martes, 28 de julio de 2009

Exploiting the Heap Cache Allocator

Finally, one of the most awaited paper of 2009 was finally released. John "hzon" McDonalds bring us a bunch of refreshing techniques on one of the less inspected structures of the heap: The Heap Cache Allocator.
Although, he doesn't constrain just to the technique, but rather make a big picture of how the heap works and the different ways to exploit it. A MUST read.
Rather than making a review, I just recommend you fully read it.

The cool things about playing with big blocks, is that they are not used much so you can force a nice predictable universe for exploitation.

To celebrate the paper, we are releasing the files needed to inspect the HEAP Cache on Immunity Debugger: