Metadata
- Source
- File: Understanding the heap by breaking it by Ferguson (2007).pdf
- Zotero: View Item
- CiteKey: fergusonUnderstandingHeapBreaking2007
- Type: Book
- Title: Understanding the heap by breaking it,
- Author: Ferguson, Justin N.;
- Publisher: IOActive,
- Location: Las Vegas, NV,
- Year: 2007
Abstract
Traditional exploitation techniques of overwriting heap metadata has been discussed ad-nauseum, however due to this common perspective the flexibility in abuse of the heap is commonly overlooked. This paper examines a flaw that was found in several popular implementations of the GSS-API as a method for elaborating upon the true beauty of data structure exploitation. This paper focuses on the dynamic memory management implementation provided by the GNU C library, particularly ptmalloc2 and presents methods for evading certain sanity checks in the library along with previously unpublished methods for obtaining control.
Tags and Collections
- Keywords: 02 Next; Binary Exploitation; Heap
Comments