Profile

• Kanghyun Choi (@ b4sh5i)
• Email : pwner@kakao.com / kb4sh5i.choi@samsung.com

Act

• 17.10 ~ ing : $wag (CTF Team)
• 18.07 ~ 19.04 : Best of Best 7th vulnerability track (Top 30)
• 18.07 ~ 19.04 : pwnhub(in BoB)
  • IoT Hub 취약점 분석을 통한 IoT 네트워크 보안성 향상 연구
• 19.04 ~ 19.09 : UnityLab (취약점 분석 & 연구 리서치)
  • PSV-2019-0241 : Netgear R7000 Router Pre-auth Remote Code Execution
• 20.01 ~ 21.08 : 사이버작전사령부/육군본부 S/W 개발병
• 21.08 ~ 22.03 : Diffense (취약점 분석 연구원)
• 22.05 ~ 23.07 : RaonWhiteHat (핵심연구팀 PM)
• 23.08 ~ ing : Samsung SDS (보안 엔지니어)
  • 23.08 ~ ing : 통합보안센터 보안점검파트 근무

Award

• 17.08 : 1st SCTF Finalist (@ b4sh5i)
• 17.12 : X-max CTF 1st (@ 박광호 1인팀)
• 18.02 : 2018 Harekaze CTF 3rd (@ SeoulWesterns)
• 18.09 : HackIT CTF 2018 3rd (@ $wag)
• 18.11 : CTFZONE 2018 Finalist (@ GoGiSaJo)
• 19.02 : IoT Hub 취약점 분석을 통한 IoT 네트워크 보안성 향상 연구 감사장 in LG U+ (@ pwnhub)
• 19.03 : Codegate 2019 Finalist (@ $wag)
• 19.07 : InnoCTF International 2019 1st (@ $wag)
• 19.07 : WCTF 2019 3rd (@ $wag)
• 19.08 : 사이버작전경연대회 Finalist (@ 대대장님 사랑합니다)
• 19.09 : D-Camp CTF 3rd (@ $wag)
• 19.10 : DVP blockchain CTF Final 3rd (@ $wag)
• 20.08 : Google Capture The Flag 2020 Finals (@ I use Bing)
• 20.09 : TokyoWesterns CTF 6th 2020 1st (@ D0G$)
• 20.12 : 20년도 하반기 훈련 관련 사이버 작전 사령부 사령관 표창장 (@ b4sh5i)
  • L 사 VoIP Call Server RCE
  • S 사 VoIP Call Server SQL injection
• 21.11 : pwn2own 2021 Austin Winner (@Diffense Team)
  • Cisco RV340 RCE
  • Western Digital My Cloud Pro Series PR4100 RCE
• 22.09 : 2022 사이버공격방어대회 공공부문(예선/Finalist) 4th (@ Triggering boys)

Presentation

• 17.08 : 코딩 실수에서 일어나는 해킹 (in Google Development Group Campus Korea)
• 18.11 : Enhanced Smart Home Network Security Through Analysis of IoT Hub Vulnerabilities (in POC) @BoB
• 19.03 : Let’s hack the IoT Hub with Pwnhub dudes: IoT Hub Exploitation (in Insomnihack) @BoB
• 19.03 : IoT Hub 취약점 분석 (in CODEGATE BoB 세션) @BoB
• 19.08 : Open Sesame! Pwning The State-Of-The-Art the IoT Hub (in HITCON) @BoB
• 19.10 : I KNOW WHAT YOU DID LAST NIGHT : Pwning the state-of-the-art the IoT Hub (in Codeblue) @BoB
• 19.10 : The state of the art device exploit tech for IoT and Router (in Bside Tokyo)