Profile

이름(Name) : 한충우 (Choongwoo Han)

닉네임(Nickname): tunz

B.S.: Computer Science and Engineering, Technology Management, in UNIST'15

Interests: Software Security, Software Testing, Program Analysis, Web Security

Mail: cwhan.tunz |at| gmail.com

Blog: http://blog.tunz.kr (-> http://tunz.kr )

Twitter: http://www.twitter.com/7unz

github: http://www.github.com/tunz

소속:

KAIST SoftWare Testing & Verification (SWTV) Group (2015 ~)

CodeRed(2013 ~ )

UNIST Computer Security Club, HeXA (2011 ~ 2014)

UNIST Mobile Smart Networking (MSN) Lab (2012 ~ 2014)

Best Of the Best (BOB) 2기 (2013 ~ 2013)

 

Vulnerability Reports

- 2015 Remote Code Execution on GitHub for Mac ($2,500)

- 2015 XSS on GitHub ($1,000)

- 2015 XSS on Dropbox ($1,331).

- 2014 Remote Code Execution on Dr.Soft Netclient5 Patch Management System (KISA 14-084).

- 2014 Remote Code Execution on UNIST portal web site.

- 2013 SQL Injection and Break password encryption on UNIST portal web site.

- 2013 SQL Injection on UNIST web mail.

- 2012 Remote Code Execution on UNIST attendance checking devices.

Awards

- 2014 HDCON, 5th place (Silver Prize) (CodeC) (₩2,000,000)

- 2014 Incognito CTF, 2nd place (CodeRed) (₩640,000)

- 2014 DEF CON, Final round (CodeRed)

- 2013 HolyShield, 1st place (CodePink) (₩1,000,000)

- 2013 Korea White hat Contest (Team) 3rd place(우수상) (HeXA) (₩8,000,000) 

Talks

- 2015 Naver D2 campus seminar - 개발자가 꼭 알아야 할 보안 이야기

* If you have anything to ask, please send me an email.