/shpik.kr/

# Sitemap

.
├─ Blog
├─ Github
├─ Facebook
└─ Twitter

# Profile

## NAME

    Sehun Oh

## NICKS

    shpik

## ORGANIZATION

    TenDollar / Web,Pwnable,Crypto / 2017 ~
    Mashiro / Web,Pwnable,Crypto / 2019 ~
    EagleJump Lab / Research anything / 2019 ~

## JOBS

    Security Researcher
      Cyberone Inc. / Pentester, R&D / 2017 ~ 2019

## INTERESTS

    Web Exploitation
    Fuzzing Development
    Chrome Javascript Engine(v8)
    Space Science

# Vulnerability

## CVE

    CVE-2018-13410 : Info-zip, DoS
    CVE-2018-19296 : PHPMailer, Object Injection

## KVE

    KVE-2017-0019 : Netis M3300N, Command Injection
    KVE-2017-0278 : gnuboard5, LFI to RCE
    KVE-2019-0246 : Naver, [censored]
    KVE-2019-0247 : Naver, [censored]
    KVE-2019-0523 : Naver, [censored]
    KVE-2019-0556 : gnuboard5, [censored]
    KVE-2019-0860 : Naver, [censored]

# Achievement

## Capture The Flag - Participation

    2019, DEFCON 27, Quals 22nd, $TLDR$
    2019, ASIS CTF, Quals 37th, Harekaze
    2019, Midnight Sun CTF, Quals 23rd, Harekaze
    2019, UTCTF, Quals 23th, Mashiro
    2019, Codegate CTF, Quals 23nd, TenDollar
    2019, InterKosen CTF, 3rd, KimchiPower
    2018, Pwn2Win CTF, Quals 13th, TenDollar
    2018, Cyber Conflict Exercise & Contest(CCE), Quals 7th, Final 9th, TenDollar
    2018, SECCON CTF, Quals 19th, TenDollar
    2018, Hackcon CTF, 18th, TenDollar
    2018, TJCTF, 16th, TenDollar
    2018, DEFCON 26, Quals 15th, Final 13th, C.G.K.S
    2018, Samsung CTF, Finalist, shpik
    2018, KO-WORLD CTF, Final 2nd, TenDollar
    2017, Cyber Conflict Exercise & Contest(CCE), Quals 13th, TenDollar
    2017, Samsung CTF, Finalist, shpik
    2017, Hack Dat Kiwi CTF, 14th, TenDollar

## Capture The Flag - Operator

    2018, TenDollar CTF
      - Cat-Proxy : Web/Object Injection/SSRF/LFI
      - Kou : Web/Reverse/Overflow/LFI

## Presentation

    Effective SQL Injection @Cyberone Inc.
    Apache Struts2 exploit @Cyberone Inc.
    Pwnable Basic @Cyberone Inc.
    File Structure and Exploit Flaw at ubuntu16.04 @Cyberone Inc.
    CPP Exploit @Cyberone Inc.
    v8 exploit @TenDollar