how2heap icon indicating copy to clipboard operation
how2heap copied to clipboard
verified publisher icon shellphish

Adding DEFCON 2017 Unsafe Unlink example

Open bannsec opened this issue 8 years ago • 4 comments

bannsec avatar May 03 '17 02:05 bannsec

I'm not really sure that we need an exhaustive list of examples on the margin -- one or two seem fine, and this one already has two... @rhelmot, what do you think? Does this example add something the other two don't provide?

zardus avatar May 03 '17 20:05 zardus

This challenge is pretty distinct from the other ones in this category - I'd argue it should be in its own category. This challenge used a basic bare-bones dlmalloc, i.e. the same system as glibc, except without any of the hardening checks. The result is that you get the sort of really really basic unsafe-unlink, like what Giovanni teaches in his security course.

rhelmot avatar May 11 '17 00:05 rhelmot

Just noticed this was still open.

I think it makes sense to have an "other examples" table, maybe with a brief description (such as what rhelmot typed up in the comment here). @Owlz, feel up to it?

zardus avatar Jul 18 '17 06:07 zardus

With the new structure, we could actually add this as a technique for dlmalloc? (Being the first non-glibc technique then)

m1ghtym0 avatar Jun 12 '18 16:06 m1ghtym0