Developing GDB Extension for Heap Exploitation | Ep. 12

We aren't getting anywhere... So we write a new tool to analyse the heap objects located after our overflowing buffer. Complete Playlist: /playlist/PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx Grab the files: https://github.com/LiveOverflow/pwnedit (sorry, repo is a bit behind the videos) gef for gdb: https://github.com/hugsy/gef Episode 12: 00:00 - Intro 00:12 - How to Find Controllable Heap Allocations? 00:50 - Tracing free()! 01:21 - Finding Recognizable Strings on the Heap 01:58 - More Environment Variables 03:26 - fengshui2.py Script Changes 04:19 - Wrong Rabbit Hole... 05:20 - Some Other Research Attempts 06:47 - (gdb) gef Extension - Analyse the Heap Objects 09:03 - Heap Tracing Results 09:51 - Developing fengshui3.py 10:52 - First Peak at Script Results -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: /channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

الفئة