Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Software Development Tools No-Code Development
Business
Entrepreneurship Communication Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certifications Network & Security Hardware Operating Systems & Servers Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Paid Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement & Gardening Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition & Diet Yoga Mental Health Martial Arts & Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Learning Teacher Training Test Prep Other Teaching & Academics
Web Development JavaScript React JS CSS Angular Node.Js Typescript HTML5 PHP
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Amazon AWS Cisco CCNA CompTIA Security+ AWS Certified Developer - Associate
Microsoft Power BI SQL Business Analysis Data Modeling Tableau Data Analysis Data Cleaning Data Warehouse DAX
Unity Unreal Engine Game Development Fundamentals C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
Google Flutter Android Development iOS Development React Native Swift Dart (programming language) Kotlin SwiftUI Mobile App Development
Graphic Design Photoshop Adobe Illustrator Drawing Canva Digital Painting InDesign Design Theory Procreate Digital Illustration App
Life Coach Training Personal Development Neuro-Linguistic Programming Personal Transformation Life Purpose Sound Therapy Mindfulness Coaching Emotional Intelligence
Business Fundamentals Entrepreneurship Fundamentals Freelancing Online Business Business Strategy Startup Business Plan Blogging Home Business
Digital Marketing Social Media Marketing Marketing Strategy Copywriting Internet Marketing Startup Email Marketing Google Analytics Podcasting

IT & SoftwareNetwork & SecurityLinux Security

Linux Heap Exploitation - Part 1

Learn hands-on GLIBC heap exploitation with HeapLAB.
Bestseller
Rating: 4.9 out of 54.9 (519 ratings)
3,432 students
Created by Max Kamper
Last updated 8/2021
English
English

What you'll learn

  • Scripting exploits with pwntools
  • Introspecting the heap with pwndbg
  • The House of Force technique
  • The Fastbin Dup technique
  • The Unsafe Unlink technique
  • The Safe Unlink technique
  • The House of Orange technique
  • Using one-gadgets to drop a shell
  • Leveraging a single-byte heap overflow to drop a shell

Requirements

  • Familiarity with the Linux command line environment
  • Basic debugging skills
  • A Linux VM or Host

Description

For nearly 20 years, exploiting memory allocators has been something of an art form. Become part of that legacy with HeapLAB.

The GNU C Library (GLIBC) is a fundamental part of most Linux desktop and many embedded distributions; its memory allocator is used in everything from starting threads to dealing with I/O. Learn how to leverage this vast attack surface via different heap exploitation techniques, from the original "Unsafe Unlink" to the beautiful overflow-to-shell "House of Orange".

In this hands-on course, students will alternate between learning new techniques and developing their own exploits based on what they've learned. We'll make use of the pwntools and pwndbg frameworks to drop shells from vulnerable practice binaries, and you'll take on challenges that test what you've learned.

Who this course is for:

  • Exploit developers
  • Capture The Flag (CTF) players
  • Those wishing to learn more about exploit dev than just stack buffer overflows
  • Anyone interested in weird machines

Instructor

Max Kamper
Independent Researcher
Max Kamper
  • 4.9 Instructor Rating
  • 628 Reviews
  • 3,517 Students
  • 3 Courses

Max Kamper is an independent researcher and exploit developer. A former Royal Marines Commando, Max was a member of the Information Exploitation Group's electronic warfare squadron.

Having traded radio signals for process signals, he now teaches exploit development at hacker conferences such as 44CON and Ringzer0. Max is also the author of the ROP Emporium website, a resource for learning practical return-oriented programming on different architectures.

Top companies choose Udemy Business to build in-demand career skills.
NasdaqVolkswagenBoxNetAppEventbrite
  • Udemy Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Investors
  • Terms
  • Privacy policy
  • Sitemap
  • Accessibility statement
Udemy
© 2022 Udemy, Inc.