House of Banana

Posted on 2024-10-21

Hijack execution flow by abusing _rtld_global in ld.so

House of Emma

Posted on 2024-10-12

Defeat the pointer guard and hijack execution flow.

Posted on 2024-10-10

A systme error message leading to shell

Posted on 2024-09-24

High level GLIBC I/O operation exploit: Largebin Attack + FSOP

Posted on 2024-09-18

ORW ROP chain with magic gadgets to pwn a Sandbox

Posted on 2024-08-31

Large Bin Attack is the future. Hijack bk_nextsize pointer to exploit.

Posted on 2024-06-15

Safe-linking is a mitigation but also a weapon in some cases.

Posted on 2024-06-07

Fake a 0x10001 chunk on the Tcache metadata.

Posted on 2024-05-06

Make Tcache Double Free great again!

Posted on 2024-05-04

The authors of glibc try to stop us leveraging the unlink macro, but