About

About

| Cronus

[ Interests ]

  • WEB Security
  • Fuzzing
  • Offensive Research & Exploitation

[ Affiliation ]

  • Member of TeamH4C (2022.05. ~ )
  • Member of TOOR (2022.02. ~ )
  • Mandatory military service @ ROKAFA as Infosec Specialist (2022.02. ~ 2023.11.)
  • Undergrad @ SCH , Information Security Major

[ Competition ]

  • Global Cyber Camp 2025 1st Team (Team_ Group2 ) / GCC2025 프로젝트 1등 팀
  • The 6th TS “Find the Security Vulnerability” Competition, 2nd place ( Team_ TS(TypeScript) 큭큭.. ) / 제6회_TS_보안_허점을_찾아라 우수상
  • Chungcheong Region Cybersecurity Competition, Winner 5th place ( Team_ 염승빈여친아랴짱 ) / 충청권 사이버보안 경진대회 장려상
  • HackTheon 2024 Finalist ( Team_ Toorist )
  • DEFCON 32 QUALS 26th ( Team_ budaejjigae )
  • damCTF 2024 9th, Finalist ( Team_ budaejjigae )
  • Hackfest 2024 Finalist ( Team_ Tourist )
  • Whitehat Contest 2022 4th, Finalist ( Team_ 아니다싶으면밥먹으러감 )
  • CCE 2022 17th, General Division ( Team_ PoC )

[ Bug Bounty ]

Microsoft Skype

  • RCE (Valid report but no bounty or CVE)

RAG & LLM (Retrieval-Augmented Generation)

  • RCE & SQLi & SSRF & DoS & XSS
  • CVE-2024-12910, CVE-2025-0184, CVE-2024-12909, CVE-2024-12911,
  • CVE-2024-11958, CVE-2024-12704, CVE-2024-11824, CVE-2024-11850,
  • Pending CVE

Wordpress Plugin CVE

Profile

  • CVE-2024-30554, CVE-2024-31119, CVE-2024-30553, CVE-2024-30545,
  • CVE-2024-31344, CVE-2024-31387, CVE-2024-32083, CVE-2024-32428,
  • CVE-2024-32591, CVE-2024-4433, CVE-2024-34423, CVE-2024-33943,
  • CVE-2024-34426, CVE-2024-32958, CVE-2024-34790, CVE-2024-34797,
  • CVE-2024-35640, CVE-2024-35639, CVE-2024-35642, CVE-2024-35752,
  • CVE-2024-35756, CVE-2024-4433, CVE-2024-37523, CVE-2024-37536,
  • CVE-2024-37549, CVE-2024-37558, CVE-2024-38689, CVE-2024-38724,
  • CVE-2024-38738, CVE-2024-43347, …
  • Pending CVE

Jeju Pass

  • Reflected XSS (Duplicated 😢)

[ Organization ]

  • 2021 YISF (Youth Information Security Festival)

[ ETC ]

  • 2025 GCC(Global Cyber Camp) Taiwan Trainee
  • Best of Best 13th (KITRI)
  • Ethical Hacker Training Program (organized by NIS) / 윤리적 해커 양성 5기 교육생 (국정원 주관)
  • Dreamhack Community Mentor (2023.05 ~ )
  • PatchDay verified Bug hunter (2023.07 ~ )
  • 2021 SCH AI&SW Week 1st

[ Research Paper ]

  • Retrieval-Agumented Generation 시스템의 구조적 취약성 및 공격 벡터 분석 ( 2024 정보보호 동계학술대회 )