Security 90

• Empire Nov 3, 2018
• JPEG와 EXIF의 GPS data (위도, 경도) Jul 7, 2018
• SQL injection Mitigation - preparedStatement Nov 30, 2017
• Padding Oracle Attack Nov 27, 2017
• LFI, Local File Inclusion Nov 23, 2017
• python decompile Nov 19, 2017
• MPRESS unpacking Nov 19, 2017
• WebDAV / CVE-2017-7269 Nov 15, 2017
• realloc fake size Nov 4, 2017
• 저장매체 이미징 ( dd ) Nov 1, 2017
• 클러스터, 섹터, 슬랙 ( Cluster, Sector, Slack ) Nov 1, 2017
• 파일 카빙 ( File Carving ) Nov 1, 2017
• Volatility Oct 27, 2017
• redis를 통해 webshell upload Oct 5, 2017
• XXE, XML eXternal Entity Sep 21, 2017
• Unsafe redirect Sep 21, 2017
• SSRF Sep 19, 2017
• XSS / CSRF Sep 19, 2017
• (SecuInside 2017) OHCE - x64 SROP Sep 16, 2017
• Return to VDSO using ELF Auxiliary Vectors leck Sep 2, 2017
• (CodeGate2014) angry\_doraemon Aug 24, 2017
• SROP Aug 17, 2017
• The House of Einherjar Aug 16, 2017
• The House of Force Aug 15, 2017
• (UNDEAD) The House of Mind Aug 15, 2017
• unsorted bin attack Aug 15, 2017
• (UNDEAD) unlink Aug 15, 2017
• The House of Lore Aug 15, 2017
• fastbin attack / fastbin\_dup Aug 15, 2017
• The House of Spirit Aug 15, 2017
• overlapping chunk Aug 15, 2017
• Poison null byte Aug 15, 2017
• one\_gadget / libc-database Aug 13, 2017
• pwntools Aug 13, 2017
• (MCSC2014) tinypwn - SROP Aug 10, 2017
• Blind SQL Injection Aug 8, 2017
• Basic SQL injection Aug 8, 2017
• (Windows) injection & hooking Aug 7, 2017
• (Linux) injection Aug 7, 2017
• (CodeGate2014) nuclear - libpthead(send, recv, system) Jul 31, 2017
• Shellcode Jul 26, 2017
• UAF, Use After Free Jul 23, 2017
• (glibc) free\_hook, malloc\_hook Jul 23, 2017
• (glibc) malloc - checks Jul 22, 2017
• (glibc) malloc - 3 Jul 21, 2017
• (glibc) malloc - 4 Jul 21, 2017
• (glibc) malloc - 2 Jul 19, 2017
• (glibc) malloc - 1 Jul 19, 2017
• (메모리 보호 기법) PIE Jul 16, 2017
• (메모리 보호 기법) RELRO Jul 15, 2017
• (메모리 보호기법) ASLR, FORTIFY\_SOURCE Jul 13, 2017
• gdb peda / gdb-multiarch Jul 13, 2017
• gdb Jul 12, 2017
• (메모리 보호 기법) SSP +Canary (prologue) / DEP Jul 11, 2017
• (Samsung CTF 2017) ASM (Addition, Subtract, and Multiplication) Jul 10, 2017
• (0ctf) BABYHEAP - fastbin attack, chunk overlap Jul 2, 2017
• (SecuInside 2017) BABYHEAP - realloc(ptr, 0) / UAF Jul 2, 2017
• 인증(Authentication)과 인가(Authorization) Jun 28, 2017
• Brute Force / Replay Attack Jun 28, 2017
• (Trend Micro CTF 2017) Reversing Jun 27, 2017
• (Trend Micro CTF 2017) Forensic Jun 27, 2017
• Session & HTTP Session hijacking Jun 27, 2017
• Filtering / Escape Jun 27, 2017
• (Trend Micro CTF 2017) Analysis-offensive Jun 23, 2017
• FC3 evil\_wizard - dark\_stone - GOT overwrite / ROP ★ ( pop-pop-ret gadget ) Jun 22, 2017
• FC3 hell\_fire - evil\_wizard Jun 17, 2017
• FC3 dark\_eyes - hell\_fire - remoteBOF, GOT overwrite, mprotect May 8, 2017
• FC3 gate - iron\_golem - dark\_eyes Feb 3, 2017
• LOB xavius → death\_knight - remote BOF, rawbf Jan 30, 2017
• LOB succubus ~ nightmare → xavius - strcpy / stdin과 fgets Jan 28, 2017
• LOB giant ~ zombie\_assassin → succubus - ROP Jan 18, 2017
• LOB darkknight ~ bugbear → giant - ldd와 nm으로 함수 mapping 주소 찾기 Jan 16, 2017
• LOB golem → darkknight - strncpy size overflow Jan 12, 2017
• LD\_PRELOAD를 이용한 so injection과 hooking. + wrapping function Dec 19, 2016
• ptrace - Linux injection ( code injection / so injection ) Dec 12, 2016
• FSC level3 Nov 28, 2016
• Block cipher mode of operation Nov 25, 2016
• 동기식, 비동기식 stream cipher Nov 18, 2016
• jmp, call instruction 주소 계산 Nov 15, 2016
• FTZ - ; cat, FSB Nov 15, 2016
• LOB gate ~ skeleton → golem Nov 15, 2016
• FSB, Format String Attack/Bug Oct 23, 2016
• PKCS ( Public Key Cryptography Standards ) Sep 14, 2016
• Birthday Problem & Attack Sep 10, 2016
• Prefetch, Superfetch Sep 7, 2016
• Windows 악성코드 감염시 처리 프로세스 Sep 7, 2016
• USB 사용 기록 조사 Sep 6, 2016
• 15'' whitehat contest, (= 16'' UXG) Sep 4, 2016
• Anti debugging Aug 31, 2016
• Base64 Radix64 Aug 31, 2016