Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kaist-hacking/awesome-korean-products-hacking

A collection of links related to Korean products hacking
https://github.com/kaist-hacking/awesome-korean-products-hacking

List: awesome-korean-products-hacking

Last synced: about 1 month ago
JSON representation

A collection of links related to Korean products hacking

Awesome Lists containing this project

README 

        
# Awesome Korean Products Hacking



A collection of links related to Korean products hacking.

Pull requests are welcome :)



## KakaoTalk

* [2024: 1-click Exploit in South Korea's biggest mobile chat app by stulle123](https://stulle123.github.io/posts/kakaotalk-account-takeover/)

* [2024: Not so Secret: Analysis of KakaoTalk's Secret Chat E2EE Feature by stulle123](https://stulle123.github.io/posts/kakaotalk/secret-chat/)



## ipTIME

* [2024: (KVE-2023-5458) ipTIME C200/C200E pre-auth RCE via ONVIF Protocol Heap Buffer Overflow by Xion](https://github.com/kaist-hacking/KVE-2023-5458)

* [2023: (KVE-2023-0133) ipTIME AX2004M pre-auth remote code execution by babamba](https://github.com/kaist-hacking/KVE-2023-0133)

* [2018: iptime 10.00.2 preauth vulnerability by jinmo123](https://jinmo.github.io/blog/2018/01/29/iptime-preauth-bof.html)

* [2015: 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request by Pierre Kim](https://pierrekim.github.io/blog/2015-07-06-127-iptime-router-models-unauthenticated-RCE-with-DHCP.html)

* [2015: ipTIME n104r3 vulnerable to CSRF and XSS attacks by Pierre Kim](http://pierrekim.github.io/blog/2015-07-03-iptime-n104r3-vulnerable-to-CSRF-and-XSS-attacks.html)

* [2015: Exploit Code for ipTIME firmwares < 9.58 RCE with root privileges against 127 router models by Pierre Kim](http://pierrekim.github.io/blog/2015-07-01-poc-with-RCE-against-127-iptime-router-models.html)

* [2012: ipTIME Q104 인증 우회 by k1rha](https://k1rha.tistory.com/entry/IPTIME-%ED%95%B4%ED%82%B9-%EA%B4%80%EB%A0%A8-%EB%82%B4%EC%9A%A9-1)



## 그누보드

* [2022: 그누보드 Stored XSS 취약점 분석 by blatter95](https://velog.io/@blatter95/gnuboard5-1%EC%9D%BC%EC%B0%A8-KISA-%EC%B7%A8%EC%95%BD%EC%A0%90-%EA%B6%8C%EA%B3%A0%EC%82%AC%ED%95%AD-%EB%B6%84%EC%84%9D)

* [2021: 그누보드 5.4.1.1 RCE by yelang123](https://ufo.stealien.com/2021-02-08/Gnuboard-RCE)

* [2020: (KVE-2020-0120) 그누보드 FAQ 취약점 by wpgur](https://wpgur.tistory.com/14)

* [2020: 그누보드 문의게시판 XSS by hins13](https://blog.naver.com/hins13/222051551392)

* [2019: (KVE-2019-1198) 그누보드 1day 분석 Stored XSS by ls-toast](https://ls-toast.tistory.com/56)

* [2019: (KVE-2019-0050) 그누보드 1day 분석 XSS by 두아람쥐](https://blog.naver.com/jinik9903/221690934997)

* [2019: (KVE-2019-0828) 그누보드 1day 분석 XSS by ls-toast](https://ls-toast.tistory.com/63)

* [2019: 그누보드 이미지로드 모듈 어드민세션 취득 취약점 by hins13](https://blog.naver.com/hins13/221687517603)

* [2019: 그누보드 5.021 SQL Injection by hins13](https://blog.naver.com/hins13/221655385583)

* [2019: 그누보드5 g4_import_run.php 인젝션 by hins13](https://blog.naver.com/hins13/221691843503)

* [2019: 그누보드5 자동로그인을 통한 최고 관리자 계정 탈취 by hins13](https://blog.naver.com/hins13/221687623700)

* [2019: 그누보드 5.0.3 문자열 자르기 함수로 인해 발생하는 SQL Injection by hins13](https://blog.naver.com/hins13/221655382919)

* [2017: 그누보드 5.1.13 SQL Injection by Hyunmini](https://hyunmini.tistory.com/86)

* [2017: 그누보드 5.2.7 RCE by SilNex](https://blog.silnex.kr/%EA%B7%B8%EB%88%84%EB%B3%B4%EB%93%9C-5-2-7-%EC%B7%A8%EC%95%BD%EC%A0%90-%ED%8C%A8%EC%B9%98-%EB%82%B4%EC%9A%A9-%EB%B6%84%EC%84%9D/)

* [2017: 그누보드 5.2.9.2 XSS by SilNex](https://blog.silnex.kr/%ea%b7%b8%eb%88%84%eb%b3%b4%eb%93%9c-5-2-9-5-2-9-2-%ec%b7%a8%ec%95%bd%ec%a0%90-%ed%8c%a8%ec%b9%98-%eb%82%b4%ec%9a%a9-%eb%b6%84%ec%84%9d/)

* [2017: 그누보드 5.2.8 파일삭제 취약점 by SilNex](https://blog.silnex.kr/%ea%b7%b8%eb%88%84%eb%b3%b4%eb%93%9c-5-2-8-%ec%b7%a8%ec%95%bd%ec%a0%90-%ed%8c%a8%ec%b9%98-%eb%82%b4%ec%9a%a9-%eb%b6%84%ec%84%9d/)

* [2017: 그누보드5 자동 로그인 인증 우회 by adm1nkyj](http://blog.adm1nkyj.kr/2017/06/5.html)

* [2017: 그누보드5 <5.2.8 검색 컬럼 취약점 by jinmo123](https://jinmo.github.io/blog/2023/08/06/gnuboard-5-search-column-vulnerability.html)

* [2015: 그누보드 4.34.20 웹셸 삽입 by CHOMAN](https://kensei.tistory.com/259)



## 영카트 

* [2021: (KVE-2021-0172,0329,0330) 영카트 1day 분석 SQL Injection by Becoming a Hacker](https://hacksms.tistory.com/32)

* [2020: (KVE-2020-0200,0202) 영카트 1day 분석 Command Injection1 by Becoming a Hacker](https://hacksms.tistory.com/27)

* [2020: (KVE-2020-0656) 영카트 1day 분석 Command Injection by Becoming a Hacker](https://hacksms.tistory.com/26)



## XpressEngine

* [2019: XpressEngine RCE via XSS by 전개봉](https://m.blog.naver.com/PostView.naver?isHttpsRedirect=true&blogId=qhdrn1246&logNo=221448940063)

* [2017: XE XSS to RCE by adm1nkyj](http://blog.adm1nkyj.kr/2017/05/xe-xss-to-rce.html)

* [2015: 제로보드 XE (1.2.1ver) 취약점 by kaspy](https://kaspyx.tistory.com/8)



## ETC

* [2023: (CVE-2022-41158) 이윰빌더 4.5.3 원격 코드 실행 by Donggyu Kim](https://ufo.stealien.com/2023-07-31/bughunting-vulnerability-chaining-ko)

* [2019: 해피포인트 Deeplink를 이용한 Webview Hijacking by TAEJIN](https://ufo.stealien.com/2020-06-19/Deeplink)

* [2019: (CVE-2019-9133) KMPlayer Subtitles Parser Integer Overflow Vulnerability by Pham Ong Phi](https://starlabs.sg/advisories/19/19-9133/)

* [2019: (CVE-2019-17327) Jeus 디렉터리 경로 조작 취약점 by SaltLee](https://saltlee.tistory.com/82)

* [2019: (KVE-2019-1498) 지니 PC플레이어 RCE by Hyunsoo Cha](https://velog.io/@soo_sudo/KVE-2019-1498-%EB%B6%84%EC%84%9D)

* [2018: (KVE-2018-0713) 알집 암호화 취약점 by Hyunsoo Cha](https://velog.io/@soo_sudo/KVE-2018-0713-%EB%B6%84%EC%84%9D)

* [2018: WeVO W2914NSv2/11AC NAS Router CSRF 취약점과 OpenWRT 인스톨러 by perillamint](https://blog.quendi.moe/2019/09/11/ko-%ea%b8%b0%eb%b0%80-%ed%95%b4%ec%a0%9c-wevo-w2914nsv2-11ac-nas-router-csrf-%ec%b7%a8%ec%95%bd%ec%a0%90%ea%b3%bc-openwrt-%ec%9d%b8%ec%8a%a4%ed%86%a8%eb%9f%ac/)