JunYoung Park (@candymate)
Github : @candymate
Twitter : @siwu_network (candymate)
Blog : https://candymate.tistory.com
Team : None - previously PLUS (POSTECH Laboratory for Unix Security, https://plus.or.kr)
Academics
Daegu Science High School 27th (Graduated at 2017/02)
POSTECH Undergraduate (2017/02~2022/02)
KAIST GSIS Master's course (KAIST hacking lab - https://kaist-hacking.github.io/, 2022/02~)
Interests
Hypervisors, Browsers
Career
ETC
KITRI BoB 9th Vulnerability Analysis
- Project: Virtualization Software Bug Hunting - VirtualBoBs
- Result : 3 CVEs (CVE-2021-2086, CVE-2021-2124, CVE-2021-2127), 3 ZDI-CAN (ZDI-CAN-12407, ZDI-CAN-12621, ZDI-CAN-12761 - Total $6,500)
CTFs
Only Major CTFs are listed. I've participated a lot of CTFs as PLUS, or as other teams.
There might be other major CTFs I forgot.
Team
PLUS, and many other teams (MINUS, LeaveCat-PLUS, KaisHack+PLUS+GoN, ...)
Major Participations
DEFCON 26, 27, 28 Finalist (as KaisHack+PLUS+GoN, seoulplusbadass, koreanbadass)
Codegate CTF Finals (University) 2018, 2019, 2020 (PLUS - each 4th, 1st, 2nd)
Defenit CTF 2020 1st (as ToEatSushi)
Bugs
- CVE-2021-2127 - by VirtualBoBs
- https://candymate.tistory.com/20
- CVE-2021-2266 (Reward not open, Personal work extended from project)
- https://candymate.tistory.com/30