{"id":2751,"date":"2025-01-12T18:45:51","date_gmt":"2025-01-12T09:45:51","guid":{"rendered":"https:\/\/h4ck.kr\/?p=2751"},"modified":"2025-01-12T20:59:20","modified_gmt":"2025-01-12T11:59:20","slug":"%ed%8d%bc%ec%a7%95-%ec%97%b0%ec%8a%b5-1%eb%8b%a8%ea%b3%84","status":"publish","type":"post","link":"https:\/\/h4ck.kr\/?p=2751","title":{"rendered":"[\uc791\uc131\uc911] \ud37c\uc9d5 \uc5f0\uc2b5 1\ub2e8\uacc4"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">CVE-2019-13288<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-13288\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-13288<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1020\" height=\"302\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image.png\" alt=\"\" class=\"wp-image-2752\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image.png 1020w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-300x89.png 300w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-768x227.png 768w\" sizes=\"auto, (max-width: 1020px) 100vw, 1020px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">\ud14d\uc2a4\ud2b8 \ucd94\ucd9c\uae30, \uc774\ubbf8\uc9c0 \ubcc0\ud658\uae30, HTML \ubcc0\ud658\uae30 \ub4f1\uc744 \ud3ec\ud568\ud55c \ubb34\ub8cc PDF \ubdf0\uc5b4 \ubc0f \ud234\ud0b7\uc778 XPDF \uc18c\ud504\ud2b8\uc6e8\uc5b4\uc5d0\uc11c \ubc1c\uc0dd\ud558\ub294 \ucde8\uc57d\uc810\uc774\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\ud574\ub2f9 \ucde8\uc57d\uc810\uc740 \uc870\uc791\ub41c \ud30c\uc77c\uc744 \ud1b5\ud574 \ubb34\ud55c \uc7ac\uadc0\ub97c \uc77c\uc73c\ud0ac \uc218 \uc788\uc5b4, <br>\uc6d0\uaca9 \uacf5\uaca9\uc790\ub294 \uc774\ub97c \uc774\uc6a9\ud574 \uc11c\ube44\uc2a4 \uac70\ubd80 \uacf5\uaca9\uc744 \uc77c\uc73c\ud0ac \uc218 \uc788\ub2e4.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\ubc30\uc6b0\uac8c \ub418\ub294 \uac83\ub4e4<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\ud0c0\uac9f \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc744 \uacc4\uce21(instrumentation)\ud558\uc5ec \ucef4\ud30c\uc77c\ud558\ub294 \ubc29\ubc95<\/li>\n\n\n\n<li>\ud37c\uc800(afl-fuzz) \uc2e4\ud589 \ubc29\ubc95<\/li>\n\n\n\n<li>\ub514\ubc84\uac70(GDB)\ub97c \uc0ac\uc6a9\ud55c \ud06c\ub798\uc2dc \ubd84\ub958(Triaging) \ubc29\ubc95<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\uc791\uc5c5 \ud658\uacbd<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Ubuntu 20.04.2 with VMWare Workstation 17.6.2 (<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">XPDF \ud658\uacbd \uad6c\ucd95<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">1. \ube4c\ub4dc \ub3c4\uad6c \uc124\uce58 <\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"raw\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ cd $HOME\n$ mkdir fuzzing_xpdf &amp;&amp; cd fuzzing_xpdf\/<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">2. \ucde8\uc57d\ud55c 3.02 \ubc84\uc804\uc758 xpdf \uc18c\uc2a4\ucf54\ub4dc \ub2e4\uc6b4\ub85c\ub4dc \ubc0f \uc555\ucd95 \ud574\uc81c<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"raw\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ wget https:\/\/dl.xpdfreader.com\/old\/xpdf-3.02.tar.gz &amp;&amp; tar -xvzf xpdf-3.02.tar.gz<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">3. Xpdf \ube4c\ub4dc \ubc0f \uc124\uce58<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"raw\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ cd xpdf-3.02\n$ sudo apt install -y build-essential gcc\n$ .\/configure --prefix=\"$HOME\/fuzzing_xpdf\/install\/\"\n$ make -j$(nproc)\n$ make install<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">4. \ube4c\ub4dc \ud14c\uc2a4\ud2b8. \uba87 \uac00\uc9c0 PDF \uc608\uc81c \ub2e4\uc6b4\ub85c\ub4dc\ud558\uae30.<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"raw\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ cd $HOME\/fuzzing_xpdf\n$ mkdir pdf_examples &amp;&amp; cd pdf_examples\n$ wget https:\/\/github.com\/mozilla\/pdf.js-sample-files\/raw\/master\/helloworld.pdf\n$ wget https:\/\/www.melbpc.org.au\/wp-content\/uploads\/2017\/10\/small-example-pdf-file.pdf<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">5. \uc774\uc81c \uc544\ub798\uc640 \uac19\uc740 \uba85\ub839\uc5b4\ub85c pdfinfo \ubc14\uc774\ub108\ub9ac\ub97c \ud14c\uc2a4\ud2b8\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"raw\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ $HOME\/fuzzing_xpdf\/install\/bin\/pdfinfo -box -meta $HOME\/fuzzing_xpdf\/pdf_examples\/helloworld.pdf<\/pre>\n<\/div><\/div>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"243\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-1-1024x243.png\" alt=\"\" class=\"wp-image-2753\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-1-1024x243.png 1024w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-1-300x71.png 300w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-1-768x182.png 768w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-1.png 1106w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">AFL++ \ud658\uacbd \uad6c\ucd95<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">\ucd5c\uc2e0 \ubc84\uc804\uc758 AFL++ \ud37c\uc838\ub97c \uc0ac\uc6a9\ud574\ubcfc \uac83\uc774\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\ub3c4\ucee4\ub85c \uc124\uce58\ud558\uac70\ub098, \uc9c1\uc811 \ub85c\uceec\ub85c \uc124\uce58\ud560 \uc218\ub3c4 \uc788\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\uc5ec\uae30\uc11c\ub294 \ub85c\uceec\ub85c \uc124\uce58\ud574\ubcfc \uac83\uc774\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">1. \uc885\uc18d\uc131 \uc124\uce58<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ sudo apt-get install -y build-essential python3-dev automake git flex bison libglib2.0-dev libpixman-1-dev python3-setuptools python3-pip cmake\n\n$ sudo apt-get install -y lld-11 llvm-11 llvm-11-dev clang-11 || sudo apt-get install -y lld llvm llvm-dev clang \n\n$ sudo apt-get install -y gcc-$(gcc --version|head -n1|sed 's\/.* \/\/'|sed 's\/\\..*\/\/')-plugin-dev libstdc++-$(gcc --version|head -n1|sed 's\/.* \/\/'|sed 's\/\\..*\/\/')-dev<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">2. AFL++ \ube4c\ub4dc<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ cd $HOME\n$ git clone https:\/\/github.com\/AFLplusplus\/AFLplusplus &amp;&amp; cd AFLplusplus\n$ export LLVM_CONFIG=\"llvm-config-11\"\n$ make distrib -j$(nproc)\n$ sudo make install<\/pre>\n<\/div><\/div>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"577\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-2-1024x577.png\" alt=\"\" class=\"wp-image-2754\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-2-1024x577.png 1024w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-2-300x169.png 300w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-2-768x433.png 768w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-2.png 1115w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"577\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-3-1024x577.png\" alt=\"\" class=\"wp-image-2755\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-3-1024x577.png 1024w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-3-300x169.png 300w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-3-768x433.png 768w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-3.png 1115w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">\ubaa8\ub4e0 \uac83\uc774 \uc798 \uc218\ud589\ub418\uc5c8\ub2e4\uba74, afl-fuzz\ub97c \uc2e4\ud589\ud560 \uc218 \uc788\uc5b4\uc57c \ud55c\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">afl-fuzz \uba85\ub839\uc5b4\ub97c \uc785\ub825\ud574\ubcf4\uc790.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"577\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-4-1024x577.png\" alt=\"\" class=\"wp-image-2756\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-4-1024x577.png 1024w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-4-300x169.png 300w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-4-768x433.png 768w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-4.png 1115w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">AFL++ \uc0ac\uc6a9\ud574\ubcf4\uae30<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">AFL\uc740 \ucee4\ubc84\ub9ac\uc9c0 \uae30\ubc18 \ud37c\uc800(coverage-guided fuzzer)\ub85c, <br>\uac01 \ubcc0\ud615\ub41c \uc785\ub825\uc5d0 \ub300\ud55c \ucee4\ubc84\ub9ac\uc9c0 \uc815\ubcf4\ub97c \uc218\uc9d1\ud558\uc5ec \uc0c8\ub85c\uc6b4 \uc2e4\ud589 \uacbd\ub85c\uc640 \uc7a0\uc7ac\uc801\uc778 \ubc84\uadf8\ub97c \ubc1c\uacac\ud560 \uc218 \uc788\ub2e4. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\uc18c\uc2a4 \ucf54\ub4dc\uac00 \uc788\uc744 \uacbd\uc6b0, AFL\uc740 \uacc4\uce21(instrumentation)\uc744 \uc0ac\uc6a9\ud558\uc5ec \uac01 \uae30\ubcf8 \ube14\ub85d(\ud568\uc218, \ub8e8\ud504 \ub4f1)\uc758 \uc2dc\uc791 \ubd80\ubd84\uc5d0 \ud568\uc218 \ud638\ucd9c\uc744 \uc0bd\uc785\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\uc6b0\ub9ac\uc758 \ud0c0\uac9f \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc5d0 \ub300\ud574 \uacc4\uce21\uc744 \ud65c\uc131\ud654\ud558\ub824\uba74, AFL\uc758 \ucef4\ud30c\uc77c\ub7ec\ub97c \uc0ac\uc6a9\ud558\uc5ec \ucf54\ub4dc\ub97c \ucef4\ud30c\uc77c\ud574\uc57c \ud55c\ub2e4.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\uc6b0\uc120, \uc774\uc804\uc5d0 \ucef4\ud30c\uc77c\ub41c \ubaa8\ub4e0 \uac1d\uccb4 \ud30c\uc77c\uacfc \uc2e4\ud589 \ud30c\uc77c\uc744 \uc815\ub9ac\ud560 \uac83\uc774\ub2e4.<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ rm -r $HOME\/fuzzing_xpdf\/install\n$ cd $HOME\/fuzzing_xpdf\/xpdf-3.02\/\n$ make clean<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\uc774\uc81c afl-clang-fast \ucef4\ud30c\uc77c\ub7ec\ub97c \uc0ac\uc6a9\ud558\uc5ec xpdf\ub97c \ube4c\ub4dc\ud574\ubcf4\uc790.<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ export LLVM_CONFIG=\"llvm-config-11\"\n$ CC=$HOME\/AFLplusplus\/afl-clang-fast CXX=$HOME\/AFLplusplus\/afl-clang-fast++ .\/configure --prefix=\"$HOME\/fuzzing_xpdf\/install\/\"\n$ make -j$(nproc)\n$ make install<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><br>\uc774\uc81c \ub2e4\uc74c \uba85\ub839\uc5b4\ub97c \uc0ac\uc6a9\ud558\uc5ec \ud37c\uc800\ub97c \uc2e4\ud589\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ afl-fuzz -i $HOME\/fuzzing_xpdf\/pdf_examples\/ -o $HOME\/fuzzing_xpdf\/out\/ -s 123 -- $HOME\/fuzzing_xpdf\/install\/bin\/pdftotext @@ $HOME\/fuzzing_xpdf\/output<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">\uba85\ub839\uc5b4\uc758 \uac01 \uc635\uc158\uc5d0 \ub300\ud55c \uac04\ub7b5\ud55c \uc124\uba85\uc740 \ub2e4\uc74c\uacfc \uac19\ub2e4.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>-i<\/strong>: \uc785\ub825 \ucf00\uc774\uc2a4(\uc989, \ud30c\uc77c \uc608\uc2dc)\ub97c \ub123\uc744 \ub514\ub809\ud1a0\ub9ac \uc9c0\uc815<\/li>\n\n\n\n<li><strong>-o<\/strong>: AFL++\uac00 \ubcc0\ud615\ub41c \ud30c\uc77c\uc744 \uc800\uc7a5\ud560 \ub514\ub809\ud1a0\ub9ac \uc9c0\uc815<\/li>\n\n\n\n<li><strong>-s<\/strong>: \uc0ac\uc6a9\ud560 \uc815\uc801 \ub79c\ub364 \uc2dc\ub4dc(static random seed) \uc9c0\uc815<\/li>\n\n\n\n<li><strong>@@<\/strong>: AFL\uc774 \uac01 \uc785\ub825 \ud30c\uc77c \uc774\ub984\uc73c\ub85c \ub300\uccb4\ud560 \ud0c0\uac9f\uc758 \uba85\ub839\ud589 \uc790\ub9ac \ud45c\uc2dc\uc790<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\ub9cc\uc57d, \ud37c\uc838\ub97c \ub3cc\ub9ac\ub824\uace0 \ud558\ub294\ub370,<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"741\" height=\"310\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-5.png\" alt=\"\" class=\"wp-image-2757\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-5.png 741w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-5-300x126.png 300w\" sizes=\"auto, (max-width: 741px) 100vw, 741px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">\uc704\uc640 \uac19\uc774 \uba54\uc2dc\uc9c0\uac00 \ub098\ud0c0\ub098\uba74,<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">$ sudo su\n$ echo core >\/proc\/sys\/kernel\/core_pattern\n$ exit<\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">core\ub77c\ub294 \ud06c\ub798\uc2dc \ucf54\uc5b4\ud30c\uc77c\uc744 \ub364\ud504\ud560 \uc218 \uc788\ub3c4\ub85d \uc870\uce58\ud574\uc8fc\uba74 \ub41c\ub2e4.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"744\" height=\"495\" src=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-6.png\" alt=\"\" class=\"wp-image-2758\" srcset=\"https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-6.png 744w, https:\/\/h4ck.kr\/wp-content\/uploads\/2025\/01\/image-6-300x200.png 300w\" sizes=\"auto, (max-width: 744px) 100vw, 744px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE-2019-13288 https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-13288 \ud14d\uc2a4\ud2b8 \ucd94\ucd9c\uae30, \uc774\ubbf8\uc9c0 \ubcc0\ud658\uae30, HTML \ubcc0\ud658\uae30 \ub4f1\uc744 \ud3ec\ud568\ud55c \ubb34\ub8cc PDF \ubdf0\uc5b4 \ubc0f \ud234\ud0b7\uc778 XPDF \uc18c\ud504\ud2b8\uc6e8\uc5b4\uc5d0\uc11c \ubc1c\uc0dd\ud558\ub294 \ucde8\uc57d\uc810\uc774\ub2e4. \ud574\ub2f9 \ucde8\uc57d\uc810\uc740 \uc870\uc791\ub41c \ud30c\uc77c\uc744 \ud1b5\ud574 \ubb34\ud55c \uc7ac\uadc0\ub97c \uc77c\uc73c\ud0ac \uc218 \uc788\uc5b4, \uc6d0\uaca9 \uacf5\uaca9\uc790\ub294 \uc774\ub97c \uc774\uc6a9\ud574 \uc11c\ube44\uc2a4 \uac70\ubd80 \uacf5\uaca9\uc744 \uc77c\uc73c\ud0ac \uc218 \uc788\ub2e4. \ubc30\uc6b0\uac8c \ub418\ub294 \uac83\ub4e4 \uc791\uc5c5 \ud658\uacbd Ubuntu 20.04.2 with VMWare Workstation 17.6.2 ( XPDF \ud658\uacbd \uad6c\ucd95 1.&hellip;&nbsp;<a href=\"https:\/\/h4ck.kr\/?p=2751\" rel=\"bookmark\">\ub354 \ubcf4\uae30 &raquo;<span class=\"screen-reader-text\">[\uc791\uc131\uc911] \ud37c\uc9d5 \uc5f0\uc2b5 1\ub2e8\uacc4<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2751","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/2751","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2751"}],"version-history":[{"count":6,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/2751\/revisions"}],"predecessor-version":[{"id":2763,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/2751\/revisions\/2763"}],"wp:attachment":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2751"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}