Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ Microsoft AZ-900
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Design Theory
Life Coach Training Personal Development Neuro-Linguistic Programming Personal Transformation Mindfulness Life Purpose Meditation CBT Emotional Intelligence
Web Development JavaScript React CSS Angular PHP Node.Js WordPress Vue JS
Google Flutter Android Development React Native iOS Development Swift Dart (programming language) Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Marketing Strategy Google Ads (AdWords) Certification Internet Marketing YouTube Marketing Email Marketing Instagram Marketing
Microsoft Power BI SQL Tableau Business Analysis Data Modeling Business Intelligence MySQL Data Analysis Blockchain
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Startup Business Plan Freelancing Online Business Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
IT & Software Network & Security Linux Security

Linux Heap Exploitation - Part 1

Learn hands-on GLIBC heap exploitation with HeapLAB.
Highest Rated
Rating: 4.8 out of 54.8 (235 ratings)
1,718 students
Created by Max Kamper
Last updated 1/2021
English
English
30-Day Money-Back Guarantee

What you'll learn

  • Scripting exploits with pwntools
  • Introspecting the heap with pwndbg
  • The House of Force technique
  • The Fastbin Dup technique
  • The Unsafe Unlink technique
  • The Safe Unlink technique
  • The House of Orange technique
  • Using one-gadgets to drop a shell
  • Leveraging a single-byte heap overflow to drop a shell
Curated for the Udemy for Business collection

Requirements

  • Familiarity with the Linux command line environment
  • Basic debugging skills
  • A Linux VM or Host

Description

For nearly 20 years, exploiting memory allocators has been something of an art form. Become part of that legacy with HeapLAB.

The GNU C Library (GLIBC) is a fundamental part of most Linux desktop and many embedded distributions; its memory allocator is used in everything from starting threads to dealing with I/O. Learn how to leverage this vast attack surface via different heap exploitation techniques, from the original "Unsafe Unlink" to the beautiful overflow-to-shell "House of Orange".

In this hands-on course, students will alternate between learning new techniques and developing their own exploits based on what they've learned. We'll make use of the pwntools and pwndbg frameworks to drop shells from vulnerable practice binaries, and you'll take on challenges that test what you've learned.

Who this course is for:

  • Exploit developers
  • Capture The Flag (CTF) players
  • Those wishing to learn more about exploit dev than just stack buffer overflows
  • Anyone interested in weird machines

Course content

9 sections • 22 lectures • 4h 51m total length

  • Preview01:33
  • What is GLIBC?
    04:48
  • What is malloc?
    02:40
  • Environment setup
    04:37

  • The top chunk
    09:51
  • Preview08:01
  • Arbitrary write via the House of Force
    16:54
  • Code execution via the House of Force
    12:15

  • Preview09:54
  • Arbitrary write via the Fastbin Dup
    17:16
  • Code execution via the Fastbin Dup
    14:40

  • Fastbin Dup 2
    24:04

  • Preview10:13
  • The original Unsafe Unlink
    22:09

  • The Safe Unlink
    22:20

  • What is the House of Orange?
    01:09
  • File stream exploitation
    10:42
  • The Unsortedbin Attack
    15:38
  • The complete House of Orange
    34:04

  • Remaindering
    06:38
  • One-Byte
    39:14

  • Outro
    02:32

Instructor

Max Kamper
Independent Researcher
Max Kamper
  • 4.8 Instructor Rating
  • 249 Reviews
  • 1,739 Students
  • 2 Courses

Max Kamper is an independent researcher and exploit developer. A former Royal Marines Commando, Max was a member of the Information Exploitation Group's electronic warfare squadron.

Having traded radio signals for process signals, he now teaches exploit development at hacker conferences such as 44CON and Ringzer0. Max is also the author of the ROP Emporium website, a resource for learning practical return-oriented programming on different architectures.

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Impressum Kontakt
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.