Home

Awesome

Shogun

So this is a collection of writeups, for ctf glibc heap challenges. At the time of writing this, the latest glibc version is 2.38 which this is based on. A new one comes out roughly every six months.

This is split into 6 separate parts:

PartFocusPart Number
compilingSuper short, shows how to compile your own libc0
bin_overviewBrief overview of the heap, and various bins1
heap_demosShows some heap functionalities in a running binary2
code_path_overviewReview the code of malloc3
pwn_demosShows some useful heap pwn primitives4
challsShows various heap bugs, and how we can leverage them and heap pwn primitives to get code execution5

The way this is laid out, is to first impart a practical understanding of how the glibc heap works. First gradual, then a full understanding. Then we introduce how we can leverage it for useful heap primitives. Then, we wrap it all together, and show how we can leverage heap bugs, an understanding of the heap, and those heap primitives together to get code execution.