Hack what?

Hi, My name is Wonil Jang. My research interests focus on finding vulnerabilities in both closed and open-source software. In my free time, I enjoy boxing and weightlifting.
My motto is “No Pain, No Gain.”
Happy hacking!

AWARDS

---

• 2024 Grand Prize Winner (General Division) of the Ulsan Hacking CTF Competition - Ulsan Metropolitan Police Agency
• 2023 Grand Prize in the Buulgyeong Cybersecurity Hackathon - Graduate School of Convergence Security, PNU
• 2023 Best of the Best 11th WhiteHat10 Award - KITRI
• 2022 Outstanding Paper Award at the Korea Internet of Things Association - KIOT
• 2021 Link Industry Cooperation Best Artificial Intelligence Advanced Course Award - LINC Industry Cooperation, UOU
• 2021 23rd Hacking Camp SINCERE Hacker Award - HackingCamp
• 2019 Excellence Award in the Training Course on Analysis and Response of Cyber Infringement Accidents - UIPA
• 2019 Network Forensics Practical Training Course Excellence Award - UIPA

Special Activities

---

• 2024 Attended CCS Conference
• 2022~2023 Completed the Best of the Best 11th
• 2021 Attended the 23rd Hacking Camp
• 2020 Attended the K-Security competition on using artificial intelligence to identify malware
• 2019 Attended the 22nd Hacking Camp

CTF

---

• 2024 Ulsan Hackig competition CTF 4th / 23th ( Team: yummyshell, General Division Winner )
• 2024 M0lECON CTF ( Team: yummyshell )
• 2024 UNIST CSE web security CTF 1st / 27th ( Individual )
• 2023 Dreamhack Christmas CTF 8th / 147th ( Team: yummyshell, i.e., the former name OASIS, 3 people )
• 2021 Hacking Camp CTF 4th ( Team, 4 people )

FOUND VULNS

---

• CVE-2023-46256: Heap Buffer Overflow in Open Source PX4 Drone
• KVE-2022-1969: IoT RCE by webshell with root permission
• KVE-2022-2162: BLE Replay Attack
• KVE-2022-2328: IoT DoS Attack By BOF
• KVE-2022-2329: IoT DoS Attack By BOF

*CVE = Common Vulnerabilites and Exposures
*KVE = Korean Vulnerabilites and Exposures ( The company name and device inforamation cannot be specified )