heap-exploitation
c-ward
heap-exploitation | c-ward | |
---|---|---|
1 | 2 | |
1,228 | 167 | |
- | - | |
10.0 | 9.5 | |
over 1 year ago | 1 day ago | |
C | Rust | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
heap-exploitation
-
Glibc Dynamic Loader Hit by a Nasty Local Privilege Escalation Vulnerability
Not in a HN news comment, I don't have that level of dedication to this because its definitely non trivial. However you can read about them in use against the glibc allocator are here: https://github.com/DhavalKapil/heap-exploitation/blob/master...
The "house of" attack method are attacks against the allocator, its been a while since I've looked into it, I hope musl have hardened their allocator against this kind of attacks.
c-ward
-
New Linux glibc flaw lets attackers get root on major distros
Yeah it would. There are a few attempts, such as C-gull (https://github.com/sunfishcode/c-ward/tree/main/c-gull#readm...).
> c-gull is a libc implementation. It is an implementation of the ABI described by the libc crate.
> Currently it only supports --linux-gnu ABIs, though other ABIs could be added in the future. And currently this mostly focused on features needed by Rust programs, so it doesn't have all the C-idiomatic things like qsort yet, but they could be added in the future.
- Glibc Dynamic Loader Hit by a Nasty Local Privilege Escalation Vulnerability
What are some alternatives?
Abstract-Data-Types - A set of efficient data structures in C, created in a generic way
deno - A modern runtime for JavaScript and TypeScript.
eyra - Rust programs written entirely in Rust
llvm-project - The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
heaptrace - helps visualize heap operations for pwn and debugging
nix - Rust friendly bindings to *nix APIs
sc - Common libraries and data structures for C.
alacritty - A cross-platform, OpenGL terminal emulator.