOS์˜ ๊ฒฝ์šฐ ์ข€ ๋” On/Off๊ฐ€ ์‰ฌ์šด ํŽธ์ด๋ผ ๋ณ„๋„์˜ ํ”„๋กœ๊ทธ๋žจ์ด ํ•„์š”ํ•˜๋‹จ ๋Š๋‚Œ์„ ๋ฐ›์ง„ ์•Š์•˜๋„ค์š”.

๋Š๋ฆฐ ZAP์„ ๋น ๋ฅด๊ฒŒ ๋งŒ๋“ค์ž! Zed Attack Proxy ์ตœ์ ํ™”ํ•˜๊ธฐ

~1 min read

์ทจ์•ฝ์  ๋ถ„์„์—์„œ ํ•„์ˆ˜์ ์œผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ๋„๊ตฌ ์ค‘ ํ•˜๋‚˜์ธ ZAP(or Burp ์ด์ง€๋งŒ, ์ด๋ฒˆ ํฌ์ŠคํŒ…์—์„  ZAP๋งŒ ๋‹ค๋ฃน๋‹ˆ๋‹ค)์€ ๋งŽ์€ ๊ธฐ๋Šฅ์„ ๊ฐ€์ง€๊ณ  ์žˆ์ง€๋งŒ, ๋ชจ๋“  ๊ธฐ๋Šฅ์„ ํ•œ๋ฒˆ์— ์‚ฌ์šฉํ•˜๊ธฐ์—๋Š” ํ™•์‹คํžˆ ์†๋„๋ฅผ ๊ฑฑ์ •ํ•˜์ง€ ์•Š์„ ์ˆ˜๊ฐ€ ์—†์Šต๋‹ˆ๋‹ค.

ZAP Add-on before/from-version ๋ณ€๊ฒฝํ•˜์—ฌ ์„ค์น˜ํ•˜๊ธฐ(์ตœ์†Œ ์ง€์›๋ฒ„์ „์œผ๋กœ ์„ค์น˜ ๋ถˆ๊ฐ€ํ•œ ๊ฒฝ์šฐ)

~1 min read

ZAP AddOn ์„ค์น˜ ์‹œ ZAP์˜ ์ตœ์†Œ ์ง€์› ๋ฒ„์ „์œผ๋กœ ์ธํ•ด ์„ค์น˜ ๋ชปํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ˆ๋ฅผ ๋“ค๋ฉด alpha ๋ฒ„์ „์šฉ์ธ๋ฐ, release์—” ํฌํ•จ์•ˆ๋˜๊ณ , market์—๋„ ๋“ฑ๋ก ์•ˆ๋œ ๊ฒฝ์šฐ ๊ฐ„๋‹จํ•˜๊ฒŒ Add-on์˜ ์„ค์ • ํŒŒ์ผ์„ ๋ฐ”๊ฟ”์ค˜์„œ ๊ฐ•์ œ๋กœ ๋กœ๋“œํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

ZAP Java ๋ฒ„์ „ ๋ฐ”๊ฟ”์น˜๊ธฐ(Change Java version for fixed ssl error on ZAP)

1 min read

ZAP HUD ํ…Œ์ŠคํŠธํ•œ๋‹ค๊ณ  alpha ๋ฒ„์ „ ์˜ฌ๋ ธ์—ˆ๋Š”๋ฐ, macOS ์—์„  ์ธ์•ฑ ๋ธŒ๋ผ์šฐ์ €๋กœ ํŠน์ • ์‚ฌ์ดํŠธ ์ ‘๊ทผ ์‹œ SSL ๊ด€๋ จ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•ด์„œ ์‚ฝ์งˆํ–ˆ๋˜๊ฑฐ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. Linux๋Š” ๋ณ„ ๋ฌธ์ œ ์—†๋˜ ๊ฑธ๋กœ ๋ณด์•„.. macOS์™€ ์—ฐ๊ด€๋œ ๋ฌธ์ œ์ธ๊ฐ€๋ณด๋„ค์š”.

OWASP ZAP์˜ New interface! ZAP HUD ๐Ÿฅฝ

1 min read

์˜ˆ์ „์— ZAP์ชฝ ํŠธ์œ—๋ณด๊ณ  ํŠธ์œ„ํ„ฐ๋กœ ๊ณต์œ ํ•ด๋‘์—ˆ๋˜๊ฒŒ ์žˆ์—ˆ๋Š”๋ฐ, ์ตœ๊ทผ @Dakkar Key์˜ ๋ฉ˜์…˜์œผ๋กœ ๊ธ‰ ์ƒ๊ฐ๋‚˜์„œ ๊ธ€๋กœ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค. ๊ทธ๋• ์ •๋ง ๋งŽ์ด ๋Œ€์ถฉ ๋ด์„œ ํ™•ํ•˜๊ฒŒ ๋ญ”์ง€ ๋ชฐ๋ž์—ˆ๋Š”๋ฐ, ์ฐพ์•„๋ณด๋‹ˆ ์ƒ๊ฐ๋ณด๋‹ค ์ข‹์€ ๋„๊ตฌ์ธ ๊ฒƒ ๊ฐ™๋„ค์š”.

ZAP Scripting์œผ๋กœ Custom Header

~1 min read

ZAProxy์—์„œ replacer๋ฅผ ์ด์šฉํ•ด Request/Response ๋‚ด์šฉ ์ค‘ ์ผ๋ถ€๋ฅผ ์ž๋™์œผ๋กœ ๋ณ€๊ฒฝํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฌผ๋ก  ์ถ”๊ฐ€๋„ ๊ฐ€๋Šฅํ•˜๊ตฌ์š”.๊ทธ์น˜๋งŒ ์šฐ๋ฆฌ๋Š” ๋•Œ๋•Œ๋กœ ์กฐ๊ธˆ ๋” ๋””ํ…Œ์ผํ•œ ๋ณ€๊ฒฝ์ด ์š”๊ตฌ๋˜๊ธฐ๋„ ํ•ฉ๋‹ˆ๋‹ค. ์ด๋•Œ๋Š” script๋กœ ๋„ฃ์–ด๋‘๊ณ  ์“ฐ๋ฉด ํŽธ๋ฆฌํ•˜๋‹ˆ ๊ณต์œ ๋“œ๋ฆฝ๋‹ˆ๋‹ค.

๋ฆฌ๋ˆ…์Šค์—์„œ OWASP ZAP๊ณผ BurpSuite์˜ ์ƒ‰์ƒ ๋ฐ”๊พธ๊ธฐ

2 min read

์•„์ฃผ ์˜ˆ์ „๋ถ€ํ„ฐ Burp suite, ZAP์˜ ์ƒ‰์ƒ์„ ๋ฐ”๊ฟ€ ์ˆ˜ ์žˆ์œผ๋ฉด ์ข‹๊ฒ ๋‹ค๋Š” ์ƒ๊ฐ์„ ํ–ˆ์—ˆ์Šต๋‹ˆ๋‹ค. ๊ด€๋ จํ•ด์„œ ์–‘์ชฝ ๊ฐœ๋ฐœ์ž๋ถ„๊ผ ์—ฌ์ญค๋ดค์ง€๋งŒ ๋™์ผํ•˜๊ฒŒ ์ฝ”๋“œ ์ˆ˜์ •์„ ๋งค์šฐ ์–ด๋ ต๋‹ค๊ณ  ๋‹ต๋ณ€ ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. (๋‹น์—ฐํ•œ ์ด์•ผ๊ธฐโ€ฆ, ์—ญ์‹œ ์ž๋ฐ”๋ž€)

ZAP์—์„œ Passive Script ๋งŒ๋“ค๊ธฐ

1 min read

์š”์ฆ˜ ๋ช‡๊ฐ€์ง€ ๋งŒ๋“ค์–ด์“ฐ๊ณ  ์žˆ๋Š”๋ฐ, ๊ฐ„๋‹จํ•˜๊ฒŒ ํ‹€์ด๋˜๋Š” ์ฝ”๋“œ์™€ ๋Œ€๋žต์ ์ธ ์„ค๋ช…์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

ZAP์— ํ•„์š”ํ•œ ๊ธฐ๋Šฅ๊ณผ Burp suite ๋“€์–ผ ์ฒด์ œ๋กœ ๋Š๋‚€์ 

2 min read

์ตœ๊ทผ์— ZAProxy ๊ด€๋ จ๊ธ€์„ ์ญ‰ ์ž‘์„ฑํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. Burp + ZAProxy ๊ตฌ์„ฑ์œผ๋กœ ์ง„๋‹จํ•˜๋Š” ๊ฒƒ์— ๋Œ€ํ•ด ํ…Œ์ŠคํŠธํ•ด๋ณด๊ณ  ์ ์‘ํ•˜๋Š” ๋‹จ๊ณ„์˜€๋Š”๋ฐ, ํ•œ 1~2์ฃผ ์ง€๋‚ฌ์„๊นŒ์š”? ์ „๋ณด๋‹ค ํ™•์‹คํžˆ ์ต์ˆ™ํ•ด์ง„ ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค. ์ด์   ๋‹จ๋…์œผ๋กœ ZAProxy ์จ๋„ ํฌ๊ฒŒ ๋ถˆํŽธํ•˜์ง„ ์•Š์„ ๊ฒƒ ๊ฐ™๋„ค์š”. ์˜ค๋Š˜์€ ๊ด€๋ จ ๊ธ€์˜ ๋งˆ์ง€๋ง‰ ๋ถ€๋ถ„์œผ๋กœ ์•ž์œผ๋กœ ์ ์šฉํ•ด์•ผํ•  ๊ฒƒ๋“ค์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋ คํ•ฉ๋‹ˆ๋‹ค.

ZAP ๋‹จ์ถ•ํ‚ค ์‚ฌ์šฉ ํŒ

1 min read

์‹œ๊ฐ„๋„ ๋Šฆ๊ณ  ํ”ผ๊ณคํ•ด์„œ ์ž˜๊นŒํ•˜๋‹ค๊ฐ€, ์žฌ๋น ๋ฅด๊ฒŒ ๊ธ€ ํ•˜๋‚˜ ์“ฐ๊ณ  ์ž๋ คํ•ฉ๋‹ˆ๋‹ค.

ZAP Scripting์œผ๋กœ Code Generator ๊ตฌํ˜„ํ•˜๊ธฐ

2 min read

ZAProxy์™€ Burp๋ฅผ ํ˜ผ์šฉํ•ด ์“ฐ๋ฉด์„œ ๋ถˆํŽธํ•œ ์ ๋“ค์„ ์ฐพ๊ณ , ๊ณ ์ณ๊ฐ€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ๊ทธ ์ค‘ Code genertor์— ๋Œ€ํ•œ ์ด์•ผ๊ธฐ๋ฅผ ํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค.

Burp suite ์ค‘๋…์ž๊ฐ€ ๋ฐ”๋ผ๋ณธ OWASP ZAP(Zed Attack Proxy). ์ด์ œ๋ถ€ํ„ฐ ๋“€์–ผ์ด๋‹ค!

3 min read

์š”์ฆ˜ ๋ถ€์ฉ ํˆด์— ๋Œ€ํ•œ ๋งŽ์€ ๊นŠ์€ ๊ณ ๋ฏผ์ด ์ƒ๊ฒผ์Šต๋‹ˆ๋‹ค. ์–ด๋–ค ํˆด์„ ์“ฐ๋ฉด ์ข‹์„์ง€, ์ด์ฐธ์— ๊ฑ ํ•˜๋‚˜ ๋งŒ๋“ค์ง€โ€ฆ ํ•œโ€ฆ 3๋…„? ์ „์ฏค์—๋„ ๊ฐ™์€ ๊ณ ๋ฏผ์ด ์žˆ์—ˆ์ฃ . ๊ทธ๋•Œ๋Š” Burp suite์— ์˜ฌ์ธํ•˜๊ธฐ๋กœ ๋งˆ์Œ์„ ์žก์•˜์—ˆ์Šต๋‹ˆ๋‹ค. ์‹œ๊ฐ„์ด ์ง€๋‚œ ์š”์ฆ˜, ๋˜๋‹ค์‹œ Burp suite์— ๋Œ€ํ•œ ์ง€๊ฒจ์›€, ์ƒˆ๋กœ์›€์„ ๊ฐˆ๊ตฌํ•˜๋Š” ๋งˆ์Œ์— ์—ฌ๋Ÿฌ ๊ณ ๋ฏผ์ด ์‹œ์ž‘๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Back to Top ↑

ruby

Crystal-Lang is โค๏ธ

2 min read

์ €๋Š” ์ตœ๊ทผ์— Crystal-lang์„ ์ฆ๊ธฐ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋‹จํ•œ ํ† ์ด ํ”„๋กœ์ ํŠธ๋ถ€ํ„ฐ Noir๋ž€ ์‚ฌ์ด์ฆˆ๊ฐ€ ์ ์  ์ปค์ง€๊ณ  ์žˆ๋Š” ํ”„๋กœ์ ํŠธ๊นŒ์ง€ Crystal์„ ํ†ตํ•ด ๊ตฌํ˜„ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์˜ค๋Š˜์€ ์ œ๊ฐ€ Crystal์„ ์ข‹์•„ํ•˜๊ฒŒ๋œ ์ด์œ ์— ๋Œ€ํ•ด ์ด์•ผ๊ธฐํ•˜๋ ค๊ณ  ํ•ฉ๋‹ˆ๋‹ค.

Homebrew๋กœ ํŒจํ‚ค์ง€ ์ œ๊ณตํ•˜๊ธฐ ๐Ÿบ

2 min read

์ œ๊ฐ€ ๋งŒ๋“  ๋„๊ตฌ๋Š” ๋Œ€๋ถ€๋ถ„ Homebrew, Binary, RubyGem, Snapcraft ๋“ฑ์„ ํ†ตํ•ด ๋ฐฐํฌํ•ฉ๋‹ˆ๋‹ค. ํŠนํžˆ macOS์˜ ๊ฒฝ์šฐ Homebrew๋ฅผ ํ†ตํ•œ ์„ค์น˜ ๋น„์ค‘์ด ์—„์ฒญ ๋†’๊ธฐ ๋–„๋ฌธ์— Go ๊ธฐ๋ฐ˜ ์•ฑ๋“ค์€ ๊ฐ€๊ธ‰์ ์ด๋ฉด Homebrew๋ฅผ ์ง€์›ํ•˜๋ ค๊ณ  ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ด๋Ÿฌํ•œ ๋Œ€๋ถ€๋ถ„์˜ ์ž‘์—…์€ Goreleaser๋ž€ ๋„๊ตฌ๋ฅผ ํ†ตํ•ด์„œ ์ง„ํ–‰ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๋งค์šฐ ํŽธ๋ฆฌํ•˜๊ฒŒ ์ง„ํ–‰ํ–ˆ์—ˆ์ฃ .

Broken link๋ฅผ ์ฐพ์ž! DeadFinder

1 min read

์ตœ๊ทผ์— Broken Link(Dead Link)๋ฅผ ์‰ฝ๊ฒŒ ์ฐพ๊ธฐ ์œ„ํ•œ ๋„๊ตฌ๋ฅผ ํ•˜๋‚˜ ๋งŒ๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. ์ œ ๋ธ”๋กœ๊ทธ์˜ Broken Link๋ฅผ ์ฐพ๊ธฐ ์œ„ํ•œ ๋ชฉ์ ์ด์˜€์ง€๋งŒ, ๊ฐ€๋ณ๊ฒŒ๋ผ๋„ ํ•œ๋ฒˆ ๊ณต์œ ํ•˜๋Š”๊ฒŒ ์ข‹์„ ๊ฒƒ ๊ฐ™์•„์„œ ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

Rake(Ruby Make)

2 min read

Rake๋Š” Ruby์—์„œ ์‚ฌ์šฉ๋˜๋Š” build utility๋กœ Make์œ ์‚ฌํ•ฉ๋‹ˆ๋‹ค. rake๋ž€ ์ด๋ฆ„ ๋˜ํ•œ ruby + make ์—์„œ ๋งŒ๋“ค์–ด์ง„ ๋‹จ์–ด๋กœ ์ผ๋ฐ˜์ ์ธ Ruby application๊ณผ Rails ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ํ™˜๊ฒฝ์—์„œ ๊ฐœ๋ฐœ ๋„๊ตฌ๋กœ์จ ์‚ฌ์šฉ๋ฉ๋‹ˆ๋‹ค.

Ruby Concurrency

2 min read

๋งค๋ฒˆ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์„ ๋งŒ๋“ค ๋•Œ๋ฉด ๋™์‹œ์„ฑ์— ๋Œ€ํ•œ ๊ณ ๋ฏผ์„ ํ•˜์ง€ ์•Š์„ ์ˆ˜๊ฐ€ ์—†์Šต๋‹ˆ๋‹ค. ๊ธฐ๋Šฅ์ ์ธ ๊ตฌํ˜„์— ์ง์ ‘ ํ•„์š”ํ•œ ๊ฒฝ์šฐ๋„ ์žˆ๊ณ  ํผํฌ๋จผ์Šค๋ฅผ ๊ฒฐ์ • ์ง€์„ ์ˆ˜ ์žˆ๋Š” ์š”์†Œ์ด๊ธฐ ๋•Œ๋ฌธ์— ์ค‘์š”ํ•˜๋‹ค๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.

Hugo์—์„œ Sitemap-index ์‚ฌ์šฉํ•˜๊ธฐ(split sitemap)

3 min read

sitemap.xml

sitemap.xml์€ Sitemap protocol์„ ์œ„ํ•œ XML schema๋กœ ์›น ์„œ๋น„์Šค๊ฐ€ ํฌํ•จํ•˜๊ณ  ์žˆ๋Š” ๋งํฌ๋“ค์„ ์‚ฌ์šฉ์ž์—๊ฒŒ ์ œ๊ณตํ•˜๊ธฐ ์œ„ํ•œ ๋ชฉ์ ์œผ๋กœ ๊ตฌ์„ฑ๋˜๋Š” ํŒŒ์ผ์ž…๋‹ˆ๋‹ค. ์•„๋ž˜์™€ ๊ฐ™์€ ๊ตฌ์กฐ๋ฅผ ๊ฐ€์ง€๋ฉฐ, ์‚ฌ์šฉ์ž๋‚˜ ๊ฒ€์ƒ‰ ๋ด‡ ๋“ฑ์€ ์ด ํŒŒ์ผ์„ ์ฐธ์กฐํ•˜์—ฌ ์›น ํŽ˜์ด์ง€๋ฅผ ์ˆ˜์ง‘ํ•ฉ๋‹ˆ๋‹ค.

Jekyll์—์„œ Hugo๋กœ ์ด์‚ฌ๊ฐ€๊ธฐ (Migration log)

7 min read

jekyllโ€ฆ ์ œ๊ฐ€ ์˜ˆ์ „์—๋Š” rubyist(ruby ์‚ฌ์šฉ์ž) ์˜€์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋‹ค๊ฐ€ 2018~19๋…„ ์ฏค์— gopher(golang ์‚ฌ์šฉ์ž)๊ฐ€ ๋˜์—ˆ๊ณ  ์ดํ›„๋ถ€ํ„ด ๋งŒ๋“ค๊ณ  ์žˆ๋Š” ๋Œ€๋‹ค์ˆ˜์˜ ๋„๊ตฌ๋Š” golang ๊ธฐ๋ฐ˜์œผ๋กœ ๋งŒ๋“ญ๋‹ˆ๋‹ค.

Ruby์™€ Google Indexing API๋ฅผ ์ด์šฉํ•˜์—ฌ ์ž๋™์œผ๋กœ ์‹ ๊ทœURL ๋“ฑ๋กํ•˜๊ธฐ

4 min read

์ œ๊ฐ€ ๋ธ”๋กœ๊ทธ ๊ธ€์„ ์ž‘์„ฑํ•˜๊ณ  commit - push ์‹œ ๋งŽ์€ ์ž‘์—…๋“ค์ด ์ผ์–ด๋‚ฉ๋‹ˆ๋‹ค. ๋Œ€ํ‘œ์ ์ธ ๊ฒƒ๋“ค์„ ์ด์•ผ๊ธฐ ๋“œ๋ฆฌ๋ฉด, Jekyll build ๋ฐ deploy ๊ณผ์ •์ด ์ง„ํ–‰๋˜๊ณ  ์ด๋ฏธ์ง€ ์ค‘ compress๊ฐ€ ํ•„์š”ํ•œ ์ด๋ฏธ์ง€๋Š” compress ์ฒ˜๋ฆฌํ•˜์—ฌ ์šฉ๋Ÿ‰์„ ์ค„์ด๊ณ , notify ๋“ฑ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ณผ์ •๋“ค์ด github action์— ๋…น์•„์žˆ์Šต๋‹ˆ๋‹ค.

rvm is not a function ์—๋Ÿฌ ํ•ด๊ฒฐํ•˜๊ธฐ

~1 min read

Problem

์ €๋Š” ๋ณดํ†ต ๊ธ€์„ ์ž‘์„ฑํ•  ๋–„ ๋งฅ๋ถ์—์„œ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ํ™ˆ ์„œ๋ฒ„์—์„œ๋Š” ์ง์ ‘ ๊ธ€์„ ์ž‘์„ฑํ•  ์ผ์ด ๋ณ„๋กœ ์—†์—ˆ๋Š”๋ฐ, ๋””์ž์ธ ์ข€ ์ˆ˜์ •ํ•˜๊ธฐ ์œ„ํ•ด์„œ ์„œ๋ฒ„์—์„œ ์ง์ ‘ ์ž‘์—…ํ•˜๋‹ค ๋ณด๋‹ˆ jekyll serve ์‹œ ruby ๋ฒ„์ „ ๊ด€๋ จ ์—๋Ÿฌ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. ์š”์•ฝํ•˜๋ฉด github pages gem์€ 2.x ๋ฒ„์ „๋งŒ ์ง€์›ํ•˜๋Š”๋ฐ, ์‹œ์Šคํ…œ ๋ฒ„์ „์ด 3.x ๋ฒ„์ „์ด๋ผ์„œ ๋ฐœ์ƒํ•œ ๋ฌธ์ œ์˜€๊ณ , ์ด๋ฅผ rvm๋กœ ์ฒ˜๋ฆฌํ•˜๊ณ ์ž rvm use๋ฅผ ์‚ฌ์šฉํ–ˆ๋”๋‹ˆ ์•„๋ž˜์™€ ๊ฐ™์€ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ–ˆ์—‡์Šต๋‹ˆ๋‹ค.

Rails generate ์‹œ ๋ฉˆ์ถ”๋Š” ๊ฒฝ์šฐ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•

~1 min read

์ œ๊ฐ€ 2019๋…„๋ถ€ํ„ฐ go๋ฅผ ๋ฉ”์ธ์–ธ์–ด๋กœ ํ™•์ •ํ•˜๋ฉด์„œ ruby๋กœ ๊ฐœ๋ฐœํ•  ์ผ์ด ๋งค์šฐ ์ค„์–ด๋“ค์—ˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜๋„ ๊ฐ€๋”์”ฉ ๋น ๋ฅด๊ฒŒ ์ž‘์—…์ด ํ•„์š”ํ•œ ๊ฒฝ์šฐ ruby๋ฅผ ์˜๋„ํ•˜์ง€ ์•Š๊ฒŒ ์‚ฌ์šฉํ•˜๋Š”๋ฐ, ๊ฐ„ํ˜น rails g, rails generate ์‹œ ๋ฉˆ์ถ”๋Š” ์ƒํ™ฉ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿผ ์›์ธ๊ณผ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•์— ๋Œ€ํ•ด ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค :D

Jekyll feed.xml ์ตœ์†Œํ™”ํ•˜๊ธฐ

2 min read

RSS๋Š” ๋งค์šฐ ์˜ค๋ž˜๋œ ๊ธฐ์ˆ ์ด์ง€๋งŒ, ์•„์ง๊นŒ์ง€๋„ ๋งŽ์€ ์›น ์„œ๋น„์Šค์—์„œ ์ง€์›ํ•˜๊ณ  ์‚ฌ์šฉ๋˜๋Š” ๊ธฐ์ˆ ์ž…๋‹ˆ๋‹ค. ์ผ๋ฐ˜ ์‚ฌ์šฉ์ž๊ฐ€ ๋ฆฌ๋”๋ฅผ ํ†ตํ•ด ์‰ฝ๊ฒŒ ๊ธ€ ๋ชฉ๋ก์„ ๋ฐ›์•„์„œ ์ฝ์„ ์ˆ˜ ์žˆ๊ณ , SEO ๊ด€์ ์—์„œ๋„ ์ƒ๋‹นํžˆ ์ค‘์š”ํ•œ ๋ถ€๋ถ„์ž…๋‹ˆ๋‹ค.

Check logic vulnerability point using GET/HEAD in Ruby on Rails

3 min read

์ตœ๊ทผ์— Github OAuth flow bypass ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ด ์ทจ์•ฝ์ ์€ Rails ์•ฑ์˜ ํŠน์„ฑ์„ ์ด์šฉํ•œ ์ทจ์•ฝ์ ์ด๊ณ , Github๋งŒ์˜ ๋ฌธ์ œ๊ฐ€ ์•„๋‹ˆ๊ณ  ํŒจ์น˜๋กœ ๋ชจ๋“  Rails ์•ฑ์„ ๋ณดํ˜ธํ•  ์ˆ˜๋„ ์—†์Šต๋‹ˆ๋‹ค. Today, I going to review one vulnerability that needs to be checked in the Rails App environment through the Github OAuth flow bypass vulnerability. (B recently shared something interesting to me.)

Rails์—์„œ HTTP Basic Auth ์ ์šฉํ•˜๊ธฐ

~1 min read

HTTP Basic Auth๋Š” HTTP์—์„œ ๊ธฐ๋ณธ์ ์œผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ์ธ์ฆ ๋ฐฉ์‹์ž…๋‹ˆ๋‹ค. ID/PW๋ฅผ Base64๋กœ ์ธ์ฝ”๋”ฉํ•ด์„œ Auth ํ—ค๋”์— ๋„ฃ์–ด ์„œ๋ฒ„๊ฐ€ ์‹ ๋ขฐ๋œ ์‚ฌ์šฉ์ž์ธ์ง€ ๊ฒ€์ฆํ•˜๋Š” ๋ฐฉ์‹์œผ๋กœ ๋™์ž‘ํ•ฉ๋‹ˆ๋‹ค.

HTTP Request(ZAP, Burp) Parsing on Ruby code

1 min read

XSpear ๊ด€๋ จํ•ด์„œ ์ด๋Ÿฐ ๊ฑด์˜์‚ฌํ•ญ์ด ํ•˜๋‚˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค. Burp, ZAP ๋“ฑ์—์„œ ์‚ฌ์šฉํ•˜๋Š” ํŒจํ‚ท ๋ฐ์ดํ„ฐ๋ฅผ ํŒŒ์ผ๋กœ ์ €์žฅํ•œ ํ›„ ์˜ต์…˜์„ ์ฃผ์–ด ์ฝ์œผ๋ฉด ์ž๋™์œผ๋กœ URL, Header ๋“ฑ์„ ํŒŒ์‹ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๋Š” ํ˜•ํƒœ๋ฅผ ๋ง์”€ํ•˜์‹  ๊ฒƒ ๊ฐ™์Šต๋‹ˆ๋‹ค.(๋งˆ์น˜ sqlmap์˜ ๊ทธ๊ฒƒ ์ฒ˜๋Ÿผ)

Ruby on Rails Double-Tap ์ทจ์•ฝ์ (CVE-2019-5418, CVE-2019-5420)

4 min read

๊ฐ„๋งŒ์— ์ทจ์•ฝ์  ๋ฆฌ๋ทฐํ•ด๋ด…๋‹ˆ๋‹ค. ์˜ฌ ๋ด„์— ์ •๋ฆฌํ•œ๋ฒˆํ•˜๊ณ  ์ตœ๊ทผ์— ์ถ”๊ฐ€๋กœ ์ •๋ฆฌํ–ˆ๋˜๊ฑฐ๋ผ ๋จธ๋ฆฌ์†์—์„œ ๋‚ ์•„๊ฐ€๊ธฐ ์ „์— ๋ธ”๋กœ๊ทธ ๊ธ€๋กœ ๋‚จ๊ฒจ๋ณด์•„์š”. ์šฐ์„  ์˜ฌ ํ•ด 3์›” ์ •๋„์— ๋ ˆ์ผ์ฆˆ ๊ด€๋ จ ์ทจ์•ฝ์ ์ด 3๊ฐœ์ •๋„ ์˜ฌ๋ผ์™”์—ˆ์Šต๋‹ˆ๋‹ค. CVE-2019-5418 ~ 5420 ์ด์Šˆ์ธ๋ฐ, ๊ฒฐ๊ณผ์ ์œผ๋ก  Rails์—์„œ ์‹œ์Šคํ…œ ํŒŒ์ผ์„ ์ฝ๊ณ , ๋ช…๋ น ์‹คํ–‰๊นŒ์ง€ ๊ฐ€๋Šฅํ•œ 3๊ฐ€์ง€์˜€์Šต๋‹ˆ๋‹ค.

Rails์—์„œ routing parameters์™€ ๋™์ผํ•œ ์ด๋ฆ„์˜ ํŒŒ๋ผ๋ฏธํ„ฐ ์ฒ˜๋ฆฌํ•˜๊ธฐ

1 min read

Rails์—์„œ ํŒŒ๋ผ๋ฏธํ„ฐ ๊ฐ’์€ params๋ฅผ ํ†ตํ•ด ๋ฐ›์•„์˜ต๋‹ˆ๋‹ค. ์ด ๊ณผ์ • ์ค‘ ๋ ˆ์ผ์ฆˆ์—์„œ ๊ธฐ๋ณธ์œผ๋กœ ์„ค์ •ํ•œ ๊ฐ’์ด ์žˆ์–ด ์ฝ์–ด์˜ค์ง€ ๋ชปํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค. ๋ฐ”๋กœ ์ด๋Ÿฐ ์ผ€์ด์Šค์ž…๋‹ˆ๋‹ค.

How to resolve duplicate mail transmission in Rails ActionMailer(์ค‘๋ณต ๋ฉ”์ผ ์ „์†ก ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•)

~1 min read

Rails์—์„œ ActionMailer๋ฅผ ์ด์šฉํ•˜๋ฉด ์‰ฝ๊ฒŒ ๋ฉ”์ผ ์†ก/์ˆ˜์‹  ๋กœ์ง์„ ์ฒ˜๋ฆฌํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋ž˜์„œ ActionMailer๋กœ ์—ฌ๋Ÿฌ๊ฐ€์ง€ ๊ตฌ์„ฑํ•ด์„œ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋Š”๋ฐ, ํŠน์ • ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜์—์„œ ๋ฉ”์ผ์ด ์ค‘๋ณต์œผ๋กœ ๋ฐœ์†ก๋˜๋Š” ์ด์Šˆ๊ฐ€ ์žˆ์—ˆ๋Š”๋ฐ์š”, ์ฐพ์•„๋ณด๋‹ˆ ์ •ํ™•ํ•œ ์ด์œ ๋Š” ๋ชจ๋ฅด๊ฒ ์ง€๋งŒ ์ž์ฒด์ ์ธ ๋ฒ„๊ทธ๋กœ ๋ณด์ž…๋‹ˆ๋‹ค. (์ค‘๋ณต ์ฝœ์ด ์ผ์–ด๋‚˜๋Š” ๊ฒƒ ๊ฐ™์€๋ฐโ€ฆ)

Send Gmail using Rails ActionMailer Class (ActionMailer๋ฅผ ์ด์šฉํ•˜์—ฌ Gmail ์ „์†กํ•˜๊ธฐ)

2 min read

Rails๋Š” ๊ธฐ๋ณธ์ ์œผ๋กœ Mail ์†ก/์ˆ˜์‹ ์ด ๊ฐ€๋Šฅํ•œ ๊ฐ์ฒด๋ฅผ ๊ฐ€์ง€๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ๋ณดํ†ต ์›น์—์„œ ๋งŽ์ด ์‚ฌ์šฉํ•˜๋Š” ๊ธฐ๋Šฅ์ด๊ธฐ ๋•Œ๋ฌธ์— ๋ฏธ๋ฆฌ ๊ตฌํ˜„๋˜์–ด ์žˆ๋Š” ์ƒํƒœ์ธ๋ฐ์š”, ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ ์˜์กด์„ฑ์ด๋‚˜ ๋ณต์žกํ•œ ์„ค์ • ์—†์ด ๊ฐ„๋‹จํ•œ ์ฝ”๋“œ๋กœ ๋ฉ”์ผ ์ฒ˜๋ฆฌ๊ฐ€ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Rails App ์‹œ์ž‘ ์‹œ ํŠน์ • ์ฝ”๋“œ ์‹คํ–‰ํ•˜๊ธฐ(How to startup code on Ruby on Rails with initialize)

1 min read

Rails ์•ฑ ๊ตฌ๋™ ์‹œ ํŠน์ • ์ž‘์—…์ด๋‚˜ ๋กœ์ง์„ ์ˆ˜ํ–‰ํ•˜๊ณ  ์‹ถ์„ ๋•Œ ์–ด๋–ป๊ฒŒ ํ• ๊นŒ? ๊ณ ๋ฏผ์„ ์˜ˆ์ „์— ํ–ˆ์—ˆ๋Š”๋ฐ, ๊ทธ๋•Œ initialize๋กœ ํ•ด๊ฒฐํ–ˆ๋˜ ๊ธฐ์–ต์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ฐ„๋งŒ์— ๋™์ผํ•œ ๊ณ ๋ฏผ์„ ์ž ๊นํ•˜๊ฒŒ ๋ฌ์—ˆ๋Š”๋ฐ, ๊ฒธ์‚ฌ๊ฒธ์‚ฌ ๊ธ€๋กœ ์ •๋ฆฌํ•ด๋‘ก๋‹ˆ๋‹ค.

Rails crono๋ฅผ ์ด์šฉํ•˜์—ฌ ์Šค์ผ€์ค„๋งํ•˜๊ธฐ(Scheduling with crono on Rails)

2 min read

๋ณดํ†ต ์œ ๋‹‰์Šค ๊ธฐ๋ฐ˜ PC์—์„  ์Šค์ผ€์ค„๋ง์„ ์œ„ํ•ด crontab ๋˜๋Š” at๋ฅผ ์‚ฌ์šฉํ•˜๊ณ , ์œˆ๋„์šฐ์—์„  ์„œ๋น„์Šค์— ๋“ฑ๋กํ•˜๋Š”์‹์œผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ์ด๋ฅผ ์œ„ํ•ด์„  ์‹œ์Šคํ…œ์—์„œ crontab ๊ฐ™์€ ๋„๊ตฌ ์‚ฌ์šฉ์ด ๊ฐ€๋Šฅํ•ด์•ผํ•˜๋ฉฐ, PaaS ์ด์ƒ์˜ ์ถ”์ƒํ™”๊ฐ€ ์ด๋ฃจ์–ด์ง„ ํ”Œ๋žซํผ์—์„  ์‚ฌ์šฉํ•˜๊ธฐ ์–ด๋ ค์šด ๊ฒฝ์šฐ๊ฐ€ ๋Œ€๋‹ค์ˆ˜์ž…๋‹ˆ๋‹ค.

Rails์—์„œ kaminari๋ฅผ ์ด์šฉํ•˜์—ฌ Pagination ๊ตฌํ˜„ํ•˜๊ธฐ(How to make pagination on rails(with kaminari)

1 min read

Rails์—์„œ ํŽ˜์ด์ง€(Pagination)๋ฅผ ์‰ฝ๊ฒŒ ๊ตฌํ˜„ํ•  ์ˆ˜ ์žˆ๋Š” ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋Š” kaminari, will_paginate ๋“ฑ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ์ค‘์—์„œ ์˜ค๋Š˜์€ kaminari๋ฅผ ๊ฐ€์ง€๊ณ  ํŽ˜์ด์ง€๋ฅผ ๋งŒ๋“œ๋Š” ๋‚ด์šฉ์œผ๋กœ ๊ธ€ ์ž‘์„ฑํ•ด๋ด…๋‹ˆ๋‹ค.

๋ฃจ๋น„์—์„œ string-similarity๋กœ ๋ฌธ์ž์—ด ํผ์„ผํŠธ๋กœ ๋น„๊ตํ•˜๊ธฐ(Comparing string-similarity percent in Ruby)

~1 min read

ํ•œ ๋‘๋‹ฌ? ์ •๋„์ „์— ๋ฃจ๋น„ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ค‘์— ๊ดœ์ฐฎ์€๊ฑฐ ํ•˜๋‚˜ ๋ด๋‘”๊ฒŒ ์žˆ์—ˆ๋Š๋ฐ, ์ด์ œ์„œ์•ผ ๊ธ€๋กœ ์ž‘์„ฑํ•˜๋„ค์š”. ๋ฌธ์ž์—ด ๋น„๊ต ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ์ธ๋ฐ, ๋งค์นญ๋ฅ ์„ ํผ์„ผํŠธ๋กœ ๋ฝ‘์„ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ํ™œ์šฉ์ฒ˜๊ฐ€ ๋งŽ์„๋“ฏํ•˜์—ฌ ๋ฉ”๋ชจํ•ด๋‘ก๋‹ˆ๋‹ค.

[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ

~1 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

[ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ

2 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

[ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ

1 min read


[ Rails on Heroku ] ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” heroku ๋ช…๋ น์–ด ์ •๋ฆฌ (https://www.hahwul.com/2019/04/what-is-heroku.html) [ Rails on Heroku ] ๊ฐ„๋‹จํ•œ ๋ฃจ๋น„ ๋ ˆ์ผ์ฆˆ ์•ฑ ๊ตฌ์„ฑ ๋ฐ Heroku์— ๋ฐฐํฌํ•˜๊ธฐ (https://www.hahwul.com/2019/04/ruby-on-rails-distribute-heroku.html) [ Rails on Heroku ] Heroku๋ž€? ๋น ๋ฅด๊ฒŒ ํ™˜๊ฒฝ ๊ตฌ์„ฑํ•˜๊ธฐ (https://www.hahwul.com/2019/04/favorite-command-heroku.html)

Ruby gem ๋งŒ๋“ค๊ธฐ(Make ruby gem)

1 min read

์š”์ฆ˜ ์ข€ ์ •์‹ ์—†์ด ์ง€๋‚ด๋‹ค๋ณด๋‹ˆ ๋ฒŒ์จ 10์›”์ด๋„ค์š”.. ์จ๋†“์€ ๊ธ€๋„ ๋งˆ์นจ ์—†๋Š” ์ƒํƒœ์ธ์ง€๋ผ ์ด๋ฒˆ์—๋„ ๊ฐ„๋žตํ•œ ๊ธ€ ์ž‘์„ฑํ• ๊นŒ ํ•ฉ๋‹ˆ๋‹ค. (์•„ 10์›”์˜ ์ฒซ๊ธ€์ด ๋ฉ”๋ชจ๊ธ€์ด๋ผ๋‹ˆโ€ฆ) ๋งŽ์€ ruby application ๋“ค์ด ๋‹จ์ˆœํžˆ ์ฝ”๋“œ๋ฅผ clone ํ•ด์„œ ์“ฐ๋Š” ํ˜•ํƒœ๋ณด๋‹จ gem์œผ๋กœ ํŒจํ‚ค์ง•ํ•˜์—ฌ ๋ฐฐํฌํ•˜๊ณ  ์‚ฌ์šฉํ•˜๋Š” ํ˜•ํƒœ๋ฅผ ๊ฐ€์ง‘๋‹ˆ๋‹ค.

Ruby IDB(iOS App ๋ณด์•ˆ๋ถ„์„ ๋„๊ตฌ) Select App ์‹œ ์ฃฝ๋Š” ํ˜„์ƒ ํ•ด๊ฒฐ ๋ฐฉ๋ฒ•(iOS10, Error downloading file)

1 min read

์˜ˆ์ „์— idb๋ผ๋Š” iOS ๋ถ„์„๋„๊ตฌ๋ฅผ ๊ณต์œ ๋“œ๋ฆฐ์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์ตœ๊ทผ์— ํ…Œ์ŠคํŠธ ์‹œ Select App ์‹œ ์•ฑ ๋ฆฌ์ŠคํŠธ๋ฅผ ๊ฐ€์ ธ์˜ค๋Š” ๊ณผ์ •์—์„œ ์ฃฝ๋Š” ํ˜„์ƒ์ด ์žˆ์—ˆ๋Š๋ฐ์š”, ์˜ˆ์ „์— ๊ฐ€๊นŒ์šด๊ณณ์—์„œ ๋™์ผํ•œ ๋ฌธ์ œ๊ฐ€ ์žˆ์—ˆ๊ณ  ํ•ด๊ฒฐ๋ฐฉ๋ฒ• ๊ณต์œ ํ•ด์ฃผ์…จ๋˜๊ฒŒ ๊ธฐ์–ต๋‚˜์„œ ์ € ๋˜ํ•œ ์‰ฝ๊ฒŒ ํ•ด๊ฒฐํ—€๋„ค์š”.