추천 환경

• All steps have been tested on 64-bit Ubuntu 16.04.

p2im - gitclone

git clone [<https://github.com/RiS3-Lab/p2im.git>](<https://github.com/RiS3-Lab/p2im.git>)
git submodule update --init
git submodule update --remote

GNU Arm Embedded Toolcahin

• x86 → ARM 환경에서 실행되는 바이너리

wget <https://developer.arm.com/-/media/Files/downloads/gnu-rm/10.3-2021.10/gcc-arm-none-eabi-10.3-2021.10-x86_64-linux.tar.bz2?rev=78196d3461ba4c9089a67b5f33edf82a&hash=D484B37FF37D6FC3597EBE2877FB666A41D5253B>
tar xjf *.tar.bz2
PATH=$PATH:/home/parallels/tmp/gcc-arm-none-eabi-10.3-2021.10/bin
echo $PATH

AFL

babyhack@ubuntu:~/tmp/p2im/afl$ make
[*] Checking for the ability to compile x86 code...
[+] Everything seems to be working, ready to compile.
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-gcc.c -o afl-gcc -ldl
set -e; for i in afl-g++ afl-clang afl-clang++; do ln -sf afl-gcc $i; done
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-fuzz.c -o afl-fuzz -ldl
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-showmap.c -o afl-showmap -ldl
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-tmin.c -o afl-tmin -ldl
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-gotcpu.c -o afl-gotcpu -ldl
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-analyze.c -o afl-analyze -ldl
cc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" afl-as.c -o afl-as -ldl
ln -sf afl-as as
[*] Testing the CC wrapper and instrumentation output...
unset AFL_USE_ASAN AFL_USE_MSAN; AFL_QUIET=1 AFL_INST_RATIO=100 AFL_PATH=. ./afl-gcc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" test-instr.c -o test-instr -ldl
echo 0 | ./afl-showmap -m none -q -o .test-instr0 -- ./test-instr
echo 1 | ./afl-showmap -m none -q -o .test-instr1 -- ./test-instr
[+] All right, the instrumentation seems to be working!
[+] All done! Be sure to review README - it\\'s pretty short and useful.

babyhack@ubuntu:~/tmp/p2im$ make -C afl/
make: Entering directory '/home/babyhack/tmp/p2im/afl'
[*] Checking for the ability to compile x86 code...
[+] Everything seems to be working, ready to compile.
[*] Testing the CC wrapper and instrumentation output...
unset AFL_USE_ASAN AFL_USE_MSAN; AFL_QUIET=1 AFL_INST_RATIO=100 AFL_PATH=. ./afl-gcc -O0 -funroll-loops -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign -DAFL_PATH=\\"/usr/local/lib/afl\\" -DDOC_PATH=\\"/usr/local/share/doc/afl\\" -DBIN_PATH=\\"/usr/local/bin\\" -DVERSION=\\"2.06b\\" test-instr.c -o test-instr -ldl
echo 0 | ./afl-showmap -m none -q -o .test-instr0 -- ./test-instr
echo 1 | ./afl-showmap -m none -q -o .test-instr1 -- ./test-instr
[+] All right, the instrumentation seems to be working!
[+] All done! Be sure to review README - it's pretty short and useful.
NOTE: If you can read this, your terminal probably uses white background.
This will make the UI hard to read. See docs/status_screen.txt for advice.
make: Leaving directory '/home/babyhack/tmp/p2im/afl'

Docker Install

sudo apt install docker.io
sudo usermod -aG docker $USER
cd ~tmp/p2im/qemu
WORK_FOLDER_PATH=`pwd`/src ./build_scripts/build-qemu.sh --deb64 --no-strip
babyhack@ubuntu:~/tmp/p2im/qemu$ WORK_FOLDER_PATH=`pwd`/src ./build_scripts/build-qemu.sh --deb64 --no-strip

Using "/home/babyhack/tmp/p2im/qemu/src" as Work folder...
Helper script: "/home/babyhack/tmp/p2im/qemu/src/scripts/build-helper.sh".
Script "./build_scripts/build-qemu.sh" started at Wed Jan 18 06:45:50 PST 2023.

Running on Ubuntu 64-bits.

Checking host curl...
curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3

Checking host git...
git version 2.7.4

Checking Docker...
Docker version 18.09.7, build 2d0083d

Checking host automake...

Firmware preparation

• p2im-real_firmware

git clone <https://github.com/RiS3-Lab/p2im-real_firmware.git>

seed 파일 복사

WORKING_DIR=~/tmp/p2im/fuzzing/Drone/5/
mkdir -p ${WORKING_DIR}
cd ${WORKING_DIR}
cp -r ~/tmp/p2im/fuzzing/templates/seeds/ ${WORKING_DIR}/inputs

config 수정

#  P2IM - fuzzing configuration template
#  ------------------------------------------------------

#  Copyright (C) 2018-2020 RiS3 Lab

#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at:

#    <http://www.apache.org/licenses/LICENSE-2.0>

# Please change configurations that are enclosed in "< >".
# Please use absolute path in this file.

[DEFAULT] # used only by fuzz.py
#  is the path of root directory of P2IM git repo
base        = /home/babyhack/tmp/p2im  ## 수정해야함. fuzzer 프로그램 경로
#  can be arbitrary string you want. It doesn't need to be the firmware binary name
program     = Drone ### 타켓 프로그램명 및 디렉토리 이름
# Each firmware may be fuzzed multiple times. So it's better to number each fuzzer run
run         = 5
# working directory of fuzzing
working_dir = %(base)s/fuzzing/%(program)s/%(run)s

[afl] # used only by fuzz.py
bin         = %(base)s/afl/afl-fuzz
timeout     = 150+
input       = %(working_dir)s/inputs
output      = %(working_dir)s/outputs

[cov] # used only by cov.py
#count_hang  = False
count_hang  = True
bbl_cov_read_sz = 20000000
# 1 second
timeout     = 1

[qemu]
bin         = %(base)s/qemu/precompiled_bin/qemu-system-gnuarmeclipse
log         = unimp,guest_errors,int
#log         = unimp,guest_errors,exec,int -D qemu.log

[program]
# the board/mcu supported by QEMU is listed as comments below
#board       = 
#mcu         = 

#board       = STM32F429I-Discovery
#mcu         = STM32F429ZI
board       = NUCLEO-F103RB   # 타켓 board와 mcu 선택 (주석 제거)
mcu         = STM32F103RB     #
#board       = Arduino-Due
#mcu         = SAM3X8E
#board       = FRDM-K64F
#mcu         = MK64FN1M0VLL12

#  has to be name of firmware elf file
img         = %(working_dir)s/Drone      # 이미지 경로 대소문자 구분하니 조심

[model]
retry_num   = 3
peri_addr_range = 512
# arm-none-eabi-objdump is part of GNU Arm Embedded Toolchain you downloaded while setting up P2IM environment.
# For example,  on my machine is /home/bo/gcc-arm-none-eabi-6-2017-q2-update/bin/arm-none-eabi-objdump

### objdump 경로 풀 경로 입력 해야함.
objdump     = /home/babyhack/tmp/gcc-arm-none-eabi-10.3-2021.10/bin/arm-none-eabi-objdump
# config below are only used by fuzz.py
bin         = %(base)s/model_instantiation/me.py
log_file    = %(working_dir)s/me.log

fuzzing 환경 설정 폴더

babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5$ cp /home/babyhack/tmp/p2im/externals/p2im-real_firmware/Drone ./
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5$ ls
Drone  fuzz.cfg  inputs

Fuzzer 실행

#python3 ~/tmp/p2im/model_instantiation/fuzz.py -c fuzz.cfg

babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5$ python3 ~/tmp/p2im/model_instantiation/fuzz.py -c fuzz.cfg
Change working dir to: /home/babyhack/tmp/p2im/fuzzing/Drone/5
CWD: /home/babyhack/tmp/p2im/fuzzing/Drone/5

try our best to extract model w/o input
cmd_me0: /home/babyhack/tmp/p2im/model_instantiation/me.py -c /home/babyhack/tmp/p2im/fuzzing/Drone/5/fuzz.cfg --run-num 0 --print-to-file

Change working dir to: 0/
CWD: /home/babyhack/tmp/p2im/fuzzing/Drone/5/0
Redirect stdout to file named stdout

테스트 환경

0.random.8
run f/w w/ seed input to check if there is aup
cmd_qemu: /home/babyhack/tmp/p2im/qemu/precompiled_bin/qemu-system-gnuarmeclipse -nographic -aflFile /home/bats/random -board NUCLEO-F103RB -mcu STM32F103RB -image /home/babyhack/tmp/p2im/fuzzing/Drone/5/Drone -pm-stagp2im/fuzzing/Drone/5/0.random.7/peripheral_model.json -me-bin /home/babyhack/tmp/p2im/model_instantiation/me.m/fuzzing/Drone/5/fuzz.cfg

There is aup, run ME
cmd_me: /home/babyhack/tmp/p2im/model_instantiation/me.py -c /home/babyhack/tmp/p2im/fuzzing/Drone/5/fuzz.cfge --run-from-forkserver --afl-file /home/babyhack/tmp/p2im/fuzzing/Drone/5/inputs/random --model-if /home/babdom.7/peripheral_model.json
Change working dir to: 0.random.8/
CWD: /home/babyhack/tmp/p2im/fuzzing/Drone/5/0.random.8
Redirect stdout to file named stdout
Traceback (most recent call last):
  File "/home/babyhack/tmp/p2im/model_instantiation/me.py", line 1166, in <module>
    srr_info = stage1_5()
  File "/home/babyhack/tmp/p2im/model_instantiation/me.py", line 490, in stage1_5
    objdump = subprocess.check_output([cfg.objdump, "-dC", cfg.img])
  File "/usr/lib/python3.5/subprocess.py", line 626, in check_output
    **kwargs).stdout
  File "/usr/lib/python3.5/subprocess.py", line 693, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/usr/lib/python3.5/subprocess.py", line 947, in __init__
    restore_signals, start_new_session)
  File "/usr/lib/python3.5/subprocess.py", line 1551, in _execute_child
    raise child_exception_type(errno_num, err_msg)
OSError: [Errno 8] Exec format error

0.random.9
run f/w w/ seed input to check if there is aup
cmd_qemu: /home/babyhack/tmp/p2im/qemu/precompiled_bin/qemu-system-gnuarmeclipse -nographic -aflFile /home/bats/random -board NUCLEO-F103RB -mcu STM32F103RB -image /home/babyhack/tmp/p2im/fuzzing/Drone/5/Drone -pm-stagp2im/fuzzing/Drone/5/0.random.8/peripheral_model.json -me-bin /home/babyhack/tmp/p2im/model_instantiation/me.m/fuzzing/Drone/5/fuzz.cfg
.............................
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5$ /home/babyhack/tmp/p2im/qemu/precompiled_bin/qemu-system-gnuarme

(process:17789): GLib-WARNING **: /Host/Work/qemu/glib-2.51.0/glib/gmem.c:483: custom memory allocation vtabl
[0, 0]   1-th(total   1-th)     unassigned mem_r *0x0
[0, 0]   2-th(total   2-th)     unassigned mem_r *0x4
QEMU 2.3.50 monitor - type 'help' for more information
(qemu) QEMU 2.3.50 monitor - type 'help' for more information
(qemu) [8004f10, 8004f4e]   1-th(total   3-th)  pm_r *0x40021000 gets 0x0, remains CR+SR
[8004f10, 8004f4e]   1-th(total   1-th)         pm_w *0x40021000 = 0x1, remains CR+SR
[8004f10, 8004f4e]   2-th(total   4-th)         pm_r *0x40021004 gets 0x0, remains CR
[8004f10, 8004f4e]   2-th(total   2-th)         pm_w *0x40021004 = 0x0, remains CR
[8004f10, 8004f4e]   3-th(total   5-th)         pm_r *0x40021000 gets 0x1, remains CR+SR
[8004f10, 8004f4e]   3-th(total   3-th)         pm_w *0x40021000 = 0x1, remains CR+SR
[8004f10, 8004f4e]   4-th(total   6-th)         pm_r *0x40021000 gets 0x1, remains CR+SR
[8004f10, 8004f4e]   4-th(total   4-th)         pm_w *0x40021000 = 0x1, remains CR+SR
[8004f10, 8004f4e]   5-th(total   7-th)         pm_r *0x40021004 gets 0x0, remains CR
[8004f10, 8004f4e]   5-th(total   5-th)         pm_w *0x40021004 = 0x0, remains CR
[8004f10, 8004f4e]   6-th(total   6-th)         pm_w *0x40021008 = 0x9f0000, remains DR
start up afl forkserver!
[8001128, 800113a]   6-th(total   8-th)         pm_r *0x40022000 gets 0x0, remains CR
[8001128, 800113a]   7-th(total   7-th)         pm_w *0x40022000 = 0x10, remains CR
[8004ccc, 8004ce8]   7-th(total   9-th)         pm_r *0x40021018 gets 0x0, remains CR
[8004ccc, 8004ce8]   8-th(total   8-th)         pm_w *0x40021018 = 0x1, remains CR
[8004ccc, 8004ce8]   8-th(total  10-th)         pm_r *0x40021018 gets 0x1, remains CR
[8001cba, 8001cc4]   9-th(total  11-th)         pm_r *0x40021004 gets 0x0, remains CR
[8001cd4, 8001cf0]  10-th(total  12-th)         pm_r *0x40021000 gets 0x1, remains CR+SR
[8001cf6, 8001d10]  11-th(total  13-th)         pm_r *0x40021000 gets 0x1, remains CR+SR
[8001cf6, 8001d10]   9-th(total   9-th)         pm_w *0x40021000 = 0x81, remains CR+SR
...........................

환경이 맞으면, AFL Fuzzing 시작

babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5$ ls
0  0.random.1  0.random.2  0.random.3  Drone  fuzz.cfg  inputs  me.log  outputs  run_fw.py
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5$ cd outputs/
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs$ ls
crashes  fuzz_bitmap  fuzzer_stats  hangs  plot_data  queue
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs$ ls -sla
total 2116
   4 drwx------ 5 babyhack babyhack    4096 Jan 24 06:58 .
   4 drwxrwxr-x 8 babyhack babyhack    4096 Jan 24 06:51 ..
   4 drwx------ 2 babyhack babyhack    4096 Jan 24 06:52 crashes
   4 -rw------- 1 babyhack babyhack     164 Jan 24 06:58 .cur_input
2048 -rw------- 1 babyhack babyhack 2097152 Jan 24 06:57 fuzz_bitmap
   4 -rw------- 1 babyhack babyhack    1093 Jan 24 06:57 fuzzer_stats
   4 drwx------ 2 babyhack babyhack    4096 Jan 24 06:54 hangs
   8 -rw------- 1 babyhack babyhack    4454 Jan 24 06:58 plot_data
  36 drwx------ 3 babyhack babyhack   36864 Jan 24 06:58 queue
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs$ cd crashes/
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs/crashes$ ls
id:000000,ret_v:0x1,src:000000,op:havoc,rep:8  README.txt
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs/crashes$ ls -sla
total 16
4 drwx------ 2 babyhack babyhack 4096 Jan 24 06:52 .
4 drwx------ 5 babyhack babyhack 4096 Jan 24 06:58 ..
4 -rw------- 1 babyhack babyhack  148 Jan 24 06:52 id:000000,ret_v:0x1,src:000000,op:havoc,rep:8
4 -rw------- 1 babyhack babyhack 1106 Jan 24 06:52 README.txt
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs/crashes$ cat README.txt
Command line used to find this crash:

/home/babyhack/tmp/p2im/afl/afl-fuzz -i /home/babyhack/tmp/p2im/fuzzing/Drone/5/inputs -o /home/babyhack/tmp/p2im/fuzzing/Drone/5/outputs -t 150+ -QQ -a /home/babyhack/tmp/p2im/model_instantiation/me.py -b /home/babyhack/tmp/p2im/fuzzing/Drone/5/fuzz.cfg -c /home/babyhack/tmp/p2im/fuzzing/Drone/5/0.random.3/peripheral_model.json -T Drone_5 -d /home/babyhack/tmp/p2im/qemu/precompiled_bin/qemu-system-gnuarmeclipse -nographic -board NUCLEO-F103RB -mcu STM32F103RB -image /home/babyhack/tmp/p2im/fuzzing/Drone/5/Drone -pm-stage 3 -aflFile @@

If you can't reproduce a bug outside of afl-fuzz, be sure to set the same
memory limit. The limit used for this fuzzing session was 2.00 GB.

Need a tool to minimize test cases before investigating the crashes or sending
them to a vendor? Check out the afl-tmin that comes with the fuzzer!

Found any cool bugs in open-source tools using afl-fuzz? If yes, please drop
me a mail at <lcamtuf@coredump.cx> once the issues are fixed - I'd love to
add your finds to the gallery at:

  <http://lcamtuf.coredump.cx/afl/>

Thanks :-)
babyhack@ubuntu:~/tmp/p2im/fuzzing/Drone/5/outputs/crashes$
</lcamtuf@coredump.cx>

Spectrum Analyser

Spectrum Analyser is a tool that is designed to help reverse engineer ZX Spectrum games & programs.It is a combination of an emulator, debugger & interactive disassembler. Programs are loaded and run in the emulator and their state can be inspected using the tools provided.

These tools include:

• Disassembler

• Debugger

• Graphics viewer

• Frame trace

• Memory diff

• IO analyser

Other features include:

• Interactive annotation: labels, functions & comments

• Watch window

• Format memory as Byte, Word, Char Map, Bitmap etc.

• Breakpoints: break on code execution, memory access, NMI, IRQ, IN & OUT

• Fully annotated Sinclair ROM

• Self modifying code support

• Automatic code detection

• Automatic data detection

• Poke support

• Skoolkit import and export

• Character graphic memory search tool

• Z80 instruction informational tooltips

How does it work?

The traditional way to reverse engineer software is to manually determine which areas of the computer memory are code or data. A disassembler can then be used to produce an assembly listing of the code memory bytes. One way to achieve this is to observe the code running through a debugger.

This can be slow work – although some excellent tools exist to help with this process, such as IDA Pro or Ghidra. This process can be partially automated by using an execution trace file. This can help confirm which areas of memory are code if we know they have been executed.

Spectrum Analyser aims to automate as much of the manual process as possible. It has an emulator built in, which means it can automatically detect which memory locations are code when those locations are executed. The more you play the game, the more code it will uncover. However, Spectrum Analyser is very much interactive. You are free to manually mark up areas of memory as code if you prefer – without needing to execute the code in question. You do not need to tell Spectrum Analyser where the code ends – only where it begins. It will use static code analysis to work out where the code terminates.

Starting Off

When you open a game for the first time Spectrum Analyser will start from a blank slate. In this state, all memory locations will be formatted as byte data. This is the default state of memory that hasn’t been executed.

This is the same memory after the program has been executed. Spectrum Analyser has set the memory to code and added labels for functions in addition to branch destination labels.

These labels can then be renamed when you figure out what the code is actually doing. You can then add comments to the disassembly.

Screenshots

Here are some action shots of Spectrum Analyser. For best results you may need to download the images and view them full screen or open them in a seperate tab.

Acknowledgements

This program was built using the superb Chips emulator library by Andre Weissflog, the emulation in the analyser is done using this library: https://github.com/floooh/chips

For the UI, DearImGui is used (https://github.com/ocornut/imgui) which is without doubt one of the greatest pieces of open source software. Without it not only would the UI take much longer but working on it would also be exceedingly dull.

Spectrum Analyser contains a full disassembly of the Sinclair ROM. This was possible because of the skoolkit disassembly done by Richard Dymond. https://skoolkit.ca/disassemblies/rom/

Tutorial

Need help getting started using Spectrum Analyser, or just want to see how it works? Here is a tutorial. This doesn’t cover everything but it will get you started.

https://www.youtube.com/embed/-HFXnF4cHb0

Documentation There is some (incomplete) documentation here.

Contact Feedback and bug reports are very welcome. Please send them to spectrumanalysertool@gmail.com

Download Click here to download the latest version (Windows 10 and above).

ref.

https://colourclash.co.uk/spectrum-analyser/?fbclid=IwAR3i9CsPO9fLrd47L8Iob1DoQ_HDTdPOX4JKRGub7gcAvUgQY1zYNIrAWjU 

"초심으로 돌아가라!" 라는 말을 좋아합니다.

과거에 열심히 연구하고 관련하여 정리했던 저의 습관을 다시 끌어 올리려고 blog를 시작합니다.

미흡한 부분이 많이 있을 겁니다.

응원의 메시지와 개인적으로 연구하고 싶은 분야에 대한 소개도 받고 있으니

언제든 즐겁게 제안하시고 같이 해나가면 좋겠습니다.

오늘도 즐거운 하루 되시고, 초심으로써 지속적으로 글을 올리도록 하겠습니다.

감사합니다.