Fuzzing Heap Layout to Overflow Function Pointers | Ep. 11

Channel:
United States LiveOverflow
Subscribers:
920,000
Published on ● Video Link: https://www.youtube.com/watch?v=CYWoJ6EYo84


Duration: 9:51
24,651 views
1,162

After we found some function pointers we could use for exploitation, we instructed sudo to find their heap locations. And then we are developing a script to find a heap layout usable for exploitation.

Complete Playlist: https://www.youtube.com/playlist?list=PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx
Grab the files: https://github.com/LiveOverflow/pwnedit

Episode 11:
00:00 - Intro
00:40 - The Research Plan
02:09 - Collecting Heap Information
02:40 - Testing the "Instrumentation" - First Problem
04:00 - Understanding Heap Information Output
04:34 - Heap Fragemntation Explained
05:10 - Which Inputs to Control?
05:35 - Writing the Fuzzing Heap Layouts Sripts
07:37 - Development Challenges
08:28 - The Script Results!
09:30 - Outro

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Instagram: https://instagram.com/LiveOverflow/
→ Blog: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/



Other Videos By LiveOverflow


2022-01-18Debugging The Failing sudoedit Exploit | Ep.16
2022-01-11Creating The First (Failed) Sudoedit Exploit | Ep. 15
2022-01-03Learning about nss (Linux Name Service Switch) During Sudo Exploitation | Ep. 14
2021-12-24Log4j Lookups in Depth // Log4Shell CVE-2021-44228 - Part 2
2021-12-17Log4j Vulnerability (Log4Shell) Explained // CVE-2021-44228
2021-12-14Can We Find a New Exploit Strategy? | Ep. 13
2021-12-02Authorization vs. Authentication (Google Bug Bounty)
2021-11-18Developing GDB Extension for Heap Exploitation | Ep. 12
2021-11-04How Hackers Get Into Every Device!
2021-10-26Design Flaw in Security Product - ALLES! CTF 2021
2021-10-17Fuzzing Heap Layout to Overflow Function Pointers | Ep. 11
2021-10-06Video Essay about the Security Creator Scene
2021-09-26Did you really find a vulnerability in Google? - ft. @PwnFunction
2021-09-19Developing a Tool to Find Function Pointers on The Heap | Ep. 10
2021-09-12What Ethereum Smart Contract Hacking Looks Like
2021-09-04Discussing Heap Exploit Strategies for sudo - Ep. 09
2021-08-28"Controversial Security" // BSides Berlin 2021
2021-08-26using z3 to reverse a custom hash during a CTF be like #shorts
2021-08-19can you hack this screenshot service?? - CSCG 2021
2021-08-11C Code Review - Reaching Vulnerable Code in sudo | Ep. 08
2021-07-31DO NOT USE alert(1) for XSS


Tags:
Live Overflow
liveoverflow
hacking tutorial
how to hack
exploit tutorial
pwnedit
sudoedit
sudo samedit
heap
heap overflow
buffer overflow
memory corruption
heap research
heap allocations
fengshui
feng shui
heap grooming
scripting
python
fuzzing