Linux Heap Exploitation - Part 2

Name: Linux Heap Exploitation - Part 2
Price: 9.99 USD
Rating: 4.9 (160 reviews)

Continue your GLIBC heap exploitation adventure with HeapLAB Part 2!

(160 ratings)

2,657 students

Created by Max Kamper

Last updated 7/2024

English

English, Korean [Auto]

What you'll learn

The House of Spirit technique
The House of Lore technique
Leveraging single null byte overflows for code execution
The House of Einherjar technique
The Google Poison Null Byte technique
The House of Rabbit technique
Heap Feng Shui
The Tcache Dup technique

Requirements

Familiarity with the Linux command line environment
Basic debugging skills
A Linux VM or Host
Some knowledge from Part 1 is assumed

Description

This is a continuation of the HeapLAB Part 1 course, a.k.a Linux Heap Exploitation - Part 1.

If you haven't taken the above course, I highly recommend you do so before embarking on this one.

HeapLAB Part 2 is the same hands-on, practical heap exploitation, just with more new techniques for you to learn!

We're covering some more Houses, including the rather complex House of Rabbit and the oldschool House of Spirit. If you didn't break a sweat during Part 1's One-Byte challenge, in which we exploited a single byte overflow, I've built a single null-byte overflow challenge for you to test your skills against. We'll also be learning about the tcache, the Tcache Dup technique, some more obscure malloc internals such as the glibc tunables, and plenty more besides. Check out the primary learning objectives for further details.

If you already have an exploit development environment set up from Part 1, you'll be able to start right away. Hack the planet!

You can stop reading now, this part is only here because Udemy seem to think their time is best spent enforcing arbitrary limits on the length of course descriptions and telling us we can't have text in our course images rather than improving their appalling instructor experience.

Who this course is for:

Exploit developers
Capture The Flag (CTF) players
Those wishing to improve upon the skills they learned in Part 1
Anyone interested in weird machines

Max Kamper

Independent Researcher

4.9 Instructor Rating
1,039 Reviews
5,343 Students
3 Courses

Max Kamper is an independent researcher and exploit developer. A former Royal Marines Commando, Max was a member of the Information Exploitation Group's electronic warfare squadron.

Having traded radio signals for process signals, he now teaches exploit development at hacker conferences such as 44CON and Ringzer0. Max is also the author of the ROP Emporium website, a resource for learning practical return-oriented programming on different architectures.