About sweetchip

  • Former Assistant research engineer at Grayhash
  • Undergraduate student of Computer and Information Security Department at Sejong University (2014 ~ )

Work Experience

  • Intern, Grayhash (2014.09 ~ 2014.12)
  • Assistant research engineer, Grayhash (2015.01 ~ 2016.04, 2018.02 ~ 2020.04)
    • Developing wargame, security education platform service with Vue.js, Django for workers in LINE Plus.
    • Penetration testing(including APT projects) and reviewing source code for cryptocurrency exchange, messenger service, online game service and multiple web services which has 1M+ users.
    • Researching security vulnerability in Browsers, Kernel drivers, Windows applications and so on.
    • Serving security training several times for clients.
    • Browser hacking training : How to analyse vulnerability in browsers, write a exploit code on Windows os, Bypass mitigations of browsers.

Bughunting

Bug hunting (Global)

  • Microsoft Internet Explorer 11 CMarkupPointer Use-After-Free Vulnerability (CVE-2014-1799)
    • Bypassed ‘Vtguard ‘mitigation without Information Disclosure vulnerability
    • Demo : https://youtu.be/cTC0buSM4rw
  • Microsoft Internet Explorer 11 Ptls6::LsFmtText Out-Of-Bounds Read & RCE Vulnerability (CVE-2015-0037)
  • Microsoft Internet Explorer 9 Uninitialized Memory Reference (CVE-2015-1712)
  • Microsoft Internet Explorer 11 CTitleElement Use-After-Free.(CVE-2015-1714)
  • Microsoft Internet Explorer 11 Memory Corruption (CVE-2015-2447)
  • Microsoft Internet Explorer 11 Uninitialized Memory Reference (ZDI-CAN-2712)
  • Apple OSX IOKIT IOFireWireFamilly Null Pointer Dereference Vulnerability (CVE-2016-1745)
  • Apple OSX IOKIT IntelAccelator Null Pointer Dereference Vulnerability (CVE-2016-1818)
  • Apple OSX IOKIT AppleThunderboltHAL Race Condition Null Pointer Dereference Vulnerability (CVE-2016-4780)
  • Google Chromium/Skia Heap overflow vulnerability. (CVE-2017-5014)
  • Google Chromium/Skia OOB Read vulnerability (CVE-2017-5063)
  • Google Chromium/Skia Heap-buffer-overflow in SkSpecularLightingImageFilter::onFilterImage (CVE-2017-5077)
  • Google Chromium/PDFIUM Stack-buffer-overflow in CalculateString (None CVE)
  • Google Chromium/Skia Integer Overflow vulnerability (None CVE)
  • Adobe Flash Player/PCRE2 Out Of Bound Read Information Disclosure vulnerability (None CVE)
  • Safari RCE by Race condition (No cve)

Bug hunting (Korea)

  • Gnuboard XSS / CSRF vulnerability (2012)
  • Mnet Player Stack buffer overflow vulnerability (2013)
  • Kmplayer Buffer overflow vulnerability (2013)
  • 2 for Talkon Buffer overflow vulnerability (2013)
  • NateOn Buffer overflow vulnerability (2013)
  • Hangul word processor Heap overflow vulnerability (2013)
  • Hangul word processor Buffer overflow vulnerability (2013)
  • Hangul word processor Buffer overflow vulnerability (2014)
  • 3 for Hancell word processor Buffer overflow vulnerability (2016)
  • 2 for ZIO router Command Injection vulnerability (2016)
  • WEVO router Command Injection vulnerability (2016)

Campus Activities

  • Member, SSG (2014 ~ )
    • Academic Club for researching software security in Sejong University.
    • Leader (2017 - 2018)

Education

  • Trainee, KITRI Best Of the Best (2013.07 ~ 2014.02)
    • Recognized Top 10 among 120 trainee.

Conference

  • Codegate Junior - Music Player Exploit (2013)
  • Codegate - Bug Hunting Challenge (2014)
  • Inc0gnito - Fuzzing For Fun (2014)
  • Korea Whitehat Contest - Meeting with White hacker (2014)
  • Korea Whitehat Contest - Meeting with White hacker (2016)

Seminar & Training

  • K-BOB Security Forum - Demonstrate APT attack using weaponized exploit. (2014)
  • Hunting zeroday in software - Korea Internet & Security Agency (2015)
  • Bug hunting with Windbg - Korea Internet & Security Agency (2015)
  • How to become a cool security researcher - Institute of Information Security Education for the Gifted, Kongju University (2017)

Competition

  • 2015 Software Develop&Security Contest - Second place
  • 2016 Software Develop&Security Contest - First place
  • 2016 Crypto Contest - Participation Prize
  • 2017 Defcon - Finalist (Hacking4Danbi)
  • 2018 Codegate CTF (University) - Second place
  • 2018 HITB-XCTF Singapore Final 6th place

Award

  • KISA(Korea Internet & Security Agency) Bug bounty program 1st (2013)
  • KITRI Best Of the Best TOP 10 (2014)
  • MSRC(Microsoft Security Reponse Center) TOP 100 (2015)
  • BlackHat USA - Awarded Student Scholarship Program (2017)

Personal Projects

Sweetmon2

  • https://github.com/sweetchipsw/sweetmon2
  • This is a fuzzer monitoring tool based Python3 + Django2. You can manage your fuzzers and crashes on the web. It can reduce repetitive work for fuzz testers.

Vulnerability POC

  • https://github.com/sweetchipsw/vulnerability
  • Proof of concept or Exploits of my zeroday.
  • Internet Explorer + Safari + OSX + …