Chapter 5: Introduction to Heap Overflows

Previous page
Table of content
Next page

Overview

This chapter focuses on heap overflows on the Linux platform, which uses a malloc implementation originally written by Doug Lee, hence called dlmalloc. This chapter also introduces concepts that will help you when facing any other malloc() implementation. Indeed, writing a heap overflow is a rite of passage that teaches you how to think beyond grabbing EIP from a saved stack pointer. dlmalloc is just one library out of many that stores important meta-data interspersed with user data. Understanding how to exploit malloc bugs is a key to finding innovative ways to exploit bugs that don't fit into any particular category.

Doug Lee himself has a terrific summary of dlmalloc on his Web site, at http://gee.cs.oswego.edu/dl/html/malloc.html . You can also find it at the Shellcoder's Handbook Web page: www. wiley .com/compbooks/koziol . If you are unfamiliar with the Dog Lee malloc implementation, you should read it before going on with this chapter. Although his text goes over the concepts you'll need to be familiar with during exploitation, various changes have been made in modern glibc to his original implementation to make it multithreaded and optimized for various situations.


Previous page
Table of content
Next page
The Shellcoder's Handbook. Discovering and Exploiting Security
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
Year: 2003
Pages: 198
Authors: Neal Krawetz
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
ERP and Data Warehousing in Organizations: Issues and Challenges
A+ Fast Pass
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
.NET-A Complete Development Cycle
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy