# WHO AM I?
## PROFILE
### NAME
· Lee Wonpyeong
### NICKS
· Safflower
· plzdonotsay
### RESIDENCE
· Seoul, Republic of Korea
### JOBS
· Security Researcher
· University Student
### SKILLS
· Programming
· Reversing
· Web Hacking
· Pwnable
## ORGANIZATIONS
### School
· 2018.03 ~ Now | Kwangwoon Univ
### Company
· 2018.11 ~ Now | UnityLab
### Team
· 2017.03 ~ Now | H3X0R
· 2018.05 ~ Now | Demon
· 2018.07 ~ Now | $wag
## CTF PARTICIPATION
### 2017
· 2017.??.?? | 2017 Layer7 CTF | Adult Top 1 (Solo) | 뉴올리언스 치킨버거 + 올엑스트라
· 2017.??.?? | 제1회 서울아이티고 해킹방어대회 | Adult Top 2 (Solo) | Safflower
· 2017.??.?? | 2017 Christmas CTF | Top 1 (Team) | 박광호1인팀
### 2018
· 2018.??.?? | 2018 Harekaze CTF | Top 3 (Team) | SeoulWesterns
· 2018.??.?? | 2018 DIMI CTF | Top 2 (Solo) | st4rburst
· 2018.??.?? | CTFZone 2018 | Top 5 (Team) | GoGiSaJo
### 2019
· 2019.??.?? | 2019 NEWSECU WINTER CTF | Top 2 (Team) | $wag
## CTF PROVISION
### 2018
· 2018.09.01 ~ 2018.09.02 | 18st HackingCamp CTF
· 2018.??.?? | 2018 Layer7 CTF
· 2018.10.?? | 2018 Power of XX CTF Prequals
· 2018.11.08 | 2018 Power of XX CTF Finals
### 2019
· 2019.02.16 ~ 2019.02.17 | 19st HackingCamp CTF
## SPEAK
### 2018
· 2018.08.?? | Nefus of Sunrin Internet High School | Web Application Vulnerability
· 2018.09.03 | TeamLog of Sunrin Internet High School | SQL Injection Attack & Defense
### 2019
·
## DEVELOPMENTS
### 2016
· 2016.08.?? ~ 2018.11.?? | Solve Me | https://github.com/safflower/solveme
### 2017
· 2017.??.?? | ASLRChk | https://github.com/safflower/aslr-checker
· 2017.??.?? | String Manager | https://github.com/safflower/string-manager
· 2017.??.?? | Caesar Cipher Online | https://github.com/safflower/caesar-cipher-online
· 2017.??.?? | Simple Uninstaller | https://github.com/safflower/simple-uninstaller
· 2017.??.?? | Yaml Parser | https://github.com/safflower/yaml-parser
· 2017.??.?? | Simple DB | https://github.com/safflower/simple-db
### 2018
· 2018.??.?? | JavaScript Obfuscator | https://github.com/safflower/javascript-obfuscator
· 2018.07.?? ~ Now | CanHackMe | https://canhack.me
· 2018.??.?? ~ Now | Online Cryper | https://crypt.safflower.pw
### 2019
·
For more visit here
## REAL-WORLD EXPLOITATION
### 2014
· XpressEngine | Stored XSS (KVE-2014-0083)
### 2015
· Naver Cafe | Spoofing Grade
### 2016
· Naver Blog | Clickjacking
· Naver Blog | Clickjacking
### 2017
· Maps Marker Pro | SQL Injection
· Maps Marker Pro | SQL Injection
· Maps Marker Pro | SQL Injection
· Maps Marker Pro | SQL Injection
· Maps Marker Pro | SQL Injection
· Maps Marker Pro | SQL Injection
· Maps Marker Pro | Arbitrary File Deletion
· GNUBOARD5 | Board Privilege Escalation (KVE-2017-1029)
· Naver Whale | XSS Auditor Bypass (KVE-2017-1034)
· Naver Whale | XSS Auditor Bypass (KVE-2017-1040)
· GNUBOARD5 | Reflected XSS & File Inclusion (KVE-2017-1047)
### 2018
· GNUBOARD5 | Session ID Hijack (KVE-2018-0013)
· YOUNGCART5 | SQL Injection (KVE-2018-0101)
· YOUNGCART5 | SQL Injection (KVE-2018-0102)
· GNUBOARD5 | Account Leak (KVE-2018-0109)
· YOUNGCART5 | Reflected XSS & Remote Code Execution (KVE-2018-0346)
· GNUBOARD5 | Reflected XSS & Remote Code Execution (KVE-2018-0356)
· GNUBOARD5 | Reflected XSS & Remote Code Execution (KVE-2018-0358)
· GNUBOARD5 | Reflected XSS & Remote Code Execution (KVE-2018-0366)
· GNUBOARD5 | Reflected XSS & Remote Code Execution (KVE-2018-0379)
· YOUNGCART5 | SQL Injection (KVE-2018-0405)
· GNUBOARD5 | Leak Account & Remote Code Execution (KVE-2018-0510)
· Dothome | Remote Code Execution
· GNUBOARD5 | SQL Injection (KVE-2018-????)
· asked.kr | Stored XSS
### 2019
· Naver | Reflected XSS (KVE-2019-????)
· Naver | Reflected XSS (KVE-2019-????)
## LINKS
## CONTACTS
· Telegram | https://t.me/plzdonotsay
· Facebook Messenger | https://m.me/plzdonotsay
· E-mail | plzdonotsay@gmail.com