This repository contains my master thesis. This includes an updated overview of ptmalloc2 with a lot of refenerces to the malloc.c (glibc 2.41).
!This is only for educational purposes!
To better understand how heap exploits can have impact in real life, I decided to study CVE-202306246. This CVE primarily involves a heap overflow vulnerability, where heap grooming (done with a fuzzer) is used to achieve local privilege escalation (LPE).
This is intended to be used as a cheat sheet. For more information, please refer to the PDF.
The helpers directory contains simple programs that help you analyze heap bins. To check the state of the heap, set a breakpoint on puts.
This diagrams shows the internals of the heap.If you download the SVG locally, you can hover over the nodes to see more information. Clicking on a node will take you to the corresponding section of the source code responsible for that action.
