isoalloc
heap-exploitation
isoalloc | heap-exploitation | |
---|---|---|
3 | 1 | |
365 | 1,242 | |
- | - | |
7.4 | 10.0 | |
5 months ago | about 2 years ago | |
C | C | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
isoalloc
heap-exploitation
-
Glibc Dynamic Loader Hit by a Nasty Local Privilege Escalation Vulnerability
Not in a HN news comment, I don't have that level of dedication to this because its definitely non trivial. However you can read about them in use against the glibc allocator are here: https://github.com/DhavalKapil/heap-exploitation/blob/master...
The "house of" attack method are attacks against the allocator, its been a while since I've looked into it, I hope musl have hardened their allocator against this kind of attacks.
What are some alternatives?
herpaderping - Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Abstract-Data-Types - A set of efficient data structures in C, created in a generic way
buddy_alloc - A single header buddy memory allocator for C & C++
c-ward - An implementation of libc written in Rust
hardened_malloc - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
eyra - Rust programs written entirely in Rust
MBE - Course materials for Modern Binary Exploitation by RPISEC
heaptrace - helps visualize heap operations for pwn and debugging
memreduct - Lightweight real-time memory management application to monitor and clean system memory on your computer.
sc - Common libraries and data structures for C.