GITBOOK-4363: No subject

This commit is contained in:
CPol 2024-06-16 08:49:18 +00:00 committed by gitbook-bot
parent 8dae0e9cb5
commit 3e3bcfd444
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
28 changed files with 29 additions and 29 deletions

View file

@ -722,31 +722,31 @@
* [Format Strings](binary-exploitation/format-strings/README.md) * [Format Strings](binary-exploitation/format-strings/README.md)
* [Format Strings - Arbitrary Read Example](binary-exploitation/format-strings/format-strings-arbitrary-read-example.md) * [Format Strings - Arbitrary Read Example](binary-exploitation/format-strings/format-strings-arbitrary-read-example.md)
* [Format Strings Template](binary-exploitation/format-strings/format-strings-template.md) * [Format Strings Template](binary-exploitation/format-strings/format-strings-template.md)
* [Heap](binary-exploitation/heap/README.md) * [Libc Heap](binary-exploitation/libc-heap/README.md)
* [Bins & Memory Allocations](binary-exploitation/heap/bins-and-memory-allocations.md) * [Bins & Memory Allocations](binary-exploitation/libc-heap/bins-and-memory-allocations.md)
* [Heap Memory Functions](binary-exploitation/heap/heap-memory-functions/README.md) * [Heap Memory Functions](binary-exploitation/libc-heap/heap-memory-functions/README.md)
* [free](binary-exploitation/heap/heap-memory-functions/free.md) * [free](binary-exploitation/libc-heap/heap-memory-functions/free.md)
* [malloc & sysmalloc](binary-exploitation/heap/heap-memory-functions/malloc-and-sysmalloc.md) * [malloc & sysmalloc](binary-exploitation/libc-heap/heap-memory-functions/malloc-and-sysmalloc.md)
* [unlink](binary-exploitation/heap/heap-memory-functions/unlink.md) * [unlink](binary-exploitation/libc-heap/heap-memory-functions/unlink.md)
* [Heap Functions Security Checks](binary-exploitation/heap/heap-memory-functions/heap-functions-security-checks.md) * [Heap Functions Security Checks](binary-exploitation/libc-heap/heap-memory-functions/heap-functions-security-checks.md)
* [Use After Free](binary-exploitation/heap/use-after-free/README.md) * [Use After Free](binary-exploitation/libc-heap/use-after-free/README.md)
* [First Fit](binary-exploitation/heap/use-after-free/first-fit.md) * [First Fit](binary-exploitation/libc-heap/use-after-free/first-fit.md)
* [Double Free](binary-exploitation/heap/double-free.md) * [Double Free](binary-exploitation/libc-heap/double-free.md)
* [Overwriting a freed chunk](binary-exploitation/heap/overwriting-a-freed-chunk.md) * [Overwriting a freed chunk](binary-exploitation/libc-heap/overwriting-a-freed-chunk.md)
* [Heap Overflow](binary-exploitation/heap/heap-overflow.md) * [Heap Overflow](binary-exploitation/libc-heap/heap-overflow.md)
* [Unlink Attack](binary-exploitation/heap/unlink-attack.md) * [Unlink Attack](binary-exploitation/libc-heap/unlink-attack.md)
* [Fast Bin Attack](binary-exploitation/heap/fast-bin-attack.md) * [Fast Bin Attack](binary-exploitation/libc-heap/fast-bin-attack.md)
* [Unsorted Bin Attack](binary-exploitation/heap/unsorted-bin-attack.md) * [Unsorted Bin Attack](binary-exploitation/libc-heap/unsorted-bin-attack.md)
* [Large Bin Attack](binary-exploitation/heap/large-bin-attack.md) * [Large Bin Attack](binary-exploitation/libc-heap/large-bin-attack.md)
* [Tcache Bin Attack](binary-exploitation/heap/tcache-bin-attack.md) * [Tcache Bin Attack](binary-exploitation/libc-heap/tcache-bin-attack.md)
* [Off by one overflow](binary-exploitation/heap/off-by-one-overflow.md) * [Off by one overflow](binary-exploitation/libc-heap/off-by-one-overflow.md)
* [House of Spirit](binary-exploitation/heap/house-of-spirit.md) * [House of Spirit](binary-exploitation/libc-heap/house-of-spirit.md)
* [House of Lore | Small bin Attack](binary-exploitation/heap/house-of-lore.md) * [House of Lore | Small bin Attack](binary-exploitation/libc-heap/house-of-lore.md)
* [House of Einherjar](binary-exploitation/heap/house-of-einherjar.md) * [House of Einherjar](binary-exploitation/libc-heap/house-of-einherjar.md)
* [House of Force](binary-exploitation/heap/house-of-force.md) * [House of Force](binary-exploitation/libc-heap/house-of-force.md)
* [House of Orange](binary-exploitation/heap/house-of-orange.md) * [House of Orange](binary-exploitation/libc-heap/house-of-orange.md)
* [House of Rabbit](binary-exploitation/heap/house-of-rabbit.md) * [House of Rabbit](binary-exploitation/libc-heap/house-of-rabbit.md)
* [House of Roman](binary-exploitation/heap/house-of-roman.md) * [House of Roman](binary-exploitation/libc-heap/house-of-roman.md)
* [Common Binary Exploitation Protections & Bypasses](binary-exploitation/common-binary-protections-and-bypasses/README.md) * [Common Binary Exploitation Protections & Bypasses](binary-exploitation/common-binary-protections-and-bypasses/README.md)
* [ASLR](binary-exploitation/common-binary-protections-and-bypasses/aslr/README.md) * [ASLR](binary-exploitation/common-binary-protections-and-bypasses/aslr/README.md)
* [Ret2plt](binary-exploitation/common-binary-protections-and-bypasses/aslr/ret2plt.md) * [Ret2plt](binary-exploitation/common-binary-protections-and-bypasses/aslr/ret2plt.md)

View file

@ -34,8 +34,8 @@ Note that hooks are **disabled for GLIBC >= 2.34**. There are other techniques t
This was abused in one of the example from the page abusing a fast bin attack after having abused an unsorted bin attack: This was abused in one of the example from the page abusing a fast bin attack after having abused an unsorted bin attack:
{% content-ref url="../heap/unsorted-bin-attack.md" %} {% content-ref url="../libc-heap/unsorted-bin-attack.md" %}
[unsorted-bin-attack.md](../heap/unsorted-bin-attack.md) [unsorted-bin-attack.md](../libc-heap/unsorted-bin-attack.md)
{% endcontent-ref %} {% endcontent-ref %}
A nice trick (from [**here**](https://guyinatuxedo.github.io/41-house\_of\_force/bkp16\_cookbook/index.html)) to find the location of the free hook if the binary has symbols is to **do something like**: A nice trick (from [**here**](https://guyinatuxedo.github.io/41-house\_of\_force/bkp16\_cookbook/index.html)) to find the location of the free hook if the binary has symbols is to **do something like**:

View file

@ -101,8 +101,8 @@ This technique is the fundamental framework to bypass the main protection to the
An overflow is not always going to be in the stack, it could also be in the **heap** for example: An overflow is not always going to be in the stack, it could also be in the **heap** for example:
{% content-ref url="../heap/heap-overflow.md" %} {% content-ref url="../libc-heap/heap-overflow.md" %}
[heap-overflow.md](../heap/heap-overflow.md) [heap-overflow.md](../libc-heap/heap-overflow.md)
{% endcontent-ref %} {% endcontent-ref %}
## Types of protections ## Types of protections