Tags
Language
Tags
March 2024
Su Mo Tu We Th Fr Sa
25 26 27 28 29 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31 1 2 3 4 5 6

Linux Heap Exploitation - Part 3

Posted By: Sigha
Linux Heap Exploitation - Part 3

Linux Heap Exploitation - Part 3
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 3.49 GB | Duration: 5h 23m

Complete your GLIBC heap exploitation adventure with HeapLAB Part 3!

What you'll learn
Finding bugs in the GLIBC source code
The House of Corrosion technique
Exploiting mmapped chunks
Bypassing the Safe Linking mitigation
Exploiting GLIBC bugs

Requirements
Familiarity with the Linux command line environment
Basic debugging skills
A 64-bit Ubuntu Linux VM or Host
Some knowledge from Parts 1 & 2 is assumed

Description
This is a continuation of the HeapLAB Part 2 course, a.k.a Linux Heap Exploitation - Part 2.If you haven't taken the above course, I highly recommend you do so before embarking on this one.HeapLAB Part 3 is the same hands-on, practical heap exploitation, just with more new techniques for you to learn!This part of the course is considered "Expert", whereas the previous parts were labelled "Intermediate", that's because I'm expecting more autonomy from you this time, for example you'll be browsing the GLIBC source code in search of bugs. Don't worry though, we're going to learn a few different ways of browsing that code first.We're covering just one more "House" of heap exploitation, know as the House of Corrosion. It's complicated but I know you're ready! We'll also be exploiting mmapped chunks, learning how multithreaded malloc works, bypassing the "Safe Linking" exploit mitigation and exploiting any GLIBC bugs we find along the way. There are also a couple more challenge binaries for you to test your new skills against, an updated PDF with all the latest techniques and mitigations, and an improved malloc testbed with multithreading and mallopt options!Make sure you watch the Environment Setup video, even if you already have an exploit development environment set up from Part 2, you'll need to install one more tool so that you can follow along.Hack the planet!

Who this course is for:
Exploit developers,Capture The Flag (CTF) players,Those wishing to improve upon the skills they learned in Parts 1 & 2,Anyone interested in weird machines


Linux Heap Exploitation - Part 3


For More Courses Visit & Bookmark Your Preferred Language Blog
From Here: English - Français - Italiano - Deutsch - Español - Português - Polski - Türkçe - Русский