Bsd Heap Smashing presented at Blackhat Europe 2003

by Bbp ,

Tags: Security Exploitation

Summary : Many recently reported vulnerabilites involve heap corruption. Their exploitability under the BSD family of operating systems is rarely discussed, because such a discussion would most of the time require a deep understanding of the BSD memory allocator.
The aim of this speech is to provide the audience with such an understanding. The inner workings of the Poul-Henning Kamp's allocater will be detailed, and sample heap corruption exploitation techniques discussed. An exploitation technique for a real life flaw will at last be rediscovered, and the code of an exploit for the vulnerability will be commented.
BBP developed his programming skills by coding tiny demos during several years. He then discovered networking technologies, the Internet, and the Unix like operating systems as a voluntary administrator of a campus network and free software contributor. He currently works for a security company, performing pen-tests and writing exploits.